Private DNS for Mobile Operators

Senior Director - Strategic Technical Initiatives NeuStar, Inc. james.yu@neustar.biz +1-571-434-5572 (B) +1-703-622-5187 (M) Chief Architect Aicent, Inc richard.xu@aicent.com +1-408-324-1830x529 (B) +1-408-834-0217 (M)

James Yu

Richard Xu

What Is the Domain Name System?

The domain name system (DNS) is an Internet service that retrieves the resources associated with a domain name. Its initial purpose was to map a domain name to an IP address. The IP address could be the address of a server that provides applications such as web pages, emails and VoIP calls. Internet is based on IP address for addressing and routing; however, IP address is not easy for people to remember. So alphanumeric domain names are used instead. DNS was developed to be extensible to manage the domain name space (e.g., hierarchical tree structure). Every time you use a domain name, DNS must translate the name into the corresponding IP address.
For example, the domain name example.com might translate to IP address 198.105.232.4.

DNS was expanded for many other functions such as locating the SIP servers or mail servers and accessing services on the internet.

General Packet Radio Service (GPRS)

GPRS is a 2.5G standard for the GSM system to support packet data service. Serving GPRS Support Node (SGSN) keeps track of mobile stations location and performs security functions and access control. It is connected to the base stations via Frame Relay Gateway GPRS Support Node (GGSN) provides interworking (e.g., routing, address allocation, user authentication and tunneling) with external packet-switch networks. GGSN works as an anchor for IP traffic.
TE R MT Um

GPRS reference model

SMS-GMSC SMS-IWMSC E Gd MSC/VLR A BSS Gn Gs Gb SGSN Gn Gp GGSN Other PLMN Signalling Interface Signalling and Data Transfer Interface
D

SM-SC C

HLR Gc Gi GGSN Gf EIR PDN TE

Gr

SGSN

GPRX Roaming eXchange (GRX)

SSGN is located at the visited GPRS network and GGSN is normally located at the home GPRS network. GGNS and SGSN are connected via an IP-based backbone network
Routing GPRS traffic over Internet may result in poor QoS Secure connectivity between the SGSN and GGSN would require NxN relationships and NxN pipes among the GPRS operators, too many to manage

GRX was born to solve GPRS operators problem An GPRS operator has the options of routing the GPRS traffic
Over dedicated links (usually for domestic traffic) Over GRX Both

End-to-end GPRS Roaming via GRX

Internet Intranet Service SGSN GGSN GGSN

PDP Context Activation: MS

GPRS Home PLMN BG GTP Tunnel

Visited GPRS BG PLMN SGSN

GRX

DNS

TLD DNS DNS

GPRS/GRX Leveraging DNS to Locate GGSN

SGSN relies on DNS to locate either local GGSN or foreign GGSN in data roaming scenario
Access Point Name (APN) provisioned to each MS by home network is used to generate DNS query string for identifying GGSN APN
Contains the users and networks desired routing access preference and is used to create the logical connection between the mobile station and external PDN. Network ID Operator ID points to the access point within a GPRS Operator points to a GPRS Operator

<network id>.mnc<MNC>.mcc<MCC>.gprs Network Id Operator Id TLD

.gprs, a private DNS suffix, is used with the APN to retrieve the IP address of the GGSN

GRX DNS Hierarchy

.

Private to GPRS Operators

gprs grx

mcc111

Managed by GSMA/GRX
mnc222

Managed by GPRS Operator

APN=internet mms

internet.mnc222.mcc111.gprs. <IP of the operator GGSN>

mms.mnc222.mcc111.gprs. <IP of MM4 Interface of MMSC>

DNS Query Example in GPRS Roaming

DNS query whilst roaming

APN resolution using DNS in HPLMN
GPRS Root DNS 2 3

4
VPLMN DNS
BG

5
GRX Backbone
BG

HPLMN DNS

VSGSN BSS
DNS Query String: internet.mnc222.mcc111.gprs.

Locating GGSN Steps

1. 2. 3.

SGSN sends a DNS query to the DNS resolver for the A RR of internet.mnc222.mcc111.gprs. DNS resolver sends the DNS query to GRX root DNS server for the A RR of internet.mnc222.mcc111.gprs. GRX root DNS server returns the NS RRs and A RRs for mnc222.mcc111.gprs. to the DNS resolver where the NS RRs identify the home GPRS networks DNS servers. DNS resolver sends the DNS query to one of the home GPRS networks DNS server for the A RR of internet.mnc222.mcc111.gprs. Home GPRS networks DNS server returns the A RR of internet.mnc222.mcc111.gprs. to the DNS resolver. DNS resolver returns the A RR of internet.mnc222.mcc111.gprs. to SGSN SGSN now has the IP address of GGSN and can establish a packet data session with GGSN.

4. 5. 6.

The packet data session is then established between SGSN and GGSN, and user traffic is tunneled via the GRX(s) or over direct connection between SGSN and GGSN.

Global Reach Enabled via GRX Peering

O p e r a to r A G P R S R o a m in g N e tw o rk O p e ra to r B O p e ra to r D

GRX
O p e ra to r C
DNS DNS

GRX
DNS

O p e ra to r G

GRX

O p e ra to r E

O p e r a to r F

10

GRX Peering Architecture at AMS-IX

All the IP addresses involved in GRXs are invisible to the Internet (not routable in the Internet)

High-speed, highly redundant optical network

AMS-IX Virtual LAN

Every GRX network has no connection with the Internet

GRX A

GRX B

...

GRX Z

Mobile Operators

Mobile Operators

Mobile Operators

Some mobile operators use two GRX carriers for redundancy

11

GSMA DNS Structure

GSMA
Master Root Master Root Servers Servers

GRX A
Slave Root Slave Root Servers Servers

GRX B
Slave Root Slave Root Servers Servers

GRX Z

...

Slave Root Slave Root Servers Servers

Mobile Operators

Mobile Operators

Mobile Operators

12

Domain Name Registration

NeuStar
Secondary Secondary Master Registry Master Registry

NeuStar
Primary Primary Master Registry Master Registry

Data replication

Back up

Normal case

Internet

GRX Carriers & Mobile Operators

- Web-based portal for registration - Each GRX carrier or mobile operator has accounts with NeuStar - Secure ID card for for log in - Domain name can be * IMSI-derived * Human readable

13

GSMA DNS Operation Zone Transfer

NeuStar
Master Root Master Root Servers Servers

NeuStar
Zone file updates
Master Master Registry Registry

AMS-IX Virtual LAN GRX A

Slave Root Slave Root Servers Servers

Both full zone transfer (AXFR) and incremental zone transfer (IXFR) are supported

GRX B
Slave Root Slave Root Servers Servers

GRX Z

...

Slave Root Slave Root Servers Servers

Mobile Operators

Mobile Operators

Mobile Operators

14

GRX Status

There are about two dozen GRX carriers. Some big mobile operators such as Cable & Wireless, France Telecom and TeliaSonera are also GRX carriers.
A mobile operators GRX can serve just itself or itself and others.

All the GRX carriers peer at the AMS-IX in Amsterdam.

Connections to the Virtual LAN (VLAN) via four collocation facility providers. A GRX carrier accesses VLAN via two separate locations.

There is a second peering point in Singapore at Pacific Internet (PacNet); however, only two GRX carriers peer there now.
Traffic from an Asian mobile operator to another Asian mobile operator by those two GRX carriers need not go all the way to Amsterdam then back to Asia There are discussions to change the peering point to another provider.

15

Expanding DNS Beyond GPRS Service

GPRS DNS is extended to support many other services among GSM community
ENUM is added to resolve number based addressing used in
MMS and inter-working MMS
Phone number in the destination address

IMS/SIP, and inter-working IMS service

TEL URI in SIP signaling

ENUM is used to support Mobile Number Portability (MNP) associated with phone number based addressing

16

Operator ENUM within GPRS DNS Hierarchy

Extending existing GRX DNS hierarchy to support ENUM

GRX Root DNS

net

Root

gprs mccxxx

Local DNS
mncxxx

e164enum

GPRS

mncxxx.mccxxx.gprs. APN1

4.4 (UK) 1 (NANP)

6.8 (CN)

ENUM
6.2.9. 6.2.9.6.8.e164enum.net

mms 6.5.4.3.2.1

4.3.2.1.2.3.8.8.0.4 8.7.8.6.7.7

6.5.5.3.2.1

17

GSMA DNS/ENUM Structure

GSMA e164enum.net
ENUM ENUM Tier0/1 Tier0/1 Master Root Master Root Servers Servers 4.3.2.1.2.2.6.3.0.7.1.e164enum.net

GRX A
Slave Root Slave Root Servers Servers

GRX B
Slave Root Slave Root Servers Servers

GRX Z

...

ENUM ENUM Tier2 Tier2

Slave Root Slave Root Servers Servers

Mobile Operators

ENUM ENUM Tier2 Tier2

Mobile Operators

Mobile Operators

4.3.2.1.2.2.6.3.0.7.4.4.e164enum.net

18

ENUM for Inter-Working MMS in GSM Community

Pure IP-based solution, a proven scalable DNS architecture

GRX Root DNS MMSC (A) 5,9 PLMN A 1,6 DNS ENUM 2,7 3 ENUM Tier 0/1

GRX
4,8 DNS ENUM

MMSC (B) PLMN B

1. MMSC queries local DNS/ENUM for NAPTR record of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net. 2. Local DNS/ENUM queries GRX root for NAPTR record of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net. and receives NS and A records of e164enum.net. 3. Local DNS/ENUM queries ENUM Tier 0/1 for NAPTR record of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net. and receives NS and A records of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net. 4. Local DNS/ENUM queries remote DNS/ENUM for NAPTR record of of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net. and receives NAPTR records (mailto:+14088346789@mms.mncxxx.mccxxx.gprs). 5. Local DNS/ENUM returns NAPTR records to MMSC that retrieves the mailto URI. 6. MMSC queries local DNS/ENUM for MX record of mms.mncxxx.mccxxx.gprs. 7. Local DNS/ENUM queries GRX root for MX record of mms.mncxxx.mccxxx.gprs. and receives NS and A records of mncxxx.mccxxx.gprs. 8. Local DNS/ENUM queries remote DNS/ENUM for MX record of mms.mncxxx.mccxxx.gprs. and receives MX of mncxxx.mccxxx.gprs. and A records for the hosts in MX records 9. Local DNS/ENUM returns MX and A records to MMSC

19

ENUM for Inter-Working IMS in GSM Community

ENUM/ DNS
4.3.2.1.3.0.7.2.2.6.1.e164enum.net.

NAPTR RRs

RFC 3263 process performed to locate SIP servers for OpB.3gppnetwork.org.

tel:+1-703-622-1234

sip:+17036221234 @OpB.3gppnetwork.org; User=phone

sip:100.110.10.10

S-CSCF sip.OpA. 3gppnetwork.org

I-CSCF/S-CSCF sip.OpB. 3gppnetwork.org

IP address = 100.110.10.10

20

10

Summary - Private DNS/ENUM for GSM Operators

At present, two suffixes are supported in GSMA GRX DNS

.gprs (used by mobile operators) .grx (used by GRX carriers)

Another suffix will be added soon to GRX DNS for new services to avoid hitting the root servers in Internet by misconfigured nodes
3gppnetwork.org

Another one for Infrastructure ENUM

e164enum.net

21

Observations
There is no common DNS infrastructure for CDMA community. CDMA operator designated DNS is necessary for all inter-working related services, which require secure and scalable mechanism for addressing resolution. Inter-working with GSM operators requires interface to GSM existing infrastructure, such as its GRX, DNS, as well as ENUM. Inter-working on MMS, PoC, and IMS/MMD, etc. Operator ENUM is a proven mechanism for MNP. CRX for CDMA operators is deployed and in service. Introducing DNS would be practical and beneficial to CDMA community CDG MMS Team is working with GSMNA MMS Project team to resolve the MMS Inter-working issues between CDMA and GSM operators in NA
DNS/ENUM is emerging as an important issue for CDG to consider CRX/GRX peering is also critical to exchange traffic
22

11

A Vision Harmonized IP eXchange (IPX) Backbone

All of them share the same private DNS infrastructure that is separated from Internet and can exchange control- and user-plan traffic via IPX infrastructure (Peered IGRX/CRX) with one another

GSM operators CDMA operators Fixed/NGN operators Cable operators

Application providers

Harmonized IPX
(Interconnected IPXs with end-to-end QoS)

Content providers VoIP SPs WLAN SPs

23

Questions?
Please contact: Richard Xu, Aicent
+1-408-324-1830 x529 (B) +1-408-834-0217 (M) richard.xu@aicent.com

James Yu, NeuStar

+1-571-434-5572 (B) +1-703-622-5187 (M) james.yu@neustar.biz

24

12