SJ-20110221163024-002-ZXUN USPP (V4.11.10) Universal Subscr

ZXUN USPP
Universal Subscriber Profile Platform

EIR Product Description
Version: V4.11.10
ZTE CORPORATION
NO. 55, Hi-tech Road South, ShenZhen, P.R.China
Postcode: 518057
Tel: +86-755-26771900
Fax: +86-755-26770801
URL: http://ensupport.zte.com.cn
E-mail: support@zte.com.cn
LEGAL INFORMATION
Copyright 2011 ZTE CORPORATION.
The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by
contractual confidentiality obligations.
All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE
CORPORATION or of their respective owners.
This document is provided as is, and all express, implied, or statutory warranties, representations or conditions
are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,
title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the
use of or reliance on the information contained herein.
ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications
covering the subject matter of this document. Except as expressly provided in any written license between ZTE
CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter
herein.
ZTE CORPORATION reserves the right to upgrade or make technical change to this product without further notice.
Users may visit ZTE technical support website http://ensupport.zte.com.cn to inquire related information.
The ultimate right to interpret this product resides in ZTE CORPORATION.
Revision History
Revision No. Revision Date Revision Reason
R1.2 2011-07-07 Changed the GUI agent to Web agent.
R1.1 2011-06-10 Updated the technical specifications.
R1.0 2011-04-15 First Edition
Serial Number: SJ-20110221163024-002
Publishing Date: 2011-07-07(R1.2)

Contents
About This Manual ......................................................................................... I
Declaration of RoHS Compliance ................................................................. I
Chapter 1 Product Overview ..................................................................... 1-1
1.1 Role of EIR ........................................................................................................ 1-1
1.2 Functions of EIR ................................................................................................ 1-2
1.3 Characteristics ................................................................................................... 1-4
1.3.1 Comprehensive Reliability......................................................................... 1-4
1.3.2 Multidimensional Security Mechanisms...................................................... 1-4
1.3.3 Linear Scalability ...................................................................................... 1-6
1.3.4 Centralized Database ............................................................................... 1-6
1.3.5 Flexibility Characteristics .......................................................................... 1-6
1.3.6 Convergence ........................................................................................... 1-7
1.3.7 Flexible IMEI Match Function .................................................................... 1-7
1.3.8 IMSI and IMEI Binding Function ................................................................ 1-7
Chapter 2 System Structure ...................................................................... 2-1

2.1 System Structure Overview................................................................................. 2-1
2.2 Hardware and Software Structure........................................................................ 2-2
2.2.1 Hardware Structure .................................................................................. 2-2
2.2.2 Software Structure.................................................................................... 2-4
2.3 Subsystem Composition ..................................................................................... 2-6
2.3.1 FE Subsystem ......................................................................................... 2-6
2.3.2 PROVISION Subsystem ........................................................................... 2-8
2.3.3 UDS Subsystem..................................................................................... 2-10
2.3.4 Network Element Management Subsystem .............................................. 2-12
2.3.5 Fault Recovery Subsystem ..................................................................... 2-15
2.3.6 HSM Subsystem .................................................................................... 2-16
Chapter 3 Basic Services........................................................................... 3-1

3.1 IMEI-Checking Service ....................................................................................... 3-1
3.2 MEID-Checking Service...................................................................................... 3-2
Chapter 4 Basic Functions ........................................................................ 4-1

4.1 Provisioning Function ......................................................................................... 4-1
4.2 Operation and Maintenance Functions................................................................. 4-1
4.3 Geographical Redundancy.................................................................................. 4-3
I
4.4 UDS Function .................................................................................................... 4-4
4.4.1 UDS Functions Overview .......................................................................... 4-4
4.4.2 Multi-Level Data Backup and Restoration................................................... 4-5
4.4.3 Replication and Synchronization................................................................ 4-7
Chapter 5 Interfaces and Protocol Stack ................................................. 5-1

5.1 Interfaces .......................................................................................................... 5-1
5.1.1 Interfaces with Other NEs ......................................................................... 5-1
5.1.2 Service Provisioning Interface ................................................................... 5-3
5.1.3 Network Management Interfaces ............................................................... 5-3
5.2 Protocol Stacks .................................................................................................. 5-5
Chapter 6 Networking Modes .................................................................... 6-1

6.1 Internal Networking ............................................................................................ 6-1
6.2 Single-Site Solution ............................................................................................ 6-3
6.3 Dual-Site Solution .............................................................................................. 6-3
6.4 Mutil-Site Solution .............................................................................................. 6-4
Chapter 7 Technical Specifications .......................................................... 7-1

7.1 Physical Specifications ....................................................................................... 7-1
7.2 Capacity ............................................................................................................ 7-2
7.3 Performance Specifications................................................................................. 7-2
7.4 Power Specifications .......................................................................................... 7-2
7.5 Clock Specifications ........................................................................................... 7-3
7.6 Interface Type .................................................................................................... 7-3
7.7 Reliability Specifications ..................................................................................... 7-4
Chapter 8 Security Measures and Envionment Requirements .............. 8-1

8.1 Security Measures.............................................................................................. 8-1
8.1.1 Security Regulations................................................................................. 8-1
8.1.2 Fire-Resistance Measures ........................................................................ 8-1
8.1.3 Anti-Aging Measures ................................................................................ 8-1
8.2 Envionment Requirements .................................................................................. 8-1
8.2.1 Requirements for the Equipment Room ..................................................... 8-1
8.2.2 Grounding Requirements .......................................................................... 8-2
8.2.3 Temperature and Humidity Requirements .................................................. 8-2
8.2.4 Cleanness Requirement ........................................................................... 8-2
8.2.5 EMI Requirements.................................................................................... 8-2
8.2.6 Ventilation Requirements .......................................................................... 8-3
8.2.7 Fire Protection Requirements.................................................................... 8-4
8.2.8 Lighting Requirements.............................................................................. 8-4
II
8.2.9 Anti-Static Requirements .......................................................................... 8-4
8.2.10 Lightning Protection Requirements .......................................................... 8-5
8.2.11 Quakeproof Requirement ........................................................................ 8-7
Appendix A Narrowband SS7 Signaling Protocols ................................ A-1

A.1 Introduction to Narrowband SS7 Protocol ............................................................ A-1
A.2 MTP1 Protocol................................................................................................... A-2
A.3 MTP2 Protocol................................................................................................... A-2
A.4 MTP3 Protocol................................................................................................... A-4
A.5 SCCP Protocol .................................................................................................. A-7
A.6 TCAP Protocol................................................................................................. A-11
A.7 TUP Protocol ................................................................................................... A-12
A.8 ISUP Protocol.................................................................................................. A-13
Appendix B SIGTRAN Protocols.............................................................. B-1

B.1 Introduction to SIGTRAN Protocol....................................................................... B-1
B.2 SCTP Protocol................................................................................................... B-2
B.3 M3UA Protocol .................................................................................................. B-7
Appendix C MAP Protocol ........................................................................ C-1

C.1 Introduction to MAP Protocol ..............................................................................C-1
C.2 MAP Signalling Process .....................................................................................C-2
Figures............................................................................................................. I
Tables ............................................................................................................ III
Glossary .........................................................................................................V
III
IV
About This Manual
Purpose
This manual provides an overall introduction to ZXUN USPP (EIR), including the role,
applications, characteristics, system structure, basic services, basic functions, interfaces,
protocol stack, networking modes, technical indices, security measures and environmental
requirements.
In this manual ZXUN USPP (EIR) is also called EIR for short.
Intended Audience
This manual is intended for ZXUN USPP (EIR) specialists and maintenance personnel.
Prerequisite Skill and Knowledge

To use this manual effectively, users should have a general understanding of mobile
communication technology. Familiarity with the following is helpful:
l Protocols and standards for mobile network
l Architecture and functions of each network element in mobile network
What Is in This Manual

This manual contains the following chapters:
Chapter Summary
Chapter 1, Product Overview Describes the role, applications and characteristics of

ZXUN USPP (EIR).
Chapter 2, System Structure Describes the structure of ZXUN USPP (EIR).
Chapter 3, Basic Services Describes the basic services of ZXUN USPP (EIR).
Chapter 4, Basic Functions Describes the basic functions of ZXUN USPP (EIR).
Chapter 5, Interfaces and Protocol Stack Describes the interfaces and protocol stack used in
ZXUN USPP (EIR).
Chapter 6, Networking Modes Describes the networking modes of ZXUN USPP (EIR)
of different scales.
Chapter 7, Technical Specifications Describes the technical specifications of ZXUN USPP

(EIR).
Chapter 8, Security Measures and Describes the security measures and the environmental
Environment Requirements requirements of ZXUN USPP (EIR).
Appendix A, Narrowband SS7 Signaling Describes the narrowband SS7 signaling protocols that
Protocols the interfaces of ZXUN USPP (EIR) may use.
I
Chapter Summary
Appendix B, SIGTRAN Protocols Describes the SIGTRAN protocol that the interfaces of
ZXUN USPP (EIR) may use.
Appendix C, MAP Protocol Describes the MAP protocol that the interfaces of
ZXUN USPP (EIR) may use.
FCC Compliance Statement

This device complies with part 15 of the FCC Rules. Operation is subject to the following
two conditions.
1. This device may not cause harmful interference.
2. This device must accept any interference received, including interference that may
cause undesired operation.
Changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate the equipment.
Conventions
ZTE documents employ the following typographical conventions.
Typeface Meaning
Italics References to other manuals or documents.
Quotes Links on screens.
Bold Menus, menu options, function names, input fields, radio button names, check
boxes, drop-down lists, dialog box names, window names.
CAPS Keys on the keyboard and buttons on screens and company name.
Note: Provides additional information about a certain topic.
Checkpoint: Indicates that a particular step needs to be checked before

proceeding further.
Tip: Indicates a suggestion or hint to make things easier or more productive

for the reader.
II
Declaration of RoHS
Compliance
To minimize environmental impacts and take more responsibilities to the earth we live on,
this document shall serve as a formal declaration that ZXUN USPP (EIR) manufactured
by ZTE CORPORATION is in compliance with the Directive 2002/95/EC of the European
Parliament - RoHS (Restriction of Hazardous Substances) with respect to the following
substances:
l Lead (Pb)
l Mercury (Hg)
l Cadmium (Cd)
l Hexavalent Chromium (Cr (VI))
l PolyBrominated Biphenyls (PBBs)
l PolyBrominated Diphenyl Ethers (PBDEs)
ZXUN USPP (EIR) manufactured by ZTE CORPORATION meets the requirements of EU 2002/95/EC;
however, some assemblies are customized to client specifications. Addition of specialized,
customer-specified materials or processes which do not meet the requirements of EU 2002/95/EC
may negate RoHS compliance of the assembly. To guarantee compliance of the assembly, the need
for compliant product must be communicated to ZTE CORPORATION in written form.
This declaration is issued based on our current level of knowledge. Since conditions of use are
outside our control, ZTE CORPORATION makes no warranties, express or implied, and assumes no
liability in connection with the use of this information.
I
II
Chapter 1
Product Overview
Table of Contents
Role of EIR.................................................................................................................1-1
Functions of EIR.........................................................................................................1-2
Characteristics ...........................................................................................................1-4
1.1 Role of EIR

ZXUN USPP (EIR) strictly complies with 3GPP standards, which manages the IMEI/MEID
of all mobile equipments (MEs) in PLMN and checks if they are legal. This network entity
includes one or more databases storing IMEIs/MEIDs.
Note:
IMEIs are used for a GSM/UMTS system, and MEIDs are used for a CDMA system. This
manual takes IMEIs as an example to introduce ZXUN USPP (EIR). The purpose of IMEIs
for GSM/UMTS is the same as MEIDs for CDMA.
The MEs is classified as white listed, grey listed, black listed or it may be unknown as
specified in TS 22.016 and TS 29.002. The IMEI of the MEs are in their certain list.
ZXUN USPP (EIR) contains one or several databases which store the IMEIs used in the
GSM/UMTS system and list attributes as white listed, grey listed or black listed.
The following figure shows the location of EIR in the mobile network by taking GSM/UMTS
as an example.
1-1
SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

ZXUN USPP EIR Product Description
Figure 1-1 Location of ZXUN USPP (EIR) in Mobile Network
1.2 Functions of EIR

Function Description
ZXUN USPP (EIR) provides the following functions:
l International Mobile station Equipment Identity (IMEI) information is stored in ZXUN
USPP (EIR) database, including the black/white/grey list category and the reason.
1-2

Chapter 1 Product Overview
IMEIs may be stored in the lists in form of individual IMEIs or IMEI ranges. An IMEI
range has a common TAC and FAC for the IMEIs included.
ZXUN USPP (EIR) supports both formats of IMEI and IMEISV.
l ZXUN USPP (EIR) supports IMEI range match. IMEI ranges shall configure category
of white, grey or black. That means all IMEIs in the same range have the same
category.
When EIR receives check IMEI message, EIR first queries the database with individual
IMEI. If the record is present, EIR returns this IMEI. If the record is not present, EIR
matches with IMEI ranges, and returns the IMEI range list category.
l ZXUN USPP (EIR) provides three levels of list match.
The first level is single IMEI match. If the IMEI is found, EIR returns the list of the IMEI.
The second level is IMEI range match. If IMEI could not be found in the database,
then EIR searches the IMEI ranges. If the IMEI range that contains the IMEI is found,
EIR returns the list of the IMEI range.
The third level is the setting of default list. If the IMEI could not be found among the
individual IMEIs or the IMEI ranges, EIR returns the default list.
l ZXUN USPP (EIR) supports the enhanced Check IMEI message which allows IMSI
and MSISDN to be provided as optional parameters.
l ZXUN USPP (EIR) could record the quantities of black lists, grey lists, and unknown
IMEIs.
If the system enables enhanced Check IMEI function, the quantity of unmatched IMSIs
is also recorded.
l ZXUN USPP (EIR) can identify a subset of handsets that use only one SIM card. Each
mobile station (MS) entry identifies one handset (IMEI) and one SIM card (IMSI). Other
SIM cards are not allowed with that handset.
ZXUN USPP (EIR) can check the MS list when processing a Check IMEI request. If
the carried IMEI appears in the list, ZXUN USPP (EIR) restricts its use to its associated
IMSI. If the IMSI carried in the Check IMEI request is different from the one associated
with the IMEI, ZXUN USPP (EIR) returns a response, indicating the IMEI status is
blacklist.
Introduction to IMEI, IMEISV and MEID

The IMEI is composed of the following elements (each element shall consist of decimal
digits only):
l Type Approval Code (TAC): Its length is 8 digits.

l Serial Number (SNR): It is an individual serial number identifying equipment within the
TAC. Its length is 6 digits.
l Spare digit: This digit shall be zero, when transmitted by the MS.
1-3

The International Mobile station Equipment Identity and Software Version Number
(IMEISV) is composed of the following elements (each element shall consist of decimal
digits only):
l Type Approval Code (TAC): Its length is 8 digits.
l Serial Number (SNR): It is an individual serial number identifying equipment within
each TAC. Its length is 6 digits.
l Software Version Number (SVN): It identifies the software version number of the
mobile equipment. Its length is 2 digits.
The Mobile station Equipment Identity (MEID) is composed of the following elements (each
element shall consist of hex digits only). Its format is as shown below.
Figure 1-2 MEID Format
l Manufacture Code: Its length is 8 digits. RR: A0FF. XXXXXX: 000000FFFFFF.

l Serial Number: Its length is 6 digits. 000000FFFFFF.
l Check digit (CD): 0F, not transmitted.
1.3 Characteristics
1.3.1 Comprehensive Reliability
l The distributed architecture ensures that all front end (FE) nodes and back end (BE)
nodes work in a geographical redundancy mode of N+K load sharing.
l The BE provides triple-level data backup/restoration mechanism, namely, memory
level, local hard disk level and disk array level.
l The open ETCA platform provides high reliability, high integration, ease for expansion
and green and intelligent power saving technology.
l The system provides multi-level overload control for service processing, service
provisioning and network maintenance.
1.3.2 Multidimensional Security Mechanisms

ZXUN USPP (EIR) provides multi-dimensional security mechanisms, as shown in the
following figure.
1-4

Figure 1-3 Multidimensional Security Mechanisms
l Equipment Layer Security

Online Anti-virus System: On-line automatic virus detecting and killing, virus
database updating mechanism.
User Management: The security management enables the authority control of

operation and maintenance operators. Different users have different operation
permissions, thus ensuring the security of operation and maintenance.
l Networking Layer Security
VPN Based on VLAN: VPNs transported over VLANs provide traffic separation
in the network. VLANs provide an easy and straightforward way to realize VPNs
at a local site with minimal configuration effort.
Firewall: The firewall can identify and filter source IP addresses, source ports,
destination IP addresses, and source ports, identify and transport protocols such
as TCP, UDP, and identify and filter FTP, DNS, Telnet, SNMP, SMTP services
and user defined services.
NAT/NAPT: NAT/NAPT enable the conversion of private IP addresses to public IP

addresses so that mobile subscribers can share the IP address resources. With
the NAPT, the shortage of public IP addresses can be overcome. NAT/NAPT can
separate private service IP addresses from public IP Addresses.
Access control list (ACL): An ACL is used to permit or reject packet flows based
upon the existing standard. Message filtering standard can be defined based
1-5

upon the following conditions: source IP address and port number, destination IP
address and port number, and type of service (ToS).
l Service Layer Security
Access control and view control allow only authenticated FEs to access
authorized subscriber data by specified operations including data creation,
reading, updating and deletion.
The encryption module provides hardware and software security encryption
mechanism to protect the private data (for example, Ki) and hence to protect
subscriber data.
1.3.3 Linear Scalability

l The system's hierarchical and modular structure enables flexible expansion and
easy application. The data configuration is also flexible. ZXUN USPP (EIR) supports
capacity expansion by adding boards, racks, FE nodes or BE nodes, without
interrupting the existing services.
l Online upgrade includes subscriber data schema upgrade and application upgrade.
New services can be developed and provided without affecting existing services.
1.3.4 Centralized Database

l Loose coupling between data and service speeds up the deployment of new services.
l Numerous standard and open interfaces (LDAP, DSML, MML, SOAP, XML) provide
convenient data access for third-party applications.
l Various methods of data management provide flexible, secure and convenient data
management.
l Data and service convergence ensures data consistency, and simplifies service
provisioning flow and lowers down your operating expenditure OPEX and capital
expenditure CAPEX.
1.3.5 Flexibility Characteristics

l Regionalization solutions provide a uniform platform for you to implement
multi-network maintenance. To satisfy different management requirements over
different districts, operators in different areas and different administrative areas are
managed separately.
l The powerful data analysis function helps you to make operation decisions by
providing you with subscriber data analysis.
l The powerful data portal provides a single access point for application servers and
core network elements to access the database, and the data storage is transparent.
Data portal makes logical convergence possible for all databases, even if they are
from different vendors, and simplifies networking and signaling configuration.
1-6

1.3.6 Convergence
ZXUN USPP (EIR) can be deployed in convergence with GSM/UMTS HLR, CDMA HLR,
MNP, HSS or independently.
1.3.7 Flexible IMEI Match Function

ZXUN USPP (EIR) can flexible configure name list (black, grey or white) as per IMEI range
and single IMEI.
1.3.8 IMSI and IMEI Binding Function

The network can limit the replicated SIM to register by enabling the IMSI and IMEI locking
function.
The network can also reject the access of Cheap Copy terminal by enabling the IMSI and
IMEI locking function.
1-7

This page intentionally left blank.
1-8

Chapter 2
System Structure
Table of Contents
System Structure Overview ........................................................................................2-1
Hardware and Software Structure...............................................................................2-2
Subsystem Composition.............................................................................................2-6
2.1 System Structure Overview

A ZXUN USPP (EIR) system consists of the following subsystems:
l One or more FE subsystems, for signaling and service processing
l One UDS subsystem, for data management
l One or more POVISION subsystems, for service provision handling
l One network element management subsystem (NMS), for O&M functions
l One fault recovery subsystem, for fault recovery functions
l One HSM subsystem (optional), for Ki encryption by hardware
The UDS subsystem, the POVISION subsystems, and the NMS altogether are called the
Back End (BE).
The following figure illustrates the system architecture of ZXUN USPP (EIR).
Figure 2-1 ZXUN USPP (EIR) System Architecture
2-1

2.2 Hardware and Software Structure

2.2.1 Hardware Structure
Rack Hardware Structure
In ZXUN USPP (EIR) hardware design, ZTE adopts an Enhanced ATCA (ETCA)
architecture to provide high-level integration, high performance and reliability.
ZXUN USPP (EIR) can use 19-inch cabinets with a maximum internal space of 42U or
19-inch cabinets with a maximum internal space of 47U. The power distribution shelf, fans,
ETCA shelves and dustproof shelf are required to be installed. Switches, disk array and
KVM can also be installed in a cabinet.
Figure 2-2 shows an instance of hardware configuration of a 42U-high cabinet, and Figure
2-3 shows an instance of hardware configuration of two 47U-high cabinets.
Figure 2-2 Rack Hardware Structure (42U)
2-2

Chapter 2 System Structure
Figure 2-3 Rack Hardware Structure (47U)
ETCA Shelf Structure

An ETCA shelf has 14 slots, and supports 12 processing blades and 2 switching blades.
The following figure shows an instance of BE blade configuration in ETCA shelves.
Figure 2-4 ZXUN USPP (EIR) BE Blade Configuration
For more details the hardware of ZXUN USPP (EIR), refer to the ZXUN USPP Universal
Subscriber Profile Platform Hardware Description manual.
2-3

2.2.2 Software Structure

BE Software Structure
The BE part includes a partitioning layer and a storage layer.
The partitioning layer includes the following modules:
Figure 2-5 Software Architecture of Partitioning Layer
l Interface Adapter Module

The interface adapter module provide various subscriber data access interfaces such
as LDAP/ SOAP/ MML/WEB. It accepts data management related requests from the
applications, sends the requests to BE and relays the result from BE to the application.
l Access Control Module
The access control module protects system from attack.
l Subscription/Notification Module
The subscription/notification module supports applications to subscribe/unsubscribe,
and can send notification message to applications triggered by specific events which
occur on specific subscriber data, such as subscriber data addition, modification, and
deletion.
The subscription/notification module also provides notification message cache
mechanism. If a message target application is unavailable, messages are stored
temporarily in a queue and are resent to application in original sequence when the
application becomes available.
l View Control Module
The view control module takes charge of the authorization of the access to the user
profile data.
l Policy/Load Control Module
The policy/load control module provides policing and prioritization for different
applications concerning their priority and access rights to subscriber data.
2-4

It also provides partitioning layer load control/balance function.

l Command Analysis Module
Commands analysis module provides parser, optimizer, executor.
l Data Routing Module
The data routing module locates the database where the subscriber data are stored.
UDS stores all the locations of internal and external databases related to each
subscriber. So the specific database containing a certain profile can be located.
l Internal DB Adapter Module
The internal DB adapter module provides data access interface for internal data
access.
l External DB Adapter Module
The external DB adapter module provides data access interface for external data
access, such as LDAP/MAP/SOAP/ODBC/JDBC.
l Memory Database Module
The memory database module provides storing partitioning layer related data in
memory database.
l Data Replication Module
The data replication module provides real-time and semi-real-time synchronization.
l Data Backup Module
The data backup module backs up the memory database to the local hard disk and
disk array.
l In addition, common modules of the partitioning layer include resource control &
management, IP switch and operating system. Other modules are based on the
common modules and new application modules can be added on the common
module flexibly.
The storage layer includes the following modules:
Figure 2-6 Software Architecture of Storage Layer
l Data Access interface Module
2-5

The data access interface module supports interaction with DSP interface, interaction
with the other nodes of the DSP inside the DSA cluster, as well as data transfer to
another DSA cluster.
l Memory Database module
The memory database module provides storing partitioning layer related data in
memory data base.
l Data Replication Module
The data replication module provides real-time and semi-real-time synchronization.
l Data Backup Module
The data backup module achieves data backup, backing up the data from the memory
database to the local hard disk and disk array.
l In addition, common modules of the storage layer include resource control &
management, IP switch and operating system. Other modules are based on the
common modules and new application modules can be added on the common
module flexibly.
FE Software Structure
FE provides multi-protocol stack, service logics and data access interfaces. In addition,
common modules includes resource control & management, IP switch and operating
system (OS), other modules are based on the common module and new application
modules can be added on the common module flexibly. ZXUN USPP (EIR) FE software
structure is as shown in the following figure.
Figure 2-7 Software Architecture of FE
2.3 Subsystem Composition

2.3.1 FE Subsystem
The FE subsystem functions to process protocols and services relating to ZXUN USPP
(EIR) applications.
For the functions of each module or unit of the FE subsystem and the blade corresponding
blade to each module or unit, see the following table.
2-6

Table 2-1 FE Composition
Module/Unit Function Blade Blade

(13U shelf) (14U shelf)
CMP module Processes services. DPBA2 DPBB0
SMP module Processes signaling over TCP/SCTP DPBA2 DPBB0

and Diameter base/transfer protocols to
implement the processing of extended
Diameter applications.
SIPI unit Provides Fast Ethernet interfaces, transfer DPBA2 DPBB0

IP packets, and transfer the TCP/SCTP
packets received from the IP network to an
SMP module.
SLB unit For the connection with E1/T1, an SLB SLB SLB
unit provides 32 E1/T1 links to the SS7
network, processes HDLC messages or
SS7 signaling messages below the MTP2
layer, and transfers MTP3 packets to SMP
modules.
For the connection with ATM over E1,
SLB units receive ATM cells from the
E1/T1 interfaces and then distribute them
to the TDM interfaces of the SLB blades
after time slot switching. The SLB blades
convert the TDM signals into ATM cells,
perform AAL5 fragments reorganization,
SSCS processing, and then transfer
service-related data to SMP modules.
RPU module Maintains the route table of the entire DPBA2 DPBB2
network element, and processes the route
packets received by SIPI units. The RPU
module refreshes its route table in real
time, constructs a transfer table based on
the route table, and then synchronizes the
transfer table to each SIPI unit.
OMP module Implements system control and DPBA2 DPBB2

management, saves equipment
configuration data and version information,
and transfer alarms, notifications and
statistic data to the NMS.
Functions
The FE subsystem of ZXUN USPP (EIR) provides the following functions:
2-7

l Processing services and protocols of ZXUN USPP (EIR)

l Accessing the UDS subsystem through standard and extended LDAP interfaces
l Supporting 32-bit CGEL operating system
l Notifying other network elements of the modification of user data
l Managing digital trunk interfaces
l Environment monitoring and power management
2.3.2 PROVISION Subsystem

Composition
The PROVISION subsystem is composed of one or more DBIO servers, interface
processors and agents. Its system structure is shown in the following figure.
Figure 2-8 PROVISION Subsystem Structure
Figure 2-9 shows the structure of a Web agent.
2-8

Figure 2-9 Web Agent Structure
The PROVISION subsystem uses the following hardware:

l In case of a 13U shelf
The DBIOs, interface processors and the Web agent server each run over 64-bit CGEL
on a DPBA2 blade. The Web source server runs over 64-bit CGEL on a DPBX0 blade.
The Web client runs over 32-bit Windows on a PC.
The DBIOs, interface processors and the Web agent server each run over 64-bit CGEL
on a DPBB2 blade. The Web source server runs over 64-bit CGEL on a DPBX1 blade.
The Web client runs over 32-bit Windows on a PC.
Functions
l Interface Processor:
Manages the IP connections with the BOSS.
Accesses all local DBIO servers.
Supports interface with BOSS in MML, SOAP, binary, or electronic worksheet
modes.
Distributes MML commands of BOSS to local DBIO, and returns the MML
acknowledgements of local DBIO to the BOSS.
l Agent:
Each module of the web agent realizes the following functions.
Web client: provides the web interfaces for you to provision services provided by
NEs.
Web resource server: saves the programs and files of the web client, and allows
the web client to download these programs and files.
Web agent server: communicates with the web client and the DBIO to perform
such functions as message forwarding, link management and web client
management.
l DBIO:
2-9

Processes service handling MML requests of ZXUN USPP (EIR) applications.

Informs the FE subsystem, which then notifies other NEs upon user data
modification.
Generates rules based on MML requests, so that automatic data access requests
are generated.
Implements the load balance function while sending requests to the UDS.
Controls the overload and receiving-end load balance of the DBIO server within
the USPP system.
Implements the administration domain functions.
2.3.3 UDS Subsystem

Composition
The composition of a UDS subsystem is as shown in the following figure.
Figure 2-10 UDS Subsystem Architecture
A UDS consists of one or more DSA clusters. A DSA cluster includes 180 DSA nodes.
With the UAGW module, the UDS supports access from third-party devices.
There are two types of DSA clusters: Identity DSA cluster (IDSA) and Profile DSA cluster
(PDSA). IDSA stores subscriber data routing information and transfers the directory data
access requests of FE or PROVISION to PDSA. PDSA stores subscriber data.
2-10

DSA nodes of a DSA cluster are of the same type, which means that DSA nodes of an
IDSA are all IDSA nodes and DSA nodes of a PDSA are all PDSA nodes.
In UDS, data may be stored in the following modes:
l Local storage
Data are saved on the hard disks of the DSA node.
l Storage transfer
Data are transferred by the DST node onto the hard disks of the DST node or on the
disk array connected to the DST.
Note:
The DST node provides the data persistency function for one or more DSA clusters.
Functionally, DST node belongs to the DSA cluster storage subsystem.
The UDS monitoring center implements the active/standby status maintenance, the
selection of the primary node, and the computing of inter-module links.
The monitoring center runs on the OMP module as an independent process. Every office
has a monitoring center, and one monitoring center may manage multiple DSA clusters.
Functionally, the monitoring center belongs to the DSA cluster distributed monitoring
subsystem.
The PROVISION subsystem uses the following hardware:
The DSA cluster runs over 64-bit CGEL on DPBA2 blades. The DST node runs over
64-bit CGSL on a DPBA2 blade.
The DSA cluster runs over 64-bit CGEL on DPBB1 blades. The DST node runs over
64-bit CGSL on a DPBB1 blade.
Functions
The UDS subsystem provides the following functions:
l Storing ZXUN USPP (EIR) application related subscriber data
l Ensuring high availability through synchronous duplication, active/standby
changeover as well as geographical redundancy
l Providing standard and exetended LDAP interfaces for other subsystems to access
subscriber data
l Overload control
l Load balancing between the receiving end and transmitting end within the UDS
subsystem
l Hot-patch function
2-11

l Supporting 64-bit CGEL or CGSL

l As the telnet server, supporting the login into UDS subsystem in telnet mode and the
viewing of UDS running status
l Dynamically loading schema
Note:
Schema describes and defines the format of data stored in directory services,
including the object, attributes and DIT architecture of directory services.
2.3.4 Network Element Management Subsystem

Dual-Layer Structure
The network element management subsystem (NMS) is in a dual-layer structure, including
an EMS and multiple OMMs. The following figure shows the architecture of the network
element management subsystem. This structure is suitable for a large-scale commercial
office with NEs deployed at different places.
2-12

Figure 2-11 Architecture of Network Element Management Subsystem (Dual-Layer

Networking)
Note:
An OMM server can use a single computer or a dual-computer cluster.
2-13

Single-Layer Structure
When the NMS adopts the single-layer structure, its architecture is as shown in the
following figure. This structure is suitable for a small-scale office or a trial office. And
OMM may manage all NEs.
Figure 2-12 Architecture of Network Element Management Subsystem (Single-Layer

Networking)
Note:
An OMM server can use a single computer or a dual-computer cluster.
Hardware
The NMS uses the following hardware:
2-14

An OMM server runs over 32-bit CGSL on a DPBX0 blade. The EMS server runs over
32-bit CGSL on an OPBA1 blade. The OMM clients and EMS clients each run over
32-bit Windows on a PC.
An OMM server runs over 32-bit CGSL on a DPBX1 blade. The EMS server runs over
32-bit CGSL on an OPBB1 blade. The OMM clients and EMS clients each run over
32-bit Windows on a PC.
Functions
The network element management subsystem performs the integrated and local
management of all other subsystems and virtual applications of ZXUN USPP (EIR).
l EMS communicates with OMM through the EMB interface. EMS implements
the operation, management and maintenance of all ZXUN USPP (EIR) devices,
including fault management, performance management, security management, log
management, topology management, signaling trace, global configuration and the
monitor console function.
l OMM communicates with the objects under management through ZTE-defined
interfaces. OMM implements the operation, management and maintenance of
the local ZXUN USPP (EIR) devices, including MML terminal, fault management,
performance management and trace management.
2.3.5 Fault Recovery Subsystem

Composition
ZXUN USPP (EIR) supports two redundancy protection modes.
One is the self-contained redundancy function of ZXUN USPP (EIR), that is, the
multi-node distributed deployment of DSA clusters in UDS. A DSA cluster may include
multple DSA nodes, with the data synchronization function among the DSA nodes through
data duplication. This redundancy protection function does not need any modules like
DRSync, DRManager or out-of-sync buffer database.
The other mode is the DRSync-based redundancy protection. The fault recovery
subsystem in this mode is composed of one ICC and one or more DRSyncs. (The
DRSync modules and the ICC run over DPBA2 blades.) This mode can also provide
redundancy protection for NEs of other vendors.
The structure of the fault recovery subsystem is shown in the following figure.
2-15

Figure 2-13 Fault Recovery Subsystem Structure
The fault recovery subsystem uses the following hardware:

The ICC and DRSync modules each run over 64-bit CGEL on a DPBA2 blade.
The ICC and DRSync modules each run over 64-bit CGEL on a DPBB2 blade.
Functions
l Disaster Reserved Sync (DRSync):
Takes charge of bidirectional data synchronization between the active ZXUN USPP
(EIR) and the standby ZXUN USPP (EIR).
l Inspect and Control Centre (ICC):
Takes charge of management of user data on the ZXUN USPP (EIR), system control,
and the trusteeship, takeover, reclaim and giveback operations of the redundancy
protection system.
2.3.6 HSM Subsystem

Composition
The HSM subsystem is used to encrypt the Ki key in user authentication data, so as to
avoid disclosure of the key or encrypted data.
2-16

An HSM module is a hardware device that is used to encrypt sensitive data and has got
the certification from FIPS and CC.
The HSM subsystem is optional. If you need hardware encryption for encrypting Ki, for
the redundancy protection purpose, at least two HSM modules (working in active/standby
mode) are required for each office. HSM devices are outsourcing parts. For the hardware
composition of an HSM module, see the following table.
Table 2-2 HSM Hardware Composition
Hardware Device Quantity Description
PC 1 The HSM PCI is mounted on a PC (with 32-bit Windows

or CGSL).
HSM PCI card 1 ZXUN USPP (EIR) implements key management and
data encryption and decryption through the HSM PCI
card.
Blank HSM USB Key At least 3 Used for operator authorization. There are three types
of HSM operators: HSM Admin, Domain, and Partition
Owner. Each operator should have at least one blank
HSM USB Key.
PED keyboard 1 External PED keyboard connected to the PCI card, used
for initialization and entering PED password.
For the software composition of an HSM module, see the following table.
Table 2-3 HSM Software Composition
Software Description
LunaPCI Installed on the PC where the HSM PCI card is mounted, used to update
HSM PCI driver, and to create the HSM configuration tool (Lunacm).
Lunacm is used for HSM initialization, partition creation, password policy
settings, and key backup and restoration.
HSM Client Runs on the PC where the HSM PCI card is mounted, used to generate
the serial numbers of encrypted keys.
Encryption/decryption The encryption/decryption module, runs on the PC where the HSM

module PCI card is mounted, used to handle the encryption requests sent by
(HSM App) the FE or DBIOs.
Functions
SMP modules of the FE subsystem and DBIO modules of the PROVISION subsystem
request HSM PCI through HSM App (the encryption/decryption module) for encryption and
decryption.
The encrypted keys are saved on the HSM encryption/decryption module. During an
encryption or decryption process, the serial number of a key, instead of the content of
2-17

the key, is invoked. Therefore it is impossible to get the plain text by illegally decrypting
the encrypted text.
HSM encryption/decryption has the following features:
l The HSM subsystem saves the keys in the internal memory that no intruders can
access.
l The encryption/decryption modules (HSM App) are installed on PCs that have an HSM
PCI card mounted. No intruders can access the encryption/decryption modules from
an external network.
l Each HSM module has a micro controller and an encryption/decryption processor.
The security of an encryption/decryption module does not depend on the operating
system.
l Each HSM module provides a modification-proof space for key management. The
generation, use, storage and destroy of a key are all done inside HSM modules, and
no intruders can access the keys from an external network.
l Each HSM module has a special encryption/decryption processor that does all and
only encryption/decryption operations.
There three types of HSM operators, and each type has different operation permissions.
l HSM Admin: super administrator, mainly used for initializing HSM. During an
initialization process, when you fail to enter the correct PED PIN of an HSM Admin
user for the third time, the data in the HSM module is cleared.
l Domain: domain administrator. You must use the same domain administrator to back
up and restore the serial number of a key.
l Partition Owner: Used to create partitions and set password policies. The password
of a partition owner is used on HSM Client and HSM App.
2-18

Chapter 3
Basic Services
Table of Contents
IMEI-Checking Service ...............................................................................................3-1
MEID-Checking Service .............................................................................................3-2
3.1 IMEI-Checking Service

Equipment Identity Register (EIR) is the network entity that manages the IMEI of all MEs
in PLMN and checks if they are legal. This network entity includes one or more databases
storing the IMEI.
The MEs are assigned to the white list, the grey list and the black list. The IMEI of the MEs
are in their certain list. EIR can only include white list.
Technically it is much easier to wire tapping or cheating for wireless transmission than
cable transmission.
EIR system ensures the system security by checking the IMEI to prevent the cell being
peculated.
l A handset in the white list is legal in the network.
l A handset in the black list is forbidden in the network. The main possible reason is
that it is stolen or it is illegal.
l The operator determines a handset in the grey list. The possible reason is that it is
injured or not permitted to use, it is not forbidden but it will be traced by network.
MSC and SGSN manage the mobile equipment by checking the status of IMEI in EIR.
The following figure shows the service flow of IMEI-checking .
Figure 3-1 Service Flow of IMEI-Checking
The MSC or SGSN queries the IMEI status on the EIR, so as to reach the goal of managing
subscriber's mobile terminals.
3-1

3.2 MEID-Checking Service

MSC manage the CDMA network equipment by checking the status of MEID in EIR.
The following figure shows the service flow of MEID-checking.
Figure 3-2 Service Flow of MEID-Checking
The MSC queries the MEID status on the EIR, so as to reach the goal of managing
subscriber's MEs.
3-2

Chapter 4
Basic Functions
Table of Contents
Provisioning Function .................................................................................................4-1
Operation and Maintenance Functions .......................................................................4-1
Geographical Redundancy .........................................................................................4-3
UDS Function.............................................................................................................4-4
4.1 Provisioning Function

The PROVISION subsystem of ZXUN USPP (EIR) provides a provisioning pool. The
provisioning pool supports N+K load sharing mechanism. When no more than K nodes
are down, the other nodes take over all the load of N+K nodes.
The provisioning pool is composed with multiple provisioning servers. Provisioning server
receives the provisioning request from BOSS system, and transfers the request to BE.
MML or SOAP/XML protocol can be used on the interface between BOSS system and
provisioning server.
The provisioning servers can be deployed in different sites, realizing geographical

redundancy.
4.2 Operation and Maintenance Functions

Functions of EMS
The following table introduces the operation and maintenance functions of the EMS
system.
Table 4-1 Operation and Maintenance Functions of the EMS System
MML terminal The MML terminal provides configuration and management of network
resources.
It also provides tools for data transmission, data backup and recovery.
4-1

Fault management The fault management consists of two parts which are real-time alarm
display and alarm-relative operation.
Real-time alarm display shows the information of equipment alarms,
telecommunication alarms, service alarms and processing error alarms
through a GUI interface to arouse operator notification providing a list
which contains the details of alarm information including alarm origin,
alarm level, alarm time, alarm carrying, alarm cause, alarm type and
additional information.
Performance management The performance management provides statistic data about some
performance parameters and traffic data of the mobile system for
reference of operation departments.
With the maintenance terminal of performance management, you can
define performance measurement flexibly.
Security management The security management defines security management policies

such as "role", "role set" and "user". Through setting passwords and
access rights for the user account, it prevents unauthorized users from
accessing the system, ensures the legal use of network resources,
security and integrity of maintenance operations, and satisfies
confidentiality needs.
Topology management The topology management module collects topology information from
the source, and displays the topological relationships between MOs
and their running statuses through topology tree or topology map on
the user interface. The maintenance personnel can operate on the
topology map and navigate to different application interfaces.
Maintenance management l The system backup and restoration function provides a convenient
way for backing up and restoring the system configuration data.
l The task management function is used to manage timing tasks.
l The system monitor provides a unified platform to maintain and
manage the NE management system, through which users can
monitor and maintain the application server and the database
server.
l CN maintenance includes license management, KPI message
forwarding and USPP global management.
System management The system management provides the custom setting and system
time querying.
Query and statistics The EMS provides query and statistics on history alarms and
performance data.
Functions of OMM
The following table introduces the operation and maintenance functions of the OMM
system.
4-2

Chapter 4 Basic Functions
Table 4-2 Operation and Maintenance Functions of the OMM System
MML terminal l The MML terminal provides user-friendly interfaces for the
configuration and management of network resources. It also
provides tools for data transmission, data backup and recovery.
l It also provides tools for device maintenance such as dynamic
management, board maintenance, diagnosis and test, patrol
management.
l Security management ensures the legal access to the system
by the user.
l Logs management ensures the query for user operation
information and user login status information.
Fault management The fault management consists of two parts which are real-time alarm
display and alarm-relative operation.
Real-time alarm display shows the information of equipment alarms,
telecommunication alarms, service alarms and processing error alarms
through a GUI interface to arouse operator notification providing a list
which contains the details of alarm information including alarm origin,
alarm level, alarm time, alarm carrying, alarm cause, alarm type and
additional information.
Performance management The performance management provides statistic data about some
performance parameters and traffic data of the mobile system for
reference of operation departments.
With the maintenance terminal of performance management, you can
define performance measurement flexibly.
Trace management l The failure observation helps to find the fault cause and locating
the fault quickly.
l The signaling tracing is to trace the signaling data of a specified
signaling link or of a specified subscriber to make an analysis of
service operation and the correctness of sent signaling. Signaling
tracing presents the signaling tracing contents and convenient
means of locating problems so as to facilitate debugging, querying
signaling flow and detecting the error existing in signaling
cooperation.
4.3 Geographical Redundancy

ZXUN USPP (EIR) supports N+K geographic redundancy protection, which allows the FEs
and BEs to be deployed in different sites. N+K active nodes work in load sharing mode.
When no more than K nodes are down, the remaining nodes take over all services of failed
ones.
4-3

In normal cases, all FEs and BEs are active and there is no standby nodes. ZXUN USPP
(EIR) detects equipment and network failures and performs service switching action
automatically to minimize service interruption time.
4.4 UDS Function

4.4.1 UDS Functions Overview
UDS uses a distributed monitoring subsystem to maintain the primary/secondary state of
DSA nodes. When the state of one DSA node changes, it is notified to other subsystems
or other DSA nodes.
PDS election are required. A DSA node can request the monitoring center for PDS
election, or the monitoring center can actively implement PDS election.
PDS election are divided into the following two phases:
l The monitoring center queries the state of each node.
l The monitoring center implements PDS election policies according to the state of each
node to elect the sole PDS, and notifies other nodes to change over to SDSs.
One DSA can have one primary node only, but can have multiple secondary nodes. The
primary node can both read and write data while the secondary nodes can only read data.
The Triple-level Data Backup and Restore Reliability mechanism ensures that data in UDS
subsystems keeps consistent (refer to 4.4.2 Multi-Level Data Backup and Restoration).
Data on the primary node and secondary nodes keeps consistent through synchronous
replication and asynchronous replication (refer to 4.4.3 Replication and Synchronization).
If a subscriber profile is modified at service provisioning, the data modification process is
as shown in Figure 4-1.
4-4

Figure 4-1 UDS Processing Flow
4.4.2 Multi-Level Data Backup and Restoration

ZXUN USPP (EIR) backs up data in three levels, as shown in Figure 4-2.
l Level 1: Data in the memory of the active DSA node is backed up onto the standby
DSA node.
l Level 2: Data in the memory of the active DSA node is backed up onto the local hard
disk.
l Level 3: Data in the memory of the active DSA node is backed up on schedule onto
the disk array.
4-5

Figure 4-2 Three-Level Data back
ZXUN USPP (EIR) has three types of data restoration, as shown in Figure 4-3.
l Type 1: Data on the standby DSA node is restored from the active node.
l Level 2: Data in the memory of the standby DSA node is restored by copying data from
the local hard disk and then synchronizing the changed data from the active node.
l Level 3: Data in the memory of the standby DSA node is backed up by copying data
from the disk array or an external medium and then synchronizing the changed data
from the active node.
Figure 4-3 Three Types of Data Restoration
4-6

4.4.3 Replication and Synchronization

Routing data is stored in DSA of the partitioning layer and subscriber data is stored in DSA
of the storage layer. A DSA is like a cluster and consists of several nodes that can be
deployed on different sites or on one site. ZXUN USPP (EIR) supports data replication to
ensure consistency of data at nodes of the same DSA. The data synchronization includes:
l Synchronous replication
l Asynchronous replication
Figure 4-4 shows the synchronous data replication procedure.
Figure 4-4 Synchronous Data Replication Procedure
The synchronous data replication procedure is described as follows.

l An application sends a static data write request of a subscriber to the primary node.
l The primary node receives the data, and then writes the data into the database. The
database makes a tag on the updated data, and synchronizes data to secondary
nodes at the same time.
l After receiving synchronized data from the primary node, secondary nodes write the
data into the database.
l Once the primary node receives the success responses from secondary nodes,
it removes the tag, which means the data is already synchronized. Now the
primary node and secondary nodes keep the same subscriber data via real-time
synchronization.
4-7

If a secondary node breaks down or the network breaks down between nodes, the primary
node cannot update secondary nodes successfully and will roll back the transaction, and
a failure response is sent to the application.
Figure 4-5 shows the asynchronous data replication procedure.
Figure 4-5 Asynchronous Data Replication Procedure
The asynchronous data replication procedure is described as follows.

l An application sends a dynamic data write request of a subscriber to the primary node.
l The primary node receives the data and writes the data into the database. The
database makes a tag on the updated data.
l The primary node synchronizes data to secondary nodes every 100ms or as triggered
by the data modification quantity.
l After receiving the synchronized data from the primary node, secondary nodes write
the data in batches.
l Once the primary node receives the success responses from secondary nodes, it
removes the tag, which means the data is already synchronized. Now the primary
node and secondary nodes keep the same subscriber information via semi-real-time
synchronization.
If a secondary node breaks down or the network between the nodes breaks down, the
primary node records synchronization information in the memory cache or on its disk
(when the memory cache is full). After the secondary node connection is restored or the
4-8

network connection is restored, the primary node re-sends the modification information to
secondary nodes.
4-9

4-10

Chapter 5
Interfaces and Protocol Stack
Table of Contents
Interfaces ...................................................................................................................5-1
Protocol Stacks ..........................................................................................................5-5
5.1 Interfaces
5.1.1 Interfaces with Other NEs
The interfaces related to EIR in mobile network as follows:
5-1

Figure 5-1 Interfaces Related to ZXUN USPP (EIR)
l The F interface is between EIR and MSC.

It realizes the authentication of subscriber equipment when the equipment access the
network.
l The Gf interface is between EIR and SGSN.

It realizes the IMEI authentication of subscriber equipment when the equipment
access the network.
l The S13 and S13 interfaces are between EIR and MME.
5-2

Chapter 5 Interfaces and Protocol Stack
S13 interface enables ME Identity check procedure between MME and EIR as
described in 3GPP TS 23.401.
S13' interface enables ME Identity check procedure between SGSN and EIR as
described in 3GPP TS 23.060.
5.1.2 Service Provisioning Interface

PROVISION subsystem structure is shown in the following figure.
Figure 5-2 PROVISION Subsystem Structure
The SOAP/XML or MML protocol can be used on the interface between the BOSS system
and the PROVISION pool.
5.1.3 Network Management Interfaces

ZXUN USPP (EIR) network element management subsystem consists of front end module,
server module and client module, the software structure of which abides by TMN.
5-3

The network management interfaces are shown in the following figure. The devices are
managed by the OMM server, and the EMS server manages and maintains all the network
element devices in an integrated way by managing the OMM servers.
Figure 5-3 Network Management Interfaces
l EMS provides the interface for communication with the superior network management
center (NMC): CORBA interface.
l The interface between OMM server and objects of management (FE, BE) are defined
by ZTE.
l The interface between EMS server and EMS client and the interface between OMM
server and OMM client are the F interface.
l The interface between EMS server and OMM server is the CORBA interface or MML
interface.
5-4

Chapter 5 Interfaces and Protocol Stack
Note:
In a single-layer network, there is no EMS. OMM provides CORBA interface for
communication with the superior NMC.
5.2 Protocol Stacks

The protocol stacks of interfaces between ZXUN USPP (EIR) and the adjacent offices are
shown in the following figure.
Figure 5-4 Protocol Stack of ZXUN USPP (EIR) Interfaces
5-5

5-6

Chapter 6
Networking Modes
Table of Contents
Internal Networking ....................................................................................................6-1
Single-Site Solution ....................................................................................................6-3
Dual-Site Solution ......................................................................................................6-3
Mutil-Site Solution ......................................................................................................6-4
6.1 Internal Networking

The Physical Topology of IP Network
ZXUN USPP (EIR) supports networking with VLANs or with layer 3 switches, depending
on the networking mode.
As shown in the following figure, in each site, all the equipment connect to layer 3 switches.
All the data and signaling processing devices are separated via VLAN and connected to
synchronization, OMM/provisioning and application access network separately.
6-1

Figure 6-1 IP Network Structure for ZXUN USPP (EIR)
Multi-VLAN Partition
For networking with VLANs, the following VLANs should be created:
l The VLAN for local communication between OMP, OMM (server and clients) and
alarm boxes
l The VLAN for external communication of OMM
l The VLAN for external communication of EMS (for EMS to communicate with the local
OMM and the remote OMMs)
l The VLAN for storage access
l The VLAN for external access of the interface processor
l The VLAN for communication between ETCA shelves (in case of more than one ETCA
shelf)
The inter-connection between ZXUN USPP (EIR) switch and PE adopts ports of three
layers, and therefore there is no VLAN for it.
6-2

Chapter 6 Networking Modes
6.2 Single-Site Solution

In a single-site networking solution, ZXUN USPP (EIR) is used to construct a system
consisting of both a single FE node and several BE nodes which all locate in this site.
This solution is suitable for the conditions with no need for geographical redundancy.
6.3 Dual-Site Solution

Dual-site networking refers to constructing the ZXUN USPP (EIR) system in two sites. The
ZXUN USPP (EIR) system includes two FE nodes, with the FE nodes and the BE nodes
in the two sites.
This solution is suitable for the conditions with a need for 1+1 geographical redundancy.
The networking of the two sites is shown in the following figure.
Figure 6-2 Dual-Site Networking
The system consists of two sites, with each site configured with an FE and BE nodes.
l Each site accesses the IP signaling network through its corresponding FE node.
l The IP network for data sync implements the data sync and access between DSA
nodes in the two sites and the data sync and access between FE and BE in different
sites.
l The sites access the network management system and BOSS through the IP signaling
network.
The EMS may be installed in either one site. EMS is used to maintain the ZXUN USPP
(EIR) system and accesses the NMS superior network management system so that the
OMM of each site do not have to directly access the NMC.
6-3

6.4 Mutil-Site Solution

The multi-site networking scheme means establishing the ZXUN USPP (EIR) system at
multiple sites. The ZXUN USPP (EIR) system includes a number of FE nodes. The nodes
of BE can be distributed at multiple sites.
This solution is suitable for the conditions with a need for N+K geographical redundancy.
The following figure shows an example of three-site networking in load sharing redundancy
mode.
Figure 6-3 Multi-Site Networking
In the ZXUN USPP (EIR) system, the nodes of FE and BE are distributed at three sites.
l The three sites synchronize and access the internal node data of DSA between the
office addresses through the IP network (data synchronization network).
l The three sites access to the superior NMC and the BOSS system through the IP
network (management network).
l The three sites access to the IP signaling network through the FE nodes, respectively.
ZXUN USPP (EIR) selects one from the three sites for installing the EMS, performs ZXUN
USPP (EIR) system maintenance, and completes the access to the NMC.
All FE nodes and BE nodes work in load sharing mode. The following figure shows a
possible case of taking over for disaster tolerance.
6-4

Chapter 6 Networking Modes
Figure 6-4 DR Changeover Schematic Diagram
In normal situation, each DSA node bears 1/3 load. When a fault occurs on one of the
DSA nodes, the other DSA nodes take over the load of the faulty DSA node and remain
working in the load-sharing mode.
6-5

6-6

Chapter 7
Technical Specifications
Table of Contents
Physical Specifications ...............................................................................................7-1
Capacity .....................................................................................................................7-2
Performance Specifications ........................................................................................7-2
Power Specifications ..................................................................................................7-2
Clock Specifications ...................................................................................................7-3
Interface Type ............................................................................................................7-3
Reliability Specifications .............................................................................................7-4
7.1 Physical Specifications

The physical specifications of a 42U cabinet of ZXUN USPP (EIR) are given in the following
table.
Table 7-1 Physical Specifications of a 42U Cabinet
Technical feature Parameter Value
Mechanical Dimension 2000600800

(HeightWidthDepth, mmmmmm)
Weight Cabinet weight 350 kg (full configuration)
Color Main body of the cabinet blue
Both sides of the door plate bright silver
The physical specifications of a 47U cabinet of ZXUN USPP (EIR) are given in the following
table.
Table 7-2 Physical Specifications of a 47U Cabinet
Technical feature Parameter Index
Mechanical Dimension 2200600800

(HeightWidthDepth, mmmmmm)
Weight Cabinet weight 450 kg (full configuration)
Color Main body of the cabinet blue
Both sides of the door plate bright silver
7-1

7.2 Capacity
The typical capacity indices of the ZXUN USPP (EIR) are shown in the following table.
Table 7-3 Typical Capacity Indices
Technical feature Parameter Index
Capacity BE subscriber capacity 1,000,000,000
Subscriber capacity per Front 200,000,000

End (FE)
Max number of IMEI/MEID 100,000

ranges
Signaling Processing Capability Number of narrowband 64 Kbps 14880

Per Front End links
Number of narrowband 2 Mbps 480

links
Number of broadband SCTP 1024

links
Number of signaling point codes 512
Interface Capability Per Front TDM E1/T1 480

End
GE 20 pairs
7.3 Performance Specifications

The performance specifications of ZXUN USPP (EIR) are listed in the following table.
Table 7-4 Performance Specifications
Parameter Value
Message loss probability (at 95% probability) 10-7
Information retrieval delay (at 95% probability) < 1000 ms
Position registration delay (at 95% probability) < 2000 ms
BOSS processing capability 10000 times/s
BOSS response delay (at 95% probability) < 100 ms
7.4 Power Specifications

ZXUN USPP (EIR) uses DC power supplies. The power supply and power consumption
specifications of ZXUN USPP (EIR) are listed in the following table.
7-2

Chapter 7 Technical Specifications
Table 7-5 Power Specifications
Parameter Value
Rated voltage -48 V
Allowed voltage fluctuation range (57 V) (40 V)
Power consumption of an ETCA shelf < 2300 W
7.5 Clock Specifications

ZXUN USPP (EIR) supports the following clock references: 8 kHz square wave clock, 2
MBits clock and 2 MHz clock. Table 7-6 shows the clock specifications of ZXUN USPP
(EIR).
Table 7-6 Clock Specifications
Parameter Value
Clock level Level 2 Class B
Lowest clock accuracy 410-7
Pull-in range 410-7
Maximum frequency deviation 10-9/day
Initial maximum frequency deviation 510-10
Clock working mode Capture, trace, keep, free
7.6 Interface Type

The standards used and the cable types supported by ZXUN USPP (EIR) interfaces are
listed in Table 7-7.
Table 7-7 Interfaces and Cables
Interface Type Physical Standard Cable Type
No.7 signaling interface E1/T1 Co-axial cable
ATM over E1 Co-axial cable
Synchronous clock interface E1/T1 Co-axial cable
SIGTRAN signaling interface 100 Mbps/1000 Mbps Category-5 twisted pair

Ethernet
Network Management interface 100 Mbps/1000 Mbps Category-5 twisted pair

Ethernet
7-3

7.7 Reliability Specifications

ZXUN USPP (EIR) reliability specifications are listed in the following table.
Table 7-8 Reliability Specifications
Parameter Value
Mean Time Between Failures (MTBF) 134 years
Mean Time to Repair (MTTR) < 1 hour
System Availability (A) > 99.99991%
System Annual Average Interruption Time < 0.5 minute
7-4

Chapter 8
Security Measures and
Envionment Requirements
Table of Contents
Security Measures......................................................................................................8-1
Envionment Requirements .........................................................................................8-1
8.1 Security Measures

8.1.1 Security Regulations
ZXUN USPP (EIR) complies with the following security regulations:
l IEC/UL60950
l GB4943
l GR1089/GR63
8.1.2 Fire-Resistance Measures

The fire-resistance measures of ZXUN USPP (EIR) complies with the UL60950-1 safety
standard.
8.1.3 Anti-Aging Measures

HALT is conducted in the R&D period and HASS is conducted in the production period of
ZXUN USPP (EIR).
8.2 Envionment Requirements

8.2.1 Requirements for the Equipment Room
The requirements for the equipment room of ZXUN USPP (EIR) are listed in the following
figure.
8-1

Table 8-1 Requirements for Equipment Rooms
Parameter Index
Bearing capacity of the >450 kg/m2 (42U cabinet)

floor >1000 kg/m2 (47U cabinet)
Net height 3m
8.2.2 Grounding Requirements

ZXUN USPP (EIR) has three types of ground wires:
l GNDP: System protection ground
l GND: Working ground
l -48VGND: -48V ground
GNDP and GND wires are connected to the shelves through mechanical parts inside the
shelves, and then connected to the DC ground pole through a bus bar.
-48VGND is provided by the primary power supply and is not connected to GNDP, GND
or the rack.
8.2.3 Temperature and Humidity Requirements

Table 8-2 lists the temperature and humidity requirements of ZXUN USPP (EIR).
Table 8-2 Temperature and Humidity Requirements
Name Short-term working condition Long-term working condition
Temperature -5 - +5 or +40 - +50 +5 - +40
Relative humidity 85%90% 5%85%
1. The temperature and humidity of the operating environment inside the equipment room are measured
at the spot that is 1.5 m above the floor and 0.4 m before the equipment when there is no protective
plate in front or back of the equipment rack.
2. Short-term operation means that the equipment works continuously for no more than 96 hours and
works for no more than 15 days in one year.
8.2.4 Cleanness Requirement

The equipment room should adopt adequate protective precautions to ensure that the
density of dust particles (diameter 5 m) in the air does not exceed 3104 particles/m3.
8.2.5 EMI Requirements

When EMI reaches a certain level, it will easily cause cross talking, congestion, error code,
and breakdown; severe EMI will even cause software operation confusion and equipment
damage.
8-2

Chapter 8 Security Measures and Envionment Requirements
The electric field intensity and the magnetic field intensity of the equipment room should
meet the following requirements:
l Electric field intensity 130 dB (V/m)
l Magnetic field intensity 800 A/m
The equipment room should adopt proper shielding measures to reduce the interference
of the external electromagnetic environment on equipment in the equipment room and
interference between different devices in the equipment room.
The equipment room should be far from high power radio transmitting stations, radar
stations and high-frequency strong-current devices. The actual radiant energy received
by the equipment room should be controlled under 300 mV/m. The magnetic field intensity
around the equipment room should be less than 11 Gs.
8.2.6 Ventilation Requirements

Basic requirements for the air-conditioning equipment are as follows:
l Humidity range: 30%70%
l Temperature range: 15 C25 C
In order to guarantee the safe and reliable operation of the air-conditioning and ventilating
system, especially in the equipment room, the air-conditioning equipment should be have
dual backup systems, with the capacity of either system greater than half of the total
designed air-conditioning capacity.
The air tightness of the equipment room must not be damaged due to the installation of
the air-conditioning equipment. Moreover, to ensure the appropriate air freshness inside
the room, the ratio of the fresh air delivered to the equipment room should be no less than
5%.
The volume of the air-conditioning and ventilation system should be determined by heat
productivity of the main devices in the computing system plus the heat from external
sources (such as heat from sunshine through windows and walls, heat from service
personnel in the equipment room and heat brought into the equipment room by service
personnel).
Since hot air currents usually flow upward, the refrigeration and heating of the
air-conditioning devices adopt the updraft ventilation method. Therefore, during the
installation of the central air-conditioning system, the bottom to top ventilation method
should be used. The air inlet should be under the movable floor to facilitate equipment
heat radiation. To prevent condensation under any circumstances, the air hose should
not be installed on the top.
Arbitrary shutdown of the air conditioner may cause device temperature rise and damage
boards.
8-3

8.2.7 Fire Protection Requirements

To ensure the safe operation of devices in the equipment room, the fire protection
measures must meet the following requirements. Fire may destroy the entire equipment
room and incur unpredictable loss.
The equipment room building should meet the requirements in the designed fire prevention
regulations for the building. Fire fighting instruments should be prepared and sufficient fire
passage should be reserved. Signs of "Key Units of Fire Prevention Safety" should be
hung at proper places.
No inflammable or explosive substances should be stored in the equipment room and

the auxiliary room. Sign boards with "NO SMOKING" or "NO FIRE" should be posted
at conspicuous positions. Effective fire fighting instruments should be prepared at
easy-to-access locations. Effective fire fighting water facilities should be installed at
proper locations.
The fire fighting water reserve should be sufficient for 2 hours use. However, the water
pipes (including drain pipes and rainwater pipes) should not cross the equipment room,
and the fire hydrants should not be placed in the equipment room.
8.2.8 Lighting Requirements

Equipment room lighting is very important. In case of weak light, the service personnel
need adequate lighting to complete their tasks.
It is recommended to use flashed glass and deep-colored non-transparent curtains for

windows. Fluorescence lamps should be installed on the ceiling of the equipment room
for main illumination, with the average illumination controlled between 150 lx and 200 lx.
Incandescent lamps or emergency lighting equipment should be installed at proper
locations between cabinets to provide lighting for equipment installation and maintenance.
In order to prevent the ageing and deformation of circuit boards and components due
to extraordinarily high temperature, the equipment should avoid long-time lamp light or
sunshine.
8.2.9 Anti-Static Requirements

The equipment room should take proper anti-static measures to inhibit or reduce electric
charges and strictly control static charge sources.
l The equipment should be reliably grounded (ground resistance is less than 1 ) to

eliminate static charges in time and avoid static charge accumulation. Meanwhile,
anti-static floor, carpet or floor tiles should be paved in the equipment room.
l The equipment room improve dust prevention measures to reduce or mitigate
electrostatic adherence.
l The temperature/humidity conditions of the equipment room should meet the
requirements mentioned in this chapter.
l Do NOT use insulated floor wax on the anti-static floor.
8-4

l Remove insulated oil films, resin and rubber from anti-static mattresses, floors and
ground mats in a timely manner. The ground mats must be cleaned with neutral
detergents or anti-static agents.
l Anti-static instruments, tools and static-sensitive materials should bear clear
anti-static signs. The anti-static grounding system should have a clear grounding
sign and descriptions.
l During device operations, the service personnel should follow anti-static regulations,
such as wearing anti-static clothes or anti-static wrist straps.
l To completely control electrostatic on human bodies, the working chairs should also be
anti-static. Do not used chairs with common artificial surface, chemical fabric surface
or plastic surface. Do not replace anti-static chairs with wood chairs.
8.2.10 Lightning Protection Requirements

Table 8-3 shows the lightning protection requirements of the system.
Table 8-3 Lightning Protection Requirements
Item Requirements
Equipment Room The equipment room building should be built with the reinforced concrete
Foundation structure.
Requirements The building should have a lightning rod or other protection devices against
direct lightning flashes.
The building and the equipment room should share the same grounding body.
The AC power The telecom station should have a special power transformer. The power
should be supplied cable should have metal or insulated casing and connected to the telecom
by the TN-S power station through an iron pipe that is buried underground. The ends of the
supply system. metal casing or the iron pipe should be grounded. The buried part should be
no shorter than 15 m.
Seamless zinc oxide varistors should be installed on the three live lines on
the low-voltage side of the AC power transformer of the telecom station and
grounded. The transformer shell, the AC zero line on the low-voltage side and
the metal casing on the power line connected to the transformer shell should
be grounded at a convenient location.
Ingress power lines Ingress and egress lines of the telecom station should not be overhead AC/DC
should be installed power lines.
with surge arresters. After low-voltage power lines are conducted into the equipment room, they
should be installed with power arresters in the AC voltage regulator and the
AC distribution panel (box). The arresters should be grounded at a convenient
location.
If the telecom station is built in a city, it is recommended to install power
arresters with a nominal current of no less than 20 kA. If the telecom station is
built in the suburban area of a region with a middle keraunic level or above, it
is recommended to install power arrestors with a surge discharge current of
more than 60 kA. If the telecom station is built in the mountainous area of a
8-5

Item Requirements
region with a high keraunic level or above, it is recommended to install power

arrestors with a surge discharge current of more than 100 kA.
The ground wire of a power arrester should be shorter than 1 m.
DC power The DC working grounding wire of the telecom station (usually the positive
distribution pole of -48 V DC power or the negative pole of 24 V DC power) should be
grounding connected to the nearest indoor main earthing conductor. The ground wire
should meet the maximum load requirements of the equipment.
The power devices that supply power to the telecom station should have DC
working ground wires that are connected to the main earthing conductor of the
telecom building (or the main grounding busbar of the equipment room).
Equipotential The communication devices and auxiliary devices (base stations, transmission
Bonding devices, exchange devices, power sources, wire distribution frames, etc.)
in the equipment should be grounded. The ground wires of devices in one
telecom station should be connected to the same main grounding busbar; the
ground wires of devices in the same equipment room should be connected to
the same grounding busbar in the equipment room.
The working ground wires and protection ground wires share the same group
of grounding network.
The cable racks, hanging iron shelves, racks or shells, metal ventilation pipes
and metal doors and windows should also be grounded with protection ground
wires.
General grounding AC neutral lines should NOT be connected to the protection ground wires of
requirements telecommunications devices in the equipment room.
Fuses and switches should NOT be installed on ground wires.
All ground wires should be as short and direct as possible and avoid curling.
Ground Resistance Less than 1 .

Requirements The upper end of the earthing electrode should be at least 0.7 m from the
ground. In cold regions, the earthing electrode should be buried under the
tundra.
The ground resistance should be measured regularly to ensure the
effectiveness of grounding.
Wiring requirements Overhead signal cables should not be used in the telecom station. Signal
of signal cables cables should be connected to the telecom station from underground.
Ingress/egress communication cables should have metal or insulated casing
or placed in metal pipes.
The ground wire of an arrestor should be as short as possible. Unused cable
pairs should be grounded with the protection grounding wire in the equipment
room.
8-6

Item Requirements
Main earthing The main earthing conductor should be a ring earth electrode or a grounding
conductor busbar.
requirements The ground wire should not use aluminum materials. Galvanic corrosion
prevention measures should be taken when different metals are connected.
The main earthing conductor should be copper or galvanized flat steel busbar
with a cross-sectional area of no less than 120 mm2. The main earthing
conductor should be insulated from reinforced steel bars in the building.
Earth lead The earth lead should be no longer than 30 m. It should be made of galvanized
requirements flat steel with a cross-sectional area of 40 mm 4 mm or 50 mm 5 mm.
8.2.11 Quakeproof Requirement

The aseismatic design of the telecommunication equipment room building should be one
level higher than the standard for common local buildings. Buildings that do not reach this
aseismatic requirement should be reinforced. Special building design departments should
be invited to join the reinforcement design and its implementation. The equipment should
be strong enough to resist a magnitude 7 earthquake.
8-7

8-8

Appendix A
Narrowband SS7 Signaling
Protocols
Table of Contents
Introduction to Narrowband SS7 Protocol ............................................................... A-1
MTP1 Protocol........................................................................................................ A-2
MTP2 Protocol........................................................................................................ A-2
MTP3 Protocol........................................................................................................ A-4
SCCP Protocol ....................................................................................................... A-7
TCAP Protocol...................................................................................................... A-11
TUP Protocol ........................................................................................................ A-12
ISUP Protocol....................................................................................................... A-13
A.1 Introduction to Narrowband SS7 Protocol

The structure of the narrowband SS7 protocol stack is as shown below.
Figure A-1 Structure of Narrowband SS7 Protocol Stack
The narrowband SS7 protocol stack includes the following protocols:

l The MTP1 protocol. For details, see A.2 MTP1 Protocol;
l The SCCP protocol. For details, see A.5 SCCP Protocol;
l The TCAP protocol. For details, see A.6 TCAP Protocol;
l The TUP protocol. For details, see A.7 TUP Protocol;
A-1

l The ISUP protocol. For details, see A.8 ISUP Protocol.
A.2 MTP1 Protocol

As the physical media for transmitting signaling, MTP1 implements the data-link-level
function of the narrowband SS7, defines the physical, electrical, and function features of
a signaling data link, and determines the connection mode of data links. Currently, SS7
is mostly transmitted over 2048 kb/s PCM.
A.3 MTP2 Protocol

Applications
MTP2 implements the link-level function of the narrowband SS7. The signaling-system-link
function specifies the functions and process of signaling messages transmitted over a
signaling data link. Incorporating with the signaling-data-link function, it provides reliable
signaling links for transmitting the signaling messages between two signaling points, and
implements the management and maintenance of SS7 links, and the transmission of
signaling messages.
Because the links configured on the database are one-to-one corresponding to the
processing modules, the link management and message transmission is directly related
to only the configured L3 module. The links managed by MTP2 can be of 64 k, n64 k, or
2M.
Signaling Unit
In the narrowband SS7, the signaling messages and other messages generated at the
user part are transmitted in the form of signaling unit over the signaling links.
The narrowband SS7 has three different signaling units, Message Signaling Unit (MSU),
Link Status Signaling Unit (LSSU), and Fill-in Signaling Unit (FISU).
The arrows shown in from Figure A-2 to Figure A-5 indicate the sequence in which the
messages are sent.
l MSU has the format as shown below:
Figure A-2 MSU Signaling Unit of Narrowband SS7
l LSSU has the format as shown below:
A-2

Appendix A Narrowband SS7 Signaling Protocols
Figure A-3 LSSU Signaling Unit of Narrowband SS7
l FISU has the format as shown below:
Figure A-4 FISU Signaling Unit of Narrowband SS7
The fields in a signaling unit are described below:

1. F: signaling unit delimitation flag, coded as 01111110. Generally it indicates the start
of a signaling unit and also the end of the previous signaling unit.
2. CK: error detecting code, used to detect the error codes possibly generated during
transmitting a signaling unit.
3. LI: signaling unit length indicator, used to indicate the number of the octets between
LI and CK (excluding themselves). It is counted as 63 when exceeding 62. For MSU,
LI>2; For LSSU, LI=1 or 2; For FISU, LI=0.
4. SIO: service information field, only used for MSU to indicate the message category
and the network category.
5. SIF: signaling information field, only used for MSU, including the contents of the
messages practically sent by users.
6. SF: status field, only used for LSSU to indicate the link status, with the format as shown
below.
Figure A-5 SF Status Field
CBA is encoded as below:

l 000 indicates SIO, indicator for location losing status;
l 001 indicates SIN, indicator for normal location status;
l 010 indicates SIE, indicator for emergency location status;
l 011 indicates SIOS, indicator for service interruption status;
l 100 indicates SIPO, indicator for processor fault status;
l 101 indicates SIB, indicator for link congestion status.
7. FSN/FIB and BSN/BIB: serial number and indicator bit of a signaling unit.
A-3

l FSNforwarding sequence number, that is, the sequence number of a message to

be sent, encoded by 128;
l FIB: forwarding indicator bit, the reverse of which indicates that the local end starts
to retransmit messages;
l BSN: backward sequence number, directing the sequence number to the opposite
until all messages from BSN are correctly received;
l BB: backward indicator bit, the reverse of which directs the opposite to start
retransmitting messages from BSN+1.
8. All free bits in a signaling unit are set to 0.
Functions
The functions of the MTP2 protocol module include:
l Delimits and locates the signaling units: both the start and the end of each signaling
unit have a special 8-bit code that is called tag, ensuring that the code will not appear in
other locations of the unit. If non-allowed bit code pattern (more than six consecutive
ones) are received during the delimitation, or the signal unit exceeds the permitted
maximal length, it will regard that the signal unit location has been lost.
l Detects errors: The error detection is completed by the 16-bit check code at the end
of each signal unit.
l Correct errors: Two error correction methods are available, Basic method and
preventive cyclic retransmission method.
l Initially locating: When a link is initially started (i.e., after connected) or recovered from
a fault, it first transmits messages for a time duration. If the number of errors occurring
is within the allowed scope, the link is put into use; Otherwise, the link is removed.
l Monitors the errors of signaling links: Monitors the error rate of messages transmitted
over links upon initial location and in service status. If the error rate exceeds the set
value, the links are removed.
l Detects faults of the processor: Detects the local processing faults and reports to the
opposite end; or reports to MTP3 upon receiving processor fault messages from the
opposite end.
l Controls the link status: Controls the transformation of link statuses, and reports the
changes of the link statuses to MTP3.
l Controls traffic: Determines whether congestion occurs based on the use of the buffer
over links and reports to the upper layer or the opposite end.
A.4 MTP3 Protocol

Structure Diagram
The structure of the MTP3 system is as shown below:
A-4

Figure A-6 MTP3 Structure
Composition of Modules
MTP3 has two modules, Signaling Message Handling (SMH), and signaling network
management.
l Signaling Message Handling implements the distribution of the routing messages.
Signaling Message Handling is used to ensure that the signaling messages of the
user part of a signaling point will be delivered to the corresponding user part of the
destination specified in the user part, and implement the load sharing of signaling
messages over different links according to the selection of users, and ensure that the
transmitted messages will not be lost, retransmitted, or wrongly sequenced. Signaling
Message Handling includes three parts, message routing, message discrimination,
and message distribution. The relationship between the three parts is as described
below.
Message Routing (HMRT): Used at each signaling point to select sets of signaling
links or signaling links to the destination of the signaling messages from the
A-5

routing table. The routing function is implemented through routing tags. A routing
tag includes three parts: DPC, OPC, and SLS. DPC indicates the signaling point
code of the destination of a message, OPC indicates the signaling point code of
the source of a message, and SLS indicates the signaling link selecting code used
for load sharing among signaling links. For some messages only transmitted to
the third level, SLS corresponds to the SLC (Signalling Link Code) of the signaling
link between the destination and the source. While for some level-3 messages
unrelated to signaling links, SLC is 0000.
Message Discrimination (HMDC): a method in which the signaling point
processes a message signaling unit received from the signaling-link-function
level. Whether the signaling point is the destination signaling point is determined
based on the DPC in the message routing tag. If it is, it delivers the message
to the message distribution function; Otherwise, it delivers the message to the
message routing function to forward the message.
Message Distribution (HMDT): the function of the destination signaling point of a
signaling message to process a received message. It determines the user part of
the message based on the code of the service message octet SIO in the signaling
unit received from the message discrimination function, and delivers the message
to the corresponding upper-layer users.
l Signaling network management: In case of network faults, MTP3 coordinates with
other signaling points over the network to complete route update and guarantee
reliable message transmission.
The signalling network management is divided into three parts, signalling service
management, signalling link management, and signalling route management. The
network management has its own message format and coding scheme. If a signalling
link or a signalling point fails on the signalling network, the signalling management
can take actions and process necessary to maintain the signalling service and
recover normal signalling conditions. The relationship between the three parts is as
described below.
Signaling service management: Includes switchover, switchback, forced
rerouting, controlled rerouting, restart of signaling point, flow control, blocking
management and deblocking.
Signaling link management is a primary signaling-link-management process. It

implements the start, exit, status query of signaling links, and informs the service
management function of the link status changes to enable the corresponding
service management function.
Signaling route management: It ensures the reliability of the message

exchange of the signaling routes between signaling points. The signalling route
management is implemented in four processes: forbidden transfer, permitted
transfer, limited transfer, and controlled transfer.
A-6

A.5 SCCP Protocol

Applications
SCCP is a signaling connection control protocol in the SS7 system, which performs the
network layer function in the SS7 along with the lower-layer MTP3 protocol.
Service Categories
SCCP provides non-connection service and connection-oriented services for users,
specifically, it has four types of protocols.
l Type 0 (DT0): primary connectionless service
l Type 1 (DT1): connectionless service with sequenced messages
l Type 2 (DT2): primary connection-oriented service
l Type 3 (DT3): connection-oriented service with traffic control
Structure Diagram
The structure of the SCCP protocol is as shown below.
Figure A-7 SCCP Structure Model
Functional Modules
The SCCP protocol is composed of four functional modules, the SCCP routing control
module, the SCCP connection-oriented transfer control module, the SCCP connectionless
transfer control module, and the SCCP management control module.
A-7

l SCCP Routing Control (SCRC) module

After receiving messages from MTP, the SCCP routing control module performs
message discrimination and routing and transfer these messages to the
connectionless control (SCLC) module, the connection-oriented control (SCOC)
module or the MTP module. In addition, the SCCP routing control module also
receives the internal messages from SCOC and SCLC and then transfers these
messages to MTP to perform the necessary routing function.
Two SCCP routing modes are available: DPC+SSN and GT addressing. Generally,
GT addressing is adopted when the destination signaling point code is unknown to
the originating node. In this case, SCCP needs to translate GT to DPC+SSN or the
combination of DPC, SSN and GT before messages can be transferred to and sent by
MTP. Because the resources for each node are limited, the SCCP of a node cannot
translate all GTs. So it is possible that the SCCP of the initial node first translates
GT to the DPC of an intermediate node, the SCCP of which continues translating GT,
and finally sends the messages to the destination node. The intermediate nodes are
called relay nodes of SCCP messages.
l SCCP Connectionless Control (SCLC) module
The SCCP Connectionless Control (SCLC) service includes class0 and class1. The
former does not need to be transferred in sequence, while the latter needs.
The connectionless transfer procedure allows an SCCP user to directly request user
data transfer without setting up signaling connection in advance.
The SCCP users of the data originating node use the N-UNITDATA request primitive
to request SCCP to transfer the connectionless data and informs SCCP of the
called address of the currently transferred connectionless data through the primitive
parameter.
With its own and MTPs routing functions, SCCP can transfer connectionless data
(UDT, XUDT) to a specified destination. The called addresses can be different
combinations of DPC, SSN, and GT. When the called addresses include GT, it is
necessary to translate GT first and transfer the data to the destination.
If connectionless data like UDT and XUDT cannot be transmitted to the destination
due to various reasons, the SCCP node detecting the message transmission error can
start the message return program to return the user data to a released SCCP node
through UDTS and XUDTS, and explain the transmission error causes.
The connectionless data service can further transfer SCMG messages except SCCP
upper-layer user data. The content of the SCCP management messages is in the user
data block of the UDT messages. After receiving UDT, XUDT and LUDT messages
that are not SCMG messages, the SCCP of the destination node notifies the SCCP
users with the N-UNITDATA indication primitive. If the received messages are SCMG
messages, the SCCP will send them to SCMG for processing.
l SCCP Connection-oriented Control (SCOC)
A-8

Connection-oriented services are available in two types, class2 and class3. The
former does not provide flow control while the latter does. The services of class3 are
not applied currently.
The connection-oriented control (SCOC) module implements a series of procedures
of connection-oriented data transmission, including connection setup, data transfer,
connection release, and inactivity detection. The procedures of SCCP connection are
described below:
SCCP connection setup
SCCP users request SCCP to set an SCCP connection, SCCP allocates the
resources such as the local reference number to the source end after receiving
the requests, sends CR messages to the destination end, and enable the
connection timer.
The destination end receives the CR messages and inform the upper-layer SCCP
users. When it receives the response from the SCCP users, it allocates the local
reference number and other resources to the input connection end and sends the
connection response CC messages to the source end, and enable the inactivity
control timer.
Receiving the CC messages, the source end informs SCCP users of the successful
SCCP connection setup, stops the connection timer, and enable the inactivity
control timer.
Up to now, the SCCP connection between the source node and destination node
has been successfully set up. Then, SCCP users can use this connection to
transmit data.
SCCP connection release
The SCCP connection release can be initiated by any end of the connection.
When an SCCP user at an endpoint connected to SCCP requests SCCP to
release the connection, the node at which the SCCP connection release is
started will send an SCCP connection release request message RLSD at the
current connection section, start the release timer, and stop the inactivity
detection timer.
After receiving the RLSD message, the other endpoint of the SCCP connection
sends a release complete message to the release-initiating node and stops
the inactivity control timer. Moreover, it releases all resources related to the
current connection section (including the local reference number) and notify the
upper-layer SCCP users.
After receiving RLC, the release-initiating node releases all resources related to
the current connection section (including the local reference number) and stops
the timer.
Inactivity detection
A-9

The inactivity detection procedure of the SCCP connection is to set receiving

inactivity control timer T (iar) and transmitting inactivity control timer T (ias) at
the two ends of the connection section, respectively. T (ias) will be restarted
whenever a message is transmitted over the connection section; and T (iar) will
be restarted whenever a message is received over the connection section. If T
(ias) is expired, the IT message is sent to the opposite end over the connection
section. If T (iar) is expired, the current connection section will be released.
Data Transfer
This manual only describes the transmission of the DT1 messages related to
ZXUN USPP (EIR).
After successful setup of the SCCP connection, the users at both ends of the
connection can transmit DT1 messages through this connection.
The upper-layer users at any end of the SCCP connection can request user data
transfer. After receiving the request, SCCP will check the user data length to see
whether segmentation is needed. If it is unnecessary, the user data can be sent
to the peer end just through a DT1 message.
Receiving the DT1 message, the peer end will send the data to SCCP users.
If the data requested to be transmitted by SCCP users is too long, the data
source node segments the user data before inserting the upper-layer user data
in DT1 messages, and then sends the data to the destination through multiple
DT1 messages. Receiving the segmented DT1 messages, the destination node
needs to reassemble the data in multiple DT1 messages and finally send the data
to upper-layer users.
l SCCP Management (SCMG)
The SCCP management function is applicable to either the connectionless service
or the connection-oriented service. The SCCP management can be divided into the
following parts as the management objects vary:
Signaling point status management
Signaling point status management is to modify the SCCP address translation
table and node status according to the signaling point status message provided
by MTP. In this way, the related routes can be modified and reassembled so
that users can take measures to stop sending or reduce signaling messages
to the related signaling points. The signaling point status management
involves signaling point availability, signaling point unavailability, signaling point
congestion and congestion removal.
Subsystem status management
The subsystem status management is to modify the SCCP translation table and
update the subsystem status tag according to the received subsystem fault,
service exit and resumption information. The subsystem status management
involves subsystem access prohibited, subsystem access allowed and
subsystem status test.
A-10

A.6 TCAP Protocol

Application
Transaction Capability Application Part (TCAP) belongs to the upper layer of the SCCP
in the hierarchy of SS7. The TCAP is used to provide unified support for the information
interaction of various application services in a network environment, and transmit such
circuit-irrelevant information as the address translation information, subscriber data
information, billing or management information between switching nodes and controlling
nodes. The TCAP signalling procedure is a process to process and control operations
and dialogs.
Hierarchical Structure
To implement the controlling on operations and dialogs, TCAP is divided into two
sub-layers, Component SubLayer (CSL) and Transaction SubLayer (TSL). CSL
implements operation management, and TSL implements transaction (that is, dialogs)
management. Figure A-8 shows the hierarchical structure. TC users communicate with
CSL through the TCAP primitive interface, and CSL communicates with TSL through the
TR primitive interface.
Figure A-8 The Layering Structure of TCAP
Introduction to Sublayers
l Transaction Sub Layer (TCAP TSL)
The transaction sub-layer (TCAP TSL) is used to manage the signaling
communication process (that is, transaction) between the local TCAP TSL users and
the remote TCAP TSL users. The TCAP TSL users are the TR users. The only TR
A-11

user known at present is the component sub layer. The communication of the peer
component sub layers is the communication between peer TC users, which is called
a dialog. Consequently, in the currently defined TCAP protocol, the transactions
and dialogues are completely the same, with a one-to-one correspondence between
them.
To complete the signaling procedure of an application service, two TC-users
exchange a series of TCAP messages in a bidirectional way. The TC-users control
and interpret the start, end and sequence of message exchange, and the message
contents, while TCAP TSL manages the initiation, holding and termination of dialogs,
including detection and handling of abnormal dialogs. The protocol process is
applicable to dialogs of any application services.
l Component sub layer (TCAP CSL)
The main functions of TCAP CSL cover the operation management, component error
detection and dialog component allocation.
Under normal conditions, when a TC-user initiates an invocation request for an
operation, the TCAP CSL will establish a status diagram for each operation to
implement operation management.
Component errors involve protocol errors and response timeout. A protocol error
refers to the inconsistency between the component type received at the TCAP CSL
and the expected input of the operation status diagram, or that the component format
has syntax errors or is unidentifiable. The response timeout refers to the timeout of
operation timers.
The TCAP CSL allocates the dialog components through its management over dialog
IDs.
A.7 TUP Protocol

TUP implements the following functions:
l Outgoing and incoming calls: connecting, holding, and releasing calls, implementing
migration of call statuses, occupying and releasing call resources
l The circuit management function, involving:
The circuit recovery function;
The circuit re-switch-on inspection, including the re-switch-on inspection output

process and the re-switch-on inspection input process;
The circuit group maintenance, including maintenance-oriented circuit group
maintenance, hardware-oriented circuit group maintenance, and the circuit
group recovery process;
Circuit blocking, that is, making a circuit that is faulty or being tested failed to
accept or generate signal service (or recovery service).
A-12

A.8 ISUP Protocol

ISUP implements the following functions:
l Performs incoming call processing and connection inspection, and call releasing.
l Performs outgoing call processing and connection inspection, and call releasing.
l Controls and monitors circuits, including blocking and unblocking circuits, the
maintenance-oriented circuit groups, the circuit groups with hardware faults,
recovering circuits, inspecting the re-switch-on of circuits, inquiring circuit groups, etc.
l MTP3 determines the module where the processing is done based on the CIC, and
accordingly distributes messages. The downlink messages are sent to the MTP3 of
the local module.
l The CDR and traffic statistics are distributed in outgoing and incoming calls.
A-13

A-14

Appendix B
SIGTRAN Protocols
Table of Contents
Introduction to SIGTRAN Protocol .......................................................................... B-1
SCTP Protocol........................................................................................................ B-2
M3UA Protocol ....................................................................................................... B-7
B.1 Introduction to SIGTRAN Protocol

Signaling Transport (SIGTRAN) protocol suite is the specifications for intercommunication
between SS7 and IP signaling. The specifications are defined by the SIGTRAN work
group of IETF. The protocol suite supports transmitting traditional Switched Circuit
Network (SCN) signaling through the IP network, supports inter-layer standard primitive
interface defined in the layering model of the SCN signaling protocol. Thus the existing
SCN signaling application can be used without needing to be modified. Meanwhile, the
standard IP transport protocol can be used as the transmission bottom layer to improve
its function and meet the requirements of SCN signaling for special transmission.
SIGTRAN has an architecture as shown below:
Figure B-1 Structure of SIGTRAN Protocol Stack
The SIGTRAN protocol stack has three parts as listed below. In this manual, only the
protocols related to ZXUN USPP (EIR) are described.
1. Standard IP Transport Protocol
2. The universal signaling transport protocol (SCTP) supports the universal and reliable
transport function needed for signaling transport. For details, see B.2 SCTP Protocol.
3. Signaling adaptation sub-layer. It supports specific primitives, for example, the
management indicator. These primitives are necessary for a specific SCN signaling
protocol, including M3UA (see B.3 M3UA Protocol for details), IUA, M2UA, M2PA,
and SUA.
B-1

B.2 SCTP Protocol

Applications
The SCTP protocol complies with the RFC2960 specifications. SCTP is primarily used
for signaling bearer in IP network, which implements signaling message switching in the
IP-based public packet switching network, end-to-end flow control and error control.
SCTP is actually a connection-oriented protocol, but the SCTP association covers more
than a TCP connection. SCTP removes some defects of TCP and makes the signaling
transmission more reliable. The design for SCTP includes proper congestion control,
unrestricted spread and impersonation attack prevention, more desirable real-time
property and multi-homing propery. The SCTP is regarded as a transmission-layer
protocol, with its upper layer as SCTP user application and the lower layer as the packet
network. In application of the SIGTRAN protocol, the SCTP upper layer are the adapting
modules (such as M2UA and M3UA) of the SCN signaling, and the bottom layer is the
IP network.
Transfer Modes
The SCTP protocol provides reliable message transfer service for two SCTP users
through the association created between two SCTP ends. Further, the SCTP protocol
provides a method to create associations between a set of transfer addresses of two
SCTP endpoints. With these created associations, the SCTP endpoints can send SCTP
packets. An SCTP association may include combinations of multiple possible source
addresses and destination addresses. These combinations are included in the transfer
address list of each endpoint, as shown below.
Figure B-2 SCTP Structure
Features
SCTP has the following features:
l Based on user message packets;

l Supports in-sequence or out-of-sequence transmission of user datagram within
streams;
B-2

Appendix B SIGTRAN Protocols
l Capable of creating multiple streams in an association and the data transport between
streams does not interfere with each other;
l Having more reliable associations because of multi-homing property at one or both
ends of an association;
l The association creation must pass the COOKIE authentication, thus ensuring the
security of the association;
l Having the real-time path-fault test function.
Related Terms
The terms involved in SCTP are introduced below:
l Transmission address
An SCTP transmission address consists of an IP address and an SCTP port number.
SCTP identifies the users using the same address through the SCTP port number.
For example, the IP address 10.105.28.92 and the SCTP port number 1024 indicate
an SCTP transmission address, while the IP address 10.105.28.93 and the port
number 1024 indicate another transmission address. Likewise, the IP address
10.105.28.92 and the port number 1023 also indicate another transmission address.
l Host and End Point
Host: A computer, which has one or more IP addresses, is a physical entity.
End Point is a basic logical concept for SCTP, a logic entity indicating the logical
datagram sender and receiver.
The SCTP protocol stipulates that one and only one association can be established
between two end points, however, one host can contain many end points.
l Association and Stream
Association: A logical connection or channel for data transmission between two
SCTP end points established through four-handshake mechanism in the SCTP
protocol. One association can be identified by the transmission addresses of the
two SCTP end points.
Stream is a special term of the SCTP protocol. Strictly speaking, stream refers to
a one-way logical channel from one end point to another in an SCTP association.
The data expected to sent in sequence must be transmitted in one stream.
One association can contain multiple streams.
l TSN and SSN
Transmission Sequence Number (TSN)A 32-digit sequence number, based on
the initial TSN, allocated to each locally-sent data block at one end of an SCTP
association, which ensures that the peer end can perform acknowledgement
upon receiving the data. TSN is based on association maintenance.
Stream Sequence Number (SSN)A 16-digit sequence number allocated to each
data block locally sent in each stream of an SCTP association, which ensures the
sequenced transfer within the stream. SSN is based on stream maintenance.
B-3

The allocations of TSN and SSN are independent of each other.

l Other terms
CWND: congestion window SCTP is also a sliding window protocol. A congestion
window is maintained directing to each destination address. It can vary in size
according to the network status. When the unacknowledged messages from the
destination address has a length exceeding its CWND, the end points will stop
sending data to this address.
RWND: Receiving window RWND is used to describe the size of the receiving
buffer at the peer end of an association. During association creation, both parties
will exchage the initial RWNDs of each other. The size of RWND may vary during
the data is being sent or acknowledged. The size of RWND limits the size of the
data SCTP can send. When RWND equals 0, SCTP can send a datagram to
acquire the changes of the opposite buffer through the acknowledgement until it
reaches the limit of CWND.
Function Structure
The function structure of the SCCP protocol is as shown below:
Figure B-3 Structure of SCTP Functions
Functions of Functional Modules

The functional modules are as described below:
l Creates and releases an association.
B-4

The association creation is enabled by SCTP users by initiating a request. In view

of security, the COOKIE scheme is utilized during enabling an association to avoid
malicious attacks.
SCTP provides a program for disabling activated associations. The program disabling
is done or not depending on the requests of SCTP users. SCTP further provides an
improper disabling (that is, interrupting an association) program. The program can
be interrupted depending on the requests of users, or due to errors detected by the
SCTP protocol.
l Delivers intra-stream messages in sequence.
The intra-SCTP streams are used to indicate the sequence of user messages to be
submitted to the higher-layer protocols in sequence. Messages in the same stream
need to be submitted in sequence.
SCTP users can specify the number of the available streams in an association when
an association is being created. This number can be negotiated and user messages
can be associated through a stream number .* Within SCTP, each SCTP user
message submitted through SCTP is allocated a stream sequence number. At the
receiving end, SCTP ensures that the user messages can be sequentially submitted
to the SCTP users within a specified stream. When a stream gets congested because
it is waiting for the next consecutive user message, the messages in other streams
can be submitted still in sequence.
SCTP also supports unsequentially delivered services. With this mode, the received
user messages can be immediately delivered to SCTP users without ensuring the
sending sequence.
l Segments user data
When necessary, SCTP segments messages when sending user messages and
ensures that the SCTP packets sent to the bottom layer have a length meeting the
requirements of the path MTU. At the receiving end, the segments are reassembled
to complete messages and then delivered to SCTP users.
l Acknowledges and avoids congestion
SCTP allocates a Transmission Sequence Number (TSN) to each segmented or
unsegmented messages of user data. The TSN allocation is independent of the
stream level. The receiving party acknowledges all received TSNs, although some
TSNs received in the receiving sequence are inconsecutive. In this way, the reliable
delivery function is separated from the sequenced delivery of streams.
The function of acknowledge and congestion avoiding enables the retransmission of
packets if no acknowledge is received in a specified duration. The function of packet
retransmission can be regulated with the congestion avoiding program similar with the
TCP protocol.
l Binds data block
An SCTP packet delivered to the bottom layer includes a public packet header, with
one or more data blocks followed. Each data block can contain either user data or
B-5

the SCTP control messages. SCTP users have an option, that is, they can request
to send one more user message which is bound in an SCTP packet or not. The data
block binding function of SCTP enables the generation of a complete SCTP packet at
the sending end, and the receiving end will disassemble the SCTP packet.
When congestions occur, users may not request SCTP to perform binding, but
SCTP still will perform the binding function. If users prohibit the binding, only SCTP
processing will be influenced. That is, a short time of delay will occur before the
SCTP packet is delivered.
l Verifies packet validity.
Each SCTP public packet header has a necessary verification tag field and a 32-bit
check field. The verification tag is valued based on the selection of the endpoints of
an association while enabling the association. If the received packet does not contain
the expected verification tag value, it will be discarded. The check code is set by the
SCTP packet sending party to provide additional protection and avoid data errors due
to networks. The receiving party will discard the SCTP packets without a check code.
l Manages paths
The SCTP users at the sending side can use a group of transfer addresses as
the destination of the SCTP packets. With the SCTP path management function,
a destination transfer address is selected for each sent SCTP packet, based on
the instructions from SCTP users and the accessibility of the currently qualified
destination set. When the packet service amount cannot exactly indicate the
accessibility, the path management function can monitor the accessibility of a
destination address through heart-beating messages, and provide directives for
SCTP users when the accessibility of any remote transfer address changes. The
path management function can also be used when an association is created. It
reports the qualified local transfer address set to the remote end, and reports the
transfer address returned from the remote end to the local SCTP users.
After the association is created, a preferred path is defined for each SCTP end point to
be used to send SCTP packets normally. At the receiving end, the path management
function is used, before processing an SCTP packet, to verify whether the association
of the incoming SCTP packets exists.
Differences between SCTP and TCP

SCTP is similar with the TCP protocol for the Internet, but is better in term of functions, as
described below:
l TCP end point uses a single IP address; SCTP can use multiple IP addresses, having
multi-homing property, and can use multiple routers to access.
l TCP can only provide sequenced delivery service; SCTP can use multiple streams to
provide intra-stream sequenced or unsequentially services.
l TCP transfers data in a way of blocking from the header, so if the transmitted content
is lost, the subsequent messages cannot be delivered to the upper-layer users; SCTP
use multiple streams and these streams are independent of each other.
B-6

l TCP transfers messages based on data byte, the sequence number of TCP is
numbered based on bytes; SCTP transfers messages based on data messages and
the sequence number of SCTP is numbered based on messages. With the sliding
window control, the throughput of the SCTP data can be greatly increased.
l The transfer parameters for TCP are fixedly calculated; While SCTP parameters such
as RTO and the heart-beating time interval can be set by upper-layer users.
l TCP has a weak ability in preventing the network attacks; SCTP has an enhanced
network security.
B.3 M3UA Protocol

Functions
M3UA is the protocol adapted for MTP3 in SS7 protocol and implements the adapting of
MTP3 users. It has the following functions:
l Supports the transmission of the messages (ISUP, SCCP, TUP, H.248, and BICC, etc)
of the MTP3 user part of SS7 carried on IP;
l Supports distributed IP-based signaling points;
l Supports the management on the connection for SCTP transmission;
l Supports the seamless operations on the peer layer of the MTP3 user protocol;
l Supports MTP3 network management;
l Supports real-time observation on important data of the protocol layer.
Related Terms
The terms involved in SCTP are introduced below:
l Application Server (AS): a logic entity indicating a certain resources and
corresponding to a "ROUTE KEY". For example, AS can be a virtual database cell
processing the events identified by the incorporation PC/OPC/SUA_SSN of SS7. AS
includes a group of unique application server processes, and one or several of them
are activated for service processing.
l Application Server Process (ASP): a process of AS which is activated or standby. For
example, ASP can be the process of MGC, SCP, or HLR. ASP includes SCTP end
point and can be configured as processing a number of AS signaling services.
l IP Service Process (IPSP): a process instance based on IP application. Essentially,
IPSP and ASP are consistent except that IPSP uses point-to-point M3UA instead of
services of signaling gateway.
l Signaling Gateway (SG): SG receives or sends the messages of high-level users of
SS7 at the boundary of the IP signaling network and SS7 network.
l Signaling Gateway Process (SGP): a process instance of SG used as the activated,
standby, or load sharing process.
l ROUTE KEY: describes a group of parameter and corresponding values of SS7 (such
as DPC, SIO+DPC, and SIO+DPC+OPC, etc.). It uniquely defines the signaling
services processed by a special application server. The parameters in the routing
keywords cannot be based on a number of destination signaling point codes.
B-7

Function Structure
The M3UA protocol functions are as shown below:
Figure B-4 Structure of M3UA Functions
Functions of Functional Modules

The functions of the functional modules of M3UA include:
l Processing messages: SG maps the messages from MTP to different SCTP streams,
and sends the messages to corresponding ASP using the address mapping function;
assembles the messages from SCTP into MTP3 user messages and send the
messages to MTP; distributes different management messages to internal functional
modules; SG has the address mapping function, implements the translation of
ROUTE KEY and ASP addresses, and maintain the address mapping table; manages
the registration of ROUTE KEY of ASP (optional).
l Managing signaling network: SG processes the indications from MTP for accessibility,
congestion, and restart of signaling points, and sends corresponding directives to
related ASP; When receiving the signaling network management messages from the
peer M3UA, SG transforms the messages to corresponding primitive and inform the
upper-layer users; Performs transmission control function.
l Managing SCTP connection: manages the connection, disconnection, blocking, and
deblocking of SCTP links. The managed SCTP links are between SG and ASP, SG
and SG, and ASP and ASP.
l Maintaining AS status: saves the status of the connected ASs, and processes the
messages related to AS status.
l Maintaining ASP status: saves the status of the connected ASPs, and performs ASP
start, exit, activation, and deactivation.
l Managing the LM layer: initiates SCTP connection creation, removing, and blocking
based on the configuration on the local office, and receives the messages indicating
the ASP status and the SCTP connection status.
B-8

Appendix C
MAP Protocol
Table of Contents
Introduction to MAP Protocol .................................................................................. C-1
MAP Signalling Process ......................................................................................... C-2
C.1 Introduction to MAP Protocol
Note:
In this topic, HLR generally refers to HLR over the networks such as WCDMA, TD-SCDMA,
and CDMA2000; MSC generally refers to MSCS over the networks such as WCDMA,
TD-SCDMA and MSC over CDMA2000 network; GMSC generally refers to GMSCS over
the networks such as WCDMA, TD-SCDMA and GMSC over CDMA2000 network.
The Mobile Application Part is called MAP for short. MAP is located at the top layer
of the TCAP in the OSI reference model, and only uses the non-connection mode of
SCCP. The entities between MSC/VLR and HLR/EIR, SMS-VMSC and SMS-IWMSC, and
SMS-MSC and SMS-GMSC all utilize the standard MAP protocol to create dialogs and
transmit messages between different entities.
MAP has the following functions:
l Sets up dialogs between an MSC/VLR and entities such as HLR, other MSCs/VLRs,
SMS-IWGMSC/SMS-GMSC and SCP by invoking TC primitives.
l Cooperates with the access processing module to complete various services of the
mobile communication network.
l Obtains the information related to a subscriber by querying on the database, and
informs the database of the latest data of the subscriber for proper modification.
C-1

C.2 MAP Signalling Process
Note:
In this topic, HLR generally refers to HLR over the networks such as WCDMA, TD-SCDMA,
and CDMA2000; MSC generally refers to MSCS over the networks such as WCDMA,
TD-SCDMA and MSC over CDMA2000 network; GMSC generally refers to GMSCS over
the networks such as WCDMA, TD-SCDMA and GMSC over CDMA2000 network.
The process of MAP signaling related to HLR/EIR includes:

l Registering and deleting a location
l Processing supplementary services
This function includes the activation, deactivation, registration, cancellation, use and
inquiry of the supplementary services. These operations are generally initiated by
MS. MSC/VLR inquiries the supplementary service authorities of users from HLR and
accordingly determines whether to perform these operations. If changes take place in
the registration request of the supplementary services of a subscriber, HLR will notify
MSC/VLR directly.
l Retrieving subscriber parameters during call setup, covering two cases:
Retrieving common information: VLR obtains partial or all subscriber parameters

from HLR.
Retrieving routing information: When a PSTN subscriber calls an MS, GMSC
requests a roaming number from HLR.
l Relocating: supports basic relocation and subsequent relocation.
l Managing subscribers: Covers subscriber-location information management and
subscriber parameter management. This function is used for VLR to verify information
to the HLR or for the HLR to retrieve information from the VLR. The function can be
used for data recovery after VLR or HLR reset or can be used for normal database
update.
l Recovering faults: After the VLR is restarted, all of the MS records are marked with
Recovery tags, indicating that they are subject to verification. If VLR receives
messages (such as, call setup, location update and subscriber authentication
messages) from MSC and HLR, it indicates that this subscriber is still in the control
area of the VLR, and the Recovery tag can be removed. If VLR receives a location
deletion message, it will delete this MS record.
l Managing IMEI/MEID: Defines the signalling process when the MSC inquiries EIR for
MS equipment validity.
l Authenticating subscribers, covering:
VLR requests an authentication triplet from HLR. This is performed when the
authentication triplet saved on VLR is lower than the threshold.
C-2

Appendix C MAP Protocol
VLR requests the subscriber information from the previous VLR during the
location update, covering authentication triplet and IMSI.
C-3

C-4

Figures
Figure 1-1 Location of ZXUN USPP (EIR) in Mobile Network .................................... 1-2
Figure 1-2 MEID Format ........................................................................................... 1-4
Figure 1-3 Multidimensional Security Mechanisms.................................................... 1-5
Figure 2-1 ZXUN USPP (EIR) System Architecture................................................... 2-1
Figure 2-2 Rack Hardware Structure (42U) ............................................................... 2-2
Figure 2-3 Rack Hardware Structure (47U) ............................................................... 2-3
Figure 2-4 ZXUN USPP (EIR) BE Blade Configuration.............................................. 2-3
Figure 2-5 Software Architecture of Partitioning Layer .............................................. 2-4
Figure 2-6 Software Architecture of Storage Layer.................................................... 2-5
Figure 2-7 Software Architecture of FE ..................................................................... 2-6
Figure 2-8 PROVISION Subsystem Structure ........................................................... 2-8
Figure 2-9 Web Agent Structure................................................................................ 2-9
Figure 2-10 UDS Subsystem Architecture............................................................... 2-10
Figure 2-11 Architecture of Network Element Management Subsystem (Dual-Layer
Networking) .......................................................................................... 2-13
Figure 2-12 Architecture of Network Element Management Subsystem
(Single-Layer Networking)..................................................................... 2-14
Figure 2-13 Fault Recovery Subsystem Structure ................................................... 2-16
Figure 3-1 Service Flow of IMEI-Checking ............................................................... 3-1
Figure 3-2 Service Flow of MEID-Checking............................................................... 3-2
Figure 4-1 UDS Processing Flow .............................................................................. 4-5
Figure 4-2 Three-Level Data back............................................................................. 4-6
Figure 4-3 Three Types of Data Restoration ............................................................. 4-6
Figure 4-4 Synchronous Data Replication Procedure ................................................ 4-7
Figure 4-5 Asynchronous Data Replication Procedure .............................................. 4-8
Figure 5-1 Interfaces Related to ZXUN USPP (EIR).................................................. 5-2
Figure 5-2 PROVISION Subsystem Structure ........................................................... 5-3
Figure 5-3 Network Management Interfaces ............................................................. 5-4
Figure 5-4 Protocol Stack of ZXUN USPP (EIR) Interfaces ....................................... 5-5
Figure 6-1 IP Network Structure for ZXUN USPP (EIR)............................................. 6-2
Figure 6-2 Dual-Site Networking ............................................................................... 6-3
Figure 6-3 Multi-Site Networking ............................................................................... 6-4
I
Figure 6-4 DR Changeover Schematic Diagram ....................................................... 6-5

Figure A-1 Structure of Narrowband SS7 Protocol Stack ..........................................A-1
Figure A-2 MSU Signaling Unit of Narrowband SS7..................................................A-2
Figure A-3 LSSU Signaling Unit of Narrowband SS7 ................................................A-3
Figure A-4 FISU Signaling Unit of Narrowband SS7..................................................A-3
Figure A-5 SF Status Field........................................................................................A-3
Figure A-6 MTP3 Structure .......................................................................................A-5
Figure A-7 SCCP Structure Model ............................................................................A-7
Figure A-8 The Layering Structure of TCAP ............................................................ A-11
Figure B-1 Structure of SIGTRAN Protocol Stack......................................................B-1
Figure B-2 SCTP Structure .......................................................................................B-2
Figure B-3 Structure of SCTP Functions ...................................................................B-4
Figure B-4 Structure of M3UA Functions...................................................................B-8
II
Tables
Table 2-1 FE Composition......................................................................................... 2-7
Table 2-2 HSM Hardware Composition ................................................................... 2-17
Table 2-3 HSM Software Composition..................................................................... 2-17
Table 4-1 Operation and Maintenance Functions of the EMS System ....................... 4-1
Table 4-2 Operation and Maintenance Functions of the OMM System ...................... 4-3
Table 7-1 Physical Specifications of a 42U Cabinet................................................... 7-1
Table 7-2 Physical Specifications of a 47U Cabinet................................................... 7-1
Table 7-3 Typical Capacity Indices ............................................................................ 7-2
Table 7-4 Performance Specifications ....................................................................... 7-2
Table 7-5 Power Specifications ................................................................................. 7-3
Table 7-6 Clock Specifications .................................................................................. 7-3
Table 7-7 Interfaces and Cables................................................................................ 7-3
Table 7-8 Reliability Specifications ............................................................................ 7-4
Table 8-1 Requirements for Equipment Rooms ......................................................... 8-2
Table 8-2 Temperature and Humidity Requirements.................................................. 8-2
Table 8-3 Lightning Protection Requirements ............................................................ 8-5
III
Tables

Glossary
3GPP
- 3rd Generation Partnership Project
AAL5
- ATM Adaptation Layer type 5
ACL
- Access Control List
AS
- Application Server
ASP
- Application Service Process
ATCA
- Advanced Telecommunications Computing Architecture
ATM
- Asynchronous Transfer Mode
BE
- Back End
BICC
- Bearer Independent Call Control protocol
BOSS
- Business and Operation Support System
CAPEX
- Capital Expenditure
CC
- Common Criteria
CDMA
- Code Division Multiple Access
CGEL
- Commuication Grade Embedded Linux
CGSL
- Carrier Grade Server Linux
CIC
- Circuit Identification Code
CMP
- Calling Main Processor
V
CORBA
- Common Object Request Broker Architecture
DB
- DataBase
DBIO
- DataBase Input & Output
DC
- Direct Current
DIT
- Directory Information Tree
DNS
- Domain Name System
DPC
- Destination signaling Point Code
DRSync
- Disaster Reserved Sync
DSA
- Directory System Agent
DSML
- Directory Service Markup Language
DSP
- Directory System Protocol
DST
- Data Storage Transfer
EIR
- Equipment Identity Register
EMS
- Network Element Management System
ETCA
- Enhanced ATCA
FAC
- Final Assembly Code
FE
- Front End
FIPS
- Federal Information Processing Standards
FISU
- Fill-in Signaling Unit
VI
Glossary
FTP
- File Transfer Protocol
GMSCS
- Gateway Mobile Switching Centre Server
GSM
- Global System for Mobile Communication
GUI
- Graphical User Interface
HALT
- Highly Accelerated Life Test
HASS
- Highly Accelerated Stress Screening
HDLC
- High-level Data Link Control
HLR
- Home Location Register
HSM
- Hardware Security Module
HSS
- Home Subscriber Server
ICC
- Inspect and Control Center
IDSA
- Identity DSA
IETF
- Internet Engineering Task Force
IMEI
- International Mobile Equipment Identity
IMEISV
- International Mobile Equipment Identity and Software Version number
IMSI
- International Mobile Subscriber Identity
IP
- Internet Protocol
ISUP
- ISDN User Part
IUA
- ISDN User Adaptation Layer
VII
JDBC
- Java Database Connectivity
KPI
- Key Performance Index
KVM
- Keyboard, Video and Mouse
LDAP
- Lightweight Directory Access Protocol
LSSU
- Link Status Signaling Unit
LUDT
- Long Unit DaTa
M2PA
- MTP2-User Peer-to-Peer Adaptation Layer Protocol
M2UA
- MTP2-User Adaptation Layer
M3UA
- MTP3-User Adaptation layer protocol
MAP
- Mobile Application Part
ME
- Mobile Equipment
MEID
- Mobile Equipment Identifier
MGC
- Media Gateway Controller
MME
- Mobility Management Entity
MML
- Man Machine Language
MNP
- Mobile Number Portability
MS
- Mobile Station
MSC
- Mobile Switching Center
MSCS
- Mobile Switching Center Server
VIII
Glossary
MSISDN
- Mobile Station International Subscriber Directory Number
MSU
- Message Signal Unit
MTP
- Message Transfer Part
MTP1
- Message Transfer Part Level 1
MTP2
- Message Transfer Part layer 2
MTP3
- Message Transfer Part layer 3
MTU
- Maximum Transfer Unit
NAPT
- Network Address Port Translation
NAT
- Network Address Translation
NE
- Network Element
NMC
- Network Management Center
NMS
- Network element Management System
O&M
- Operation & Maintenance
ODBC
- Open DataBase Connectivity
OMM
- Operation & Maintenance Module
OMP
- Operation & Maintenance Processor
OPC
- Origination Signaling Point Code
OPEX
- Operating Expenditure
OSI
- Open System Interconnection
IX
PCI
- Programmable Communications Interface
PCM
- Pulse Code Modulation
PDSA
- Profile DSA
PE
- Provider Edge
PED
- PIN Entry Device
PIN
- Personal Identification Number
PLMN
- Public Land Mobile Network
PSTN
- Public Switched Telephone Network
RPU
- Router Process Unit
RTO
- RetransmissionTime-Out
SCCP
- Signaling Connection Control Part
SCLC
- SCCP Connectionless Control
SCN
- Switched Circuit Network
SCOC
- SCCP Connection-Oriented Control
SCP
- Service Control Point
SCRC
- SCCP Routing Control
SCTP
- Stream Control Transmission Protocol
SG
- Signaling Gateway
SGSN
- Service GPRS Supporting Node
X
Glossary
SIGTRAN
- Signalling Transport
SIM
- Subscriber Identity Module
SIO
- Service Information Octet
SIPI
- Signaling IP bearer Interface
SLC
- Signaling Link Code
SLS
- Signaling Link Selection code
SMP
- Signal Main Processor
SMS-GMSC
- Short Message Service Gateway Mobile Switching Center
SMS-IWMSC
- Short Message Service Interworking Mobile Switching Center
SMS-MSC
- Short Message Service Mobile Switching Center
SMS-VMSC
- Short Message Service Visited Mobile Switching Center
SMTP
- Simple Mail Transfer Protocol
SNMP
- Simple Network Management Protocol
SNR
- Serial NumbeR
SOAP
- Simple Object Access Protocol
SS7
- Signaling System No. 7
SSN
- Sub-System Number
SUA
- SCCP User Adaptation
SVN
- Software Version Number
XI
TAC
- Type Approval Code
TC
- Transaction Capability
TCAP
- Transaction Capability Application Part
TCP
- Transfer Control Protocol
TD-SCDMA
- Time Division-Synchronization Code Division Multiple Access
TMN
- Telecommunications Management Network
TUP
- Telephone User part
ToS
- Type Of Service
UAGW
- UDS Access Gateway
UDP
- User Datagram Protocol
UDS
- Universal Directory Server
UDT
- Unit DaTa
UMTS
- Universal Mobile Telecommunication System
USB
- Universal Serial Bus
VLAN
- Virtual Local Area Network
VLR
- Visitor Location Register
VPN
- Virtual Private Network
WCDMA
- Wideband Code Division Multiple Access
WEB
- Web
XII
Glossary
XML
- eXtensible Markup Language
XUDT
- Enhanced Unit Data
ZTE
- Zhongxing Telecommunications Equipment
XIII

SJ-20110221163024-002-ZXUN USPP (V4.11.10) Universal Subscr

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SJ-20110221163024-002-ZXUN USPP (V4.11.10) Universal Subscr

Uploaded by

Copyright:

Available Formats

ZXUN USPP

Universal Subscriber Profile Platform

Revision No. Revision Date Revision Reason

R1.2 2011-07-07 Changed the GUI agent to Web agent.

R1.1 2011-06-10 Updated the technical specifications.

R1.0 2011-04-15 First Edition

Serial Number: SJ-20110221163024-002

Publishing Date: 2011-07-07(R1.2)

Chapter 2 System Structure ...................................................................... 2-1

Chapter 3 Basic Services........................................................................... 3-1

Chapter 4 Basic Functions ........................................................................ 4-1

Chapter 5 Interfaces and Protocol Stack ................................................. 5-1

Chapter 6 Networking Modes .................................................................... 6-1

Chapter 7 Technical Specifications .......................................................... 7-1

Chapter 8 Security Measures and Envionment Requirements .............. 8-1

Appendix A Narrowband SS7 Signaling Protocols ................................ A-1

Appendix B SIGTRAN Protocols.............................................................. B-1

Appendix C MAP Protocol ........................................................................ C-1

Prerequisite Skill and Knowledge

What Is in This Manual

Chapter 1, Product Overview Describes the role, applications and characteristics of

Chapter 2, System Structure Describes the structure of ZXUN USPP (EIR).

Chapter 7, Technical Specifications Describes the technical specifications of ZXUN USPP

FCC Compliance Statement

Italics References to other manuals or documents.

Quotes Links on screens.

Note: Provides additional information about a certain topic.

Checkpoint: Indicates that a particular step needs to be checked before

Tip: Indicates a suggestion or hint to make things easier or more productive

1.1 Role of EIR

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

Figure 1-1 Location of ZXUN USPP (EIR) in Mobile Network

1.2 Functions of EIR

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

Introduction to IMEI, IMEISV and MEID

l Type Approval Code (TAC): Its length is 8 digits.

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

Figure 1-2 MEID Format

l Manufacture Code: Its length is 8 digits. RR: A0FF. XXXXXX: 000000FFFFFF.

1.3.2 Multidimensional Security Mechanisms

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

Figure 1-3 Multidimensional Security Mechanisms

l Equipment Layer Security

User Management: The security management enables the authority control of

NAT/NAPT: NAT/NAPT enable the conversion of private IP addresses to public IP

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

1.3.3 Linear Scalability

1.3.4 Centralized Database

1.3.5 Flexibility Characteristics

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

1.3.7 Flexible IMEI Match Function

1.3.8 IMSI and IMEI Binding Function

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

This page intentionally left blank.

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

2.1 System Structure Overview

Figure 2-1 ZXUN USPP (EIR) System Architecture

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

2.2 Hardware and Software Structure

Figure 2-2 Rack Hardware Structure (42U)

SJ-20110221163024-002|2011-07-07(R1.2) ZTE Proprietary and Confidential

Figure 2-3 Rack Hardware Structure (47U)

ETCA Shelf Structure

Figure 2-4 ZXUN USPP (EIR) BE Blade Configuration