Title: H.248 Gateway Control Protocol Signaling Traffic Related Protocol Analysis
1H.248 Gateway Control Protocol Signaling Traffic
Related Protocol Analysis
- Antti Miettinen
- S-38.310 Thesis Seminar on Networking Technology
- Helsinki University of Technology
- 07.12.2004
2Basic Information
- Thesis written at Oy L M Ericsson Ab, Finland
- Supervisor Professor Jorma Jormakka
- Instructors M.Sc. Juha Eloranta
3Contents
- Background
- Problem Description
- Objectives
- Scope
- UMTS Release 5 Network
- H.248 Gateway Control Protocol
- H.248 Protocol Traffic Analysis
- Protocol Traffic Analyzers
- Conclusion and Future Work
4Background (1/3)
- The Universal Mobile Telecommunications System
(UMTS) is a third generation mobile network
standard specified by the 3rd Generation
Partnership Project (3GPP) - UMTS network is developed from the GSM and GPRS
- UMTS specifications and features grouped into
releases - Each release contains specific functionalities
and advancements - Releases enable vendors to make interoperable
networks
5Background (2/3)
- The UMTS Release 4 network architecture
introduced the layered network architecture - Call control is separated from the media and
bearer control - H.248 Gateway Control Protocol framework (GCP) is
used in the UMTS core network between the Media
Gateway Controller (MGC) and the Media Gateway
(MGW) and between the Media Resource Function
Controller (MRFC) and Media Resource Function
Processor (MRFP).
6Background (3/3)
- This means
- The MGC and the MRFC handles the call control
while the MGW and the MRFP handles the media and
the bearer control. - The MGC and MRFC steer and control the calls
through the MGW and the MRFP with help of the GCP
7Problem Description
- The GCP traffic analysis has an essential role in
troubleshooting the network anomalies - By analyzing the GCP traffic, the past status and
the prevailing operations of the network node can
be revealed - However, the GCP messages are big and frequent.
Thus, the protocol traffic analysis is a heavy
process. - The research problem of this thesis is to find
out an efficient method to analyze the GCP
protocol traffic to troubleshoot the network
nodes
8Objectives
- The objective of this study is to find out
efficient methods to analyze the H.248 Gateway
Control Protocol signaling traffic to be able to
troubleshoot the network nodes efficiently.
9Scope
- Different methods to efficiently analyze the
H.248 protocol traffic are explored. Those
methods are mapped to protocol traffic analyzer
requirements. - Only open source analyzers are explored
- The source code is available gt modifications to
the analyzer can be done to meet the requirements
better - No license fees
- Commercial products do not distribute fully
functional demo versions gt no real evaluation
can be done - An protocol traffic analyzer is selected as a
recommendation for the H.248 protocol traffic
analysis
10UMTSRelease 5Network
11H.248 Gateway Control Protocol (1/5)
- Connection model
- The most important abstractions are the Contexts,
Terminations and Streams
the direction of a media flow
Tx
termination x
a stream
MGW
Context1
Context2
Context3
T2
T2
T2
T1
T3
T1
T3
T1
T3
12H.248 Gateway Control Protocol (2/5)
- Message structure
- GCP message has a modular structure
13H.248 Gateway Control Protocol (3/5)
- Messages
- Large when presented in human readable form
- Transaction request (easily gt100 lines) bigger
than transaction replies - Replies do not usually contain descriptors
- Signaling traffic asymmetric
- Treelike hierarchy
- Transactions
- Actions
- Commands
- Descriptors
14H.248 Gateway Control Protocol (4/5)
- Possible errors situations
- H.248.8 packet defines 60 different error
descriptor - e.g. Unknown TerminationID, error code 430 or
insufficient bandwidth, error code 526. - Network node might end up to an unspecified state
(the failed command remains half executed) - Must be taken into account when searching reasons
for network node anomalies
15H.248 Gateway Control Protocol (5/5)
- Possible errors situations (cont.)
- Unclosed transactions
- May realize in case of unreliable signaling
connection - GCP specifies the three timers to prevent this
but they are not 100 sure
16H.248 Protocol Traffic Analysis (1/3)
- Data Presentation Format
- Overview first, zoom and filter, then
details-on-demand, Ben Shneiderman - The call related parameters should be shown in
their own columns in the overview part - transactionId, contextId, command type,
terminationID and wildcard - Scroll bars, colored messages (e.g. error
messages), colored barplots and tool tips
17H.248 Protocol Traffic Analysis (2/3)
- Filtering Functions
- One of the most important features needed in
troubleshooting - Sorting Functions
- Basic function
- Implemented in every analyzer
- Monitoring Functions
- Error descriptors in messages
- Unclosed transactions
18H.248 Protocol Traffic Analysis (3/3)
- Summary Function
- Shows the key information about the traffic, e.g.
- The number of transaction requests, replies and
pendings - The number of errored messages
- The number of completed and uncompleted
transactions
19H.248 Protocol Traffic Analyzers (1/2)
- Only open source analyzers explored
- Examined analyzers
- TcpDump WinDump
- Ethereal
- Analyzer
- Packetyzer
20H.248 Protocol Traffic Analyzers (2/2)
- Recommendation
- Ethereal
- Meets the requirements of the H.248 protocol
traffic analysis best - Actively developed
- Missing features H.248 specific columns,
monitoring functions, summary function, colored
barplots
21(No Transcript)
22Conclusion and Future Work
- Topics for future work
- Implement the missing requirements to Ethereal
- Explore the commercial analyzers if they are
even more suitable for the H.248 traffic analysis
23Thank you!
Questions or comments?