Inmarsat BGAN Network Overview CN Team Global Network Engineering Version 1.4 Q1 2014
Dec 19, 2015
Inmarsat BGAN Network OverviewCN Team
Global Network Engineering
Version 1.4 Q1 2014
BGAN Network in 2014Two live SAS sites; Burum and Paumalu (Hawaii) with Fucino as a backup for Burum.
Satellite coverage:• I4F1 APAC region – lands in Paumalu SAS,• I4F2 EMEA region – lands in Burum SAS,• I4F3 AMER region – lands in Paumalu SAS.
MMPs (Meet Me Points) available for DP interconnect:• Amsterdam Telecity,
• New York Telx,
• Burum SAS,
• Paumalu SAS,
• Sydney HarbourMSP (special requirements apply).
BGAN Network 2014
DP POPS
DP POPS
DP POPS
DP POPS
DP POPS
SAS DCN
DP POPS
Inmarsat Edge RoutersTelex MMP, New York
Inmarsat Edge RoutersTelecity MMP, Amsterdam
Inmarsat Edge RoutersHKColo MMP, Hong Kong
SAS Core Network
SAS Core Network
SAS Network
SASNetwork
Internet
China FRG
BurumPaumalu
I4F1 I4F2I4F3
SAS Core Network
Fucino
Spare
DS3
DS3
STM1
STM1 100Mbit
PAUMALUMMP
AMS MMP
BURUMMMP
HKGMMP
NYC MMP
Sydney FRG
SYDNEYMMP
(Special conditions
apply)
STM1
BGAN PS Domain
ftp.3gpp.org/specs/2004-12/Rel-4/
SGSN
RFS
RNC GGSN
UT
DP Radius Server
DP POP
GiGnIu
3GPP TS 29.061 Interworking
3GPP TS 29.060 GTP
3GPP TS 25.413 RANAP
Inmarsat BGAN SDM
3GPP TS 24.008 NAS
3GPP NAS over IAI2
PS Domain Routing in a nutshell
To get an IP address and access to an exit point from the BGAN network, a user chooses an APN and activates a PDP context.
The SGSN at the SAS where the traffic is landing queries an APN DNS to find out which GGSN is hosting that APN and sends PDP context creation request to the GGSN.
The GGSN obtains an IP address via RADIUS and returns the address to the SGSN and completes the setup of the GTP tunnel for user traffic.
The SGSN requests a radio bearer and establishes a GTP tunnel to the RNC for user traffic.
Any traffic from the BGAN UT is forwarded through the network in a GTP tunnel and onto the Gi interface. The IP address assigned to the terminal is not used for routing within the network, only at the GGSN.
Traffic to/from the DP network and the GGSN is transferred via an IPSec or GRE tunnel.
What is an APN?
The GGSN can be considered as a collection of virtual routers.
Each of these virtual routers has associated with it a collection of interfaces, filters, routing tables, rules and a name that together make up the APN.
Each APN is unique, but the same APN name may be used by more than one GGSN. The association between the name and the GGSN that should be used is determined by the APN DNS that the SGSN consults.
Each APN contains information about the RADIUS server, which is usually located in the DP’s POP or DP network. The RADIUS server handles all user authentication and assigns IP addresses based on various credentials.
What is a PDP context?
From the user’s perspective a PDP context is an IP address assigned by the network and connectivity.
Within the network a PDP context is the collection of data needed to route the traffic to and from the user.
A secondary PDP context uses the same IP address as the first PDP context but has a different QoS associated with it.
A secondary PDP context has it’s own radio bearer and GTP tunnels within the network.
At the UT and the GGSN a traffic flow template (TFT) is used to map traffic of a particular type into the secondary PDP context.
What is a POP?
From the Inmarsat perspective, a POP is pair of redundant routers connected to Inmarsat’s routers. The user traffic to and from the GGSN is delivered through an IPSec or GRE tunnel to a tunnel endpoint that is a VIP shared by the DP routers.
Anything else behind those routers is entirely up to the DP/SP. Typically this may include:• Radius Servers,• Firewalls,• Value Added services such as a pre-pay facility, online usage
statistics, personal firewalls and DNS,• Some DPs offer access to their own networks to route traffic to
customer’s office/corporate LAN which guarantees QoS.
POP InterconnectThere are six locations around the world where a DP or SP can interconnect directly with the Inmarsat network to receive their traffic:• Telecity in Amsterdam, • Telex in New York, • Burum SAS,• Paumalu SAS,• HarbourMSP in Sydney.
Connecting to Inmarsat at a Meet Me Point is referred to a POP interconnect.
POP interconnect allows QoS to be maintained end to end which is important for some streaming services.
It also provides greater privacy and security than routing the traffic via the internet.
POP Interconnect (cont)The most popular and cost-effective MMPs for DPs to connect into are Telecity Amsterdam and Telx New York.
Inmarsat are establishing MMPs at the Burum and Paumalu SAS sites for lower latency connections.
Establishing a POP interconnect at the Sydney MMP will require a dedicated APN which can only exit in Australia;
i.e. dpname-aus.bgan.inmarsat.com. This is because of forced routing restrictions and the legal intercept
requirement from the Australian Government.
Physical Arrangement for POP Interconnect
Internet Interconnect
The GGSN tunnel endpoints are accessible over the public internet.
An IPSec tunnel can be established between the Inmarsat network and the DP/SP tunnel endpoint if the DP tunnel endpoint is available over the internet.
Some DPs use this option as a backup to POP interconnect.
Inmarsat also offer a shared APN called bgan.inmarsat.com. A PDP context with this APN will provide the user with access to the internet with a public IP address.
APN Additional FeaturesBGP peering can be run inside the traffic tunnel for up/down state detection. UT address ranges which are live in the GGSN can also be advertised to the DP’s POP via this session.
Global IP• Global IP is an feature used when an APN with an identical name is
configured in both GGSNs, and the same IP address ranges are used across both. This enables a BGAN user to obtain the same IP address regardless of which ocean region they are in.
• The GGSN can advertise every active UT address in the GGSN routing table towards the POP in a /32 format using BGP.
• This ensures the POP router knows the correct return route & tunnel for each active UT.
• As soon as the UT establishes a PDP context, a BGP update is sent to the POP and vice-versa when the context is closed.
• A Global IP APN is priced differently to regular APNs and the number of PDP context allowed are limited.
APN Additional Features #2
RADIUS Disconnect – Enables the DP to manually disconnect a PDP session via the DP’s RADIUS.
User Location Info – The SAC country code area which the user raises the PDP context from is passed onto the DP in the RADIUS authentication and accounting messages.
Routing behind MS – An additional subnet can exist behind a user terminal and the subnet can be supplied by RADIUS Access Accept, which enables the GGSN to route the additional network address via the PDP context.
Other Considerations #1Forced Routing
Inmarsat has to fulfill regional requirements by sending packets back to some countries of origin for Legal Interception.
Inmarsat have a node in place which does the forced routing and sits on the core network at the SAS sites. It force routes user traffic in Russia, China and Australia. Its called the GnFR.
The forced routing is transparent to the DP, although it will lengthen round trip times for those users.
Traffic from China lands in Beijing as is routed through the Beijing SAS, so the RTT is optimised.
Other Considerations #2Round Trip times between MMPs and Forced Routed countries
BUR PAU AMS HK NY SYD BEIJ MSCW
BUR 250 5 255 85 n/a 265 48
PAU 220 110 145 210 155 255
AMS n/a n/a 295 270 45
HK n/a 322 48 273
NY 363 302 127
SYD n/a n/a
BEIJ n/a
MSCW
~RTT in ms