Professional Documents
Culture Documents
Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. Please feel free to contact our local office or company headquarters.
Trademarks
and other Huawei trademarks are the trademarks or registered trademarks of Huawei Technologies Co., Ltd. in the Peoples Republic of China and certain other countries.
All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The information in this manual is subject to change without notice. Every effort has been made in the preparation of this manual to ensure accuracy of the contents, but all statements, information, and recommendations in this manual do not constitute the warranty of any kind, express or implied.
Table of Contents
Chapter 1 Introduction to the PDSN ............................................................................................... 1 1.1 Functions of the PDSN ......................................................................................................... 1 1.2 Position of the PDSN in the CDMA Network ........................................................................ 1 1.3 Interfaces of the PDSN ......................................................................................................... 5 Chapter 2 Product Features ............................................................................................................ 7 2.1 Carrier-Class Platform .......................................................................................................... 7 2.2 High Reliability ...................................................................................................................... 7 2.3 High Security......................................................................................................................... 8 2.4 High Capacity........................................................................................................................ 8 2.5 Customizable O&M System.................................................................................................. 8 Chapter 3 System Structure .......................................................................................................... 11 3.1 Cabinet................................................................................................................................ 11 3.2 Subrack............................................................................................................................... 15 3.3 Board .................................................................................................................................. 17 3.3.1 SRU.......................................................................................................................... 17 3.3.2 SPU .......................................................................................................................... 18 3.3.3 LPU .......................................................................................................................... 18 Chapter 4 Services and Functions ............................................................................................... 19 4.1 Routing................................................................................................................................ 19 4.2 R-P Interface and Multiple Service Instance ...................................................................... 19 4.3 Simple IP and Mobile IP ..................................................................................................... 21 4.3.1 Simple IP .................................................................................................................. 21 4.3.2 Mobile IP .................................................................................................................. 22 4.3.3 MIP Agent................................................................................................................. 23 4.4 Foreign Agent ..................................................................................................................... 23 4.5 Accounting .......................................................................................................................... 24 4.6 PPS..................................................................................................................................... 25 4.7 Mobile VPN ......................................................................................................................... 25 4.8 Security Policy .................................................................................................................... 26 4.8.1 Protocol Security Authentication .............................................................................. 26 4.8.2 IPSec........................................................................................................................ 27 4.8.3 Packet Filtering and ACL ......................................................................................... 28 4.8.4 Pi Redirection ........................................................................................................... 28 4.9 QoS..................................................................................................................................... 28 4.10 Multiple Compression Technologies................................................................................. 29 4.11 Lawful Interception............................................................................................................ 29
Commercial in Confidence i
PDSN9660 Product Description 4.12 Others Services and Functions......................................................................................... 29 Chapter 5 Reliability ....................................................................................................................... 31 5.1 Hardware Reliability............................................................................................................ 31 5.2 Software Reliability ............................................................................................................. 31 5.3 Networking Reliability ......................................................................................................... 32 Chapter 6 Operation and Maintenance......................................................................................... 33 6.1 O&M Structure .................................................................................................................... 33 6.1.1 BAM.......................................................................................................................... 34 6.1.2 LMT .......................................................................................................................... 34 6.1.3 M2000 ...................................................................................................................... 34 6.2 O&M Functions ................................................................................................................... 34 6.2.1 Data Configuration Management ............................................................................. 34 6.2.2 Interface Tracing ...................................................................................................... 35 6.2.3 Performance Management....................................................................................... 35 6.2.4 Alarm Management.................................................................................................. 35 6.2.5 Log Management ..................................................................................................... 36 Chapter 7 Technical Specifications.............................................................................................. 37 7.1 System Performance .......................................................................................................... 37 7.2 Physical and Electrical Specifications................................................................................. 38 7.3 Reliability Specifications ..................................................................................................... 38 7.4 Compliant Safety Standards ............................................................................................... 39 7.5 EMC Specifications............................................................................................................. 39 7.6 Environmental Requirements ............................................................................................. 39 7.6.1 Storage Environment ............................................................................................... 39 7.6.2 Transportation Environment..................................................................................... 42 7.6.3 Operation Environment ............................................................................................ 44 Chapter 8 Installation ..................................................................................................................... 47 8.1 System Installation.............................................................................................................. 47 8.2 System Expansion and Upgrade ........................................................................................ 47 Appendix Acronyms and Abbreviations ..................................................................................... 49
Commercial in Confidence
ii
Commercial in Confidence
Page 1 of 53
M2000
PDSN/FA AAA HA PS Domain SMC BTS SCP MSC/VLR/ SSP/IP BSC CS Domain Internet BTS AN AAA TSC DPS IGWB Trunking Domain PSTN/PLMN/ISDN HLR/AC Service Network
GLMS GMSC
SMT VPN
Figure 1-1 Networking of Huawei CDMA 1X/1xEV-DO/digital trunking system Table 1-1 lists the functions of the elements in the CDMA network. Table 1-1 Functions of the elements in the CDMA network Element Base Transceiver Station (BTS) Function The BTS is used to transmit and receive radio signals and to implement the communication between the mobile network and the MS. Huawei provides a series of the BTS products.
Commercial in Confidence
Page 2 of 53
PDSN9660 Product Description Element Function The BSC is used to implement the following functions: Base Station (BSC) Controller Controlling and managing the BTSs Setting up and releasing call connections Implementing power control Managing radio resources Implementing handoffs to ensure reliable radio connections The MSC is used to implement the following functions: Call setup Route selection Call control Radio resource allocation Mobility management Location registration Channel switching within switching area Bill generation Service coordination with the PSTN SS7 interface and network interface The VLR is a dynamic database. It stores the temporary information of the subscribers currently in its MSC area. This information contains all the data to set up calls. The VLR is integrated with the MSC physically. The SSP is used to detect intelligent service requests, to communicate with the SCP, and to respond to the service request from the SCP. It allows the service logics in the SCP to process the calls. An SSP provides call control and service switching. The SSP is integrated with the MSC/VLR physically. Both the IP and the SCP are integrated with the MSC physically as a network functional unit. Through the internal interface, the IP provides dedicated resource for the SSP to implement intelligent services. The HLR is a database for mobile subscriber management. It stores the subscription information, which contains subscription data and subscriber states, the MS location information, the MDN, the IMSI (MIN) and so on. The AC is a functional entity used to manage the information necessary for mobile subscriber authentication. It is integrated with the HLR physically. The SMC is used to store and forward short messages. It also provides supplementary services related to short message.
Service (SSP)
Switching
Point
Commercial in Confidence
Page 3 of 53
PDSN9660 Product Description Element Function The SCP is the core component of the intelligent network. It implements the following functions: Service (SCP) Control Point Storing the subscriber data and service logics Receiving the query requests from the SSP and querying the database to carry out decoding Initiating service logics according to the call event reported by the SSP and setting up intelligent calls by sending call control instructions to the SSP according to service logics The GMSC requests the routing information of a called subscriber and provides interconnection and settling between networks. The PDSN is a gateway used to connect the mobile network and the IP backbone network. It provides the access of packet data service for mobile subscribers. The HA provides the interface between the mobile network and the Internet. It is an auxiliary node for mobile subscribers to access the Internet. It supports downlink data forwarding in the mobile IP tunnel mode and uplink data forwarding through reverse tunnel. The AAA server is a high-performance remote verification server for dial-in subscribers. It provides authentication, authorization, accounting, and data value-added services. It supports multiple types of databases, powerful agent, and flexible operations. The TSC is used to process trunk call signaling and to implement trunk call media distribution. A TSC can be connected with multiple PCFs. The GLMS is used to manage the information about: Group and Management (GLMS) List Server Trunk group Trunk service subscribers Subscriber trunk service Dispatcher Virtual Private Network (VPN) The iGWB is used to collect, store, filter, sort, and send bills. The DPS is used to implement the following functions: Call setup and voice conversion between the Dispatcher (DPT) and the MSE Call transfer and connection between the DPT and the PSTN/PLMN Short message transfer between the DPT and the mobile terminal Transfer of session control command for the DPT Transfer of trunk session state information
Page 4 of 53
Gateway Mobile Switching Center (GMSC) Packet Data Serving Node (PDSN)
and
Center
Commercial in Confidence
PDSN9660 Product Description Element Function The DPT is connected with the MSE through the DPS. It provides a user interface for the dispatcher to carry out dispatching management. The dispatcher can carry out group call, broadcast call, private call, short message transmission, forced insertion, and forced release. In addition, the dispatcher can be used to view the states of subscribers and groups in real time. The SMT enables the VPN manager and the VPN operator to manage the data of subscribers, groups, location areas, and so on. The M2000 is the centralized management platform for Huawei mobile network, and it supports the following functions: iManager M2000 (M2000) Centralized fault management Centralized performance management Centralized configuration management Centralized topology management Centralized security management System management
Dispatcher (DPT)
PCF
R-P
PDSN
Pi
IP Network
PDN
PCF: Packet Control Function PDN: Public Data Network AAA: Authentication, Authorization and Accounting Server
Figure 1-2 Interfaces of the PDSN9660 Table 1-2 lists the interfaces of the PDSN and their properties.
Commercial in Confidence
Page 5 of 53
PDSN9660 Product Description Table 1-2 Interfaces of the PDSN and their properties Interface R-P Peer PDSN-PCF Protocol 3GPP2 A.S0001-A and 3GPP2 P.S0001-B RFC2865 RCF2866 and Physical Features FE/GE
Pi
AAA-PDSN
FE/GE
Pi
PDSN-PDN
FE/GE
Commercial in Confidence
Page 6 of 53
PDSN9660 Product Description special accounting record buffer function guarantees a reliable accounting system. The hot patch technology guarantees the software running reliably. Networking reliability Networking reliability is guaranteed by the following functions: The router backup and router load sharing function can eliminate the single-point fault on the network so that a network of high reliability is guaranteed. The Eth-Trunk is able to eliminate the influence on services results from failure of a single port.
Commercial in Confidence
Page 8 of 53
V. Remote Management
The PDSN supports various remote management functions, including: Online software patching Online debugging Remote maintenance Dynamic data setting
Commercial in Confidence
Page 9 of 53
Commercial in Confidence
Page 10 of 53
3.1 Cabinet
The PDSN9660 uses the N68-22 cabinet. This cabinet complies with the IEC297 standard. It uses 48 V direct current (DC) power supply. Its capacity is 46 U. Figure 3-1 shows the front view of an N68-22 cabinet.
Commercial in Confidence
Page 11 of 53
Figure 3-1 Front view of an N68-22 cabinet Figure 3-2 shows an overall configuration of the PDSN9660 in the FE networking.
Commercial in Confidence
Page 12 of 53
Power distribution box (2 U) LAN switch (1 U) Cabling rack of the LAN switch (1 U) LAN switch (1 U) Cabling rack of the LAN switch (1 U) Router/LAN switch (3 U) Cabling rack (1 U) Router/LAN switch (3 U) Cabling rack (1 U) Dummy panel (1 U)
High-capacity fiber rack (1 U) Dummy panel (3 U) Dummy panel (2 U) Firewall (3 U) Dummy panel (1 U) Firewall (3 U)
Figure 3-2 Assembly diagram of the cabinet in the FE networking Figure 3-3 shows an overall configuration of the PDSN9660 in the GE networking.
Commercial in Confidence
Page 13 of 53
Power distribution box (2 U) Cabling rack of the LAN switch (1 U) LAN switch (3 U) Cabling rack of the LAN switch (1 U) Cabling rack of the LAN switch (1U ) LAN switch (3 U) Cabling rack of the LAN switch (1 U) Dummy panel (1 U) Dummy panel (2 U) Fiber management tray on the right side
High-capacity fiber rack (1 U) Dummy panel (1 U) Dummy panel (2 U) Dummy panel (2 U) Firewall (3 U) Dummy panel (1 U)
Firewall (3 U)
Figure 3-3 Assembly diagram of the cabinet in the GE networking Among these components: The PDSN9660 subrack is mandatory. Main service boards are mounted in the subrack.
Commercial in Confidence Page 14 of 53
PDSN9660 Product Description The router and LAN switch (3 U) is optional. When the interfaces of an LPU of the PDSN9660 do not meet the needs for networking, for example, when E1 mode is used for networking with the PCF, you can use the interfaces and functions of a router to meet the need. If a user needs the NAT function, but the router from which data goes out does not provide such a function, you can use the NAT function provided by the router or the firewall of the PDSN cabinet. If the interface type of the LPU boards is Gigabit Ethernet (GE), a GE LAN switch can be configured based on the need of networking. The LAN switch is optional. In actual networking, the management of the device can be performed by the LAN switch. When the PDSN9660 networks with other Huawei wireless devices such as HA, the LAN switch can be shared. The Firewall is optional. It is a security device placed between the PDSN9660 and the external PDN. If customers have special demands on security, they can purchase other security devices separately. To improve the networking reliability, you can configure double LAN switches, routers and firewalls and make them work in active and standby mode.
3.2 Subrack
Figure 3-4 shows the front view of the subrack in full configuration. The design of the PDSN9660 subrack complies with the IEC297 standard. Its height is 797.3 mm (18 U), and size is 797.3 mm (H) 482.6 mm (W) 420 mm (D).
Commercial in Confidence
Page 15 of 53
(1) LPU/SPU slots (slots 1 to 4) (3) LPU/SPU slots (slots 5 to 8) (5) ESD-preventive wrist strap jack (7) Power supply module (9) Traverse cable trough (11) Board cage
(2) SRU slots (slots 9 and 10) (4) Air exhaust vent (6) Pulled handle on both sides (8) Air intake vent (10) ESD-preventive wrist strap jack (12) Fan module
Figure 3-4 Front view of the subrack in full configuration As shown in Figure 3-4, a subrack includes: Service boards Power module Fan shelf Cabling troughs
Commercial in Confidence
Page 16 of 53
3.3 Board
Typical board arrangement of the PDSN9660 is shown in Figure 3-5.
L P U
L P U
S P U
S P U
S R U
S R U
S P U
S P U
S P U
S P U
10
SRU: Switching and routing unit SPU: Service processing unit LPU: Line interface processing unit
Figure 3-5 Boards of the PDSN9660 The PDSN9660 subrack mainly includes the following three types of boards: SRU SPU LPU
3.3.1 SRU
The SRU is the core of the system management. SRUs are in active and standby redundancy backup mode. The whole PDSN9660 system needs only two SRUs, one is active and the other is standby. They are fixedly inserted in slots 9 and 10 of a PDSN subrack. The main functions of the SRU are as follows: The SRU collects routing information and produces routing table according to the network topology and user-defined scheme. Then it delivers the routing table to the LPU boards and SPU boards. The SRU is an O&M agent of the PDSN9660. It manages the PDSN9660 system according to the operators commands and collects the system running parameters for the operator. The SRU is the packet switching center of the PDSN9660. It receives packets from the LPU and processes the packets according to the control information carried by them, and then it delivers the packets to the SPU for further processing. The packets having been processed by the SPU should also go through the SRU before being forwarded to the LPU.
Commercial in Confidence
Page 17 of 53
3.3.2 SPU
The SPU provides all service processing functionalities of the PDSN9660. A PDSN9660 can be configured up to three pairs of SPUs, with each pair being in active and standby backup design, located in slots 3 and 4, 5 and 6 and 7 and 8. The capacity of the PDSN9660 is up to the processing capability of SPUs. The maximum processing capability of one pair of SPUs is 100,000 concurrent PPP connections. The maximum processing capability of a PDSN9660 is 300,000 concurrent PPP connections.
3.3.3 LPU
The LPU provides physical interfaces to the external network elements such as the PCF, PDN and AAA server, including the following types: Fast Ethernet (FE, 10/100 Mbit/s) interface Gigabit Ethernet (GE, 1000 Mbit/s) interface A PDSN9660 is designed with two LPUs, which are in slots 1 and 2 and are used to cooperate with remote networking devices. The LPU is only in charge of packet forwarding instead of any service processing. All service processing functions are performed by SPUs. The routing table information of LPUs is deployed by SRUs.
Commercial in Confidence
Page 18 of 53
4.1 Routing
From the aspect of the PDN, as a gateway device between the CDMA2000 and the PDN, the PDSN is equivalent to a router that can address all users IP on the CDMA2000 network. The PDSN9660 supports all currently popular routing protocols, including: Static routing RIP OSPFv2 IS-IS BGP-4 Routing policies Active and standby routing
PDSN9660 Product Description PDSN through the Radio-PDSN (R-P) interface. Through this R-P interface, a PPP session is set up between the MS and the PDSN. Data packets are then transmitted through the PPP connection. One PPP session corresponds to one R-P session. An R-P session contains multiple R-P connections and one R-P connection corresponds to one service instance. Each R-P session contains one Main Service Instance and multiple Auxiliary Service Instances. In other words, on the PDSN, multiple A10 connections can be established through the R-P interface to provide services to meet various user demands. For EV-DO Rev.A, the packet data service connections can be categorized into main service connections and auxiliary service connections. The resources are allocated to each connection. The main service connection is set up when the packet data service is initially established. The main service connection provides best-effort QoS attribute. The auxiliary service connection is usually used to bear the service with special QoS requirement. The QoS of the auxiliary service connection is based on the requests of the subscriber and restricted by the subscribed QoS in AAA server or PDSN local QoS configuration. The terminal can set up one or multiple auxiliary service connections and request suitable QoS for each application.
Note: The R-P interface is an interface between the radio access network and the packet core network. To be specific, it is an interface between the PCF and the PDSN. There are two types of R-P interfaces, A10 and A11. A10: It is used to transmit users data. The upmost layer of the A10 protocol stack is the GRE layer, which encapsulates the upper layer PPP data into GRE frames for transmission. A11: It is used to transmit the signals between PDSN and PCF so as to establish or release A10 connections. Meanwhile, the PCF can also deliver accounting parameters by means of A11 messages.
For PDSN9660, multiple service connections support is very full since it supports MIP, MIP Agent and charging, etc. Moreover, the handoff between 1X, EV-DO Rev.0 and EV-DO Rev.A networks is supported. Establishing or deleting A10 connections: The PDSN9660 supports A10 connections launched by the PCF. Both the PCF and the PDSN9660 can actively delete A10 connections. Updating A10 connections periodically: The PCF sends A11 registration messages periodically to ask for updating A10 connections and the PDSN9660 updates A10 connections correspondingly.
Commercial in Confidence Page 20 of 53
PDSN9660 Product Description Multiple Service Instance: An MS can support up to six service instances. Each service instance has it own RLP and QoS parameter setting so different instances can bear different services such as voice service and non-voice service. Establishing and maintaining the GRE tunnel: It establishes the GRE tunnel between the PCF and the PDSN9660 and maintains the tunnel. PPP negotiation: Based on RFC1661, the PDSN9660 establishes, maintains or terminates PPP sessions with MSs. Supporting switching between PCFs that are under the same PDSN9660: When an MS moves to a different BSC, the PDSN9660 enables switching between PCFs and maintains PPP sessions with MSs and up-layer services such as FTP and WWW services.
4.3.1 Simple IP
By the simple IP access mode, when an MS launches a packet service, the PDSN assigns an IP address to the MS while a PPP connection is established. When the packet service is over, it releases this IP address. It is easy to enable the simple IP access mode. The IP address of an MS is assigned only when it is needed. As a result, the demand for the amount of IP addresses is small. However, the simple IP mode only supports packet services that are initialized by an MS. If it switches from one PDSN to another, the MS has to interrupt the currently ongoing packet service and to set up a PPP connection with the new PDSN. Under the simple IP mode, the CN-PS has two main networking entities, the PDSN and the AAA server. The basic service flow of the simple IP mode that is implemented by the PDSN is described as follows: 1) 2) 3) 4) 5) An MS launches a packet service request, establishing a PPP link through the RAN, MS and PDSN9660. The PDSN9660 communicates with the AAA server for authentication of the MS. Having passed the authentication, the MS obtains an address assigned by the PDSN9660 or from the AAA server at the request of the PDSN9660. The PDSN9660 then connects the MS to the external PDN in IP mode, collecting accounting information and sending it to the AAA server for accounting. If the subscriber initiatively gets offline or has not made any operation for a long time, the PDSN9660 launches a flow to release the IP address currently held by the MS.
Commercial in Confidence Page 21 of 53
4.3.2 Mobile IP
The simple IP only supports packet services that are initiatively launched by an MS. When the MS moves from one network to another (or it switches from one PDSN to another), the existing packet service will be interrupted and the IP address must be reassigned or renegotiated. To solve the problem of more and more frequent MS mobility, Huawei CDMA2000 packet service solution has enabled mobile IP (or MIP). The mobile IP technology is a solution for providing mobility on the IP network. This solution enables a node to keep its available communication free of interruption even if the node switches from one network to another and makes the IP address (or a home address) a permanent one for connecting with any other networks. That is, when an MS switches from one PDSN to another, the original IP address and session are still kept and the ongoing packet service remains uninterrupted. Under MIP structure, apart from the PDSN and AAA server, the HA is also one of the networking entities of the packet-switched core network. At the same time, the PDSN is also integrated with the FA function. The MIP service flow of the PDSN9660 is as follows: 1) 2) An MS launches a packet service request, setting up a PPP link with the PDSN9660/FA through the RAN. The PDSN9660/FA sends agent advertisement messages, declaring its FA services. Such a message carries certain IP address of PDSN9660/FA. This address serves as the foreign agent care-of address of the MS. 3) The MIP-enabled MS sends registration requests to the HA through PDSN9660/FA, broadcasting its care-of address, that is, the information of the current location. 4) By means of the authentication message between the PDSN9660/FA and the AAA server, the PDSN9660/FA verifies whether the MS is lawful and assigns a dynamic HA for it. When the MS passes the authentication, the PDSN9660/FA then will forward the registration request message of the MS to the HA. 5) The HA checks the validity of the registration request, assigning a home address for the MS, creating a mobile binding table (that is, the mapping relation between the home address and the foreign agent care-of address), setting up a tunnel to the PDSN9660/FA, and then sending registration reply message to the PDSN9660/FA. The PDSN9660/FA then forwards the registration reply message to the MS. 6) The HA announces the reachability of the network prefix of the MS home address so as the packets destined to the MS home address route to the home network. The HA delivers these packets to the PDSN9660/FA through the tunnel. The original packets will be singled out from the tunnel at the PDSN9660/FA and forwarded to the MS.
Commercial in Confidence Page 22 of 53
PDSN9660 Product Description 7) In the reverse direction, the data packets which are sent from the MS follow only the simple IP forwarding flow; instead of the HA, they go directly to the destination node on the PDN through the PDSN9660/FA, a default router. However, if reverse tunnel has been applied for, the packets can also reach the HA through the reverse tunnel between the PDSN9660/FA and the HA and then are forwarded through the HA.
PDSN9660 Product Description MS with a foreign agent care-of address, be in charge of routing of a registered MS and forward the packets from the HA through the tunnel to the MS. The FA functions that are supported by the PDSN9660 are as follows: Sending agent advertisements: By sending agent advertisement messages, the FA helps an MS know whether it has moved away from its home network and provides the MS with foreign agent care-of address and other information. Handling registration messages: The FA judges the validity of each field of the registration message from the MS. If the FA requires to be authenticated, it can send the registration message to the AAA server for authentication and forward the lawful registration message to the HA for further treatment. Authentication extension: The registration is a process vulnerable for being attacked. This demands a compulsory authentication to the registration messages between an MS and the HA. The PDSN9660/FA supports the authentication extension of registration messages, including the authentication between an MS and the FA and that between the FA and the HA. Supporting both forward tunneling and reverse tunneling: The PDSN9660/FA carries the IP traffic between an MS and the HA through a tunnel. At the forward tunnel (a tunnel with the HA as the start point and the FA as the end point), the FA decapsulates the IP packets from the HA and sends them to an MS. At the reverse tunnel (a tunnel with the FA as the start point and the HA as the end point), the FA encapsulates the packets from an MS and forwards them to the HA through the tunnel. The PDSN9660/FA supports three types of tunnel encapsulation: IP in IP encapsulation, minimum encapsulation and GRE encapsulation. Packet delivery: The FA obtains packets that are forwarded from the HA through the forward tunnel and delivers them to an MS. It can also forward the packets from an MS by following the simple IP forwarding procedure or through a reverse tunnel.
4.5 Accounting
The PDSN9660 can collect accounting information based on data service duration or data traffic. When an MS has passed the authentication and starts a data service, the PDSN9660 will receive the accounting information from the PCF and that collected by itself. Then it merges them into a Usage Data Record (UDR) and sends it to the accounting server through the RADIUS protocol. The accounting server then records this information and generates call detail records. To ensure accounting reliability, the PDSN9660 can re-send accounting messages and buffer call detail records. When it cannot get response from the accounting server, the PDSN9660 re-sends accounting messages to prevent the call detail records from missing. If it has re-sent for many times but the accounting server still fails to respond, the PDSN9660 buffers the records to the hard disk. When the communications to the
Commercial in Confidence Page 24 of 53
PDSN9660 Product Description accounting server becomes normal again, the PDSN9660 will send the buffered records to the accounting server.
4.6 PPS
The PrePaid Service (PPS) means that a subscriber can enjoy certain services by prepaying a sum of money. The services refers to a certain service duration or a certain amount of data volume. Under PPS, the usage of the resource (the service duration or data volume) that is bought by the subscriber will be traced in real time and the consumed part will be deducted from the subscribers account in real time. Huawei CDMA2000 packet prepaid service system includes the following networking entities: the PDSN9660, AAA server, PPS server and SCP. The PDSN9660 PPS system features the following: Supervising the call fee and accounting according to the activated subscribers session duration. Supervising the call fee and accounting according to the traffic volume. Supervising the call fee and accounting according to both the activated subscribers session duration and the traffic volume. Switching between the time-based charging rate and traffic volume-based charging rate. Executing charging rate favor for subscribers, based on the time duration or the time division. Distributing money by slicing it into small units to avoid applying excessive quota once. In this case, if the abnormality occurs, only one segment of quota is affected. Controlling subscribers fee precisely, and enabling many users to share the same account simultaneously for packet services.
I. MPLS L3 VPN
The MPLS L3 VPN can provide VPN technology through the IP backbone network. It uses the MPLS LSP to forward data packets on the IP backbone networks, but the MPLS LSP must be highly reliable. The MPLS L3 VPN distributes the VPN routes through BGP on the IP backbone networks to separate traffic between different VPN members. The PDSN9660 supports the MPLS L3 VPN and conforms to the definition in IETF RFC 2547.
GRE Tunnel
PDSN9660 Product Description supports two authentication modes, PAP and CHAP. The authentication is performed when an MS carries out PPP negotiations with the PDSN9660. In mobile IP connection, the PDSN9660 needs to communicate with the AAA server to perform certification and authorization for the MS, and also needs to carry out authentication to the registration message between an MS and the HA. The PDSN9660/FA supports authentication extension of the registration message, including authentication between an MS and the FA, and that between the FA and the HA. The PDSN9660 provides more than one authenticating methods, such as plain text authentication, MD5 and HMAC-MD5, for major routing protocols, namely, RIP v2, OSPF, IS-IS and BGP. As the Telnet protocol does not support any secure certification, all contents transferred by TCP are in plain text, which has hidden security problem. The PDSN9660 supports the Secure Shell protocol (SSH). When the subscriber telnet to the PDSN, SSH can provide security of the information and powerful certification functions. Therefore, the PDSN will not be attacked by the IP address fraud or plain password interception.
4.8.2 IPSec
IP Security protocol (IPSec) suite is a series of protocols defined by the IETF. It provides high-quality, interoperable and cryptology-based security for IP data packets. The two sides of communication perform encryption and data source authentication on IP layer to assure confidentiality, data integrity, data origin authentication and anti-replay for packets when they are being transmitted on networks. IPSec implements the above aims through Authentication Header (AH) security protocol and Encapsulating Security Payload (ESP) security protocol. Moreover, the Internet Key Exchange (IKE) provides auto-negotiation key exchange and Security Association (SA) setup and maintenance services for IPSec so as to simplify the use and management of IPSec. The PDSN9660 supports IPSec on R-P interface, Pi interface, physical interfaces and operation and maintenance interfaces. It can set up IPSec tunnels to the following entities of the PCF, AAA server, HA, router or maintenance host, authenticate or encrypt the data stream going between them so as to ensure security of the data. The PDSN9660 supports the following IPSec functions: Implement MD5 and SHA-1 authentication algorithms Implement DES, 3DES and AES encryption algorithms Supporting two IPSec modes: the transmitting mode and the tunneling mode Implement AH and ESP protocols and supporting binding of AH and ESP Manually Configuring security associations or automatically negotiating security associations through IKE
Commercial in Confidence Page 27 of 53
PDSN9660 Product Description Realizing IPSec VPN by binding VRF to the interface where the IPSec situates The above features are implemented by means of a hardware encryption card so as to ensure high performance.
4.8.4 Pi Redirection
Generally, the PDSN carries out routing search to the inner layer of IP packets that are obtained by decapsulation of the packets from an MS. If the addresses in the packets are destined to other MSs in the same PDSN, the PDSN will directly encapsulate and forward the downlink packets rather than letting them go through Pi interface. This has brought about an issue of security: the datagram attacks among the mobile users in the same PDSN cannot be prohibited. The Pi redirecting function of the PDSN9660 can solve the above problem. When forwarding uplink packets from the MS, the PDSN9660 is required to redirect them to Pi even if they are destined to other mobile users under its administration. After being filtered by the firewall that connects Pi interface, the packets are retransmitted to the PDSN9660 and then encapsulated and forwarded by the PDSN9660.
4.9 QoS
The CDMA2000 can provide subscribers with service quality of different levels. When contracting a data service, a subscriber chooses a needed service quality and has it saved to the subscribers configuration file on the authentication server. The PDSN9660 supports QoS tag setting. That is, the PDSN9660 first obtains subscribers packet service QoS parameters issued from the authentication server. Then, it maps the negotiated QoS parameter into the differentiated service priority of the IP network and fills it into the ToS field or DSCP field at the head of the subscribers packets and finally forwards them to the external PDN. Relying on this, the external network implements IP QoS queue scheduling so as to guarantee the QoS of the subscribers packet service. In addition, as an enhanced router, the PDSN9660 supports the following QoS features such as traffic policing, traffic shaping, queue scheduling and congestion control. They are implemented by hardware, which results in high performance.
Commercial in Confidence Page 28 of 53
PDSN9660 Product Description Fault location Fault diagnosis Capacity plan Report generation
Commercial in Confidence
Page 30 of 53
Chapter 5 Reliability
The PDSN9660 is designed on the basis of comprehensive reliability analysis. It uses advanced protection mechanisms to ensure reliability. This chapter describes the reliability of the PDSN from the following aspects: Hardware Reliability Software Reliability Networking Reliability
Commercial in Confidence
Page 31 of 53
PDSN9660 Product Description while running overlarge traffic or suffering from malicious attacks. Even if in such case, the system can be restored to a normal and stable state in a short time. System resource check: This function can compare data in the system database with the current running data; if inconsistent, the data can be restored with this function. Self fault detection and recovery: When the system (either software or hardware) malfunctions, some detection measures should be taken to find the faults for fault isolation and system recovery from faults. The system can take certain measures (such as automatic switchover with normal boards, automatic reset of abnormal board) to remove some malfunctions CDRs buffer: This is to ensure the accounting reliability. If a communication fault occurs between the PDSN and the AAA Server, or if the PDSN9660 has re-sent CDRs for many times but the AAA server still fails to respond, the PDSN9660 buffers the records to the hard disk. When the communication with the accounting server becomes normal again, the PDSN9660 will send the buffered CDRs to the accounting server. Board lock and system shutdown: This can refuse the access of new users and delete the old users. Some services handled by the boards and system will cease step by step, rather than being halted suddenly. Hot patch technology: It supports hot patches for online software, which does not affect reliable operation of the software.
Commercial in Confidence
Page 32 of 53
LAN
PDSN/BAM
LAN
PSTN MODEM
PDSN LMT
M2000 Server
LAN
Commercial in Confidence
Page 33 of 53
6.1.1 BAM
The Back Administrative Module (BAM) is the server of the O&M system based on the TCP/IP. It implements the following functions: Analyzing and processing the commands from the client Processing data loading request and alarm information from the equipment
6.1.2 LMT
The Local Maintenance Terminal (LMT) is the client of the O&M system based on the TCP/IP. It supports the Man-Machine Language (MML) mode and the Graphic User Interface (GUI) mode. The LMT enables you to perform routine operation and maintenance for the PDSN. It provides interfaces for the connection with the alarm box to provide audible and visual alarms. The LMT supports remote operation and maintenance through the Public Switched Telephone Network (PSTN).
6.1.3 M2000
The M2000 is a centralized management system for the Huawei mobile network products. It is a platform implementing centralized management for Huawei mobile network products. The M2000 communicates with the PDSN through the TCP/IP protocol. An M2000 system is composed of one M2000 server and multiple M2000 clients. The LMT can be integrated into the M2000 system as an M2000 client. This enables the LMT user to use the topological management function of the M2000 to monitor and manage the entire mobile network.
PDSN9660 Product Description Command history Predictive text input Search of command key words Parameter prompt The MML commands enable you to configure and modify data, and to query information. The PDSN9660 system receives and analyzes MML commands, executes them and returns processing results to the LMT.
Commercial in Confidence
Page 35 of 53
Commercial in Confidence
Page 36 of 53
Performance
PDSN9660 Product Description Item Number of L2TP tunnels Number of IPSec tunnels 6,000 5,000 Performance
48 V (40 V to 60 V) < 1,400 W (FE networking) < 1,600 W (GE networking) 65 dBA (The actual temperature.) noise depends on the
SPL noise
PDSN9660 Product Description Item Board switchover time Board restart time System restart time Start time from system power-on to service-ready Specification < 6 seconds < 9 minutes < 15 minutes < 12 minutes
Commercial in Confidence
Page 39 of 53
I. Climatic Requirements
Table 7-4 lists the climatic requirements for equipment storage. Table 7-4 Climatic requirements for equipment storage Item Temperature Temperature change rate Relative humidity Altitude Air pressure Solar radiation Heat radiation Wind speed 40C to + 70C 1 C/min 8% to 100% 5,000 m 70 kPa to 106 kPa 1,120 W/s 600 W/s 30 m/s
o
Range
PDSN9660 Product Description Table 7-5 Requirements for physically active materials in storage environment Physically Active Material Suspending dust Falling dust Sand mg/m mg/mh mg/m Unit 5.00 20.0 300 Density
Note: Suspending dust: Diameter 75 m Falling dust: 75 m Diameter 150 m Sand: 150 m Diameter 1,000 m
The density of chemically active materials must comply with the requirements listed in Table 7-6. Table 7-6 Requirements for chemically active materials in storage environment Chemically Active Material SO2 H2S NO2 NH3 Cl2 HCl HF O3 mg/m mg/m mg/m mg/m mg/m mg/m mg/m mg/m Unit 0.30 0.10 0.50 1.00 0.10 0.10 0.01 0.05 Density
Commercial in Confidence
Page 41 of 53
PDSN9660 Product Description Item Unsteady impact Sub-Item Impact response spectrum II Static payload 250 m/s 5 kPa Range
Note: Impact response spectrum: The maximum acceleration response curve generated by the equipment under specified impact excitation. Impact response spectrum II means that the duration of semi-sine impact response spectrum is 6 ms. Static payload: The capability of the equipment in package to bear the pressure from the top in normal pile-up method.
I. Climatic Requirements
Table 7-8 lists the climatic requirements for equipment transportation. Table 7-8 Climatic requirements for equipment transportation Item Altitude Air pressure Temperature Temperature change rate Humidity Solar radiation Heat radiation Wind speed 5,000 m 70 kPa to 106 kPa 40C to + 70C 3C/min 50% to 100% 1,120 W/s 600 W/s 30 m/s Range
Note: Suspending dust: Diameter 75 m Falling dust: 75 m Diameter 150 m Sand: 150 m Diameter 1,000 m
The density of chemically active materials must comply with the requirements listed in Table 7-10. Table 7-10 Requirements for chemically active materials in transportation environment Chemically Active Material SO2 H2S NO2 NH3 Cl2 HCl HF O3 mg/m mg/m mg/m mg/m mg/m mg/m mg/m mg/m Unit 0.30 0.10 0.50 1.00 0.10 0.10 0.01 0.05 Density
Commercial in Confidence
Page 43 of 53
Random vibration
10 m/s
3 m/s
1 m/s
2 Hz to 9Hz
9 Hz to 200 Hz
200 Hz 500 Hz
to
Unsteady impact
Note: Impact response spectrum: The maximum acceleration response curve generated by the equipment under specified impact excitation. Impact response spectrum II means that the duration of semi-sine impact response spectrum is 6 ms. Static payload: The capability of the equipment in package to bear the pressure from the top in normal pile-up method.
I. Climatic Requirements
Table 7-12 and Table 7-13 list the climatic requirements for equipment operation. Table 7-12 Requirements for temperature and humidity in operation environment Temperature Normal Safe Relative Humidity Normal Safe
Commercial in Confidence
Page 44 of 53
PDSN9660 Product Description Temperature 15C to 30C 0C to 45C Relative Humidity 40% to 75% 20% to 90%
Note: The values are measured 1.5 m above the floor and 0.4 m in front of the equipment, without protective panels in front of or behind the cabinet. Safe operation refers to continuous operation for no more than 48 hours or accumulated operation of no more than 15 days in a year.
Table 7-13 Requirements for other climatic factors in operation environment Item Altitude Air pressure Temperature change rate Solar radiation Heat radiation Wind speed 4,000 m 70 kPa to 106 kPa 3C/min 700 W/m 600 W/m 1 m/s Range
Density
(Visible dust should not accumulate on the desktop within three days)
Commercial in Confidence
Page 45 of 53
The density of chemically active materials must comply with the requirements listed in Table 7-15. Table 7-15 Requirements for chemically active materials in operation environment Chemically Active Material SO2 H2S NH3 Cl2 mg/m mg/m mg/m mg/m Unit 0.20 0.006 0.05 0.01 Density
Note: Impact response spectrum: The maximum acceleration response curve generated by the equipment under specified impact excitation. Impact response spectrum II means that the duration of semi-sine impact response spectrum is 6 ms. Static payload: The capability of the equipment in package to bear the pressure from the top in normal pile-up method.
Commercial in Confidence
Page 46 of 53
Chapter 8 Installation
This chapter describes the installation of the PDSN9660 from the following aspects: System Installation System Expansion and Upgrade
Commercial in Confidence
Page 47 of 53
Commercial in Confidence
Page 48 of 53
A AAA AC ACL AES AH Authentication, Authorization and Accounting Authentication Center Access Control List Advanced Encryption Standard Authentication Header
B BAM BGP BSC BSS Back Administration Module Border Gateway Protocol Base Station Controller Base Station Subsystem
C CDMA CHAP CPU Code Division Multiple Access Challenge Handshake Authentication Protocol Central Processing Unit
D DC DES DPS DPT DSCP Direct Current Data Encryption Standard Dispatcher Server Dispatcher DiffServ Code Point
E EIA
Commercial in Confidence
PDSN9660 Product Description EMC ESP ETS Electromagnetic Compatibility Encapsulating Security Payload European Telecommunication Standards
G GB GE GLMS GMSC GRE GUI Gigabit Gigabit Ethernet Group and List Management Server Gateway Mobile Switching Center Generic Routing Encapsulation Graphic User Interface
H HA HDLC HLR Home Agent High level Data Link Control Home Location Register
I IEC IETF IKE IMSI IP IPSec ISDN IS-IS ISUP International Electro Commission Internet Engineering Task Force Internet Key Exchange International Mobile Subscriber Identity Internet Protocol IP Security Protocol Integrated Services Digital Network Intermediate System-to-Intermediate System ISDN User Part
Commercial in Confidence
Page 50 of 53
PDSN9660 Product Description ITU-T International Telecommunication Standardization Sector Union Telecommunication
L L2TP LAC LAN LIG LMT LPU LSP LZS Layer 2 Tunneling Protocol L2TP Access Concentrator Local Area Network Lawful Interception Gateway Lifecycle Management Team; Local Maintenance Terminal Line interface Processing Unit Label Switching Path Lempel-Ziv Stacker compression algorithm
M MAP MC MD5 MDN MIN MIP MML MPLS MPPC MRTIE MS MSC MTBF MTTR MVPN Mobile Application Part Message Center Message Digest 5 Mobile Directory Number Mobile Identification Number Mobile IP Man-Machine Language Multi-Protocol Label Switching Microsoft Point-to-Point Compression Maximum Relative Time Interval Error Mobile Station Mobile Switching Center Mean Time Between Failure Mean Time To Repair Mobile Virtual Private Network
N NAT NMS
Commercial in Confidence
O OAM OMC OSPF Operation, Administration and Maintenance Operation & Maintenance Center Open Shortest Path First
P PAP PCF PDN PDSN PIN PLMN PPP PPS PSTN Password Authentication Protocol Packet Control Function Public Data Network Packet Data Serving Node Personal Identification Number Public Land Mobile Network Point-to-Point Protocol Prepaid Service Public Switched Telephone Network
R RADIUS RAN RFC RIP R-P Remote Authentication Dial in User Service Radio Access Network Request for Comments Routing Information Protocol RN-PDSN
PDSN9660 Product Description SHA SMT SNMP SPU SRU SSP Secure Hash Algorithm Service Maintenance Terminal Simple Network Management Protocol Service Processing Unit Switch Routing Unit Service Switching Point
T TCP TIA ToS TUP Transport Control Protocol Telecommunications Industry Association Type of Service Telephone User Part
U UDR UI USR Usage Data Record Unit interval Universal Switching Router
V VLR VPN VRF VRP Visitor Location Register Virtual Private Network Virtual Route Forward Versatile Routing Platform
Commercial in Confidence
Page 53 of 53