Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Calling VoWiFi... The Next Mobile Operator Service is here...


Published on

Derick Linegar, Technical Solutions Architect discusses VoWifi at Cisco Connect Toronto 2015.

Published in: Technology

Calling VoWiFi... The Next Mobile Operator Service is here...

  1. 1. Calling VoWiFi…. The next mobile operator service is here… Derick Linegar, Technical Solutions Architect
  2. 2. Housekeeping Notes May 14, 2015
  3. 3. Thank you for attending Cisco Connect Toronto 2015, here are a few housekeeping notes to ensure we all enjoy the session today. §  Please ensure your cellphones / laptops are set on silent to ensure no one is disturbed during the session §  Ask Questions…! House Keeping Notes
  4. 4. §  Give us your feedback and you could win a Plantronics headset. Complete the session survey on your Cisco Connect Toronto Mobile app at the end of your session for a chance to win §  Winners will be announced and posted at the Information desk and on Twitter at the end of the day (You must be present to win!) Complete your session evaluation – May 14th
  5. 5. §  Cisco dCloud is a self-service platform that can be accessed via a browser, a high-speed Internet connection, and a account §  Customers will have direct access to a subset of dCloud demos and labs §  Restricted content must be brokered by an authorized user (Cisco or Partner) and then shared with the customers ( user). §  Go to, select the location closest to you, and log in with your credentials §  Review the getting started videos and try Cisco dCloud today: dCloud Customers now get full dCloud experience!
  6. 6. Why VoWiFi? Why Now?
  7. 7. Wi-Fi Massive Usage Growth Relative to LTE LTE has lost the indoor/residential game à So has VoLTE… Source: mgrayson & aslemper Source: Mobidia
  8. 8. But Apple Pushed VoWiFi in the Spotlight Why Should a Service Provider Care? •  Complement Indoor Macro Radio VoLTE Coverage for residential and enterprise à Ongoing CapEx reduction. •  Enable Carrier-Class International VoIP Roaming – Example: Sprint à Out-of-Market Coverage Enhancements •  Voice on non-SIM companion device à Capture 80% of the WiFi devices that happen to have no SIMs •  Carrier class service to compete with OTT VoIP (Skype etc) à Differentiate using ISM/VoLTE with WiFi against OTT Players
  9. 9. VoWiFi set to solve SP Business Challenge It’s About Coverage In building “Cost effective & scalable (for the mass market) solution for delivering in building coverage (when the macro network isn't available) for both Residential and Business Customers” A way to displace other in-building solutions such as Licensed Small Cells, DAS or LTE microcells?
  10. 10. §  Works on any WiFi (trusted/untrusted) but focus on indoor & poor LTE coverage areas à reclaim the indoor/residential space §  Handling of Emergency Calls based on User Settings à Greater device coverage possible. §  Possible to implement Restriction based on certain markets: Residential, SP owned WiFi, in-country versus international. §  Single-number reach for SIM/non-SIM based devices à multi- device ringing… §  Integrated Services (SMS, MMS, FaceTime …) §  Simplified Billing & capture of non-SIM based devices VoWiFi Unique Advantages for MNO’s… What Service Providers want…
  11. 11. Complement indoor coverage Residential Community/Coffee Shop Enterprise Cost effective solution to complement Indoor RAN coverage
  12. 12. International Roaming Existing MSCForeign PLMN Home PLMN OTT MSC OTT Client Foreign IP/Wifi VoWiFi MSCForeign Wifi ePDG /PGW Home MSISDN OTT MSISDN Home MSISDN Home PLMN Home PLMN Same home mobile number for MO/MT No need to pay expensive roaming charge Same phone dialer for mobile and wifi call Capture revenue long lost to OTT No need to pay roaming partners
  13. 13. Voice call on non-SIM device Significantly increase the number of voice capable devices
  14. 14. VoWiFi – Apple iOS 8 WiFi Calling Voice/Text over Wifi Standard based: ePDG/IPSec 3GPP 23.402 Same Phone dialer for 3G/4G/wifi voice Voice Handover between Wifi/LTE VoWiFi traffic goes to Mobile Core; Others goes local Use VoLTE IMS
  15. 15. VoWiFi Handset support •  WiFi Calling support in iPhone 5s/5c and iPhone 6/6+ •  Interworking completed Apple Android •  No native Android OS support yet •  Samsung Note 4 wifi calling in selected markets •  Samsung interworking completed. •  Qualcomm Snapdragon 800 chipset interworking completed
  16. 16. Our WiFi Calling User Experience Always choose wifi over cellular to make or receive call Calls start in cellular stay in cellular Enterprise needs to un-block IPSec iPhone relies on minimal QoS support from the network
  17. 17. VoWiFi Architecture Untrusted WiFi Access
  18. 18. Voice over Wi-Fi Architecture §  VoWi-Fi is an E2E architecture that requires: §  UE clients: iWLAN and VoLTE §  Wi-Fi access §  ePDG §  PGW with s2b support §  VoLTE service infrastructure §  Enhanced features required §  Location awareness – Wi-Fi §  Support for non-UICC devices – Wi-Fi/VoLTE §  Mobility support §  Optionally enterprise integration (ISC) – VoLTE §  QoS guidelines for Wi-Fi Internet/Untrusted network (e.g. home/ent) Interne t PGW AAA DHCP HSS/HLR Wi-Fi access ePDG SWu S2b PMIPv6 GTPv2 SWm SWn IPSec eNodeB NodeB MME/ SGW 3GPP access S5/S8 MSC Gi RNC IMS Core SGSN TAS CUCM IMS/VoLTE
  19. 19. ePDG Basics – Main Functions §  User Authentication and Authorization §  IKEv2 based on EAP-AKA §  De-capsulation/Encapsulation of packets for IPSec §  Tunnel authentication and authorization §  APN authorization and PWG selection §  Provide PWG identity if static address §  Local Mobility Anchor §  PGW address from AAA in inter system handovers §  Tunnel and QoS mapping between S2b bearers and access network §  Mapping of S2b bearer(s) to SWu (IPSec) sessions §  Mapping of dedicated bearers on S2b using TFT packet filters §  DSCP marking and/or 802.1p tagging for QoS §  Routing of downlink packets towards the SWu instance associated to the PDN connection; §  Transport level packet marking in the uplink; §  Enforcement of QoS policies based on information received over S2b control plane Seamless Wifi/LTE handover supported MAPCON: Only IMS-APN traffic goes to SWu/ePDG other goes to local internet
  20. 20. ePDG selection processes §  UE selects ePDG: UE constructs an FQDN and performs a DNS query to resolve it. Response contains 1 or more IP addresses in IPv4/v6 format. UE select an address in the same format. §  ePDG select AAA: ePDG is provisioned with a pair of 3GPP AAA IP Addresses (Primary/ Secondary). DIAMETER watchdog process monitors primary/secondary link for failover. §  ePDG selects PGW: For a given APN, the ePDG will construct an APN FQDN based on the format of: §  <APN-NI>.apn.epc.mnc<MNC>.mcc<MCC> The ePDG will perform DNS S-NAPTR query to get PG §  The NAPTR response will contain three Records with “a” flag but different “Service Parameters”: “x-3gpp-pgw:x-s2a- pmip”, “x-3gpp-pgw:x-s5-gtp” and “x-3gpp-pgw:x-s2b-gtp”. The ePDG will then perform a DNS AAAA query with replacement string matching “Service Parameters” of “x-3gpp-pgw:x-s2b-gtp”. This will result in the IP address of S2b interface of the provided PGW.
  21. 21. Call Flows – ePDG Select ePDG ePDG UE AP DNSePDG DNS X 0. Associate Request / Response UE creates a FQDN for ePDG query 1. DHCP DNS X D1. Recursive DNS Query D2. DNS Query D3. DNS Response D4. DNS Response IP address #1 IP address #2 IP address #3 IP address #4... 2. IKEv2 SA_INIT 3. IKEv2 SA_INIT RSP WiSPr Authentication
  22. 22. Call Flows – UE initial attach UE AP PGW 3GPP -AAA PCRF 2. IKEv2 SA_INIT 15a. CCR ePDG 13. Create Session Request 16. Create Session Response 3. IKEv2 SA_INIT RSP 4. IKEv2 AUTH_REQ 5. DER 6. DEA 7. IKEv2 AUTH_RESP 8. IKEv2 AUTH_REQ 9. DER 10. DEA 11. IKEv2 AUTH_RESP 12. IKEv2 AUTH_REQ 17. IKEv2 AUTH_RESP 14a. AAR HSS SW1. MAR SW2. MAA SW3. SAR SW4. SAA SW3. SAR SW4. SAA 15b. CCA 18. Router Advertisement 1. UE authentication and ePDG selection / attach 14b. AAA 19. AAR 20. AAA OCSOFCS 15c. CCR 15d. CCA B1. ACR-Start B2. ACA S1. UDR/UDA S2. SNR/SNA Not used for emergency attach EAP-AKA used for User authentication
  23. 23. VoWiFi Calling UE Architecture VoIP SWu/IPsec Client LTE interface EPDG Untrusted Wifi LTE IMS-APN SMS http,Other Apps UE PGW SGW VoLTE IMS IPSec tunnel Virtual IP IPSec Connection Manager Wifi interface MAPCON Policy PGW Internet PGWVoIP S2b Internet Non IMS-APN traffic goes to internet from local wifi S5
  24. 24. VoWiFi/LTE Mobility - Handover PSTN PGW MGCF MGWEPDG Wifi IMS-APN SWu Client Smartphone S2bIPSec VoIP – User plane IMS LTE RAN SGW MME S5VoLTE/VoWiFi Handover Voice call/IMS-APN is maintained(continuous) when user moves between WiFi and LTE coverage
  25. 25. VoWiFi Call setup UE PGW PCRF 9. RAA ePDG 14. Create Bearer response 13. Create Bearer Request 8. AAA 7. RAR OCSOFCS P- CSCF 6. AAR 11. CCR 12. CCA TAS 1. SIP RE-INVITE 2. SIP RE-INVITE 3. Ro Call Control 5. 200 OK 4. Peer UE procedures 10. 200 OK LVC (Voice/Video) call ongoing on LTE (Dedicated Bearer) LVC (Voice) call ongoing on LTE (Dedicated Bearer)
  26. 26. UE eNB ePDG MME SGW PGW PCRF 3GPP -AAA 2. IKEv2 SA_INIT 3. IKEv2 SA_INIT RSP 4. IKEv2 AUTH_REQ 5. DER 6. DEA 7. IKEv2 AUTH_RESP 8. IKEv2 AUTH_REQ 9. DER 10. DEA 11. IKEv2 AUTH_RESP 12. IKEv2 AUTH_REQ 23. Delete Bearer Response 21. Delete Bearer Request 20. Delete Bearer Request 16a. Create Session Response 13. Create Session Request 22. Delete Bearer Response 14a. AAR 14b. AAA 15a. CCR-U 15b. CCA-u MME triggers release of radio resources 16b. Create Bearer Request 16c. Create Bearer Response 19 SIP Re-Register (RAT change) OCS SW1. MAR SW5. SAR/SAA SW2. MAA SW3. SAR SW4. SAA HSS OFCS 15c. CCR-I 15d. CCA-I R1 ACR R2 ACA LVC (Voice/Video) call ongoing on LTE LVC (Voice/Video) call ongoing on WLAN (Default Bearer) 1: UE attaches to AP LVC (Voice/Video) call ongoing on WLAN (Dedicated Bearer) 18. Router Advertisement 17. IKEv2 AUTH_RESP 15e. CCR-T 15f. CCA-T Downlink Packets dropped / buffered / Sent on Dedicated at PGW based on config 4G VoLTE/LVC call established IKEv2/IPSec Session request and authentication via ePDG PGW: updates existing session for RAT Type=WLAN, Obtains PCC Policy Rules from PCRF, PGW releases LTE call leg. Dedicated bearer created on ePDG call leg UE updates RAT Type with IMS/SIP Core VoLTE to VoWiFi HO
  27. 27. Packet Core Combo’s: ePDG and 4G Femtocell Prime Mobility Prime Network Prime Performance Cisco StarOS ePDG Operator NMS Packet Gateway Operator S/ PGW Alarms & KPIs Alarms & KPIs Operator AAA Operator HSS Operator DRA Operator IMS TAS S2b GTPv2 SWm Internet ePDG Client SWu IPSecVoWiFi IMS Client HeNB-GW Operator MME SecGW S1/X2 IPSec S1 4G Small Cell HMS Mgmt
  28. 28. Cisco Telco Cloud Solution PGW Mobile core IMS Control plane IMS MGCF MGWEPDGWifi/ Internet VoIP SIP Client SWu Client Smartphone S2b IPSec SIP – Control plane VoIP – User plane HCS Enterprise collaboration and PABX ISC 3GPP AAA SWm HSS SWx Cisco VoWiFi Solutions ePDG: Base on proven StarOS multi-service platform (ASR5K/55500/QvPC) 3GPP AAA: Cisco Prime Access Register VoLTE TAS/IMS: Cisco Telco Cloud and UC/ HCS Solutions Wifi Access: Field proven Voice over Wifi solutions VOLTE CORE PSTN
  29. 29. VoWiFi Architecture Trusted WiFi Access
  30. 30. Secure Transport, S1 Aggregation Un-trusted WiFi PGW/ GGSN ePDG MME S2a Radius IP/GRES1-U S1-MME / SGW TWAG TWAP S2bS5 S1-U S1-MME Radio Access Radio Access (RAN) Aggregation/ Core StarOS WAG HSS/ AAA STa S6a Radius IP/GRE Radius IP/GRE StarOS EPC IPsec Cisco VPC WAG, Trusted WiFi & Untrusted WiFi Architecture
  31. 31. 3GPP SaMOG Definition §  SaMOG (S2a Mobility Over GTPv2) provides EPC Access over Trusted WLAN. §  SaMOG Components: ü  WLAN Access Network à Trusted (Operator owned) ü  WLAN AAA Proxy à TWAP ü  WLAN Access Gateway à TWAG §  Why SaMOG? ü  Efficient use of Spectrum ü  Network based Mobility ü  Seamless mobility between 3GPP and WLAN for EPC services with IP address preservation ü  Non-seamless WLAN offload.
  32. 32. Trusted WLAN AAA Proxy (TWAP) §  Provides a Radius Interface towards WLAN AN for UE authentication and accounting. §  Uses Diameter-based Interface towards the 3GPP AAA server §  Supports EAP based UE Authentication (EAP-SIM, EAP-AKA, EAP-AKA') §  Binds the UE’s WLAN identity to UE’s subscription data (APN Profile, IMSI, MSISDN) §  Provides the UE Attach and Detach triggers to the TWAG PGW GTP TWAP (MRME) TWAG (CGW) AAA/HSS STa (Diameter) WiFi C/U termination WiFi APWiFi AP IP-GRE CAPWAP - C/U WiFi RRM CAPWAP - C/U WiFi RRM AAA (Radius)
  33. 33. Trusted WLAN Access Gateway (TWAG) §  Gateway to connect the Trusted WLAN to the EPC §  Terminates the S2a interface, carrying the UE packets from the WLAN in the S2a tunnel based on GTPv2. §  Packet forwarding in the TWAN is based on PMIPv6 tunnel between WLC and TWAG, GTPv2 Tunnel between TWAG and EPC. §  Receives and responds to triggers from the TWAP for UE Attach, Detach Internet PGW TWAP (MRME) TWAG (CGW) WiFi C/U termination WiFi AP CAPWAP - C/U WiFi RRM GTP IP-GRE
  34. 34. Cisco StarOS WAG: VoWiFi Optimization NSWO + Wi- Fi Calling Client WLAN Acces s & TWAG Default APN P-GW S2a DHCP allocated Default APN Configuration UE Pool: 802.11 Host: IP IPv4 Internet S2b IKEv2 allocated 2610:8dba: 82e1:ffff::/64 ePDG IMS APN P-GW IMS APN UE Pool: 2610.8dba: 82e1:ffff::/48 SWu IPv6 IMS based Wi-Fi Calling Service SAMOG/Trusted WiFi NSWO + Wi-Fi Calling Client Default APN P-GW S2a IKEv2 allocated 2610:8dba: 82e1:ffff::/64 DHCP allocated Default APN Configuration UE Pool: 802.11 ePDG Including SWu NAT traversal functionality IP IPv4 Internet DNS Resolves ePDG to SIPTO Enabled TWAG NAT Outside Pool: SIPTO Match IP SWu SWu NSWO •  Standard approach is ePDG and SaMOG as 2 ships in the night. •  Forces MNO’s to make a WiFi deployment decision based on VoWiFi application & readines •  Optimized approach uses SaMOG SIPTO to “break-out” untrused WiFi sessions to ePDG context •  Allows complete transparency between TELUS owned versus 3rd party WiFi Access. •  Allow for QoE based approach for VoWiFi and other apps.
  35. 35. VoWiFi Architecture Virtualized Solution
  36. 36. Network Virtualization §  Virtualization is becoming the main “Marketing” discussion §  99% of CAPEX still being spent on conventional solutions §  Not all customers are ready for virtualization §  Customer demand for an appliance- based platform scaling both higher and lower than ASR5000/5500 Services Subscribers Sessions Throughput ePDG SaMOG Any Computing
  37. 37. NFVI OSS / BSS VNF Domain NFV Orchestrator NFVO Generic NFV Architecture Source: Virtualization Layer Hardware Resources Or-Vnfm Or-Vi Ve-Vnfm Nf-Vi Descriptors Se-Ma VNF E/NMS VNF E/NMS Vn-Nf Vi-Ha Virtual Network Function (VNF) Manager(s) VNFM Vi-Vnfm Virtual Infrastructure Manager(s) VIM Os-Ma
  38. 38. Finding the right middle ground Network Appliances on dedicated hardware Network Appliances on COTS hardware Network Function Virtualization Data center hardware Virtualization and orchestration layer Network function A Network function B Network function C Network function A Hardware A Network function B Hardware B Network function C Hardware C Network function A Network function B Network function C COTS HW COTS HW COTS HW •  Specialized and optimized hardware •  Same SW now using standard Cisco COTS HW •  Vendor fully responsible for software and hardware of the product •  Independent data center hardware layer •  New layer for orchestration
  39. 39. Virtual Packet Core Architecture §  VPC •  Mapping the different software process onto specific VMs •  Flexibility to run VM across different hardware platforms (servers) §  Benefits •  High performance •  Scaling in all directions §  VNF Orchestration •  All scaling use case •  Instantiation of multiple VMs •  Possible integration with underlay SDN StarOS VPC-DI VM 1 CF HYPERVISOR Controller Tasks: VPN, Port, Session High Availability Tasks Resource Manager VM 3 SF HYPERVISOR DeMux Manager VM 4 SF HYPERVISOR SF SF SM + AAA Manager VM 5… SF HYPERVISOR SF SF SM + AAA Manager CTCM OpenStack NSO Switch or Router UCS Hardware (Service Orchestration - NfVO) VNFM VIM SF SM + AAA Manager
  40. 40. OpenStack Cisco Virtualized ePDG and EPC Networking Hardware: x86 server VMware ESXi (OS + Hypervisor) ePDG Cisco StarOS Linux Kernel Networking Hardware: x86 server Ubuntu / RedHat (OS) ePDG Cisco StarOS Linux Kernel KVM (Hypervisor) vSphere/vCloud •  Integrated OS + Hypervisor •  Benefits of Hardware/Network Acceleration •  Single Vendor OS/Hypervisor (VMware) •  KVM as Hypervisor •  Full OS Implementation (Ubuntu / RedHat) •  Multi-Vendor “Open Source” Environment •  Complex Monitoring and Management VMware Ecosystem OpenStack Ecosystem •  Base on COT x86 server hardware •  Highly scalable: Capacity can be added by adding CPU/ memory resource •  Elasticity: Capacity-on-demand •  Field Proven: Same StarOS software as physical ePDG and EPC
  41. 41. Cost Effective Scalable Flexibility…. ASR5000 PSC2 30 Gbit/s ASR5500 DPC 80 Gbit/s ASR5000 PSC3 50 Gbit/s ASR5500 DPC2 160 Gbit/s VPC-DI Greater than 250 Gbit/s - UNLIMITED ASR5700 R17.1 25 Gbit/s
  42. 42. Q&A….
  43. 43. S2b VoWiFi Deployment Is it just a simple addition to VoLTE IMS? Internet PGWEPDG S2b Internet PGWEPDG DNS AAA AAA Home AP Modem Residential Enterprise Home SSID Enterprise AP/WLC Ent SSID Guest SSID FW SWu Requirements: Home AP/Modem to support •  802.11ac •  802.11e WMM include DSCP to WMM •  IPSec Port enabled •  DNS to resolve ePDG FQDN •  VPN from ePDG to home modem •  VoWiFi and generic non-IMS traffic use the same wifi SSID •  UE has access to home wifi network •  VoWiFi and generic non-IMS traffic use the same wifi SSID •  UE may or may not has access to home ent wifi network Requirements: UE has access to Ent SSID •  AP supports 802.11ac •  AP supports 802.11e WMM include DSCP to WMM •  Ent FW IPSec Port enabled for ePDG IP •  Ent DNS to resolve ePDG FQDN •  VPN from ePDG to AP/WLC Requirements: UE has no access to Ent SSID. Use Guest SSID •  AP supports 802.11ac •  AP supports 802.11e WMM include DSCP to WMM •  Guest SSID has separate VLAN to FW •  Ent FW IPSec Port enabled •  Ent DNS to resolve ePDG FQDN for Guest SSID •  VPN from ePDG to AP/WLC •  Ent AAA connection to SP AAA or 3rd party AAA for wifi authentication
  44. 44. VoWiFi E2E QoS LTE QCI QCI to IP DSCP mapping DSCP Downlink 802.11e WMM 802.11ac LTE QCI DSCP Uplink DSCP UE 802.11e WMM 802.11ac
  45. 45. Thank you.