![Page 1: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/1.jpg)
PDSN 課程講議PDSN 課程講議
課程內容 :1. EV-DO overview2. PDSN/FA & HA overview3. Understanding Simple IP & Mobile IP4. Mobility5. Understanding the service operation of Starent System
SHAQ
2010/3/19
![Page 2: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/2.jpg)
1. EV-DO overview1. EV-DO overview
![Page 3: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/3.jpg)
1xEV-DO IOS Architecture Reference Model1xEV-DO IOS Architecture Reference Model
1. EV-DO overview1. EV-DO overview
![Page 4: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/4.jpg)
EV-DO R0, RA, RB : Air-link is the bottle neck for wireless data transmission.EV-DO R0, RA, RB : Air-link is the bottle neck for wireless data transmission.
1. EV-DO overview1. EV-DO overview
EV-DO Rev 0
(one carrier)
1.25Mhz 2.5Mbps 153.6kbps
![Page 5: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/5.jpg)
EV-DO R 0, R A, R BEV-DO R 0, R A, R B
1. EV-DO overview1. EV-DO overview
![Page 6: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/6.jpg)
2. PDSN/FA & HA overview2. PDSN/FA & HA overview
PCF
![Page 7: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/7.jpg)
2. PDSN/FA & HA overview2. PDSN/FA & HA overview
PDSN
![Page 8: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/8.jpg)
2. PDSN/FA & HA overview2. PDSN/FA & HA overview
AAA server
![Page 9: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/9.jpg)
2. PDSN/FA & HA overview2. PDSN/FA & HA overview
Home Agent
![Page 10: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/10.jpg)
Standalone PDSN/FA and HA Deployments
Interface Description
R-P Interface – PCF <-> PDSN
Pi Interfaces – PDSN/FA <-> HA
PDN Interfaces – HA <-> PDN/internet
AAA Interfaces – PDSN/HA <-> AAA Server
2. PDSN/FA & HA overview2. PDSN/FA & HA overview
![Page 11: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/11.jpg)
Co-Located Deployments
2. PDSN/FA & HA overview2. PDSN/FA & HA overview
![Page 12: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/12.jpg)
PDSN-FA and HA functionality : Logical interfaceR-P interface :
Functionality :
- R-P connection setup
- R-P connection tear-down
- Transport of PPP packets
- Transport of cdma2000 accounting information from PCF to PDSN
- R-P mobility
Types:
- Closed R-P interface : L2TP
- Open R-P interface : GRE (A10/A11)
2. PDSN/FA & HA overview2. PDSN/FA & HA overview
![Page 13: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/13.jpg)
PDSN-FA and HA functionality : Protocols
PPP : Point-to-Point Protocol , MN <-> PDSN
1. LCP
2. Authentication
- PAP
- CHAP
3. NCP (IPCP)
RADIUS : PDSN/FA or HA <-> AAA Server
IP in IP : FA <-> HA
IP : MN <-> PDN(Internet, VPN, CN)
2. PDSN/FA & HA overview2. PDSN/FA & HA overview
![Page 14: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/14.jpg)
3. Understanding Simple IP and Mobile IP
-Access methods for packet data services :
- Local and public network access
- Private network access
-Access application for two access methods :
- Simple IP : Dynamically assigned IP addresses
Mobility in a defined geographical area
- Mobile IP : Static or Dynamically assigned IP addresses
Seamless mobility
- Proxy Mobile IP : PDSN supports MIP for MN which don’t support MIP.
![Page 15: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/15.jpg)
Simple IP
How Simple IP Works
3. Understanding Simple IP and Mobile IP
![Page 16: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/16.jpg)
Simple IP
Simple IP protocol stacks
3. Understanding Simple IP and Mobile IP
![Page 17: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/17.jpg)
Simple IP
Simple IP Call Flow
3. Understanding Simple IP and Mobile IP
PPP :
LCP(3)
Authentication(4,5,6,7; attributes)
IPCP(8, IP assignment)
![Page 18: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/18.jpg)
Mobile IP
- network-layer solution
- maintain ongoing communications while changing links
- Home address
- Care of Address (collocated / FA)
- IP Tunnels
3. Understanding Simple IP and Mobile IP
Key of mobility
![Page 19: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/19.jpg)
Mobile IP
Mobile IP Tunneling Methods :
IP in IP tunnels : Outer IP header / Inner IP header GRE tunnels : any transport protocol can be encapsulated in GRE
Three Tunneling of Mobile IP :
Forward Tunneling : PDN -> MN
3. Understanding Simple IP and Mobile IP
![Page 20: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/20.jpg)
Mobile IP
Reverse Tunneling : MN -> PDN
- Direct Delivery Style : MN -> FA directly
- Encapsulating Delivery Style : MN -> FA encapsulates
(reference MIPv4_4)
3. Understanding Simple IP and Mobile IP
![Page 21: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/21.jpg)
Mobile IP
Triangular Routing :
- advantage : reverse tunneling is not required
- disadvantage : - HA is unaware of all user traffic for billing purposes
- FA would have to be connected to each private network
3. Understanding Simple IP and Mobile IP
![Page 22: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/22.jpg)
Mobile IP
Mobile IP protocol stacks—data plane
3. Understanding Simple IP and Mobile IP
![Page 23: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/23.jpg)
Mobile IP
Mobile IP protocol stacks—control plane
3. Understanding Simple IP and Mobile IP
![Page 24: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/24.jpg)
Mobile IP
How Mobile IP Works
3. Understanding Simple IP and Mobile IP
![Page 25: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/25.jpg)
Mobile IP
How Mobile IP Works
3. Understanding Simple IP and Mobile IP
MIP setup :
MIP Registration Request message(6, 11)
Access Request message(7,8,12)
Access Acept message(9,10,13)
MIP Registration Reply(14 (MN’s home address,16)
PPP
MIP close :
Registration Request with a request lifetime of 0.(17, 18)
Registration Reply (19, 20)
![Page 26: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/26.jpg)
Mobile IP
Proxy Mobile IP
An Overview of Proxy Mobile IP :
- Provides mobility for subscribers with MNs that do not support the Mobile IP protocol stack.
- R-P and PPP sessions get established as they would for a Simple IP session
- Mobile Binding Record (MBR) is created on HA
How Proxy Mobile IP Works :
- Scenario 1: The AAA server specifies an IP address that the PDSN allocates to the MN from one of its locally configured static pools.
- Scenario 2: The HA assigns an IP address to the MN from one of its locally configured dynamic pools.
3. Understanding Simple IP and Mobile IP
![Page 27: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/27.jpg)
3. Understanding Simple IP and Mobile IP
Proxy MIP (8,9,11)
IPCP (8,10,12)
![Page 28: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/28.jpg)
Mobile Packet data service states
MS BSS PCF PDSNTCH A8 A10
MS BSS PCF PDSNTCH A8 A10
MS BSS PCF PDSNTCH A8 A10
NULL :There are not any connections between the MS and Network.
ACTIVE:In this state, Traffic channel exists between MS and PDSN, and both sides may transmit data.
Dormant:No traffic channel exists between MS and PCF. But PPP connection and traffic channel on A10 are maintained.
3. Understanding Simple IP and Mobile IP
![Page 29: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/29.jpg)
4. Mobility
- Micro-mobility : intra-PCF mobility
- R-P mobility : intra-PDSN mobility
- Macro-mobility : inter-PDSN mobility
![Page 30: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/30.jpg)
4. Mobility
-R-P mobility :
- R-P interface is moved from the source PCF to the target PCF
- PPP session remains on the same PDSN-FA
-Macro-mobility :
- PDSN-FA/HA
- a new PPP session must be initiated
- New PDSN-FA issues an Agent Advertisement on that session
- MM’s Home IP address(assigned when Mobile IP service was initiated) is still using => Layer 3 mobility
- The session is anchored at the HA
![Page 31: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/31.jpg)
4. Mobility
Dormant mobility :
- “stale” PPP session
- PANID / CANID
- the PPP session will be restarted / the MIP renegotiation
![Page 32: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/32.jpg)
5. Understanding the service operation of Starent System
![Page 33: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/33.jpg)
5. Understanding the service operation of Starent System
Contexts :
- a logical grouping or mapping of configuration parameters that pertain to
various physical ports, logical IP interfaces, and services.
- The system supports the configuration of multiple contexts.
- Each contexts is configured and operates independently from the others.
- Contexts can also be assigned domain aliases.
- Categorization : Source/Destination/AAA context
- Source context:
- “ingress” context
- subscriber’s point-of-entry in the system
- R-P interfaces
![Page 34: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/34.jpg)
5. Understanding the service operation of Starent System- Categorization :
- Destination context:
- “egress” context
- where a subscriber is provided services - configured with the interfaces facilitating subscriber data traffic to/from the Internet, a VPN, or other PDN
- AAA context : - provides authorization, authentication, and accounting (AAA) functionality for subscriber and/or administrative user sessions - the logical interfaces for communicating with AAA servers - records for locally configured subscribers and/or administrative users
Note : AAA context 可與 source 或 destination context configured 一起 . 一般規則為 AAA server 為 carrier 管控 , 則可與 source context configure 在一起 , 反之則可與 destination source configured 在一起 .
![Page 35: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/35.jpg)
5. Understanding the service operation of Starent System- AAA context
- AAA Realms :
- provides AAA attributes (when access-accept message from RADIUS failed to contain certain attributes) - subscriber-specific templates < subscriber’s RADIUS user profile - A AAA realm is considered part of the AAA context(or configuration) - the AAA context itself is also considered to be a realm - There may be many different AAA realms defined within a single AAA context
Source context/
AAA configuration
nova.com
bigco.com
ingress
RADIUS AAA
access-accept message from RADIUS failed to contain certain attributes
AAA interfaceAAA
realms
![Page 36: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/36.jpg)
5. Understanding the service operation of Starent System
Logical interface :
- assigned to IP addresses and are bound to a specific port
- associated with services through bindings
- takes on the characteristics of the functions enabled by the service
Logical interface category :
- Management interface :
- provides the system’s point of attachment to the management network
- defined in the local context
- R-P interface :
- A10/A11 -> communications path between the PCF and the PDSN
- Pi interface :
- communications path between the PDSN/FA and HA for Mobile IP applications
![Page 37: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/37.jpg)
5. Understanding the service operation of Starent System
Logical interface category :
- PDN interface:
- The interface to the packet data network (PDN)
- AAA interface :
- the connection between the PDSN and/or HA and the network servers that perform AAA functions
- Remote Authentication Dial-In User Service(RADIUS)
- ICC interface : (inter-context communication)
- only required when multiple services are configured in the same context
Xxx context
FA HAICC ICC
![Page 38: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/38.jpg)
5. Understanding the service operation of Starent System
Binding :
- an association between “elements” within the system
- static and dynamic
- static :
- dynamic :
- associates a subscriber to a specific egress context based on the
configuration of their profile or system parameters.
Context
Physical port Logical interface IP address Service
![Page 39: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/39.jpg)
5. Understanding the service operation of Starent System
Services :
- Services are configured within a context and enable certain functionality.
- PDSN services :
- The PDSN service must be bound to a logical interface within the same context.
- logical interface takes on the characteristics of an R-P interface
- a single physical port can facilitate multiple R-P interfaces.
- R-P sessions are identified using the PCF address, the PDSN interface address, and the R-P Session ID.
- FA/HA services :
- configured to support Mobile IP and define FA/HA functionality on the system.
![Page 40: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/40.jpg)
5. Understanding the service operation of Starent System
- FA/HA services combination & individual configuring :
System
PDSN service
Source context
FA/HA service
Dest. context
PDN interface
1.
2.
System
PDSN/FA service
Source context
System
HA service
Source contextPi Pi
![Page 41: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/41.jpg)
5. Understanding the service operation of Starent SystemAAA Servers :
- store profiles / perform authentication / maintain accounting records
- Mobile IP : there can be foreign AAA (FAAA) and home AAA (HAAA) servers
- The AAA servers communicate with the system over the AAA interface.
Subscribers: Three primary types of subscribers/users
- RADIUS-based Subscribers :
- The most common type of subscriber.
- identified by IMSI/ESN/Domain name/User name
- user profile configured on and authenticated by a RADIUS AAA server
Attributes : - parameter settings(protocol settings; IP assignment method, etc.)
- privileges (Simple IP, Mobile IP, etc.)
User profile
![Page 42: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/42.jpg)
Subscribers: Three primary types of subscribers/users
- Local Subscribers :
- testing purposes
- configured and authenticated within a specific context where they are created.
- first created subscriber profiles are set to the system’s default setting.
- configuring profile attributes are made on a subscriber-by-subscriber basis.
- Management Subscribers :
- an authorized user who can monitor, control, and configure the system
- configured as a local subscriber within the local context
- management subscribers may also be authenticated remotely via RADIUS
(if a AAA configuration exists within the local context)
5. Understanding the service operation of Starent System
![Page 43: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/43.jpg)
5. Understanding the service operation of Starent System
Default Subscribers and Realm-based Subscriber Templates :
- Used for RADIUS-based subscribers when needed.
- Default Subscriber :
- per context basis
- the system automatically creates a subscriber named default (When each context is created)
- Realm-based Subscriber Templates : (AAA realms)
- per realm basis
- a context can have numerous domain aliases
- each realm is used for a specific group of subscribers
![Page 44: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/44.jpg)
5. Understanding the service operation of Starent System
![Page 45: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/45.jpg)
RADIUS• Remote Authentication Dial-In User Service
![Page 46: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/46.jpg)
RADIUS Authentication Flow
![Page 47: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/47.jpg)
Point-to-Point Tunneling Protocol (PPTP)
• PPTP was developed by Microsoft and the IETF.• Layer 2 tunnel supports IP, IPX, NetBEUI• Authentication is relied on PPP
– PAP, SPAP, CHAP, MS-CHAP V1, V2, and EAP
PPTP server
Internet
PPTPClient
PPP
GRE
IP, IPXNetBEUI
![Page 48: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/48.jpg)
PPTP Packet
• Generic Routing Encapsulation (GRE)– a mechanism for encapsulating any network lay
er protocol over any other network layer protocol.
• Encryption protocol– Microsoft Point to Point Encryption (MPPE)
IP Header GRE Header IP Header GRE Header PPP IP TCP Data
GRE Payload (encrypted)
![Page 49: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/49.jpg)
Layer 2 Tunneling Protocol (L2TP)
• Based upon the best features of PPTP and L2F. • Layer 2 tunnel supports IP, IPX, NetBEUI.
PC + LACPC + LAC
PC withL2TP Client
PPPPPP
IPIP
IPIP
L2TPL2TP
IPIP
InternetL2TP Tunnel
new IP header
L2TP message header
PPP header
original IP header
payloadpayload message payload payloadpayload
CorporateLAN
LNSLNS
L2TPNetworkServer
![Page 50: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/50.jpg)
L2TP Packet
• Allows tunnels to support more than one connection.
• Encryption is relied on IPsec.
IPHeader
IPSecESP
Header PPPHeader
UDPHeader
L2TPHeader
IPHeader
TCPHeader DATA
![Page 51: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/51.jpg)
Internet Protocol Security (IPSec)• Layer 3 protocol for remote access, intranet,
and extranet VPN– Internet standard for IP layer VPN– Provides flexible encryption and message
authentication/integrity– Includes key management
• Two security protocols– Authentication Header (AH)– Encapsulating Security Payload (ESP)
![Page 52: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/52.jpg)
IPSec Operating Modes
• Transport mode
• Tunnel mode
![Page 53: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/53.jpg)
IPSec - Authentication Header (AH)
• Authentication
• Integrity
• Anti-replay
![Page 54: PDSN 課程講議 課程內容 : 1.EV-DO overview 2.PDSN/FA & HA overview 3.Understanding Simple IP & Mobile IP 4.Mobility 5.Understanding the service operation of Starent](https://reader035.vdocuments.pub/reader035/viewer/2022062301/5697bf991a28abf838c91d1c/html5/thumbnails/54.jpg)
IPSec - Encapsulating Security Payload (ESP)
• Confidentiality
• Authentication
• Integrity
• Anti-replay