Fun Talk about Network Protocol-Lecture 23 | Mobile Network: Going to Barcelona, You Ca n’t Get Facebook

This series of related blog, reference geeks time - Something about network protocol

What I said before is the scenario of using a computer to access the Internet. What is the difference between using a mobile phone to access the Internet?

The development of mobile networks

You must know that there are 2G, 3G, and 4G on mobile phones, what does this mean? There is a popular saying: use 2G to view txt, 3G to view jpg, and 4G to view avi.

2G network

Mobile phones were originally used to make phone calls, not to surf the Internet, so in the 2G era, it was originally not the IP network, but the telephone network that used analog signals. The professional name was Public Switched Telephone Network (PSTN) Network) .

That mobile phone is not connected to the network cable, nor the phone line, how does it go online?

Radio Access Network (RAN, Radio Access Network)

Mobile phones communicate by sending and receiving wireless signals. The professional name is Mobile Station , or MS for short , and ASIM is required . The mobile phone is the client, and the server of the wireless signal is the base station subsystem (BSS, Base Station Subsystem BSS) .

As for what is a base station, you can recall that when you climbed the mountain, did you see the signal tower? The base stations in the city are usually hidden and not easy to see, so we only notice in the mountains. It is this signal tower that allows your mobile phone to communicate through wireless signals.

But you need to know that no matter how wireless the wireless communication is, you still have to connect to a wired network . When I talked about the data center earlier, I also said that the e-commerce application is placed in the data center, and the computers in the data center are plugged in with network cables.

Therefore, the base station subsystem is divided into two parts. One part provides wireless communication to the outside, called the base transceiver station (BTS) , and the other part connects to the wired network internally, called the base station controller (BSC) . After the base transceiver station receives the data wirelessly, it forwards it to the base station controller.

This part belongs to the wireless part, and is collectively called the radio access network (RAN, Radio Access Network) .

Core Network (CN, Core Network)

The base station controller is connected to the data center of the operator providing mobile phone services through a wired network. This part is called the core network (CN, Core Network) . The core network has not really entered the Internet, this part is still mainly providing mobile phone business, is the wired part of the mobile phone business.

The first to receive data from the base station is the Mobile Service Switching Center (MSC) , which is the entrance to the core network, but it will not let you connect directly to the Internet.

Because before you let your mobile phone actually enter the Internet, the operator that provides mobile phone services needs to verify whether it is a legal mobile phone access. Don't make a phone card yourself, just connect it. Authentication Center (AUC, Authentication Center) and Equipment Identity Register (EIR, Equipment Identity Register) are mainly responsible for security.

In addition, you need to see whether you are a local number or a foreign number. This involves billing issues. Off-site charges are still very expensive. Visit Location Register (VLR, Visit Location Register) is to see where you are currently , and Home Location Register (HLR, Home Location Register) is to see where your number belongs.

When your mobile phone card is legal and rich, you are allowed to access the Internet. At this time, you need a gateway to connect the core network and the real Internet. Gateway Mobile Switching Center (GMSC, Gateway Mobile Switching Center) is doing this, and then the real Internet. In the 2G era, it is still the telephone network PSTN.

These modules in the data center are collectively called the network subsystem (NSS, Network and Switching Subsystem) .


Therefore, the Internet in the 2G era is shown in the figure. Let us summarize, there are several core points:

• The mobile phone is connected to the base station through a wireless signal;
• The base station is connected to the wireless network with the front facing, and the core network facing the back;
• The core network receives a request from the base station while facing forward, one is to determine whether you are legal, the other is to determine whether you are a local number, and whether there is money or not, while connecting to the telephone network through the gateway.

2.5G network

Later, from 2G to 2.5G, that is, on the basis of the original circuit switching, the packet switching service was added to support packet forwarding, thereby supporting IP networks.

On the basis of the above-mentioned network, the base station is connected to the wireless network on the front side and the core network on the other side. In the backward-facing component, a packet control unit (PCU, Packet Control Unit) is added to provide a packet switching channel.

In the core network, there is a forward-facing receptionist ( SGSN, Service GPRS Supported Node ) and a gateway-type GPRS support node ( GGSN, Gateway GPRS Supported Node ) connected to the IP network backward .

3G network

In the 3G era, mainly wireless communication technology has been improved, greatly increasing the wireless bandwidth.

Taking W-CDMA as an example, the theoretical maximum downlink speed is 2M, so the base station changes. Node B is facing outwards , and the Radio Network Controller (RNC) is connected to the core network facing inwards . The core network and the connected IP network have not changed. 

4G network

Then came to today's 4G network. The base station is eNodeB , which contains the functions of the original Node B and RNC, and the downlink speed is moving towards the 100M level. In addition, the core network realizes the separation of the control plane and the data plane. How do you understand this?

In the front core network, there is a receptionist MSC or SGSN, you will find that it is responsible for checking whether it is legal, and it is also responsible for forwarding data. Because the control plane is mainly instructions, mostly small packets, often requires high timeliness; the data plane is mainly traffic, mostly large packets, and often requires throughput.

So there is the following structure.

HSS is used to store the user's subscription information database , which is actually where your number belongs to, and some authentication information.

MME is the core control network element and the core of the control plane . When the mobile phone is connected through eNodeB, MME will judge whether you are legal according to the information of HSS. If you are allowed to connect, MME is not responsible for the specific data traffic, but MME will select the SGW and PGW of the data plane , and then tell eNodeB, I allow you to connect, you connect them.

So the mobile phone directly connects to the SGW through eNodeB and connects to the core network. The SGW is equivalent to the receptionist on the data plane , and is connected to the IP network through the PGW . PGW is the exit gateway . At the egress gateway, there is a component PCRF , called the policy and charging control unit , which is used to control the Internet policy and the charging of traffic.

4G network protocol analysis

Let's take a closer look at the 4G network protocol, which is really very complicated. We zoom in on a few key components.

Control plane protocol

The dotted line is the control plane agreement. When a mobile phone wants to access the Internet, it must first connect to the eNodeB and request the MME to authenticate and authenticate the mobile phone through the S1-MME interface. The S1-MME protocol stack is shown below.

UE is your cell phone, the eNodeB or two-faced, forward docking Wi-Fi , docking the core network toward the rear , in the face of access control is the MME .

SCTP protocol

The connection between eNodeB and MME is a normal IP network , but it is above the IP layer, but it is neither TCP nor UDP, but SCTP . This is the transport layer protocol , is connection-oriented, but more suitable for the mobile network. It inherits TCP's more complete congestion control and improves some of the deficiencies of TCP.

The first feature of SCTP is multi-homing . A machine can have multiple network cards, and for TCP connections, although the server can listen to 0.0.0.0, that is, from which network card the connection can be accepted, but once the connection is established, a quad is established A network card is selected.

SCTP introduced joint (Association) concept, a plurality of interfaces, into a plurality of paths to a union. When one path fails, the protocol will send communication data through the other path. The application does not even need to know that a failure or recovery has occurred, thereby providing higher availability and reliability.

The second characteristic of SCTP is to divide a joint into multiple streams . All streams in a union are independent, but all are related to the union. Each stream is given a stream number, which is encoded into an SCTP message and transmitted on the network through association. In the TCP mechanism, due to the forced sequence, the former one does not arrive, the latter one has to wait, and multiple streams of SCTP will not block each other

The third feature of SCTP is the four-way handshake to prevent SYN attacks . In TCP, there is a three-way handshake. After the server receives the client's SYN and before returning a SYN-ACK, it creates a data structure and records the status, waiting for the client to send an ACK. When a malicious client uses a fake source address to forge a large number of SYN packets, the server needs to allocate a large amount of resources, which eventually runs out of resources and cannot process new requests.

SCTP can introduce the concept of cookies through a four-way handshake to effectively prevent such attacks. In SCTP, the client initiates a connection using an INIT message. The server responds with an INIT-ACK message, which includes cookies. The client then responds with a COOKIE-ECHO message, which contains the cookie sent by the server. At this time, the server allocates resources for this connection and responds to it by sending a COOKIE-ACK message to the client.

The fourth feature of SCTP is to frame the message . TCP is stream-oriented, that is, the data sent has no head or tail, and no obvious boundaries. This is no problem for sending data, but it is not convenient for sending data of a message type. It is possible that the client writes 10 bytes and then 20 bytes. The server does not read a message of 10 bytes, and then read a message of 20 bytes, but it is possible to read 25 bytes, and then read 5 bytes, which requires the business layer to compose a message.

SCTP draws on the mechanism of UDP and provides message framing in data transmission. When one end performs a write operation on a socket, it can ensure that the data size read by the peer is the same.

The fifth characteristic of SCTP is that disconnection is three waved hands . In TCP, disconnecting is a wave of four waves, allowing the other end to be half-closed. SCTP chooses to abandon this state. When one end closes its socket, both ends of the peer need to be closed. In the future, neither end will be allowed to move data.

GTP-C protocol

When the MME passes the authentication , and agrees to this mobile phone to access the Internet, it is necessary to establish a data path for the data plane . The process of establishing a channel is still a matter of the control plane, so the control plane protocol GTP-C is used .

The constructed data path is divided into two sections , which are actually two tunnels. One segment is from eNodeB to SGW . This data path is told by the MME to the eNodeB through the S1-MME protocol. It is one end of the tunnel, and it is told to the SGW through S11 that it is the other end of the tunnel. The second segment is from SGW to PGW . SGW can know that it is one end through S11 protocol, and actively tells PGW that it is the other end of the tunnel through S5 protocol.

The GTP-C protocol is based on UDP , which is an example of UDP "City will play". If we look at the GTP header, we can see that there is a tunnel ID and a serial number. 

Through the serial number, without TCP, GTP-C can achieve reliability by itself, and assign an increasing sequence number to each output signaling message to ensure the sequential delivery of signaling messages and facilitate the detection of duplicate packets. For each output signaling message, a timer is started, and if the response message is not received before the timer expires, it is retransmitted.

Data plane protocol

When both tunnels are opened and connected together, PGW will assign an IP address to the mobile phone. This IP address is the IP address inside the tunnel, which can be compared to the IP address in the IPsec protocol. This IP address is managed by the mobile phone operator. Then, the mobile phone can use this IP address to connect to the eNodeB, from the eNodeB through the S1-U protocol, through the first tunnel to the SGW, from the SGW through the S8 protocol, through the second tunnel to the PGW, and then connect to the Internet through the PGW .

GTP-U protocol

The data plane protocol is through GTP-U, as shown in the figure.

Each packet sent by the mobile phone is encapsulated by the GTP-U tunneling protocol in the following format.

Similar to the IPsec protocol, it is divided into passenger protocol, tunnel protocol, and bearer protocol. Among them, the passenger protocol is a packet sent by the mobile phone, and the IP is the IP of the mobile phone. The tunnel protocol has a tunnel ID. Different mobile phones go online to establish different tunnels, so the tunnel ID is needed to identify. The IP address of the bearer protocol is the IP address of SGW and PGW.

Mobile Internet access process

Next, let's look at the flow of a mobile phone after it is turned on. This process is called Attach . It can be seen that the mobile network is still very complicated. Because this process requires many tunnels and many tunnel IDs to be assigned, I drew a picture to explain the process in detail. 

1. After the mobile phone is turned on, look for the eNodeB base station nearby, and when it is found, send an Attach Request to the eNodeB, saying "I'm coming, I want to get online".
2. The eNodeB sends the request to MME, saying "There is a mobile phone to connect to the Internet".
3. MME asks for a mobile phone, one is authentication, the other is authentication, and it will also ask HSS to see if there is money and where to go online.
4. After the MME passes the authentication of the mobile phone, it starts to allocate the tunnel and first tells the SGW that it wants to create a session (Create Session). In this, a tunnel ID t1 will be assigned to the SGW , and the SGW will be requested to assign a tunnel ID to itself.
5. SGW PGW turned to a request to establish a session for PGW the control surface assigned a tunnel ID T2 , but also to the PGW data plane assign a tunnel ID T3 , and the request to the PGW own control plane and data plane tunnel assignment ID.
6. The PGW replied to the SGW that it was "successful to create a session", and used its own control plane tunnel ID t2, which carried the tunnel ID t4 assigned to the SGW control plane and the tunnel ID t5 of the control plane , and the construction of the direct tunnel between the SGW and PGW was completed. When both parties request each other, they must bring the tunnel ID assigned to them by each other, so that the sign is the request of this mobile phone.
7. Next, the SGW replies to the MME saying "successful session creation" and uses its own tunnel ID t1 to access the MME. The reply contains the tunnel ID t6 assigned to the MME and the tunnel ID t7 assigned by the SGW to the eNodeB .
8. When MME finds that all subsequent tunnels are successfully constructed, it tells eNodeB, "The tunnels behind have been constructed. The tunnel ID assigned to you by SGW is t7. You can start to connect, but you also need to assign a tunnel ID to SGW. ".
9. The eNodeB tells the MME to assign a tunnel ID t8 to the SGW .
10. The MME notifies the SGW of the tunnel ID t8 allocated by the eNodeB to the SGW, so that the previous tunnel is also completed.

In this way, the mobile phone can successfully surf the Internet through the established tunnel.

Internet access problem

Next, we consider the matter of going online from another place.

Why should there be SGW and PGW? Isn't it possible to have one GW? SGW is the equipment of your local operator , and PGW is the equipment of the operator to which you belong .

If you are in Barcelona, ​​get off the plane, turn on the phone, and the eNodeB in Barcelona must be found around you. Check the HSS of domestic operators through MME to see if you are legal and have money. If Internet access is allowed, your mobile phone and Barcelona ’s SGW will establish a tunnel, and then Barcelona ’s SGW and domestic operator ’s PGW establish a tunnel, and then access the Internet through the domestic operator ’s PGW.

In this way , the HSS of the domestic operator that determines whether you can access the Internet, the PCRF of the domestic operator controls your Internet access strategy, the IP address assigned to the mobile phone is also responsible for the PGW of the domestic operator, and the IP address assigned to the mobile phone is also domestic Statistics in Shangri . Operators Because in the statistics of PGW inside , so your Internet traffic through all domestic carriers can , but Barcelona operators and domestic carriers have traffic settlement .

Since your online strategy is controlled by the domestic operator in the PCRF , you still ca n’t get to Facebook.

summary

Well, this section is here, let us summarize:

• The development of mobile networks has shifted from 2G to 3G, and then to 4G, gradually shifting from the function of making calls to the function of surfing the Internet;
• Please remember the structure of 4G network, there are eNodeB, MME, SGW, PGW, etc., divided into control plane protocol and data plane protocol, you can compare the structure and try to say the flow of mobile Internet;
• Even if you go online under a foreign carrier, you have to control it through a domestic carrier, so you ca n’t get to Facebook.

Finally, I will leave you two questions:

1. We all have packages for surfing the Internet. Some pay more and some pay less. Do you know how the mobile network controls the Internet traffic of users with different priorities?
2. All the networks mentioned above are based on physical machines. With the rise of cloud computing, both e-commerce and mobile networks must be deployed in the cloud. Do you know what are the main points of the network design in the cloud?