Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : 3G Wireless Networks : GSM Network Architecture

GSM Network Architecture

Jan 01,2011 by alperen

small font medium font large font
image


Figure 3-6 shows the basic architecture of a GSM network. Working our
way from the left, we see that the handset, known in GSM as the Mobile
Station (MS), communicates over the air interface with a Base Transceiver
Station (BTS). Strictly speaking, the MS is composed of two parts—the
handset itself, known as the Mobile Equipment (ME), and the Subscriber
Identity Module (SIM), a small card containing an integrated circuit. The
SIM contains user-specific information, including the identity of the subscriber,
subscriber authentication information, and some subscriber service
information. It is only when a given subscriber’s SIM is inserted into a
handset that the handset acts in accordance with the services the subscriber has subscriber to. In other words, my handset only acts as my
handset when my SIM is inserted.

The BTS contains the radio transceivers that provide the radio interface
with mobile stations. One or more BTSs is connected to a Base Station Controller
(BSC). The BSC provides a number of functions related to radio
resource (RR) management, some functions related to mobility management
(MM) for subscribers in the coverage area of the BTSs, and a number of operation and maintenance functions for the overall radio network.

Together, BTSs and BSCs are known as the Base Station Subsystem (BSS).
The interface between the BTS and the BSC is known as the Abis interface.
Many aspects of that interface are standardized. One aspect, however,
is proprietary to the BTS and BSC vendor, which is the part of the interface
that deals with configuration, operation, and maintenance of the BTSs. This
is known as the Operation and Maintenance Link (OML). Because the
internal design of a BTS is proprietary to the BTS vendor, and because the
OML needs to have functions that are specific to that internal design, the
OML is also proprietary to the BTS vendor. The result is that a given BTS
must be connected to a BSC of the same vendor.

One or more BSCs are connected to a Mobile Switching Center (MSC).
The MSC is the switch—the node that controls call setup, call routing, and
many of the functions provided by a standard telecommunications switch.
The MSC is no ordinary PSTN switch, however. Because of the fact that the
subscribers are mobile, the MSC needs to provide a number of MM functions.
It also needs to provide a number of interfaces that are unique to the
GSM architecture.

When we speak of an MSC, a Visitor Location Register (VLR) is also usually
implied. The VLR is a database that contains subscriber-related information
for the duration that a subscriber is in the coverage area of an MSC.
A logical split exists between an MSC and a VLR, and the interface between
them has been defined in standards. No equipment vendor, however, has
ever developed a stand-alone MSC or VLR. The MSC and VLR are always
contained on the same platform and the interface between them is proprietary
to the equipment vendor. Although early versions of GSM standards
defined the MSC-VLR interface (known as the B-interface) in great detail,
later versions of the standards recognized that no vendor complies with the
standardized interface. Therefore, any “standardized” specification for the
B-interface should be considered informational.

The interface between the BSC and the MSC is known as the Ainterface.
This is an SS7-based interface using the Signaling Connection
Control Part (SCCP), as depicted in Figure 3-7. Above Layer 3 in the signaling
stack, we find the BSS Application Part (BSSAP), which is the protocol
used for communication between the MSC and the BSC, and also
between the MSC and the MS. Since the MSC communicates separately
with both the BSC and the MS, the BSSAP is divided into two parts—the
BSS Management Application Part (BSSMAP) and the Direct Transfer
Application Part (DTAP). BSSMAP contains those messages that are either
originated by the BSS or need to be acted upon by the BSS. DTAP contains those messages that are passed transparently through the BSS from the
MSC to the MS or vice versa. Note that there is also a BSS Operation and
Maintenance Application Part (BSSOMAP). Although this is defined in
standards, it is normal for the BSC to be managed through a vendor-proprietary
management protocol.

In Figure 3-6, we find (in the dashed outline) the Transcoding and Rate
Adaptation Unit (TRAU). In GSM, the speech from the subscriber is usually
coded at either 13 Kbps (full rate, FR) or 12.2 Kbps (enhanced full rate,
EFR). In some cases, we also find half-rate coding at a rate of 5.6 Kbps, but
that is rare in commercial networks. In any case, it is clear that the speech
to and from the MS is very different from the standard 64 Kbps Pulse Code
Modulation (PCM) used in switching networks.

Since the MSC interfaces with the PSTN network, it needs to send and
receive speech at 64 Kbps. The function of the TRAU is to convert the coded
speech to or from standard 64 Kbps. Strictly speaking, the TRAU is a part
of the BSS. As far as the MSC is concerned, voice to and from the BSS is
passed at 64 Kbps and the BSS takes care of the transcoding. In practice,
however, it is common for the TRAU to be physically separate from the BSC
and placed near the MSC. This reduces the bandwidth required between
the MSC location and the BSC location and can mean significant savings in transport cost, particularly if the BSC and MSC are separated by a significant
distance. In cases where the BSC and TRAU are separated, the interface
between them is known as the Ater interface. This interface is
proprietary to the BSS equipment vendor. Hence, the BSC and TRAU must
be from the same vendor.

In Figure 3-6, we find also find a Home Location Register (HLR)—a
node found in most, if not all, mobile networks. The HLR contains subscriber
data, such as the details of the services to which a user has subscribed.
Associated with the HLR, we find the Authentication Center
(AuC). This is a network element that contains subscriber-specific authentication
data, such as a secret authentication key called the Ki. The AuC
also contains one or more sophisticated authentication algorithms. For a
given subscriber, the algorithm in the AuC and the Ki are also found on
the SIM card. Using a random number assigned by the AuC and passed
down to the SIM via the HLR, MSC, and ME, the SIM performs a calculation
using the Ki and authentication algorithm. If the result of the calculation
on the SIM matches that in the AuC, then the subscriber has
been authenticated. The interface between the HLR and AuC is not
standardized. Although implementations can set up the HLR and AuC to
be separate, it is more common to find the HLR and AuC integrated on the
same platform.
Calls from another network, such as the PSTN, first arrive at a type of
MSC known as a Gateway MSC (GMSC). The main purpose of the GMSC
is to query the HLR to determine the location of the subscriber. The
response from the HLR indicates to the MSC where the subscriber may be
found. The call is then forwarded from the GMSC to the MSC serving the
subscriber. A GMSC may be a full MSC/VLR such that it may have some
BSCs connected to it. Alternatively, it may be a dedicated GMSC and its
only function is to interface with the PSTN and query the HLR. The choice
is dependent upon the amount and types of traffic in the network and the
relative cost of a full MSC/VLR versus a pure GMSC.

In Figure 3-6, we also note the Short Message Service Center (SMSC).
Strictly speaking, the correct term is Short Message Service-Service Center
(SMS-SC), but that is a bit of a mouthful and is usually shortened to SMSC.
The SMSC is a node that supports the storing and forwarding of short messages
to and from mobile stations. Typically, these short messages are text
messages up to 160 characters in length.

Logically, an SMSC has three components. First is the Service Center
(SC) itself, which stores messages and interfaces with other systems such
as e-mail or voice mail equipment. Second, there is the SMS-Gateway MSC (SMS-GMSC) which is used for the delivery of short messages to a mobile
subscriber. Much like a GMSC, the SMS-GMSC queries the HLR for the
subscriber’s location, and then forwards the short message to the appropriate
visited MSC where it is relayed to the subscriber. Third is the SMSInterworking
MSC, which receives a short message from the MSC serving
the subscriber. It forwards such messages to the SC, which then passes
them on to the final destination. It is very common for the SC, SMS-GMSC,
and SMS-IWMSC to be included within the same platform, though certain
implementations enable a stand-alone SC. In such implementations, the
SMS-GMSC function may be included within a GMSC and the SMSIWMSC
function may be included with an MSC/VLR.

In a GSM network, we may also find a node known as the Equipment
Identity Register (EIR). As mentioned, it is not the handset that identifies a
subscriber, rather it is the information on the SIM. Therefore, to some
degree, the handset used by a particular subscriber is not relevant. On the
other hand, it may be important for the network to verify that a particular
handset (ME) or a model of ME is acceptable. For example, a network operator
might want to restrict access from a handset that has not been fully
type-approved. Also, a network operator might want to restrict access from
a handset that is known to be stolen.

Stored in each handset is an International Mobile Equipment Identity
number (IMEI, 15 digits) or the International Mobile Equipment Identity
and Software Version Number (IMEISV, 16 digits). Both the IMEI and
IMEISV have a structure that includes the type approval code (TAC) and
the final assembly code (FAC). The TAC and FAC combine to indicate the
make and model of the handset and the place of manufacture. The IMEI
and IMEISV also include a specific serial number for the ME in question.
The only difference between IMEI and IMEISV is the software version
number.

Within the EIR are three lists—black, gray, and white. These lists contain
values of TAC, TAC and FAC, or complete IMEI or IMEISV. If a given
TAC, a TAC/FAC combination, or a complete IMEI appears in the black list,
then calls from the ME are barred. If it appears in the gray list, then calls
may or may not be barred at the discretion of the network operator. If it
appears in the white list, then calls are allowed. Typically, a given TAC
included in the white list has the model of handset that has been approved
by the handset manufacturer. The EIR is an optional network element and
some network operators have chosen not to deploy an EIR.
Finally, we find the Interworking Function (IWF). This is used for circuitswitched
data and fax services and is basically a modem bank. Typical dialup modems and fax machines are analog. For example, when one uses a
computer with a 28.8 Kbps modem on a regular telephone line, the modem
modulates the digital data from the computer to an analog format that
appears like analog speech. The same cannot be done directly for a digital
system such as GSM because all transmissions are digital and it is not possible
to transmit data over the air in a manner that emulates analog voice.
Furthermore, a remote dial-up modem, such as at an ISP, expects to be
called by another modem. Therefore, a circuit-switched data call from an
MS is looped through the IWF before being routed onwards by the IWF.
Within the IWF, a modem is placed in the call path. The same applies for
facsimile service, where a fax modem would be used rather than a data
modem. GSM supports data and fax services up to 9.6 Kbps.
670 times read

Related news
No matching news for this article
Did you enjoy this article?
1 2 3 4 5
Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00 (total 2 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.