SigTran
of 65
description
signalisation
Transcript of SigTran
SIGTRANZTE University univ.zte.com.cn
*
NGN Course Team
ZTE University univ.zte.com.cn
*
Objectives
Upon the completion of this chapter, you will be able to:
Understand the history and components of SIGTRAN protocol stack
Understand the concept of SCTP
Understand the concept of M3UA
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
SIGTRAN protocol Suite
ZTE University univ.zte.com.cn
*
Upon completion of this chapter, you should be able to:
Understand the function of SIGTRAN protocol suite
Understand the structure of SIGTRAN protocol suite
ZTE University univ.zte.com.cn
*
Fault-tolerant network
Physical separate overlay network
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
VPN or firewall solutions for security
QoS for time-critical SS7 messages
SS7 for standard voice call (ISUP) is a time-critical application
Ensure sufficient bandwidth available for SS7
Public internet not recommended for SS7 over IP
Reliable?
ZTE University univ.zte.com.cn
*
IP
M2UA
M2PA
M3UA
SUA
IUA
SIGTRAN adaptation and peer protocols specifically designed to handle ss7 stack over IP
M3UA
M2UA
M2PA
SUA
IUA
MTP3
ISDN
TUP/ISUP
SCCP
TCAP
SCTP
ZTE University univ.zte.com.cn
*
SCTP is adoptedprovide reliable information transportation over IP network.
User adaption layer
Here are many adapting modules, provide the software interfaces for the different upper modules of SS7 ,and encapsulate the signaling of upper layer in SCTP .
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
Upon completion of this chapter, you should be able to:
Understand the concept of SCTP
Understand the message of SCTP
Understand the communication flow of SCTP
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
VOIP:cheap local calls + cheap long distance IP transport
Want to reduce additional infrastructure costs
Combine circuit-switched telephone signaling networks (PSTN) and packet-switched IP-based networks
Need to establish,monitor and terminate calls
Signaling more delay sensitive, best effort is not QoS
Need gateways between different technologies
Need a general-purpose reliable transport protocol for message-oriented applications to carry data and voice
ZTE University univ.zte.com.cn
*
TCP
Limitations
Byte-stream
Oriented
ZTE University univ.zte.com.cn
*
UDP
Limitations
Unreliable
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
SCTP End Point: Identified by IP +port, just like TCP
Association (SCTP link ):A logic connection set up through 4-way hand shake, C/S mode.
Stream: there could be multi streams in one Association. Stream is a logic channel from one point to another point.
ZTE University univ.zte.com.cn
*
Stream Sequence Nbr. n
E – Ending fragments
xx – if unknown,then
ZTE University univ.zte.com.cn
*
EndpointA
EndpointB
START =2 END = 3
SACK
ZTE University univ.zte.com.cn
*
SACK
4
3
5
4
4
DATA
ZTE University univ.zte.com.cn
*
Abort AssociationABORT
Shutdown AssociationSHUTDOWN
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
The theory of DoS Attack:
The basic Dos attack is to occupy service resource as more as possible by normal service request, so that the normal user can not get response.
To avoid being attacked, SCTP adopt :tag, cookie
ZTE University univ.zte.com.cn
*
EndpointA
EndpointB
SYN Flooding: the client sends out a lot of SYN message, and the server can not get the ACK (the third message ) after it sends out “SYN +ACK” (the second message ).The three-way handshake can not be finished, so the server will use much memory resource for the half-connection, and send “SYN +ACK” again and again.
In this example ,the client use a phony IP address.
SYN seq=x
ACK y+1
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
IPv4 or IPv6 or mixed
Tolerant for physical failure
May by-pass congestion points
a.a.a.1
a.a.a.2
b.b.b.1
b.b.b.2
ZTE University univ.zte.com.cn
*
Data transfer
Packet no longer than the path MTU Multiple chunk in a packet
Two sequence numbers in each chunk
‘global’TSN for the association
Separate sequence numbers for each stream
U = unordered
Stream Sequence Nbr. n
ZTE University univ.zte.com.cn
*
Selective ACK
ZTE University univ.zte.com.cn
*
Get and set parameters (e.g. timers, thresholds)
Heartbeat control
Socket based API
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
Multi-homing
No head-of-line blocking
Short transaction (e-commerce)
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
Upon completion of this chapter, you should be able to:
Understand the concept of M3UA
Understand the messages in M3UA
Understand the signaling message flow of M3UA
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ASP: A process instance of an application server
Routing key: A routing key describes a set of SS7 parameters and parameter values that uniquely define the range of signaling traffic to be handled by a particular AS.
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ASP State Maintenance (ASPSM) Messages
ASP Traffic Maintenance (ASPTM) Messages
ZTE University univ.zte.com.cn
*
1 Invalid Version
6 Unexpected Message
7 Protocol Error
ZTE University univ.zte.com.cn
*
AS state altered
Alternative ASP active
ZTE University univ.zte.com.cn
*
6 Heatbeat Ack (BEAT ACK)
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ASP ACTIVE ACK
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ALTERNATE ASP TAKEOVER
ZTE University univ.zte.com.cn
*
Tr Trigger at least one ASP in INACT
Tr Trigger no ASP in INACT state
ZTE University univ.zte.com.cn
*
*
NGN Course Team
ZTE University univ.zte.com.cn
*
Objectives
Upon the completion of this chapter, you will be able to:
Understand the history and components of SIGTRAN protocol stack
Understand the concept of SCTP
Understand the concept of M3UA
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
SIGTRAN protocol Suite
ZTE University univ.zte.com.cn
*
Upon completion of this chapter, you should be able to:
Understand the function of SIGTRAN protocol suite
Understand the structure of SIGTRAN protocol suite
ZTE University univ.zte.com.cn
*
Fault-tolerant network
Physical separate overlay network
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
VPN or firewall solutions for security
QoS for time-critical SS7 messages
SS7 for standard voice call (ISUP) is a time-critical application
Ensure sufficient bandwidth available for SS7
Public internet not recommended for SS7 over IP
Reliable?
ZTE University univ.zte.com.cn
*
IP
M2UA
M2PA
M3UA
SUA
IUA
SIGTRAN adaptation and peer protocols specifically designed to handle ss7 stack over IP
M3UA
M2UA
M2PA
SUA
IUA
MTP3
ISDN
TUP/ISUP
SCCP
TCAP
SCTP
ZTE University univ.zte.com.cn
*
SCTP is adoptedprovide reliable information transportation over IP network.
User adaption layer
Here are many adapting modules, provide the software interfaces for the different upper modules of SS7 ,and encapsulate the signaling of upper layer in SCTP .
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
Upon completion of this chapter, you should be able to:
Understand the concept of SCTP
Understand the message of SCTP
Understand the communication flow of SCTP
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
VOIP:cheap local calls + cheap long distance IP transport
Want to reduce additional infrastructure costs
Combine circuit-switched telephone signaling networks (PSTN) and packet-switched IP-based networks
Need to establish,monitor and terminate calls
Signaling more delay sensitive, best effort is not QoS
Need gateways between different technologies
Need a general-purpose reliable transport protocol for message-oriented applications to carry data and voice
ZTE University univ.zte.com.cn
*
TCP
Limitations
Byte-stream
Oriented
ZTE University univ.zte.com.cn
*
UDP
Limitations
Unreliable
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
SCTP End Point: Identified by IP +port, just like TCP
Association (SCTP link ):A logic connection set up through 4-way hand shake, C/S mode.
Stream: there could be multi streams in one Association. Stream is a logic channel from one point to another point.
ZTE University univ.zte.com.cn
*
Stream Sequence Nbr. n
E – Ending fragments
xx – if unknown,then
ZTE University univ.zte.com.cn
*
EndpointA
EndpointB
START =2 END = 3
SACK
ZTE University univ.zte.com.cn
*
SACK
4
3
5
4
4
DATA
ZTE University univ.zte.com.cn
*
Abort AssociationABORT
Shutdown AssociationSHUTDOWN
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
The theory of DoS Attack:
The basic Dos attack is to occupy service resource as more as possible by normal service request, so that the normal user can not get response.
To avoid being attacked, SCTP adopt :tag, cookie
ZTE University univ.zte.com.cn
*
EndpointA
EndpointB
SYN Flooding: the client sends out a lot of SYN message, and the server can not get the ACK (the third message ) after it sends out “SYN +ACK” (the second message ).The three-way handshake can not be finished, so the server will use much memory resource for the half-connection, and send “SYN +ACK” again and again.
In this example ,the client use a phony IP address.
SYN seq=x
ACK y+1
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
IPv4 or IPv6 or mixed
Tolerant for physical failure
May by-pass congestion points
a.a.a.1
a.a.a.2
b.b.b.1
b.b.b.2
ZTE University univ.zte.com.cn
*
Data transfer
Packet no longer than the path MTU Multiple chunk in a packet
Two sequence numbers in each chunk
‘global’TSN for the association
Separate sequence numbers for each stream
U = unordered
Stream Sequence Nbr. n
ZTE University univ.zte.com.cn
*
Selective ACK
ZTE University univ.zte.com.cn
*
Get and set parameters (e.g. timers, thresholds)
Heartbeat control
Socket based API
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
Multi-homing
No head-of-line blocking
Short transaction (e-commerce)
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
Upon completion of this chapter, you should be able to:
Understand the concept of M3UA
Understand the messages in M3UA
Understand the signaling message flow of M3UA
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ASP: A process instance of an application server
Routing key: A routing key describes a set of SS7 parameters and parameter values that uniquely define the range of signaling traffic to be handled by a particular AS.
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ASP State Maintenance (ASPSM) Messages
ASP Traffic Maintenance (ASPTM) Messages
ZTE University univ.zte.com.cn
*
1 Invalid Version
6 Unexpected Message
7 Protocol Error
ZTE University univ.zte.com.cn
*
AS state altered
Alternative ASP active
ZTE University univ.zte.com.cn
*
6 Heatbeat Ack (BEAT ACK)
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ASP ACTIVE ACK
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ZTE University univ.zte.com.cn
*
ALTERNATE ASP TAKEOVER
ZTE University univ.zte.com.cn
*
Tr Trigger at least one ASP in INACT
Tr Trigger no ASP in INACT state
ZTE University univ.zte.com.cn
*
