06.

April 2006 Security Level: Internal

WCDMA-PS
International
Roaming
www.huawei.com

WCDMA-PS Technical Support Department

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential

WCDMA-PS International Roaming

1. Introduction to Important Concepts of WCDMA-PS International Roaming

2. Basic Realization Process of International Roaming
• Typical Architectures of GPRS International Roaming
• Roaming land SGSN Requirements of GPRS International Roaming
• Use of DNS During GPRS International Roaming
• GPRS International Roaming APN-OI Selection
• Introduction to Key Interconnection Technologies for GPRS International
Roaming
3. Introduction to the International Roaming Scheme of Unicom

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 2

Introduction to Important Concepts of PS International
Roaming
•VSGSN Visiting SGSN
•VGGSN Visiting GGSN
•HGGSN Home GGSN
•BG Border Gateway
•GRX GPRS Roaming Exchange
The GRX network is used to connect GPRS backbone networks and other GRX networks of
different operators to realize the interconnection and interworking between GPRS networks.
Different from the direct connection mode, the GRX network is an IP network professionally
operated and managed by the third party. The GRX network is responsible for the interconnection
between the GPRS networks of different operators. The GRX network is the core node of GPRS
roaming network. The GPRS network connecting with the GRX network can interconnect with the
GPRS network covered by the whole GPRS roaming network by the GRX network. Accordingly, a
GPRS operator can interconnect with one or a few GRX operators to realize the interconnection and
interworking with many GPRS operators at the network layer. At present, there are more than 20
GRX network operators all over the world. The operators connect most GPRS networks in the world.
•VPLMN Address allowed: Specifies whether the MS is allowed to use the APN in the domain of the
HPLMN only, or additionally the APN in the domain of the VPLMN.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 3

Introduction to Important Concepts of WCDMA-PS
International Roaming

• Local subscriber: the subscriber who subscribes in the local PLMN,

does not roam into another PLMN, and is activated at the local GGSN.
• Roaming subscriber: the subscriber who subscribes in the local PLMN,
roams into another PLMN, and is activated at the local GGSN.
• Visiting subscriber: the subscriber who subscribes in another PLMN,
roams into the local PLMN, and is activated by the local GGSN.
• Local subscriber + roaming subscriber = home subscriber of PLMN

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 4

WCDMA-PS International Roaming

1. Introduction to Important Concepts of WCDMA-PS International Roaming

2. Basic Realization Process of International Roaming
• Typical Architectures of GPRS International Roaming
• Roaming Land SGSN Requirements of GPRS International Roaming
• Use of DNS During GPRS International Roaming
• GPRS International Roaming APN-OI Selection
• Introduction to Key Interconnection Technologies for GPRS International
Roaming
3. Introduction to the International Roaming Scheme of Unicom

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 5

Basic Realization Process of International Roaming

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 6

 Basic Realization Process of International Roaming –
Typical Architecture 1
Routing within VPLMN: no control over subscribers’ activities
• The subscribers cannot use the
APN of homing land APN,
otherwise you cannot resolve
and get the accessed GGSN IP
address. For international
roaming, the subscription data
in HLR VPLMN Address
allowed must be TRUE.
+ efficient (direct) routing
+ There is no need for the
interconnection of DNS and
recursion resolution.
- HPMN has no control over the
call,
- dependent on TAP files for billing
-> no pre-paid billing possible
- no end to end QoS guarantied
- no Virtual Home Environment
(VHE)

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 7

 Basic Realization Process of International Roaming –
Typical Architecture 2
GSMA recommends GPRS routing via HPLMN
• Subscribers cannot use visited
land APN and GGSN, For
international roaming, the
subscription data in HLR
VPLMN Address allowed must
be FALSE.
+ HPLMN has full control over the
call
+ allows pre-paid billing
+ allows end to end QoS
+ Virtual Home Environment (VHE)
- Subscribers use the APN of
homing land to initiate services.
Interconnection is necessary
between GPRS networks.
- The recursion resolution of multi-
level DNS and the
interconnection between DNSs
are necessary.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 8

 Basic Realization Process of International Roaming –
Typical Architecture 2: GRX Peering
• GRX peering allows
roaming between
operators connected to
different GRXs. Once a
GRX interconnects with
other GRXs, GPRS
operators are able to
communicate with all
other GPRS operators
and full global roaming
across an extensive and
linked network is
established.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 9

 Basic Realization Process of International Roaming –
Typical Architecture 2: Realization Camel of Pre-Paid
International Roaming Service VPLMN SGSN IP
address is included in
VPLMN RAI information
should be included in IDP
• Mandatory requirement: APN for Create PDP context
request message
message

postpaid and prepaid subscribers

Active PDP context request Internet Initial DP
should be distinguished.
• Optional requirement: The IMSI or Home PLMN
Visit PLMN SCP
GGSN
MSISDN range for postpaid and SGSN

prepaid subscribers can be different.

APN and GGSN Prepaid Subscribers
• APN for domestic GPRS subscribers selection CDR

and roaming GPRS subscribers can be

the same.
• In Create PDP context message which DNS Server Billing system

sent from VPLMN SGSN, local GGSN

can get the VPLMN SGSN IP. By
searching the table of SGSNPLMN,
VPLMN MCCMNC code should be
found.
• After get the VPLMN MCCMNC code,
GGSN constructs the information
element of RAI and send this IE to SCP.
At this time, SCP receives the location
information for prepaid subscribers and
RAI shall be included in SCP CDR.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 10

GPRS International Roaming Realizes the
Requirements for Roaming Land VSGSN

•For the VSGSN of roaming land, configure the list of PLMNs where the
roaming is allowable. And ensure the service access of international
roaming subscribers.
•For the VSGSN of roaming land, configure correct SS7 data. And
ensure that the HLR signaling to the roaming subscriber home PLMN is
reachable.
•For the VSGSN of roaming land, configure a correct DNriserver. In
addition, according to the subscription data of subscriber and activation
request, construct a correct APN (APN NI+OI) to send it to DNS server,
and ensure that the subscriber activation is successful.
•The VSGSN of roaming land needs to realize the Gp interface, and
ensures that the route to the BG router is reachable.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 11

Use of DNS During GPRS International Roaming

• GPRS DNS is necessary in Intra-PLMN to realize the APN resolution

function within the local PLMN.
• All GRX providers will offer DNS routing.
• GRX provides the ROOT DNS function during GPRS international
roaming.
• The DNS between GPRS networks takes the DNS of GRX as the
ROOT to realize the recursion resolution of APN. In this way, roaming
subscribers can use the APN defined by homing land. By the DNS of
visited land, it is recursed to the DNS of GRX and the DNS of homing
land. After that, resolve the GGSN IP address of homing land, and
realize the activation.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 12

 GPRS Internal Roaming APN-OI Selection
3 The APN from the single PDP context was selected APN OI: the string whose length is equal to or smaller than 36. APNOI
is made up of three LABELs. Between LABELs, “.” is used. At the end,
there must be “.gprs”. The characters of each LABEL can only be A – Z,
1 An APN was sent by the MS
a - z, 0 – 9, or the middle lin “-”. The configuration can be
implemented according to MNC & MCC, and the format is
User located
yes
“mncxxx.mccyyy.gprs”.
in HPLMN
no
no no HPLMN subscriber: HPLMN OI is the APNOI configured in SET
APN-OI in APN(R) APN-OI in APN(R) 3GSM/2GSM: the APNOI carried by an MS must be the HPLMN OI.
yes yes If MS is not configured with APNOI, select HPLMN OI (the APNOI
APN-OI is HPLMN
no
APN-OI is HPLMN
yes configured in SET 3GSM/2GSM).
yes no
VPLMN subscriber: HPLMN OI is the assembly APN OI according to
no no
VPLMN Address APN-OI is VPLMN the MNC and MCC in IMSI. VPLMN OI is the APNOI configured in SET
Allowed
yes yes 3GSM/2GSM:
yes no VPLMN
VPLMN AP VPLMN Address Forbid Allow
Access Barred Allowed HPLMN

no yes

VPLMN AP
yes Forbid Case 1 Case 2
Access Barred
a
no
Allow Case 3 Case 4

b
Case 1 Case 2 Case 3 Case 4

yes The MS carries VPLMN OI. Reject V OI Reject V OI

HPLMN AP
Access Barred
no The MS carries HPLMN OI. Reject Reject H OI H OI

The MS carries other OI. Reject Reject Reject Reject

The MS does not carry OI. Reject V OI H OI V OI

H OI
c a Activate PDP
Context Reject

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 13

 GPRS International Roaming APN-OI Selection
A c ce s s req u es te d Ac c e s s re q ue st ed A c c e ss r equ es te d
2 A default APN is to be
in H PL M N in V PL M N o nly in V PL M N f irs t
chosen by the SGSN

yes
User located a b c
in HPLMN
no
yes
VPLMN Address Allowed

no
In terro g ate D N S w ith Int errog a te D N S w ith I nte rrog ate D N S w ith
yes
VPLMN AP A PN + H PL M N - O I AP N + V PL M N - O I A P N + VP LM N -O I
Access Barred
no
no no
APN(SGSN) for APN(SGSN) for
PDP type known PDP type known
yes yes
s uc ce ss s u c ce s s
APN := APN := D N S res ult D N S re s ult
APN(SGSN) APN(SGSN)
f ail fa il

A c tiv ate P D P C re ate P D P

Activate PDP a
a b C ont ex t R ejec t C on te xt R equ es t
Context Reject

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 14

Introduction to Key Interconnection Technologies for
GPRS International Roaming – Concepts
1. NAT Server: according to the networking requirements, the root DNS in an international
office or the local PLMN must be open to the root DNS of GRX or the DNS of another
network (according to the recursion principle, it can only be open to GRX; in the
existing network, the DNS query situation exists too). The NAT technology is used
when DNS uses a private network address. For the networking of the DNS that directly
uses a public network address, do not consider the technology. In the design, in order
to save IP addresses of public networks, DNS should use a private network address.
2. Firewall Policy: The destination and source addresses of packets allowed by a firewall
must concern all the SGSN, GGSN, and DNS servers in the GPRS network. In addition,
the source and destination protocol ports consist of the following UDP ports: 3386
(GTPV0), 2152 (GTPV1), 2123 (GTPV1), and 53 (DNS).
3. GRE: In fact, the GRE protocol is a kind of encapsulation protocol. It provides a
mechanism to encapsulate the message of a kind of protocol into the message of
another kind of protocol. In this way, messages can be transmitted in a heterogeneous
network. At this time, the message transmission channel is called tunnel.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 15

Introduction to Key Interconnection Technologies for
GPRS International Roaming – Concepts
1. IPSec: IPSec realizes the protection of IP datagram or upper layer protocol by two security
protocols AH (Authentication Header) and ESP (Encapsulating Security Payload). AH
(Authentication Header) is the message authentication header protocol. It provides the following
functions: data source authentication, data integrality check, and avoiding message resending.
The ESP (Encapsulating Security Payload) protocol provides all the functions of AH protocol (the
data integrity check does not include the IP header) and the encryption function for IP messages.
You can use only one protocol: AH or ESP. And you can use these two protocols at the same time.
The security service provided by IPSec needs the shared key. The Internet Key Exchange,IKE
protocol provides IPSec with the automatic negotiation exchange key. Establishing and
maintaining security alliance services can simplify the usage and management of IPSec. At
present, the existing network realizes IPSec in ESP+IKE mode.
2. BGP: BGP is an external gateway protocol (EGP). It is different from internal gateway protocols
(IGP) such as OSPF and RIP. Its respect is not to find and calculate a route, but control the
transmission of route and select the best route. At the time of route update, BGP sends only the
updated route. In this way, the bandwidths occupied because BGP broadcast routes are greatly
reduced. It is applicable when plenty of route information must be transmitted in the Internet. BGP
thoroughly solves the loop problem by the AS path information. BGP is easily expanded, and
applicable for the new development of network.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 16

 Introduction to Key Interconnection Technologies for
GPRS International Roaming – Combination of IPSec
and GRE

• Use the IPSEC protocol to

encrypt the data messages
transmitted between HQ and
branches.
• When the HQ provides a branch
with voice and video multicasting
services, the transmission of
multicasting data stream must pass
through the Internet. In order to
assure the security, use the IPSEC
technology to encrypt the voice and
video multicasting data packets
transmitted in the Internet, and
assure the confidentiality, integrality,
and reality of the transmission. The
IPSEC protocol can only encrypt
and protect unicast messages.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 17

Introduction to Key Interconnection Technologies for
GPRS International Roaming – Combination of IPSec
and GRE

GRE Tunnel
IPSec Tunnel
Remote
Corporate
Internet office
intranet
network
Router A Router B

At the time of the interconnection between existing networks,

first realize GRE, and then realize IPSec, last realize the release of BGP dynamic routing table.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 18

WCDMA-PS International Roaming

1. Introduction to Important Concepts of WCDMA-PS International Roaming

2. Basic Realization Process of International Roaming
• Typical Architectures of GPRS International Roaming
• Roaming Land SGSN Requirements of GPRS International Roaming
• Use of DNS During GPRS International Roaming
• GPRS International Roaming APN-OI Selection
• Introduction to Key Interconnection Technologies for GPRS International
Roaming
3. Introduction to the International Roaming Scheme of Unicom

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 19

Introduction to the International Roaming Scheme of
Unicom – Functions of Proxy GGSN
• In order to realize the homing land access of the China Unicom GPRS
subscriber who roams outside China, a set of international GGSN agent
gateway devices will be constructed in Beijing and Guangzhou respectively
(first consider the local GGSN, and then consider the new construction).

• After the node of GGSN agent device is added, there is no influence on the
SGSN of roaming land country. It implements the APN decision and access
point selection according to related 3GPP standards too. After the SGSN
initiates the PDP data connection to GGSN, the GGSN agent does not
construct a PDP data connection channel with SGSN like the usual GGSN
devices. By analyzing and modifying the PDP data packet, the GGSN agent
further assists the visiting land SGSN and the homing land GGSN to set up the
data connection, and realize the homing land access requirements of
international roaming subscriber.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 20

Introduction to the International Roaming Scheme of
Unicom – Subscriber Access Under Different Scenes
 Scene 1: local service
Other PLMN 3
 Scene 2: national roaming service
DNS  Scene 3: international roaming
BSC/PCU
Proxy GGSN
SGSN service
DNS HLR

DNS HLR 2
SGSN
1
GPRS backbone
network
BSC/PCU

BSC/PCU SGSN GGSN Gi

GGSN
Gi

MMS Email MMS Email

Operator Services Farm Internet Internet Operator Services Farm

Corporate Intranet Corporate Intranet
ICP ISP ICP ISP
WAP Streaming
WAP Streaming

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 21

 Introduction to the International Roaming Scheme of
Unicom – Flow When A Subscriber Implements the
International Roaming
DNS

Proxy GGSN
Visit PLMN

2 3 4
BSC/PCU
5 GPRS
backbone
1 8
SGSN
network
6
7
GGSN
1. A subscriber initiates an activation request to VSGSN.
MMS Email
2. VSGSN queries the APN to DNS.
Internet Operator Services Farm
3. DNS returns the address of the APN (it is Proxy GGSN here). Corporate Intranet
ICP ISP
4. VSGSN sends the request to Proxy GGSN. WAP Streaming

5. Proxy GGSN analyzes the activation request, and sends the

regenerate request to homing land HGGSN.
6. Homing land HGGSN sends the activation response to the SGSN.
7. VSGSN allows the activation initiated by an MS subscriber.
8. The MS implements the data service.
HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 22
Introduction to the International Roaming Scheme of
Unicom – Details
• The precondition of this scheme is that the route between SGSN and home GGSN is reachable.
• Roaming land SGSN must support and accept the activation response message whose GGSN address changes.

• The GGSN of international gateway office finds out the real APN according to the activation PDP
message, and judges whether the PROXY function is enabled under APN. If the function is
enabled, according to the carried MSISDN, check whether the number is in the configured number
segment. If it is matchable, you can find the home GGSN address. If the home GGSN address
found is not the Gn interface address of the board or the Gn interface address of another SPU
board of the device, encapsulate the GTP message and the carried IP/UDP header into a
complete IP message. And deliver the message to the bottom layer for route forwarding. At the
same time, deliver a sign to ask the bottom layer not carry out the SEQ modification.
• If the home GGSN address found is the Gn interface address of another SPU board of the device,
use the recommendation function to recommend the message to the mapping board for the
activation. If the address found is the Gn interface address of this board, directly implement the
normal activation flow.
• If you cannot find out the home GGSN, it indicates that the GGSN processes according to a
normal activation message. If the activation request is not matched to the MSISDN relationship
table, the subscriber cannot be PROXY, directly implement the related activation processing on the
board.

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 23

References

• GPRS International Roaming and Application Wang Nanbin

• GRE Tunnel Technologies Introduction and Application Ｗang Yibin
41478
• Combined Application of IPSec and GRE Song Yufeng
• International Roaming Charging Solution for Prepaid Subscribers
Dong Fangshuo
• WGGSN GGSN9811 V800R002C05 Attribute Design Specifications
• 3GPP 23060
• 3GPP 29060

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential Page 24

06.April 2006 Security Level: Internal

Thank You
www.huawei.com
www.huawei.com

HUAWEI TECHNOLOGIES Co., Ltd. HUAWEI Confidential