03_01_cn32033en02gla0_sigtran
Post on 02-Nov-2015
6 Views
Preview:
DESCRIPTION
TRANSCRIPT
-
1 Nokia Siemens Networks CN32033EN02GLA0
SIGTRAN
-
2 Nokia Siemens Networks CN32033EN02GLA0
Objectives
On completion of this module the student will be able to:
Draw SIGTRAN protocol stack and explain the role of each layer
Describe the function and structure of SCTP messages
Monitor and explain SIGTRAN messages from signalling monitoring tool (Wireshark)
-
3 Nokia Siemens Networks CN32033EN02GLA0
SS7 and Iu control plane protocol stacks in NSN SGSNs
-
4 Nokia Siemens Networks CN32033EN02GLA0
SIGTRAN Protocol stack options
IP IP
SCTP SCTP
M3UA SUA
SCCP TCAP
TCAP MAP
MAPSS7 MTP3 User Adaption layer
SS7 SCCP User Adaption layer
-
5 Nokia Siemens Networks CN32033EN02GLA0
SCTP Functions
association startup and shutdown
sequenced delivery within Streams
user data fragmentation
acknowledgement and congestion avoidance
chunk bundling
packet validation
path management
-
6 Nokia Siemens Networks CN32033EN02GLA0
Key Terms
SCTP Association A protocol relationship between two endpoints
SCTP endpoint The logical sender/receiver of SCTP packets.
SCTP packet The unit of data delivery across the interface between SCTP and the connectionless packet network (e.g. IP)
SCTP user application
The logical higher-layer application entity which uses the services of SCTP, also called the Upper-Layer Protocol.
Chunk A unit of information within an SCTP packet, consisting of a chunk header and chunk-specific content
Bundling An optional multiplexing operation, whereby more than one user message may be carried in the same SCTP packet
-
7 Nokia Siemens Networks CN32033EN02GLA0
Key Terms (cont.)
Message (User Message)
Data submitted to SCTP by the Upper Layer Protocol.
Stream A unidirectional logical channel established from one to another associated SCTP endpoint
Transmission Sequence Number (TSN)
A 32-bit sequence number used internally by SCTP.
Verification Tag An integer used to verify that the SCTP packet belongs to the current association and is not an old or stale packet from a previous association.
Transport address The combination of an IP address and an SCTP port number.
Congestion Window
An SCTP variable that limits the data, in number of bytes, a sender can send to a particular destination transport address before receiving an acknowledgement
-
8 Nokia Siemens Networks CN32033EN02GLA0
SCTP message structure
-
9 Nokia Siemens Networks CN32033EN02GLA0
SCTP Chunk Types -1-
ID Chunk Type Description
0 DATA Data Used to deliver user data
1 INIT Initiation This chunk is used to initiate SCTP association between two endpoints.
2 INIT ACK Initiation Acknowledgement This chunk is used to acknowledge the initiation of an SCTP association.
3 SACK Selective Acknowledge This chunk is sent to peer endpoint to acknowledge received DATA chunks and to inform the peer endpoint of gaps in the received subsequences of DATA chunks as represented by their TSNs
4 HEARTBEAT Heartbeat Request An endpoint should send this chunk to its peer endpoint to probe the reachibility of a particular destination transport address defined in the present association.
5 HEARTBEAT ACK
Heartbeat acknowledge An endpoint should sent this chunk to its peer endpoint as a response to a HEARTBEAT chunk.
6 ABORT Abort The ABORT chunk is sent to the peer of an association to close the association. This chunk may contain Cause parameter to inform the receiver the reason of the abort.
-
10 Nokia Siemens Networks CN32033EN02GLA0
SCTP Chunk Types -2-
ID Chunk Type Description
7 SHUTDOWN Shutdown An endpoint in an association must use this chunk to initiate a graceful close of the association with its peer.
8 SHUTDOWN ACK
Shutdown Acknowledgement This chunk must be used to acknowledge the receipt of the SHUTDOWN chunk at the completion of the shutdown process.
9 ERROR Operational Error An endpoint sends this chunk to its peer endpoint to notify it of certain error conditions.
10 COOKIE ECHO Cookie Echo This chunk is used only during the initialization of an association. It is sent by the initiator of an association to its peer to complete the initialization process.
11 COOKIE ACK Cookie Acknowledgement This chunk is used only during the initialization of an association. It is used to acknowledge the receipt of a COOKIE ECHO chunk.
14 SHUTDOWN COMPLETE
Shutdown Complete This chunk must be used to acknowledge the receipt of the SHUTDOWN ACK chunk at the completion of the shutdown process.
-
11 Nokia Siemens Networks CN32033EN02GLA0
Association Establishment : Problem with TCP
SYN Request
SYN ACK
ACK
A B
Resource allocated Connection in partial state
SYN Requests
SYN ACK
Attacker Server
Resources allocated Connections in partial state
ACK
Connection established Attacker never sends ACK Server overloaded
normal connection establishment denial of service attack
-
12 Nokia Siemens Networks CN32033EN02GLA0
Association Establishment : SCTP mechanism
- Cookie mechanism can prevent denial-of-service attack problem
INIT
INIT ACK
COOKIE ECHO
COOKIE ACK
(Initialisation Tag : Tag_A)
(Initialisation Tag : Tag_B, state cookie)
(state cookie)
Resource
reservation
SCTP client/HLR
SCTP server/SGSN
Resource
reservation
-
13 Nokia Siemens Networks CN32033EN02GLA0
INIT and INIT_ack Chunk
Initial TSN
Number of Inbound Streams Number of Outbound Streams
Advertised Receiver Window Credit
Initiate tag
Optional/Variable-length Parameters
Chunk Length Chunk Flags Type = 1
Initial TSN
Number of Inbound Streams Number of Outbound Streams
Advertised Receiver Window Credit
Initiate tag
Optional/Variable-length Parameters (state cookie)
Chunk Length Chunk Flags Type = 2
INIT Chunk
INIT ACK Chunk
-
14 Nokia Siemens Networks CN32033EN02GLA0
Cookie Echo and Cookie_ack Chunk
Cookie
Chunk Length Chunk Flags Type = 10
Chunk Length = 4 Chunk Flags Type = 11
Cookie Echo Chunk
Cookie-ack Chunk
Data in Cookie = Data in the State Cookie parameter value of INIT-ack Chunk
-
15 Nokia Siemens Networks CN32033EN02GLA0
Association Termination: graceful shutdown
SHUTDOWN
SHUTDOWN ACK
SHUTDOWN COMPLETE
SCTP client/HLR
SCTP server/SGSN
(cumulative TSN acknowledgement)
send outstanding data chunks
acknowledge outstanding data chunks
with shutdown-chunk
-
16 Nokia Siemens Networks CN32033EN02GLA0
ABORT, Shutdown, Shutdown_ack, and Shutdown_Complete Chunks
Cumulative TSN Ack
Chunk Length = 8 Chunk Flags Type = 7
Chunk Length = 4 Chunk Flags Type = 8
T Chunk Length = 4 Reserved Type = 14
Error Causes
Chunk Length = 8 T Reserved Type = 6
Shutdown_ack Chunk
Shutdown Chunk
Shutdown Complete Chunk
ABORT Chunk
-
17 Nokia Siemens Networks CN32033EN02GLA0
SCTP Streams
- Multiple streams prevent head of line blocking if one SCTP association is used
- Alternatively prevented by using multiple associations
- Stream #0: used for management messages in M3UA
- M3UA supports 16 data streams, system will use less streams as negotiated by either side
one SCTP association - multiple SCTP streams
Stream #0
Stream #1
Stream #2
-
18 Nokia Siemens Networks CN32033EN02GLA0
Data Transfer : SCTP Multi Streaming and Head of Line Blocking problem in TCP
SCTP Association : SCTP Streams
TCP Connection: TCP Stream
Packet loss in the stream causes all data packet to be blocked. This is called head of line blocking.
Packets are blocked only in one stream. Other streams can sent data normally.
Stream #1
Stream #2
Stream #3
-
19 Nokia Siemens Networks CN32033EN02GLA0
Data Transfer : numbering of DATA chunks in a SCTP association
SCTP association
Stream #1
Stream #2
SSN=4
SSN=3 SSN=2 SSN=1
SSN=3 SSN=2 SSN=1
TSN=7
TSN=6 TSN=5 TSN=3
TSN=4 TSN=2 TSN=1
-
20 Nokia Siemens Networks CN32033EN02GLA0
DATA Chunk
Payload Protocol Identifier
TSN
User Data ( sequence of streams)
Stream Sequence Number SSN
Stream Identifier SI
Length Reserved Type = 0 U B E
U : 1 = unordered message/ 0 = ordered message
B : 1 = Beginning of Fragment/ 0 = Not beginning of Fragment
E : 1 = End of Fragment / 0 = Not End of Fragment
TSN used for Acknowledgement
Stream ID& Stream Seq. No. used for ordered delivery within stream
-
21 Nokia Siemens Networks CN32033EN02GLA0
SACK Chunk
.
Duplicate TSN 1
Gap Ack Block # N End
Gap Ack Block #1 End Gap Ack Block#1 Start
Gap Ack Block # N Start
Number of Duplicate TSNs = X Number of Gap Ack Blocks = N
Advertised Receiver Window Credit
Cumulative TSN Ack
Duplicate TSN X
Chunk Length Chunk Flags Type = 3
-
22 Nokia Siemens Networks CN32033EN02GLA0
DATA transfer example
DATA (TSN=7, STRM=0, SEQ=3)
Error free
Error recovery
SCTP SCTP
DATA(TSN=8, SRTM=0, SEQ=4)
SACK (TSN ACK=8, Block=0)
DATA (TSN=9, STRM=0, SEQ=5)
DATA (TSN=10, STRM=0, SEQ=6)
DATA (TSN=11, STRM=0, SEQ=7)
SACK (TSN ACK=9, Block=1, Start=2, End=2)
-
23 Nokia Siemens Networks CN32033EN02GLA0
Sigtran Terms and Concepts
DX200
Association Set (up to 16 associations)
SCTP Association
Signaling Link Set can only contain one "Sigtran link".
"Sigtran link" consists of one SCTP association set.
Signalling point B
IP
Signalling point A
SGSN (Server) HLR (Client)
SMMU_0
SMMU_1
SMMU_2
MCHU
SPC_1
SIGU_0
SIGU_1
SIGU_2
CM
IP Addresses SPC_2
Association is identified by the computer unit and
destination address. Only one association allowed
per computer unit.
Addressing based on SPCs!
-
24 Nokia Siemens Networks CN32033EN02GLA0
SIGTRAN message structure
DATA chunk
Message Type Reserved Message Class
Stream Sequence Number
TSN
Stream Identifier
Payload Protocol Identifier = 3
Version = 1
Chunk Length Chunk Flags Chunk Type = 0
Message Length
Destination Port Number
Protocol Checksum
Fragment Offset Flags
HeaderLength
Type of Service Total length Ver.
Identification
Time to live
Source IP address
Destination IP address
Options (variable length, usually this field is not used)
Source Port Number=2905
Verification Tag
Checksum
Message specific parameters
IPv
4 h
eader
SC
TP
com
mon h
eader
and P
ayl
oad d
ata
M
3U
A c
om
mon h
eader
and p
aylo
ad
data
M3UA
M3UA
-
25 Nokia Siemens Networks CN32033EN02GLA0
M3UA DATA message format example
-DATA message (Class 1 Type 1)
-to transmit MTP3-user payload
Message Type =1 Reserved Message Class=1 Version = 1
Message Length
SLS NI MP
Length
Length = 8 Tag= 0x200
Network Appearance
Tag=0x210
Originating Point Code
Destination Point Code
SI
User Protocol Data
-
26 Nokia Siemens Networks CN32033EN02GLA0
M3UA DUNA and DAVA message format example
-DUNA (Class 2 Type 1)
-Send from SGP to ASP to indicate that SS7 destination are unreachable (TFP)
-DAVA (Class 2 Type 2)
-Send from SGP to ASP to indicate that SS7 destinations are now reachable (TFA)
Message Type =1 Reserved Message Class = 2 Version = 1
Message Length
Affected PC
Length
Length = 8 Tag= 0x200
Network Appearance
Tag=0x0012
Mask
Message Type =2 Reserved Message Class = 2 Version = 1
Message Length
Affected PC
Length
Length = 8 Tag= 0x200
Network Appearance
Tag=0x0012
Mask
-
27 Nokia Siemens Networks CN32033EN02GLA0
M3UA DAUD message format example
-DAUD (Class 2 Type 3)
-Send from ASP to SGP to audit availability/congestion of SS7 routes from SG to affected destinations (RST)
Message Type =3 Reserved Message Class = 2 Version = 1
Message Length
Affected PC
Length
Length = 8 Tag= 0x200
Network Appearance
Tag=0x0012
Mask
-
28 Nokia Siemens Networks CN32033EN02GLA0
Narrowband SS7 over IP Protocol Stack
-
29 Nokia Siemens Networks CN32033EN02GLA0
Example trace of Update GPRS Location Procedure messages in SS7 over IP interface MAP Update GPRS Location message (1/3)
-
30 Nokia Siemens Networks CN32033EN02GLA0
Example trace of Update GPRS Location Procedure messages in SS7 over IP interface MAP Update GPRS Location message (2/3)
-
31 Nokia Siemens Networks CN32033EN02GLA0
Example trace of Update GPRS Location Procedure messages in SS7 over IP interface MAP Update GPRS Location message (3/3)
-
32 Nokia Siemens Networks CN32033EN02GLA0
Example trace of Update GPRS Location Procedure messages in SS7 over IP interface MAP Insert Subscriber Data message (1/4)
-
33 Nokia Siemens Networks CN32033EN02GLA0
Example trace of Update GPRS Location Procedure messages in SS7 over IP interface MAP Insert Subscriber Data message (2/4)
-
34 Nokia Siemens Networks CN32033EN02GLA0
Example trace of Update GPRS Location Procedure messages in SS7 over IP interface MAP Insert Subscriber Data message (3/4)
-
35 Nokia Siemens Networks CN32033EN02GLA0
Example trace of Update GPRS Location Procedure messages in SS7 over IP interface MAP Insert Subscriber Data message (4/4)
top related