Académique Documents
Professionnel Documents
Culture Documents
(vGW)
ZXUN xGW Product Description (vGW)
TABLE OF CONTENTS
1 Overview ............................................................................................................ 5
1.1 Location of ZXUN xGW in EPS network ............................................................... 5
1.2 Interfaces and Protocols of ZXUN vGW ............................................................... 6
3 Functionality .................................................................................................... 14
3.1 Session Management ........................................................................................ 14
3.2 GTP Management.............................................................................................. 15
3.3 Direct Tunnel (DT) ............................................................................................. 16
3.4 IP Address Management.................................................................................... 16
3.5 Routing .............................................................................................................. 17
3.6 APN ................................................................................................................... 17
3.7 VPN ................................................................................................................... 18
3.8 Radius Client ..................................................................................................... 20
3.9 Security.............................................................................................................. 20
3.10 QoS ................................................................................................................... 22
3.11 Service Awareness and DPI .............................................................................. 24
3.12 Policy Control..................................................................................................... 25
3.13 Charging ............................................................................................................ 28
3.14 IPv6 ................................................................................................................... 29
3.15 SGW and PGW Combination ............................................................................. 30
3.16 Capacity Sharing between 2G/3G/LTE .............................................................. 31
3.17 Network Data Collection and Reporting ............................................................. 31
3.18 Other Service and Function ............................................................................... 32
4 System Architecture........................................................................................ 32
4.1 Hardware ........................................................................................................... 32
8 Networking....................................................................................................... 56
FIGURES
Figure 1-1 Location of ZXUN vGW in EPS Supporting 3GPP Access ................................. 5
Figure 2-1 vGW Deployment Time vs. Legacy Deployment Time ....................................... 8
Figure 2-2 Cost Comparison of Legacy EPC and vEPC ...................................................... 9
Figure 3-1 Gn/Gp SGSN DT Architecture ..........................................................................16
Figure 3-4 Separated Traffic Architecture by VRF ..............................................................20
Figure 3-5 E2E QoS Architecture .......................................................................................23
Figure 3-6 DNS-based Service Identification Flow .............................................................24
Figure 3-7 E2E IPv6 Architecture .......................................................................................30
Figure 4-1 Layered Structure of vGW Software System .....................................................37
Figure 4-2 SAE-GW/GGSN VNF Architecture and Components ........................................38
Figure 6-1 O&M System Structure .....................................................................................42
Figure 7-1 NFV Reliability Model........................................................................................48
Figure 7-2 Availability vs Silent Error vs Server Availability - Single Backup ......................50
Figure 7-3 Availability vs Silent Error vs Server Availability - Dual Backup .........................52
Figure 8-1 PS/EPS Backbone Network ..............................................................................57
Figure 8-2 Networking Mode of vGW and MME that are in Same LAN ..............................58
TABLES
Table 1-1 Related Interfaces and Protocols of ZXUN vGW for 3GPP Function ................... 6
Table 4-1 Module/component supported by NFV SAE-GW/GGSN ..................................39
Table 5-1 ZXUN vGW Interface Standards and Cables .....................................................41
Table 5-2 ZXUN vGW Capacity Indices .............................................................................41
Table 9-1 Acronyms and Abbreviations..............................................................................60
1 Overview
Integration of core network and access agnostic are the trends of mobile network.
Following these trends, ZTE provides an integrated core network gateway product,
ZXUN vGW (extendable Gateway), which supports 2G, 3G, LTE and non-3GPP access.
ZXUN vGW could be deployed as GGSN, Serving-GW, PDN-GW, PDSN, HA and
GGSN/Serving-GW/PDN-GW combo node to satisfy different network scenarios during
the evolution to pure LTE/EPC network.
The position of ZXUN vGW in the EPS systems is shown in the following figure.
Figure 1-1 Location of ZXUN vGW in EPS Supporting 3GPP Access
PDN
ZXUN xGW SGi
Gi
AAA SGi Gx PCRF HSS
PCRF Gx Gi AAA
GGSN OCS Gy S6a
OCS Gy Ga
PGW S5
Gn SGW MME
HLR CG Gn
Ga S11
Ga
Gr S10
SGSN CG MME
Gn
Iu-PS S1-MME
Gb S1-U
BSC RNC
Abis Iub X2
eNodeB eNodeB
BTS BTS NodeB NodeB
LTE-Uu
Um Uu
GSM UMTS LTE
ZXUN vGW adopts a modular distributed processing structure and executes different
functions through different modules. With different combinations of modules, ZXUN vGW
conducts the establishment and maintenance of the LTE GTP tunnel and routing and
forwarding of data between the EPS backbone network and external PDNs. ZXUN vGW
also integrates such functions as RADIUS authentication, dynamic address allocation of
DHCP, establishment of VPN tunnel, online charging, offline charging, etc. The related
interfaces, protocols and functions of the ZXUN vGW are listed in following table.
Table 1-1 Related Interfaces and Protocols of ZXUN vGW for 3GPP Function
Interface
Interworking NE Protocol Interface function
Name
Interface
Interworking NE Protocol Interface function
Name
charging rules
2 Highlight Features
We use the following diagram to illustrate the operational benefits of vGW. The diagram
compares the typical deployment time (in days) between vGW and legacy network
elements.
In summary, vGW reduces the typical deployment time from 91 days to 19 days.
Figure 2-1 vGW Deployment Time vs. Legacy Deployment Time
91
100
80
60 40
40 20 19
10 14 14
20 2 2 7 1
0
0
Planning Purchase HW SW Service Total Period
Installation Installation Config Test
Performance, especially the media plane performance using COTS has always been a
concern for service providers and equipment vendors alike. ZTE’s vEPC address the
issue by applying the following performance optimization techniques to the media plane
software processing module - packet forwarding unit (PFU).
Combine the Single Root I/O Virtualization (SR-IOV) with Intel’s Data Plane
Development Kit (DPDK) techniques to enhance the performance.
Apply Open vSwitch (OVS) on enhanced Intel’s DPDK (By ZTE) to further enhance the
media processing performance.
In addition, by replacing the regular network interface card (NIC) with ZTE’s smart NIC,
the performance can be further enhanced.
With the performance optimization techniques discussed above, we are able to enhance
the media plane performance by 4 ~ 5 times.
It’s intuitive that with its hardware resource being shared among different network
elements, virtualization may require less hardware, such as number of CPUs or server
blades under the same network traffic condition.
ZTE quantifies this by comparing the cost required for ZTE’s vGW and the legacy
solution. The following figure illustrates the measurement results. This clearly illustrates
the CAPEX cost benefits that ZTE’s vGW provides.
Figure 2-2 Cost Comparison of Legacy EPC and vEPC
The above equipment cost includes xGW & vGW nodes and networking switches. And
analyze costs with the example of a typical capacity (2 million PDP and 100Gbps
throughput).
• The vGW with ZTE COTS server has the lowest cost.
• vGW Network switch cost rises slightly due to vGW introduces data center
network feature.
For guaranteeing continuity of existing GSM services, ZXUN vGW supports services and
subscribers of GSM, EDGE, UMTS, and LTE. It also facilitates an easy migration of the
subscribers from GSM/EDGE/UMTS to LTE, as no changes happen to network topology
or network element configurations during the upgrades.
Sharing of signaling process, call process, switch resources etc, saves investment
and ensures smooth evolution.
Soft capacity: During the evolution from 2G/3G to LTE, either 2G/3G or LTE user
number may increase suddenly. ZTE equipments automatically adjust the system
resources to meet capacity requirements of 2G/3G and LTE. Resource sharing
could be based on any 2G/3G/LTE service ratio. Thus, the evolution becomes very
smooth.
ZXUN vGW products provide open and standard interfaces and allow smooth upgrades
and expansion.
Support of High speed Ethernet transport allows its integration into any of the existing
networks. Safe integration without impact is also ensured by supporting the legacy
interfaces and signaling protocols towards the existing network elements.
For implementing authentication and charging (for some enterprise users) function,
ZXUN vGW connects with Radius server. ZXUN vGW supports Gy interface (based on
diameter protocol) to connect with OCS for online charging and supports Gx interface
(also based on Diameter protocol) to connect with PCRF for Policy and Changing
control.
ZXUN vGW Like other new technologies in their early adoption phase, NFV faces the
concerns of reliability by some of service providers. The uses of COTS and adding a
virtualization layer have been particularly considered a reliability risk. To address these
concerns, ZTE applies a number of innovations to the design of ZXUN vGW.
UE data block is hashed into different VMs and each UE data block is backed up by a
different VM. Data synchronization between VMs for UE data block is triggered by the
UE data changes.
ZXUN vGW configures parameters like PDP number, traffic threshold and traffic model
etc. by man-machine interface, then the system will calculate out required VM quantity,
required memory, CPU cores and NICs of every VM and deploy those VMs on the cloud
platform automatically. At the same time, the system will also complete service
configuration, so vGW is ready for packet service. Comparing to hardware installation,
wiring and power on operation of the traditional router, vGW deployment is much faster
and easier.
ZXUN vGW allocates resource to provide packet service dynamically according to the
traffic status. When the system is running, vGW will decide whether expand VM quantity
or VM capacity by considering various information including current PDP number, current
VM CPU occupancy, current traffic volume and historical traffic curve, this procedure is
initiated by automatic system recognition and without any manual interference.
ZXUN vGW supports all GPRS/UMTS/LTE data services and the interaction with IMS
domain.
Its design meets the future communication development trend, and also structure
requirements of mobile telecommunications systems such as GSM/UMTS and LTE as
well as the requirements of various new services.
Smooth evolution with Investment Protection: Adopting the access agnostic gateway, its
hardware could be reserved and reused when evolving from GSM/UMTS to LTE to
protect investment on gateways.
ZXUN vGW adopts hierarchical and modular structure and could be flexibly expanded
and applied. It also offers flexible configuration for operators.
C/S structure is adopted to ensure high networking capability and expandability of ZXUN
vGW.
Adopting Windows operating system, the client provides user-friendly interfaces and
flexible, convenient and reliable operations.
Multiple remote and local system access ways are supported to allow implementation of
O&M either locally or remotely for managing the whole system or some specific entities.
3 Functionality
This chapter describes the abundant services and functions provided by the vGW for
GSM/UMTS/LTE subscribers.
This topic describes the session management functions of vGW. The vGW could be
deployed as a GGSN for GSM/UMTS network, which realizes PDP context related
management functions such as PDP activation, deactivation, and modification. The vGW
could also be deployed as a SAE-GW (SGW and / or PGW) for LTE network, which
realizes EPS bearer related management functions such as session creation, dedicated
bearer creation, and bearer modification.
The following PDP context management procedures are supported for GPRS/ UMTS:
DL bearer binding
The following EPS bearer management procedures are supported for EPS:
Bearer Modification
Bearer Deactivation
This topic describes the GPRS Tunneling Protocol (GTP) function of ZXUN vGW. As
GGSN, GTP tunnel is created for each PDP context between GGSN and SGSN /RNC for
data forwarding. As SAE-GW, GTP tunnel is created for each EPS bearer between PGW
and SGW or SGW and eNodeB for data forwarding.
Tunnel management message is used to manage the tunnel between GSNs, RNC and
GSN, SGSN, MME, SGW and PGW. Uplink and downlink signal/data are transmitted
through the tunnel.
ZXUN vGW supports different GTP version V0, V1 and V2 as described in 3GPP
protocols. Thus, ZXUN vGW supports simultaneous access of GSM/EDGE, UMTS and
LTE users and simultaneously performs session management of all three kinds of users.
The vGW deployed as GGSN or SAE-GW supports moving between Gn/Gp SGSN and
MME for user.
This topic describes the direct tunnel function of the vGW. For 3G network, the GTP-U
tunnel is created between GGSN and RNC; For EPS network, the GTP-U tunnel is
created between PGW and RNC.
ZXUN vGW deployed as GGSN or PGW support R7 Direct Tunnel function; traffic in
User Plane goes directly from UTRAN to vGW, no more goes through Gn/Gp SGSN as
in previous PS architecture.
Figure 3-1 Gn/Gp SGSN DT Architecture
Legend:
SGSN Two GTP User plane
tunnels PGW/ GTP signalling
RNC Iu GGSN RANAP signalling
Gn
Gi Interface
Gi
Direct tunnel
This topic describes the IP address allocation methods available for mobile users. When
the GGSN/ PGW receives PDP context activation request for session creation request,
an IP address is allocated to the UE making the request.
3.5 Routing
This topic describes the IP packet routing function of the vGW. The GGSN/ PGW
working as gateway to Packet Data Network (PDN) provides IP packet routing function
between devices in PDN and GSM/UMTS/LTE equipment. The SGW function provides
IP packet routing function from PGW to eNodeB.
In addition to the basic static routing, the following routing functions are also supported
by ZXUN vGW.
Static Routing
OSPF
The vGW also supports the following for routing security and reliability.
VRF
BFD
3.6 APN
This topic describes the access point name (APN) function of the vGW. The APN is a
network identifier defined by the GSM/UMTS/EPS to indicate which PDN to access.
Packet Data Network (PDN) is the network accessible from mobile network as defined in
3GPP. For example internet and Intranet are two different PDNs for mobile subscribers
to access from GSM/UMTS/ LTE.
Each packet data network (PDN) has different attributes to be used for subscribers to
access and operator to control, such as the IP addresses for allocation, the allocation
method, authentication or not, traffic planning, control functions on the subscribers, etc.
For example, the intranet may use different IP pool than internet and additional
authentication on subscribers using external radius server.
For each APN used by the operator, the GGSN provides related attributes configuration
for this APN for the packet data network (PDN) to be accessed.
In addition to the basic APN related function, the vGW can also provide Single APN and
APN Alias function.
When attaching, GGSN/ PGW decides user’s service network according to the APN in
user’s request, which request many APN. But when GGSN/ PGW use the single APN
function, GGSN/ PGW does not use APN to decide service network. User uses
username and password when attaching. GGSN/ PGW gets service selector from
username,; example: wap.in.tom@wap will tell GGSN/ PGW that user wants to access
wap service and net.in.tom@net indicates that user wants to access internet service.
This single APN function makes users avoid the trouble that they need modify APN
configuration when visiting different kinds of service.
APN alias supports mapping different APNs received from users to one APN configured
in GGSN/ PGW, where several APNs could be equal to one APN configuration.
GGSN/ PGW configure an APN, then creates index of APNs mapping to the APN
configuration.
When GGSN/ PGW receives a default bearer creation request, GGSN/ PGW checks the
APN. If it finds the APN is alias APN, GGSN/ PGW searches in the APN index and
deploys the APN configuration.
3.7 VPN
This topic describes the virtual private network (VPN) service of intranet for enterprise
users provided by the GGSN/ PGW. The vGW supports tunneling technologies such as
VLAN, Generic Routing Encapsulation (GRE) and Layer 2 Tunneling Protocol (L2TP).
VLAN VPN
For Fast Ethernet and Gigabit Ethernet interfaces, the software of ZXUN vGW
supports IEEE 802.1Q standard for channelizing an Ethernet interface into multiple
logical interfaces, separating different traffic in many virtual LANs (VLANs) to be
transported over the same physical circuit, but preventing them from being in the
same routing or broadcast domain.
GRE VPN
The GRE is the layer 3 Tunneling technique. In this, private IP packets are
encapsulated in public IP packet with GRE header. The GRE feature enables the
usage of tunnels between ZXUN vGW and external hosts or routers (Gi/ SGi
interface). This tunneled transport provides traffic separation between the different
Gi/ SGi networks. The GRE feature can also be used on any other interfaces as
well such as S5/S8, Gp interfaces.
L2TP VPN
L2TP is the layer 2 Tunnel protocol. It is mainly used to extend PPP link, extending
the user dialup to enterprise gateway from NAS (Net Access Server) to realize the
VPDN (Virtual Private Dial Network). L2TP creates a L2TP tunnel between the LAC
(L2TP Access Concentrator) and LNS (L2TP Network Server), by which LAC
transports the user’s PPP Frame to LNS via public Internet.
The VPN service provides the mobile subscribers a more flexible, reliable and security
methods to access the intranet.
This topic describes the Radius client function of the vGW. When vGW deployed as
GGSN, GSM/UMTS subscribers are authenticated for PDN service by Radius server via
radius client in vGW. When vGW deployed as PGW, LTE subscribers are authenticated
for PDN service by Radius server via radius client in vGW. The vGW supports Radius
charging function, which reports relative charging information to external Radius server
via radius client in vGW.
The vGW also supports radius server initialized PDP or EPS bearer deactivation due to
out of balance or other reason.
3.9 Security
This topic describes the security function of the vGW. The security function is used to
protect the GGSN/ SAE-GW from being attacked by other device, to protect the service
from being used by unauthorized users, to protect the information from being intercepted
by hostile attackers and to provide lawful interception.
ZXUN vGW provides a systematic security policy from lower layer as IP layer to service
layer to protect the network and service.
Traffic separation
The traffic of mobile network encompasses OM/billing system traffic, internet traffic,
intranet traffic and traffic between network elements within the network. These
different types of traffic are facing different level of security attacks, for example
internet traffic is always be facing the most dangerous attacks while traffic between
network elements within the network is considered much secure. Separation of
traffic with different security levels limits the attack within the minimum areas and
protects most equipment from facing the most dangerous attacks.
ZXUN vGW provides logical or physical traffic separation for OM, billing, Gi /SGi,
Gn, Gx, Gy, etc. ZXUN vGW also provides dedicated routing table (VRF) for the
separated traffic as shown in the following figure.
Figure 3-2 Separated Traffic Architecture by VRF
OM Domain
Traffic authentication
With these functions, the traffic in each domain is limited to device authorized only.
In Intranet IP access mode, the GGSN/ PGW authenticate and authorize mobile
stations (MSs) by interworking with the authentication, authorization, and
accounting (AAA) server.
For important routing protocols, such as Open Shortest Path First (OSPF), the vGW
provides multiple authenticating methods.
ACLs
Access Control Lists for IP layer offer an important tool for controlling traffic in the IP
network. These lists are used to filter the in or out IP packet flow of each vGW’s
interfaces based on source IP, source port number, destination IP, destination port
number and protocol type. ACLs prevent the attack to network elements from
unknown device or UE.
Anti-spoofing
The anti-spoofing function provides the network with the capability to check whether
the packet uses the same IP-Address that was assigned to the UE. For each uplink
packet, the GGSN/ PGW checks the source IP address against the IP address
allocated to the UE. If the source IP address is different from the IP allocated to UE,
With this function, the network is protected from IP spoofing from mobile terminal.
GGSN or PDN GW checks the uplink package of each PDP context or EPS bearer
against the bearer’s uplink filters.
This is to verify that the UE applies the UL packet filters correctly and does not
misbehave, e.g., by sending packets on a "default bearer" even though the packets
do not match the UE's UL packet filters associated with that "default bearer".
With this function, it is ensured that UE applies the UL packet filters correctly and
does not misbehave.
ZXUN vGW can configure following control policies per APN, such as:
3.10 QoS
This topic describes the Quality of Service (QoS) guarantee function of GGSN or
SAE-GW. GGSN or SAE-GW provides the needed quality of service control for
different type of service.
3GPP defines that an End-to-End Service has a certain Quality of Service (QoS) that is
provided for the user of a network service.
To realize a certain network QoS a Bearer Service with clearly defined characteristics
and functionality is to be set up from the source to the destination of a service.
A bearer service includes all aspects to enable the provision of a contracted QoS. These
aspects are among others the control signaling, user plane transport and QoS
management functionality. A UMTS/ EPS bearer service layered architecture is depicted
in the following figure, each bearer service on a specific layer offers its individual
services using services provided by the layers below (such as IP layer in transportation
network).
Figure 3-3 E2E QoS Architecture
UMTS
TE MT RAN CN CN TE
EDGE Gateway
NODE
End-to-End Service
For UMTS/ EPS bearer service, the QoS is supported during the context/bearer
activation with the negotiated QoS parameter requested for the service. These UMTS/
EPS QoS parameters are mapped to the differentiated services code point in IP layer for
providing IP backbone service when the traffic passing through the IP transportation
network.
The vGW supports DiffServ edge function, which is compliant to the IETF
specifications for Differentiated Services (RFC 2475 [6]). The IETF Differentiated
Services architecture is used to provide QoS for the external bearer service.
Mapping of QoS parameters to the DiffServ Code Point (DSCP) in the downlink
GTP IP header contributes to secure correct QoS handling through the backbone
network. Mapping of QoS parameters to the "DiffServ Code Point" in the uplink user
packet to secure correct QoS towards and through the external network. Mapping of
3GPP QoS parameters to DSCP (DiffServ Code Point) values and the mapping is
configurable. The vGW also provides DSCP remarking function for packet from
un-trusted network based on local policy.
The vGW supports bit rate limitation function. The vGW provides service based bit
rate limitation for each subscriber within one PDP context or EPS bearer with
integrated service awareness function.
The vGW supports policy based QoS control. The vGW supports PCEF function to
enforce QoS policies from PCRF via Gx interface. Local policy based QoS control
could also be supported by vGW. With policy based QoS control, the vGW provides
differentiated QoS control for different subscribers, different service type, different
network type (2G/3G/ LTE) and even different place or time.
This topic describes the Service Awareness or DPI function of GGSN or SAE-GW.
Service identification function of GGSN/ PGW is used to classify each type of service
accessed by each subscriber for further processing, such as access control, routing/
redirection control, QoS control and charging control.
DNS Query
DNS Response
Data
ZXUN vGW identifies DNS messages between MS and DNS Server, and gets
mapping relationship between Domain Name and server IP address by inspecting
the DNS response message. Then it checks if destination IP address of a message
is in the mapping table or not when the message passes by. If YES, it is known that
the message is going to the server with the configured Domain Name.
Enhanced DPI
With enhanced DPI, operators are able to analyze the protocol that simple DPI
cannot identify, improving service identification ratio, so as to realize more detailed
service control.
This topic describes the policy control function of the vGW. Working as GGSN/ PGW, the
vGW supports PCEF function providing policy control for 2G/3G/LTE subscribers.
The vGW supports static policy control configured in local GGSN or PGW, and dynamic
policy control from PCRF via Gx interface.
The PCEF encompasses service data flow detection, policy enforcement and flow based
charging functionalities.
PCEF is located at the Gateway. It provides service data flow detection, user plane traffic
handling, triggering control plane session management (where the IP-CAN permits),
QoS handling, and service data flow measurement as well as online and offline charging
interactions.
The PCEF enforces the Policy Control as indicated by the PCRF in two different ways:
Gate enforcement. The PCEF allows a service data flow, which is subject to policy
control, to pass through the PCEF if and only if the corresponding gate is open.
QoS enforcement.
QoS class identifier correspondence with IP-CAN specific QoS attributes. The
PCEF converts a QoS class identifier value to IP-CAN specific QoS attribute values
and determines the QoS class identifier value from a set of IP-CAN specific QoS
attribute values.
PCC rule QoS enforcement. The PCEF enforces the authorized QoS of a
service data flow according to the active PCC rule (e.g. to enforce uplink
DSCP marking).
IP-CAN bearer QoS enforcement. The PCEF controls the QoS that is provided
to a combined set of service data flows. The policy enforcement function
ensures that the resources which can be used by an authorized set of service
data flows are within the "authorized resources" specified via the Gx interface
by "authorized QoS". The authorized QoS provides an upper bound on the
resources that can be reserved (GBR) or allocated (MBR) for the IP-CAN
bearer. The authorized QoS information is mapped by the PCEF to IP-CAN
specific QoS attributes.
Charging control
Enhanced Gx interface is located between PCEF and PCRF, and PCRF gets user’s
subscription data from SPR. With enhanced Gx interface, vGW support following
features:
Support HTTP redirection and user class in CCA authorized by PCRF: With
enhanced Gx interface, PCRF can authorize HTTP redirection control or user class
in CCA, and vGW will execute HTTP redirection or deploy policies according to
authorized user class.
ZXUN vGW reports service usage and user usage to PCRF according to the usage
threshold form PCRF, and PCRF accumulates user and service usage. Then PCRF
provides specific policy according to actual user and service usage.
PCEF executes specific policy from PCRF. Detailed policy includes access control,
QoS control or redirection, etc.
PCRF is also able to set different accumulated service usage for user or one
service with various situations including subscriber type, roaming, radio access type
(GREAN/UTRAN/E-UTRAN), location (roaming or not), time (busy or idle time), etc.
W&B List (White and Black List) is configured by combining subscriber information
and service information. When subscriber accesses specific service, GGSN may
deny or allow service by checking W&B list.
Redirection control
ZXUN vGW supports traffic redirection function for Web (http), WAP 1.x an WAP
2.0.
3.13 Charging
This topic describes the charging function of the vGW. Working as GGSN/ SAE-GW,
different charging methods could be provided to 2G/3G/LTE subscribers.
Radius Charging
When the subscriber is activated, GGSN/ PGW sends subscriber data flow into
Radius server through standard Radius signaling for 2G/ 3G/ LTE subscriber
charging purpose. In the information, the accessory charging attributes include
MSISDN, IMSI, IMSI-MCC-MNC and Selection Mode, Charging ID, Charging
Characteristics and GGSN/ PGW IP Address.
Offline Charging
When implementing a service, the GGSN generates G-CDRs. G-CDRs are used in
recording user data flow information. Some CDRs generated according to different
charging policies need to be merged in the CG.
For SAE-GW, when implementing a service, the PGW generates PGW-CDR and
SGW generates SGW-CDR. CDRs are used in recording user data flow information.
Some CDRs generated according to different charging policies need to be merged
in the CG.
ZXUN vGW automatically caches subscriber CDRS that cannot be sent because of
link failure, avoiding CDR loss due to charging link interruption to guarantee the
correctness of charging information.
Online Charging
OCS (Online Charging System) is the trend of charging for 3GPP network and
service network. It realizes the integrated charging process for a prepaid user who
enjoys all kinds of telecommunication services such as CS, PS, IMS, and
applications. Diameter CC protocol is the interface standard of OCS, and it is based
on IP network.
Interworking with OCS, ZXUN vGW performs service authorization, quota request
and update.
ZXUN vGW supports the service and content charging function as described in
3GPP 23.815 and 23.125. ZXUN vGW could filter the user data from layer 3, layer 4,
and layer 7 (namely, by source IP segment, destination IP segment, source PORT
range, destination PORT range, protocol type, URL), and set different charge rate
for different filter rules, realizing the flexible charging method for the operator.
ZXUN vGW supports event charging for following services, such as HTTP/WAP2.0,
WAP1.X, Video streaming(only for RTSP), POP3, SMTP, IMAP4, FTP download,
etc.
3.14 IPv6
This topic describes the IPv6 function of the vGW. The GGSN supports 2G/3G
subscribers creating IPv6 type PDP context to IPv6 PDN, and PGW supports LTE
subscribers creating IPv6 type or IPv4v6 type EPS bearer to IPv6 PDN.
The IP address allocated for the default bearer is also used for the dedicated bearers
within the same PDN connection. IP address allocation for PDN connections, which are
activated by the UE requested PDN connectivity procedure, is handled with the same set
of mechanisms as those used within the Attach procedure.
ZXUN vGW supports IPv4, IPv6 and IPv4v6 PDN types. An EPS Bearer of PDN type
IPv4v6 may be associated with one IPv6 prefix only or with both one IPv4 address and
one IPv6 prefix. PDN type IPv4 is associated with an IPv4 address. PDN type IPv6 is
associated with an IPv6 prefix. PDN types IPv4 and IPv6 are utilized for the UE and/or
the PDN GW to support either IPv4 addressing or IPv6 prefix; or operator selects to use
single IP version only, or the user subscription is limited to IPv4 only or IPv6 only for the
specific APN. In addition, PDN type IPv4 and IPv6 are utilized for interworking with
nodes of earlier releases.
To support the usage of IPv6 address, in addition to the basic IPv6 packet forwarding
between SGSN and GGSN/SAE-GW within GTP-U tunnel, the GGSN/ PGW supports
IPv6/IPv4 stack or IPv6 in IPv4 tunnel at Gi/ SGi interface as shown in following figure.
Figure 3-5 E2E IPv6 Architecture
IPv6
Application
IP IP
Relay Relay
This topic describes the combo function of SGW and PGW combination function of the
vGW. The SGW and PGW combination means the vGW supports SGW and PGW at the
same time in one physical node for LTE subscribers.
Because SGW and PGW are implemented in one physical node, some hardware could
be shared to reduce the CAPEX. For example, the interface to charging system and OM
system could be shared.
When SGW and PGW implemented in one node, there is only two hops in EPS user
plane: one is eNodeB and the other is ZXUN vGW. So transport delay for user package
is significantly reduced.
This topic describes the capacity sharing between 2G/3G/LTE of the vGW. This function
means the vGW support 2G/3G/LTE subscribers at the same time, and the system
capacity of 2G, 3G and LTE is shared with each other.
ZTE vGW supports 2G/3G/LTE access. With ZTE vGW deployment, one physical node
provides access to 2G, 3G, and LTE users.
To further save the operator’s CAPEX, the hardware resource in vGW could be shared
between 2G/3G/LTE users as a pool. For example the number of bearer contexts/PDP
contexts supported by vGW could be shared.
When DPI report function of UBAS is enabled, vGW extracts and reports user’s detailed
packet information to UBAS server. UBAS provides the report on the volume, connection
amount and duration of different service type. UBAS also provides report of visited URL.
Through this feature, Operator has a comprehensive understanding on the service type
and development situation of the network, knows more about user’s data service usage
and preference, so as to realize the bandwidth management and optimized operation of
mobile internet.
APN, NE, etc. Operator is able to know the network volume distribution and service
development.
ZXUN vGW also supports management and maintenance related function and NTP
client for time synchronization.
4 System Architecture
ZXUN vGW complies to ETSI NFV standards, one NFV network element has 3 layers:
hardware layer, virtualization layer(cloud platform and VM technology) and service
software layer, following 3 paragraphs describe those layers respectively, and in the end
ZXUN vGW VM deployment architecture is also described.
4.1 Hardware
ZXUN xGW may deployed on ZTE hardware platform or third party hardware like HP and
DELL etc.
1. HP BladeSystem C7000
The 10U high shelf can support up to 8 full-height blades and 16 half-height blades.
A half-height blade has dual Intel Xeon processors as one processing unit with 8~12
cores and up to 512GBytes memory.
A full-height blade has quad Intel Xeon processors as one processing unit with 8~12
cores and up to 1TBytes memory.
A processing unit offers a 100Mbytes management network port and two GE interfaces,
which can be extended to six 10GE interfaces by using PCIE sub cards.
A shelf has backplane to provide external connection ports going through the rear card.
The rear card supports three dual HP Virtual Connect (VC) modules or HP blade
switches customized by Cisco H3C.
Each VC module supports internal 16 10GE interfaces and external 8 10GE interfaces. It
has strong support for virtualization management.
ATCA platform integrates dual Intel Xeon processors as one processing unit with up to
8*8GBytes memory. Considering the heat dissipation of the ATCA blade, CPU is running
at 1.9GHz frequency only and cannot work at full frequency (while the CPU of other
types of blade works at 3GHz frequency).
ATCA has backplane to provide each blade with two GE internal interfaces for intra-shelf
connection and two GE external Ethernet interfaces for inter-shelf connection.
Meanwhile the optional configuration of Fabric sub card allows two 10GE interfaces.
ATCA uses 14U shelf, and each shelf can mount 12 servers.
ZTE’s ATCA shelf adopts high-reliability design and has low requirements on equipment
room. Compared with IT servers, it has lower computing density, storage density and
network density.
Compared with the ATCA blades, E9000 enterprise servers have higher power
consumption and computing density.
The 10U high shelf can support up to 8 full-height blades and 16 half-height blades.
A half-height blade has dual Intel Xeon processors as one processing unit with up to
16*8GBytes memory, which can work at full capacity. It supports two removable hard
disk and two GE interfaces, which can be extended to four 10GE interfaces or two 10GE
interfaces and two FC interfaces by using PCIE slots.
A full-height blade has quad Intel Xeon processors as one processing unit.
The backplane offers a rear switch with three dual switching modules. Each switching
module has 16 10GE interfaces for intra-shelf connection and 8 10GE interfaces for
inter-shelf connection.
Dell PowerEdge C8000 series has high-density 4U shelf to hold 10 to 12 blades. Each
blade integrates dual Intel Xeon processors as one processing unit, which is installed
with one OS. The processing unit offers a 100Mbytes management network port and two
GE interfaces, which can be extended to two 10GE interfaces. Eight cores of each
processors contribute to 16 cores with up to 16*8GBytes memory and large-capacity
hard disk.
Cisco UCS 5100 series as 6U high shelf, which can accommodate up to eight half-width,
or four full-width blade servers with the same shelf.
A half-width blade has dual Intel Xeon processors as one processing unit with up to
16*8GBytes memory. The processing unit supports two removable hard disk and two
10GE interfaces.
A full-width blade has quad Intel Xeon processors as one processing unit with up to
32*8GBytes memory. The processing unit offers two removable hard disk and four 10GE
interfaces.
Since there is no intra-shelf connection, the physical connection of a shelf leads out from
the rear card to an external switch and optional uplink modules for interconnection. The
datacenter is a 1U high Nexus 1000 series switch with 40 10GE interfaces.
Cloud platform operation system (CMS) is running on universal server hardware platform,
it provides elastic and scalable group management, and allocates quantified resource to
different applications. CMS screens the hardware and lower layer of operation platform,
provides identical running environment for applications to implement deployment in large
scale. Applications are deployed on CMS platform in distributed way.
ZXUN vGW supports CMSs including OpenStack, VMware vSphere and ZTE
OpenCos(Open Cloud Operation System).
Hypervisor is the middle ware between physical server and OS, it allows multiple OSs
and applications to share hardware. Hypervisor not only coordinates the access on the
hardware, it also provides protection for every VM. When server starts Hypervisor,
Hypervisor will load OSs of all VM clients and allocate memory, CPU, network and hard
disk to every VM. Hypervisor may be viewed as the general term of VM implementation,
every VM technology is a type of Hypervisor implementation.
The ZXUN vGW software system is composed of the CGEL (Carrier Grade Embedded
Linux) subsystem, TULIP (Telecom UniversaL Integrated Platform) subsystem, PM
(Product Management) subsystem, ROSng (next generation Route OS) subsystem,
database subsystem, OAM subsystem, service processing subsystem and package
forwarding subsystem. Following figure shows the software structure of ZXUN vGW.
Figure 4-1 Layered Structure of vGW Software System
Service Subsystem
OAM DB
Subsystem Subsystem
Rosng
PM Subsystem
Subsystem
Packet
TULIP Subsystem
Forward
Subsystem
CGEL Subsystem
Hypervisor
TULIP Subsystem: TULIP subsystem shields the difference between different type of OS
and processors to provide one real time distributed application platform for upper level
service.
Rosng Subsystem: This subsystem provides routing protocol function such as different
kinds of routing protocols including OSPF, BGP, multicast, etc and different kinds of
VPN.
Service Subsystem: This subsystem provides service functions for subscribers, such as
activating, updating, and deactivating service functions and encapsulating and
de-capsulation data.
After ZXUN xGW has been virtualized, service application is deployed on VM, the lower
layer hardware is isolated. ZXUN vGW VM deployment architecture is shown in the
Figure 4-2, every VM has been deployed a processing module/component. If the
component supports 1+1 active/standby backup, then 2 VMs will have same
components to backup each other. GSU module/component supports both 1+1
active/standby backup and N+1 backup.
Figure 4-2 SAE-GW/GGSN VNF Architecture and Components
BOSS Orchestrator
SAE-GW/GGSN
UOMM
OMU GSU
UOMP
LBU GSU
UOMP
STU GSU
OMM connection
CMS Management Connection
GSU Internl Control Plane Switch
Network
Internal Media Plane Switch
Network
PFU
PFU
PFU
PFU
VMs
Correspo
Component Function Redundancy mode
nding VM
Signaling transferring.
STU
Implementing signaling link (such
(Signaling Load balancing
2 VM as diameter link and etc) setup,
Transfer 1+1 redundancy
management and signaling packet
Unit)
transferring.
5 Technical Specifications
The following table lists the standards and supported cables for ZXUN vGW interfaces.
Table 5-1 ZXUN vGW Interface Standards and Cables
Interface Type Physical Standard
S1-U/ S11/
/S5/S8/Gn/Gp
SGi/Gi
GE/10GE
Gx/Gy
Ga
Network GE
management
PFU Num *2
GE interface
Interface Indices
10GE interface PFU Num *2
The NM system is divided into foreground module, server module and client module
according to software structure. The whole software frame complies with TMN
(telecommunication network management) structure.
Before data configuration, to guarantee the version has been correctly installed and can
run normally, it is necessary to confirm the following data:
Resource number segment allocation of the local exchange, such as GTP-C and
GTP-U number resources.
The APN configuration of the local exchange, including address pool configuration.
Router configuration of the local exchange, which is performed at the S11 interface
of the vGW via telnet.
The alarm management system consists of two parts: real-time display of current alarms
and alarm-related operation. The function is to display the current alarms of the device,
communication, service and processor on interfaces and list the detailed information
about each alarm, such as alarm source, alarm level, alarm time, alarm content, alarm
cause, alarm type and additional information for your attention.
The performance management system provides statistic data about some performance
parameters and traffic data of the mobile system for reference by operation departments.
The performance measurement has a wide coverage, ranging from traffic and signaling
performances, service quality measurement, network configuration verification,
availability measurement, throughput measurement and switching function
measurement.
The diagnosis test system, a part of fault management, provides routine test and
immediate test functions for PS domain devices of the core network, to ensure normal
and stable operation of the entire system. In daily maintenance, the diagnosis test
system is used to test the physical devices and communication links through routine test.
If the test result is likely to be abnormal, the system alerts the engineering personnel to
pay attention and take proper measures to prevent fault from taking place. In case of any
fault, the diagnosis test system helps the engineering personnel find the fault cause and
locate the fault quickly with the immediate test function to remove the fault as soon as
possible. This system could also be used by the engineering personnel to judge whether
the equipment and even the entire system have resumed normal operation.
The ZXUN vGW system adopts a multi-module & fully distributed control structure. Each
module consists of a series of basic units. The diagnosis test function is divided into
intra-module test and inter-module test. The intra-module test is used to test the
functions of the component units of the module, links between the units and MPs. And
the inter-module test is used to test the communication of the adjacent modules.
The signaling tracing system is used to trace the signaling data of the network operation
and analyze the service operation. It comprises packet domain signaling tracing.
Providing daily maintenance tools for data maintenance, such as tools for sorting,
filtering, searching and deleting the signaling tracing records.
Providing tools for reestablishing the database table when installing the database
table for the first time or when the database table is damaged.
The service observation system, as a part of the O&M system, is used to view the
service operation status of the NEs and conduct analysis and processing accordingly.
The security variable system is used to maintain the service parameters that require
dynamic modification. Currently, the parameters to be maintained are system control
parameter, packet domain NE configuration parameters, authentication parameters and
charging parameters.
The security variable functions allow modifying data at the background and transferring
modified data to foreground to synchronize the background data to foreground, to
achieve flexible service parameter configuration.
Security parameters
7 Reliability Design
ZTE proposed virtualization SAE-GW solution can provide 99,999% availability for all the
proposed applications.
U U U U U U
1 1 2 2 n n
PNF HW HW HW HW HW HW
U U U U U U
1 2 1 n n 2
VNF
V V V V V V
M M M M M M
HW HW HW HW
PNF and VNF have the same reliability model, so their reliability is compared according
to their PM/VM components
MTTR But the virtualization layer supports VM migration and rebirth, which will reduce
MTTR.
When MTTR falls more than MTBF, VM’s reliability is higher than PM’s.
In the NFV environment, the reliability analysis can be divided into two distinct parts: the
server part and the network connections part, where the network part is to connect all the
servers. This can be illustrated in the following diagram:
Figure 7-1 NFV Reliability Model
Obviously, the overall system availability is 𝐴𝑠 𝐴𝑁 , where 𝐴𝑠 is the server part the
availability and the 𝐴𝑁 is the network part of the availability.
For any given network availability, both the server part and the network part availability
need to be better because both 𝐴𝑠 < 1 and 𝐴𝑁 < 1.
For the network part, the availability will also depend on the number of the hops. If 𝐴𝑛 is
the denote the availability of the network element, for a vSwitch with maximum of ℎ
hops, the availability of the vSwtich would be 𝐴ℎ𝑛 . Hence, considering the 1+1
configuration of the vSwtich, the 𝐴𝑁 can be given by
𝐴𝑁 = 1 − (1 − 𝐴ℎ𝑛 )2
In numerical terms, the following table illustrates the network part of the availability as a
function of vSwitch hops and per network element availability
Network
Element
10 12 14 16 18 20 22 24 26 28 30
Availabil
ity/Hop
0.99 0.98 0.98 0.97 0.97 0.96 0.96 0.95 0.94 0.93 0.93
0.99
0857 7092 2772 7935 2614 6842 065 4066 712 9837 2244
0.99 0.99 0.99 0.99 0.99 0.99 0.99 0.99 0.99 0.99 0.99
0.999
9901 9858 9807 9748 9681 9608 9526 9437 9341 9237 9126
0.99 0.99 0.99 0.99 0.99 0.99 0.99 0.99 0.99 0.99 0.99
0.9999
9999 9999 9998 9997 9997 9996 9995 9994 9993 9992 9991
0.99999 1 1 1 1 1 1 1 1 1 1 1
The challenging part of the system availability is actually in the server part. While closed
solution for ideal case is available, the ideal case does not reflect the reality of using
COTS hardware.
In order to evaluate the effect of using COTS hardware, including site issues such as site
maintenance and site failure, ZTE performed a large amount of simulations with the
following factors being considered:
Silent Error: Silent error represents the source of error that can’t be identified and, if it
happens on the “master” part of the protection group, the data would be corrupted and
the enire protection group goes through a service affecting downtime.
Site Maintenance Time: Site maintenance will be performed if there is no error inside the
network. The site maintenance represents a unique aspect of using COTS hardware.
Site Failure: A site failure, albeit with lower probability, is also simulated by the discrete
event simulator.
The simulation evaluates the impact of one or two backups. The result for the single
backup system can be shown as follows:
Figure 7-2 Availability vs Silent Error vs Server Availability - Single Backup
The following table presents precise information regarding this simulation results.
Silent
Error/Server 0.990099 0.999001 0.99990001 0.99999
Availability
As evidenced in the table above, the server part of the system availability will be
impacted by the silent error and a single redundant hardware will only provide marginal
improvement when the silent error probability is small.
0
0,05
0,1
0,15
0.99990001
0,2
0,25
0,3
0,35
0.99009901
0,4
0,45
0,5
The diagram above shows a general trend in the system availability and the following
table provides precise data:
Silent
Error/Server 0.99009901 0.999001 0.99990001 0.99999
Availability
0 0.9999939 0.99999998 1 1
From the tables for single and dual backup, we can see that dual backup only provides
marginal benefit during site failure events. Given the fact that site failure events are
inevitable in practice, a geographically distributed single backup system is recommended
for simplicity.
In conclusion, we make the following statements regarding using COTS hardware for
achieving telecom grade reliability:
It is possible to use COTS hardware to support telecom grade reliability, even with
unique features of COTS hardware
When detecting a hardware failure or removing the hardware that causes system
crashing, the system supports re-creating a VM to give it a rebirth in a different place.
The service data that is stored in a shared storage can be reloaded to avoid data loss. In
addition, the network configuration a VM can also be restored to avoid service
interruption.
When the system detects Hypervisor software exceptions of a computing node, it tries to
originate VM hot migration. If the migration is successful, it tries to reset or reinstall the
computing node to restore it. If the migration is failed, the system resets the computing
node and meanwhile re-creates it in a different place, keeping the original storage and
network resources for VMs.
vGW is composed of several nodes; here the node means the actual Virtual Machine
(VM). The redundancy modes between nodes (Virtual Machines) include 1+1
active/standby, N+1 mutual hot backup, and load balancing.
The synchronization of user data and session data between active and standby VMs is
implemented as follow:
Regarding the registered user data, after the user registers successfully, the active VM
synchronizes the user data to the standby VM; in case of user re-registration, the active
VM also synchronizes the changed data the standby VM; in case of user de-registration,
the active VM deletes the user data and notifies the standby VM to do so.
Regarding the session data, after the session is established successfully, the active VM
synchronizes the session data to the standby VM. After the session is released, the
active VM deletes the session data and notifies the standby VM to do so.
1+1 active/standby
One node is active. The other node is standby, which will take over the traffic if the
active is failed.
1+1 hot/standby
One node is active. The other node is standby and simultaneously synchronizes the
real-time data from the active node. If the active node is failed, the hot standby node
will take over the traffic timely, and keep the service continuity. Hot-standby mode
requires data synchronization between the active and standby nodes.
N+1 nodes serve as mutual backup for each other. If one node is failed, the other
nodes will share and take over the traffic of the failed node. Hot-backup mode
requires data synchronization between mutual nodes.
Load balancing
Several nodes share traffic to balance the load. If one node is failed, the rest will
take over the traffic without data synchronization.
To keep high availability and reliability, the workflow is showed as below figure:
vGW
In case of normal status, the active VM handles the service access, and always
synchronizes subscriber data and conversation data to the standby one. If the active VM
is out of service due to SW or HW fault, the backup one will take over the total traffic
handled on the active one without impact on active users.
8 Networking
The ZXUN vGW is a functional entity for connecting the PS network to the PDNs. It
features a simple networking mode. In the PDN, it has the same location as a router to
allow the access to subscriber. The ZXUN vGW provides flexible configuration.
The national backbone EPS network comprises several regional nodes that are
connected to each other in mesh. A pair of top-level Domain Name Servers (DNS) is set
on the national network, responsible for domain names that cannot be analyzed by the
provincial DNS. The provincial networks access the backbone network nodes through
Routers. Routers are usually deployed in pairs, for accessing different backbone nodes
to ensure the network reliability.
The logical structure of the national backbone network is shown in the following figure.
Figure 8-1 PS/EPS Backbone Network
PS/EPS backbone
network
Router
Router Router
PS/EPS network in
Site A PS/EPS network in
PS/EPS network in Site C
Site B
When the EPS backbone network based on the national IP backbone network, no new
routing device is necessary. But when it does not depend on the national IP backbone
network, the regional nodes are connected through the dedicated line.
There are multiple networking schemes for the provincial PS/EPS backbone network
construction.
When there is an IP backbone network in a province, the vGW serves as the node to
access the IP backbone network.
When there is no IP backbone network in the province, the provincial backbone network
may have one or multiple backbone nodes according to the capacity at the beginning of
the network construction.
When the needs for the PS/EPS are not high and are centralized in only a few cities, the
vGW and other NEs in these cities are usually connected through the LAN in order to
reduce the cost and accelerate the network construction. In some local networks, there
are only vGW but no MME or SGSN function. In this case, the provincial network
accesses the national backbone network through the routers and the local networks are
connected through the dedicated leased circuit. In a signaling network, the SGSN
communicates with HLR through the SS7 network. This networking is simple in structure
and provides the packet service throughout the province quickly.
If the need for the PS/EPS is high, there will be many backbone nodes in the province.
The backbone nodes are responsible for service convergence in some areas and they
are interconnected into a mesh network. The provincial backbone network is connected
to the national backbone network. If there is an IP backbone network in the province, the
MMEs are directly connected to the IP backbone network.
The following configuration modes for the PS/EPS local network construction are
available according to the PS/EPS volume.
Mode 1: The SGSN/MME is needed in the local network, but the vGW is not needed.
Mode 2: Multiple MME and vGW are needed in the local network.
In Mode 1, only the MME is configured in the local network and different local networks
share one vGW. In this case, the MME is only responsible for the EPS subscribers in the
local network. The MME is connected to the outside through the provincial backbone
nodes.
In Mode 2, there is a great need for the EPS in the local network, so multiple MMEs/
vGWs should be set. All the nodes could be placed together to connect each other
through the LAN or placed separately through the MAN.
At the initial stage of the EPS network construction, as the capacities of the MME and
vGW are small, so they could be combined into one in structure (but they are two entities
to outside). The combined MME provides WAN S11 and SGi interfaces for other MMEs
and vGWs, but uses an Ethernet interface for the local vGW. The S11 interface between
the combined MME and vGW adopts the standard protocol. When combined, no
separate cabinet should be set for the vGW. In this case, as the vGW capacity is small,
the MME and vGW uses one router to connect the EPS backbone network or the
external PDN.
The networking structure of the vGW and the MME in the same LAN is shown in the
following figure.
Figure 8-2 Networking Mode of vGW and MME that are in Same LAN
If the address pool mode is used or the IP address of the mobile phone is static, then the
DHCP server is not necessary. In addition, the MME and vGW are both connected to the
EPS backbone network.
The independent networking mode is often used. In this mode, the vGW is connected to
the MME or the other equipment through the EPS backbone network.
2G Second Generation
CG Charge Gateway
CN Core Network
CS Circuit Service
MS Mobile Station
MSISDN MS ISDN
NM Network Management
PS Packet Service