Inmarsat BGAN Network Overview CN Team Global Network Engineering Version 1.4 Q1 2014.

Inmarsat BGAN Network OverviewCN Team

Global Network Engineering

Version 1.4 Q1 2014

BGAN Network in 2014Two live SAS sites; Burum and Paumalu (Hawaii) with Fucino as a backup for Burum.

Satellite coverage:• I4F1 APAC region – lands in Paumalu SAS,• I4F2 EMEA region – lands in Burum SAS,• I4F3 AMER region – lands in Paumalu SAS.

MMPs (Meet Me Points) available for DP interconnect:• Amsterdam Telecity,

• New York Telx,

• Burum SAS,

• Paumalu SAS,

• Sydney HarbourMSP (special requirements apply).

BGAN Network 2014

DP POPS

DP POPS

DP POPS

DP POPS

DP POPS

SAS DCN

DP POPS

Inmarsat Edge RoutersTelex MMP, New York

Inmarsat Edge RoutersTelecity MMP, Amsterdam

Inmarsat Edge RoutersHKColo MMP, Hong Kong

SAS Core Network

SAS Core Network

SAS Network

SASNetwork

Internet

China FRG

BurumPaumalu

I4F1 I4F2I4F3

SAS Core Network

Fucino

Spare

DS3

DS3

STM1

STM1 100Mbit

PAUMALUMMP

AMS MMP

BURUMMMP

HKGMMP

NYC MMP

Sydney FRG

SYDNEYMMP

(Special conditions

apply)

STM1

BGAN PS Domain

ftp.3gpp.org/specs/2004-12/Rel-4/

SGSN

RFS

RNC GGSN

UT

DP Radius Server

DP POP

GiGnIu

3GPP TS 29.061 Interworking

3GPP TS 29.060 GTP

3GPP TS 25.413 RANAP

Inmarsat BGAN SDM

3GPP TS 24.008 NAS

3GPP NAS over IAI2

PS Domain Routing in a nutshell

To get an IP address and access to an exit point from the BGAN network, a user chooses an APN and activates a PDP context.

The SGSN at the SAS where the traffic is landing queries an APN DNS to find out which GGSN is hosting that APN and sends PDP context creation request to the GGSN.

The GGSN obtains an IP address via RADIUS and returns the address to the SGSN and completes the setup of the GTP tunnel for user traffic.

The SGSN requests a radio bearer and establishes a GTP tunnel to the RNC for user traffic.

Any traffic from the BGAN UT is forwarded through the network in a GTP tunnel and onto the Gi interface. The IP address assigned to the terminal is not used for routing within the network, only at the GGSN.

Traffic to/from the DP network and the GGSN is transferred via an IPSec or GRE tunnel.

What is an APN?

The GGSN can be considered as a collection of virtual routers.

Each of these virtual routers has associated with it a collection of interfaces, filters, routing tables, rules and a name that together make up the APN.

Each APN is unique, but the same APN name may be used by more than one GGSN. The association between the name and the GGSN that should be used is determined by the APN DNS that the SGSN consults.

Each APN contains information about the RADIUS server, which is usually located in the DP’s POP or DP network. The RADIUS server handles all user authentication and assigns IP addresses based on various credentials.

What is a PDP context?

From the user’s perspective a PDP context is an IP address assigned by the network and connectivity.

Within the network a PDP context is the collection of data needed to route the traffic to and from the user.

A secondary PDP context uses the same IP address as the first PDP context but has a different QoS associated with it.

A secondary PDP context has it’s own radio bearer and GTP tunnels within the network.

At the UT and the GGSN a traffic flow template (TFT) is used to map traffic of a particular type into the secondary PDP context.

What is a POP?

From the Inmarsat perspective, a POP is pair of redundant routers connected to Inmarsat’s routers. The user traffic to and from the GGSN is delivered through an IPSec or GRE tunnel to a tunnel endpoint that is a VIP shared by the DP routers.

Anything else behind those routers is entirely up to the DP/SP. Typically this may include:• Radius Servers,• Firewalls,• Value Added services such as a pre-pay facility, online usage

statistics, personal firewalls and DNS,• Some DPs offer access to their own networks to route traffic to

customer’s office/corporate LAN which guarantees QoS.

POP InterconnectThere are six locations around the world where a DP or SP can interconnect directly with the Inmarsat network to receive their traffic:• Telecity in Amsterdam, • Telex in New York, • Burum SAS,• Paumalu SAS,• HarbourMSP in Sydney.

Connecting to Inmarsat at a Meet Me Point is referred to a POP interconnect.

POP interconnect allows QoS to be maintained end to end which is important for some streaming services.

It also provides greater privacy and security than routing the traffic via the internet.

POP Interconnect (cont)The most popular and cost-effective MMPs for DPs to connect into are Telecity Amsterdam and Telx New York.

Inmarsat are establishing MMPs at the Burum and Paumalu SAS sites for lower latency connections.

Establishing a POP interconnect at the Sydney MMP will require a dedicated APN which can only exit in Australia;

i.e. dpname-aus.bgan.inmarsat.com. This is because of forced routing restrictions and the legal intercept

requirement from the Australian Government.

Physical Arrangement for POP Interconnect

Internet Interconnect

The GGSN tunnel endpoints are accessible over the public internet.

An IPSec tunnel can be established between the Inmarsat network and the DP/SP tunnel endpoint if the DP tunnel endpoint is available over the internet.

Some DPs use this option as a backup to POP interconnect.

Inmarsat also offer a shared APN called bgan.inmarsat.com. A PDP context with this APN will provide the user with access to the internet with a public IP address.

APN Additional FeaturesBGP peering can be run inside the traffic tunnel for up/down state detection. UT address ranges which are live in the GGSN can also be advertised to the DP’s POP via this session.

Global IP• Global IP is an feature used when an APN with an identical name is

configured in both GGSNs, and the same IP address ranges are used across both. This enables a BGAN user to obtain the same IP address regardless of which ocean region they are in.

• The GGSN can advertise every active UT address in the GGSN routing table towards the POP in a /32 format using BGP.

• This ensures the POP router knows the correct return route & tunnel for each active UT.

• As soon as the UT establishes a PDP context, a BGP update is sent to the POP and vice-versa when the context is closed.

• A Global IP APN is priced differently to regular APNs and the number of PDP context allowed are limited.

APN Additional Features #2

RADIUS Disconnect – Enables the DP to manually disconnect a PDP session via the DP’s RADIUS.

User Location Info – The SAC country code area which the user raises the PDP context from is passed onto the DP in the RADIUS authentication and accounting messages.

Routing behind MS – An additional subnet can exist behind a user terminal and the subnet can be supplied by RADIUS Access Accept, which enables the GGSN to route the additional network address via the PDP context.

Other Considerations #1Forced Routing

Inmarsat has to fulfill regional requirements by sending packets back to some countries of origin for Legal Interception.

Inmarsat have a node in place which does the forced routing and sits on the core network at the SAS sites. It force routes user traffic in Russia, China and Australia. Its called the GnFR.

The forced routing is transparent to the DP, although it will lengthen round trip times for those users.

Traffic from China lands in Beijing as is routed through the Beijing SAS, so the RTT is optimised.

Other Considerations #2Round Trip times between MMPs and Forced Routed countries

BUR PAU AMS HK NY SYD BEIJ MSCW

BUR   250 5 255 85 n/a 265 48

PAU     220 110 145 210 155 255

AMS       n/a n/a 295 270 45

HK         n/a 322 48 273

NY           363 302 127

SYD             n/a n/a

BEIJ               n/a

MSCW                

~RTT in ms