64
AITIA International Inc. 1039 Budapest, Czetz János u. 48-50. Tel.: (36-1) 453-8080 · Fax: (36-11) 453-8081 sga.aitia.ai Realization of Roaming Steering User Manual Budapest 06.09.2016
AITIA International Inc.
1039 Budapest, Czetz János u. 48-50.
Tel.: (36-1) 453-8080 · Fax: (36-11) 453-8081
sga.aitia.ai
Realization of Roaming Steering
User Manual
Budapest 06.09.2016
2
Table of Contents The purpose of this documentation...................................................................................... 4
Introduction ....................................................................................................................... 5
Purpose of Roaming Steering ........................................................................................... 5
The build-up of our system ................................................................................................. 5
Modules .......................................................................................................................... 5
Hardware requirements .................................................................................................... 5
Summary of the main parameters ..................................................................................... 6
Structural set-up .............................................................................................................. 7
Routing Messages, 2G-3G ................................................................................................ 7
Routing Messages, 4G ...................................................................................................... 8
The load-sharing mechanism ............................................................................................ 8
Incoming extracts of the DIAMETER messages from the SDC ........................................... 10
Processed messages and parameters .............................................................................. 10
MAP Error codes ............................................................................................................ 11
DIAMETER Error codes ................................................................................................... 11
Modular build-up of the softwares ................................................................................... 12
Routing scheme in SgaRS_SS7_XT .................................................................................... 12
Decision on steering - SgaRS_Serv module ........................................................................ 14
Examples ...................................................................................................................... 14
The principles of the decision ......................................................................................... 14
The database ................................................................................................................ 15
Before the decision ........................................................................................................ 17
The process of making decision in 2G-3G cases ............................................................... 18
The process of making decision in 4G cases .................................................................... 19
System statistics - SgaRS_Stat module .............................................................................. 21
Statistics per Operators, and policy ................................................................................. 21
Histogram based on the policy ........................................................................................ 21
The SMS-Fraud function .................................................................................................... 23
Implementation ............................................................................................................. 23
Operation ...................................................................................................................... 23
Logging ......................................................................................................................... 26
MAP Firewall function ....................................................................................................... 27
Operations .................................................................................................................... 28
Defining Rules ............................................................................................................... 29
Modules related to the MAPFirewall function .................................................................... 30
Configuration changes ................................................................................................... 30
Configuration Files ............................................................................................................ 31
Roaming server config files............................................................................................. 31
SgaRS_Serv.ini file ......................................................................................................... 31
Operator VLR Prefix list .................................................................................................. 34
3
Operator MCC, MNC list .................................................................................................. 34
Policy name list .............................................................................................................. 34
Rules ini file ................................................................................................................... 34
SgaRS_SS7_XT.ini file .................................................................................................... 34
GyX_SCTP.ini file ........................................................................................................... 36
SgaRS_Stat.ini file ......................................................................................................... 38
Output Files ..................................................................................................................... 39
Logs ............................................................................................................................. 39
Statistics ....................................................................................................................... 39
Alarm lists ..................................................................................................................... 39
Traps ............................................................................................................................ 39
Start, stop ........................................................................................................................ 40
Introduction to the GUI ..................................................................................................... 40
Server module ............................................................................................................... 40
GyX_SCTP module ......................................................................................................... 44
SgaRS_SS7_XT module .................................................................................................. 47
Statistical server ............................................................................................................ 50
Appendix ......................................................................................................................... 52
Example of the server ini file .......................................................................................... 52
Example of the SgaRS_Serv_OpPref.lst ........................................................................... 53
Example of the SgaRS_MCCMNC.lst ................................................................................ 53
Example of the SgaRS_Serv_IMSIPref.lst ........................................................................ 54
Example of the SgaRS_Serv_Rules.ini ............................................................................. 54
Example of the GyX_SCTP.ini file .................................................................................... 56
Example of the SgaRS_SS7_XT.ini file ............................................................................. 57
Example of the statistics module INI files ........................................................................ 59
Alarms (Traps) .............................................................................................................. 61
Usable error codes in the END messages ......................................................................... 63
Usable error codes in the ULR messages ......................................................................... 64
4
The purpose of this documentation In this documentation we would like to explain the purpose of Roaming steering, the build-up and functions of our system. We should introduce our user interface, discuss installation matters, explaining settings, log file structure. Abbreviations used
AIA - Authentication Information Answer CldPA - Called Party Address ClgPA - Calling Party Address CLR - Cancel Location Request CSV - Comma-Separated Values DPC - Destination Point Code GT - Global Title Gw - Gateway GUI - Graphic User Interface HLR - Home Location Register HTML - HyperText Makeup Language IMSI - International Mobile Subscriber Identity IP - Internet Protocol MAP - Mobile Application Part MSC - Mobile Switching Center MTP - Message Transfer Part OPC - Originating Point Code PCM - Pulse-Code Modulation PMS - Performance Management System PUR – Purge Request RL - Routing Label RS - Roaming Steering RTF - Rich Text Format SDC - Singaling Delivery Controller SNMP - Simple Network Management Protocol SigTran - Signaling Transport TCAP - Transaction Capability Application Part TCP - Transmission Control Protocol TID - Transaction Identifier TT - Translation Type UL - Update Location ULR - Update Location Request ULA - Update Location Answer VLR - Visitor Location Register
5
Introduction
Purpose of Roaming Steering
Subscribers that belong to the local operator may want to go abroad. They’ll try to access to a foreign operator’s network. The choice from the available networks can be automatic or manual. In both case they are going to do a Location Update through any of the foreign operator’s VLR. During the process the foreign VLR will send the cell-data to the local HLR through our GwMSC. Our Sga-Rs’s duty is to control (Steer) these Location Updates. Our solution diverts the messages and processes them on its own. After that, logging in to our partner operator’s preferred roaming partners takes priority. So the purpose of roaming steering is to raise the chance for our partner’s subscribers to connect to the preferred foreign operator. Furthermore our system’s enhanced version contains the SMS-Fraud function, which helps to filter some unwanted SMSs out of the network. The build-up of our system
Modules
Our Sga-RS consists of these main modules:
• Roaming server (SgaRS_Serv) • SS7-over-IP (SigTran) interface module (GyX_SCTP) • SS7 message handler (SgaRS_SS7_XT) • Statistical module (SgaRS_Stat)
• Alarm handler module (Trapper) Additional utilities:
• Log file converter to HTML or RTF format (Log2Text) • Delete unnecessary, „old” files (DelThem) • Time synch, Network Time Protocol Server (Gy4) • Watching state of active windows (What’sUp)
These additional modules’ user manuals are not part of this document.
Hardware requirements
• 2 RS server: Industrial grade PC – with Pentium4 processor • 1 Spare RS server: Industrial grade PC – with Pentium4 processor • 1 RS statistical server: Industrial grade PC – with Pentium4 processor
6
Summary of the main parameters
• Connect to MSC-s, process of „D” interface’s messages
• Modular build-up, the modules are connected through TCP/IP • 4 different logging level: Off, Normal, Detailed, Debug • Generate alarms for NOC using SNMP Traps • Duplicated system, using load-sharing • Statistics can be exported to PMS (Performance Management System)
• 99,98% availability
7
Structural set-up
Our Sga-RS system integrates to the network between the GwMSC, and the HLR to the “D” interface. Messages running on this interface logically should be rerouted. This way we can access to the MAP messages. We are interested only in Location Updates, so the rest of the messages goes through our device unharmed, from their point of view Sga-RS is transparent. There is no such solution for these unmodified messages to bypass Sga-RS.
Routing Messages, 2G-3G
From the inbound Location Update messages, the stored static and dynamic information, we can decide, whether the location update should be successful, or should be rejected. In case of positive decision the message is forwarded transparently to the HLR, otherwise it gets rejected with a configurable MAP error code.
8
The routing is based on MGT, in consideration of the TT parameter. This is why the operator should ensure that the MSCs can route the appropriate messages to Sga-RS. Our device then filters the appropriate messages, and starts the processing. Additional messages that do not need modification are sent back to the MSC, but with modified TT, to reach their original destination, the HLR. Furthermore, it changes the CadPa value to that particular HLRs value, where its IMSI is located. It’s the same procedure, when not necessary to modify the Location Update messages. This way the Sga-RS system will remain transparent from other network elements point of view.
Routing Messages, 4G
For the 4G subscribers, a third party network element, the so called SDC (Singaling Delivery Controller) does the network rounting. https://f5.com/products/service-provider-products/signaling-delivery-controller AITIA receives only a CDR like, short notification about the ULR on the TCP/LDAP interface, and the ULA, CLR, PUR notifications on the UDP/SysLog interface. With these notifications the Sga-RSS stays up to date on the user locations, and based on these information it can steer the 4G customers.
The load-sharing mechanism
As you can see, we do not break the links in interface “D”, just route the messages. This type of approach is needed to handle the critical links safely. If any of the Sga-RS goes down or just needs software upgrade, the other one can handle the traffic from both MSCs. If both of Sga-RS machines goes down (which is very unlikely) then only the Roaming Steering service comes to a stop, the messages are delivered from the MSC to the HLR on interface “D”, like normal operation. The 4G load-sharing mechanism is built is the SDC, it is not part of the Sga-RS system. As the figure below we see 3 states:
1. Optimal state: Both servers are working properly 2. Acceptable state: One of the servers or links is down. The service is operating, but
intervention needed. 3. Critical state: Both servers or links are down. Roaming steering is down, but the
network operating normally. Urgent intervention needed.
9
10
Incoming extracts of the DIAMETER messages from the SDC
MSGType ULR ULA AIA
Parameters UTC TimeStamp Origin-Realm Origin-Host Destination-Realm Destiantion-Host IMSI
UTC TimeStamp Origin-Realm Origin-Host Destination-Realm * Destination-Host * Result-Code Experimental-Result-Code IMSI *
UTC TimeStamp Origin-Realm Origin-Host Destination-Realm Destination-Host Result-Code Experimental-Result-Code IMSI * Authentication-Info**
MSGType CLR PUR
Parameters UTC TimeStamp Origin-Realm Destination-Realm Destination-Host IMSI
UTC TimeStamp Origin-Realm Origin-Host Destination-Realm IMSI
* Extracted from request
** All vectors in HEX
Processed messages and parameters
Interface Invocation container
Operation Parameters MSG protocol
VLR -> HLR BEGIN UpdateLocation (2) TS, IMSI, MSC-Number, VLR-Number
MAP
HLR -> VLR END UpdateLocation (2) TS, HLR-Number
MAP
MME -> HSS REQUEST ULR TS, IMSI, Origin-Host, Origin-Realm,
DIAMETER/LDAP
HSS -> MME ANSWER ULA TS, IMSI, Destination-Host, Destination-Realm, Result-Code, Exp-Result-Code
DIAMETER/SysLog
11
HSS -> MME REQUEST CLR TS, IMSI, Destination-Host, Destination-Realm
DIAMETER/SysLog
MME -> HSS REQUEST PUR TS, IMSI, Origin-Host, Origin-Realm,
DIAMETER/SysLog
HSS -> MME ANSWER AIA TS, IMSI, Destination-Host, Destination-Realm, Result-Code, Exp-Result-Code Authentication-Info
DIAMETER/SysLog
MAP Error codes
UpdateLocation error codes:
• systemFailure (34) • dataMissing (35) • unexpectedDataValue (36)
• unknownSubscriber (1) • roamingNotAllowed (8)
The program can generate other error codes as well. Please see the appendix for more information. Certain error codes may have parameters in it, the program can be configured which parameter to use.
DIAMETER Error codes
ULR error codes:
• Roaming not allowed (5004) • Unknown eps subscription (5420) • Rat not allowed (5421)
The program can generate other error codes as well. Please see the appendix for more information.
12
Modular build-up of the softwares
Each box with broken lines represents an industrial PC. Both machines can substitute the other in case of failure. They are connected through TCP/IP, so they can synchronize with each other. The “SgaRS_Serv” box represents the server program, which controls the Roaming Steering process. Both Sga-RS are connected to a statistical module, which is continuously updated, to be able to supply the most recent statistics.
Routing scheme in SgaRS_SS7_XT
The SgaRS_SS7_XT module handles the incoming messages as shown below.
13
The “*” symbol shown on the figure above represents the decision what the SgaRS_Serv module makes about the location update. The decision procedure is described below. We must decide whether the incoming message is a location update or not. If not, we optionally change the CldPA parameter’s TT field to the given one. The procedure is the same, if we decide not to reject the Location Update, or the connection has broken down towards the Sga-RS_Serv module. If the decision from the Sga-RS_Serv module is to reject the Location Update we change the CldPA GT address to the ClgPA’s address of the original message (turn the message back). We also set the ClgPA address to a HLRs address where the IMSI is located. This step is important because we want to respond in the name of the HLR where the IMSI is located. The RejectCause will depend on the visited VLR. Finally we switch the routing label’s Point Codes in both case for proper routing, and set the CldPA parameter to route the messages according to the GT.
14
Decision on steering - SgaRS_Serv module The decision is based on the SgaRS_serv module. First we must see the logic behind the decisions, then the “database” of the collected data, and what information needed for the right decision. As the next step we discuss the logic behind the decisions, and the synchronization method between the server modules. Let’s see some examples of the decisions.
Examples
1. Let’s put the case that we would like to reach 40% at some country’s operator1, and 30% at operator2. We don’t have any kind of terms against operator 3. The reject count would be two at operator1, four at operator2, five at operator3. If the subscriber wants to connect to operator 3, he will try to join 5 times unsuccessfully until he manages to join. If he wants to join operator1, and the 40% successful rate hasn’t been completed yet, he will manage to join instantly. If the 40% is achieved he will have 2 unsuccessful tries, until he manage to join. (Supposed he do not try to join operator 2) 2. Staying at the example given above, if we reach the 40% at operator1, then the subscribers will be rejected until the reject count value. However they will most likely join to an operator that does not have the required percentage. That’s why operator1-s success rate will remain nearly stationary at approximately 40%. In the long run the required percentages will be achieved, if sufficiently numerous subscribers are present. 3. Let’s suppose that operator1 is configured to 70% and operator2 is to 10%. For postpaid and prepaid customers we set the MaxRejectCount to 3 for both operators, but for prepaid subscribers at operator2 we set to ignore the required percentage. So if a prepaid customer wants to connect to operator2 he still gets rejected 3 times if the required percentage has not reached the 10 %. This is why that subscriber will most likely join to operator1 while postpaid subscribers will fill up both operators evenly until the required percentage is achieved. So generally if we reach the required percentage, the location update will be rejected until we reach the reject count value. The location update can be rejected (until reject count) independently of the required percentage too. This is called “hard” decision.
The principles of the decision
• Soft decision means, that we do not reject the location update until the operator reach
the required percentage.
• Hard decision means that we do reject location updates (until it reach reject count) regardless the operator have reached the required percentage or not.
15
• If no required percentage is given we assume it is zero. • If a particular IMSIs reject count has reached its limit (MaxRejectCount), or there is no
policy given regarding to the IMSI prefix, we do not reject the Location update
• If the location update had been approved, we do not reject the updates for a while. If that “aging” time period is over the location update can be rejected again.
• If the connection between the two servers is broken the MaxRejectCount field should be halved because the server could not see, if the other one rejected the same IMSI or not. This way the original MaxRejectCount value could not be exceeded. This is called halving. (see the description at page 20)
The database
Both Sga-RS servers are working from the tables below, of course each from its own memory. Because of there are two from each table, they must be synchronized properly. This can be provided with identical configuration files, furthermore both of the servers are communicating with the other one, so the tables are updated with each event.
Note that through the search process we read the data to the first parity, so the sequence of the rows is important.
Operators (static, readable by marketing)
2G/3G:
Operator-prefix Operator prefix name
3095 GR-Panafon
3097 GR-Cosmotel
49151 Germany-D1
49171 Germany-Voda
49174 Germany-Voda
4G:
Operator-prefix Operator prefix name
202|05 GR-Panafon
202|02 GR-Cosmotel
262|06 Germany-D1
262|02 Germany-Voda
262|09 Germany-Voda
Subscribers (static, readable, writeable by marketing)
IMSI-prefix Policy
216401000391695F Our_friend
21640100 Postpaid
216406006 Prepaid
16
Required Percentages
VLR-prefixname Required Percent
Germany-D1 70
Germany-Voda 20
Telestet 10
Policies (static, readable by marketing)
"PostPaid"
VLR-prefixname RejectCountType RejectCount
Germany-D1 soft 3
Germany-Voda hard 3
Telestet soft 3
"PrePaid"
VLR-prefixname RejectCountType RejectCount
Germany-D2 soft 1
Germany-Voda soft 99
Panafon soft 10
Reject schemes (static)
VLR-prefix RejectScheme [SS7 MAP Error #N]
49172 2
44 4
* 1
IMSI series in HLRs (static)
IMSI-prefix HLR
216406000361695F 36401234567
21640700 36401234568
216 36401234560
Actual state (dynamic – Only stored in memory, not visible)
IMSI 1/2 LastOK LastReject VLR-prefixname
#1...
VLR-prefixname
...#5
216407000751694F true 2007.08.02.
07:15:23
2007.08.02.
07:13:12
Germany-D1: 7 Germany-D2: 2
216407000751695F 2007.05.31. 09:09:09
Gr-Panafon: 0
216401000751696F true 2007.06.11. 13:28:28
Germany-Voda: 1
216401000751697F 2007.05.21. 11:18:53
2007.05.21. 11:18:52
Gr-Telestet: 2 Gr-Panafon: 3
17
2G IMSI table (dynamic – Only stored in memory, not visible)
IMSI LastOK Last VLR-prefixname...
216407000751694F 2007.08.02. 07:15:23
Germany-D1
216407000751695F 2007.05.31.
09:09:09
Gr-Panafon
216401000751696F 2007.05.30. 10:10:10
Germany-Voda
216401000751697F 2007.05.21. 11:18:53
Gr-Telestet
4G IMSI table (dynamic – Only stored in memory, not visible)
IMSI LastOK MME-prefixname MME origin host
216407000751694F 2007.08.02. 07:15:23
Germany-D1 gerMME1.epc.mnc006.mcc262.3gppnetwork.org
216407000751695F 2007.05.31. 09:09:09
Gr-Panafon greeceMME1.epc.mnc005.mcc202.3gppnetwork.org
216401000751696F 2007.05.30. 10:10:10
Germany-Voda gerMME5.epc.mnc002.mcc262.3gppnetwork.org
216401000751697F 2007.05.21. 11:18:53
Gr-Telestet greeceMME6.epc.mnc010.mcc202.3gppnetwork.org
Before the decision
Before the decision the system needs information from three places:
• UpdateLocation MAP message, invocation (UL) or 4G LDAP (Diameter) ULR • Static table (ST) • Dynamic table (DT)
The information is determined as below: 2G-3G: UL->IMSI->Subscriber ST-> PolicyName UL->CalgPA(=VLR GT)->VLRprefix->OpPrefList ST-> OperatorPrefixName OperatorPrefixName->RequiredPercentages ST-> RequiredPercentage (PolicyName, OperatorPrefixName)-> (RejectCountType, MaxRejectCount) UL->IMSI->IMSIPrefix->IMSI Series in HLRs ST-> HLR GT UL->CalgPA(=VLR GT)->VLRprefix->Error Number->SgaRS_SS7_XT INI->(Error Code, Param.) 4G: ULR->IMSI->Subscriber ST-> PolicyName ULR->Origin-Host->MCC/MNC pair->OpPrefList ST-> OperatorPrefixName OperatorPrefixName->RequiredPercentages ST-> RequiredPercentage
18
ULR-> SgaRS_Serv INI -> (RejectCountType, MaxRejectCount) OR (PolicyName, OperatorPrefixName) -> (RejectCountType, MaxRejectCount) ULR-> SgaRS_Serv INI-> (Error Code)
The process of making decision in 2G-3G cases
Through the decision process we use the information collected during the preparation. The outcome of the decision can be “accept”, so we let the Location Update message to reach the HLR, or can be “reject”, when we prevent the location update with a TCAP or LDAP error message. The decision, step-by-step:
• If there is no PolicyName field for the IMSI we accept the location update.
• If the IMSI can’t be found in Actual state DT, we enroll it, if there is any free space in the DT. If there isn’t any, we accept it.
• If “LastOK” field in the Actual state DT is filled, and the grace period has not yet expired we accept it.
• If the IMSI is in the 4G IMSI DT, we accept it in the same network.
• If “1/2” field in Actual state DT is true, we halve the MaxRejectCount. • If the counter for OperatorPrefixName has not reached the RequiredPercentage, and the
RejectCountType is Soft, we set MaxRejectCount to zero. • If MaxRejectCount is 0, we accept it. • If the Actual state DT has no entry for OperatorPrefixName we create one. If there is no
room for a new one, we replace the first one with it.
• If the OperatorPrefixNames counter in Actual state DT >= MaxRejectCount we accept it. • Other cases-> Reject.
Tasks in case of Reject:
• Update time in LastReject field of Actual state DT (GMT). • Increase the counter that belongs to OperatorPrefixName in Actual state DT.
• In the error message the sender HLRs GT will be the subscriber HLRs GT. • In the error message the error code will be the “Error Code” field from the configuration
file and the optional parameter will be the “Param” field. Tasks in case of Accept:
• Add user to the 2G IMSI DT. • Update time in LastOK field of Actual state DT (GMT). • Update percent values of the OperatorPrefixes.
Those items which grace period are expired for, and have no LastOK, but have LastReject field will generate alarm (trap) files
19
The process of making decision in 4G cases
Through the decision process we use the information collected during the preparation. The outcome of the decision can be “accept”, so we let the ULR message to reach the HSS, or can be “reject”, when we prevent the location update with an error message. The decision, step-by-step:
• If there is no PolicyName field for the IMSI we accept the location update. • If the IMSI can’t be found in Actual state DT, we enroll it, if there is any free space in the
DT. If there isn’t any, we accept it. • If “LastOK” field in the Actual state DT is filled, and the grace period has not yet expired
we accept it.
• If the IMSI is in the 2G IMSI DT, we accept it in the same network. • If “1/2” field in Actual state DT is true, we halve the MaxRejectCount. • If the dwNegativeAnswerCount entry is missing, or empty we use the MaxRejectCount
value as in the 2G case.
• If the dwNegativeAnswerCount entry is filled, we use the following formula: o We generate the MaxRejectCount – CurrentRejectCount number (minimally 1) and
use the smaller one out of this number and the dwNegativeAnswerCount. • If the counter for OperatorPrefixName has not reached the RequiredPercentage, and the
RejectCountType is Soft, we set MaxRejectCount to zero.
• If MaxRejectCount is 0, we accept it. • If the Actual state DT has no entry for OperatorPrefixName we create one. If there is no
room for a new one, we replace the first one with it. • If the OperatorPrefixNames counter in Actual state DT greater than or equal to
MaxRejectCount we accept it.
• Other cases-> Reject. Tasks in case of Reject:
• Update time in LastReject field of Actual state DT (GMT). • Increase the counter that belongs to OperatorPrefixName in Actual state DT. • In the error message the error code will be the “iNegativeAnswerCode” field from the
configuration file. Tasks in case of Accept:
• Add user to the 4G IMSI DT. • Update time in LastOK field of Actual state DT (GMT). • Update percent values of the OperatorPrefixes.
20
Server connections, and updating dynamic data
For the sake of a reliable system, Sga-RS consists of two industrial grade PCs, which are the servers. Normally the system is working in load-sharing. The MSC controls the load-sharing mechanism between the two PC regarding to the MTP connections status. Both servers get the Location update messages randomly from the MSC, so that’s very likely, that a particular IMSI land for example two times to the first server, three times to the second, and once to the first again. The RejectCount field can only be controlled well, if both servers are informed, from the decision that the other made. That’s why both servers send the decisions that it made to the other. This way both servers can update their dynamic table. That’s why normally both servers are in sync with each other. Therefore the counters do not show only its own server's rejected location updates, but the sum of the two servers. In that case, when the connection between the two Sga-RS server is down, we have no information regarding to the rejects. It may be either none, or the maximal value, we have no idea. That’s why we reduce the MaxRejectCount to its half on both of the servers. This is called “halving”. With this setting, the worst case is that the subscriber gets rejected half as often at each server, so the sum MaxRejectCount does not exceeds its original value. If the connection goes back to normal state, we do not stop “halving” right away, but later with a Guard Time. This is useful because it is possible, when the connection was down, all the location update was rejected on the first server, but on the other one the Rejectcount is still zero, so MaxRejectCount can be exceeded if we switch back immediately. This way we do not leave halving mode until the information about the IMSI are obsolete. This feature does not harm the subscriber, but for the operator it’s unfavorable because the Roaming steering does not work as intended. It’s the operator’s interest to restore the connection. If the connection goes back to normal the servers will not synchronize with each other. We should keep record of the counters during the network breakdown on each server, and then summarize them. This and many more problems make it dangerous to synchronize the servers with each other. We do not cause harm to the subscriber, if the “aging” time expires, this one-sided data will be erased from the tables. Of course what we discussed above, is valid too in case we stop one of the modules, for software upgrade, or maintenance. The static tables contain both servers’ configuration files. The operator should ensure that the configuration files are identical. If one of the servers assumes that this condition in not met, it will generate an alarm message.
21
System statistics - SgaRS_Stat module Both the servers are connected to a statistics module (SgaRS_Stat), what can run on a separate machine, or on one of the Sga-RS server. SgaRS_Stat module gets all the information from the servers, which they send to each other, in order to keep the tables sync. SgaRS_Stat makes two kinds of statistics based on the information received:
• Statistics per Operators, and policy • Histogram based on the policy.
The statistics are written to disc into CSV (comma separated values) files, after user defined intervals (e.g.: 15 minutes)
Statistics per Operators, and policy
This statistics can be uploaded to PMS directly The statistics are made per operator (OperatorPrefix), and within operators per IMSI policy (PolicyName), based on the dispersion of “Accept”, and “Reject” decisions. The rows of the CSV output files are OperatorPrefix and PolicyName fields paired together. Columns of the CSV output file:
• DateTime – The beginning of the statistical interval (date, hour, minute, second – in GMT)
• VLRPrefixName – Name of the VLR prefix • IMSIPolicyName – Name of the policy based on the IMSI prefix • #OK – Number of accepted location updates
• #Rejects – Number of rejects. The number of the items, and the term of limitation can be configured.
Histogram based on the policy
The output files are in CSV format. The statistics are made per PolicyName about the dispersion of the RejectCounts before a successful Location Update. The results are comprised of two parts:
• The first ten results define how many successful location update were after 0, 1…9 rejects, until the subscriber managed to join to the preferred network.
22
• The next ten results define how many successful location update were after 0, 1…9 rejects, until the subscriber managed to join to the non-preferred network.
The statistics module gets information on the reason of accepted location updates and the number of rejects from the server modules. Based on the accepted location updates, we consider preferred network the following:
• There is no policy entry to the IMSI prefix – every VLR is preferred
• The VLR the subscriber joined is a preferred one Based on the accepted location updates, we consider non-preferred network the following:
• The Reject counter reach the MaxRejectCount value The output rows of the CSV are the PolicyName fields. Columns of the CSV output file:
• DateTime - The beginning of the statistical interval (date, hour, minute, second – in GMT) • IMSIPolicyName - Name of the policy based on the IMSI prefix • How many times does the subscriber managed to join to the preferred network, without
being rejected
• How many times does the subscriber managed to join to the preferred network, after one reject
• How many times does the subscriber managed to join to the preferred network, after two reject
• ... • How many times does the subscriber managed to join to the preferred network, after
nine reject • How many times does the subscriber managed to join to the non-preferred network,
without being rejected
• How many times does the subscriber managed to join to the non-preferred network, after one reject
• How many times does the subscriber managed to join to the non-preferred network, after two reject
• ...
• How many times does the subscriber managed to join to the non-preferred network, after nine reject
We do not count in the statistics, when a subscriber manages to switch network within its grace period, so we actually can’t reject the location update. We do not count in the statistics, when there is not enough free space in the memory to store the IMSI, and thus we accept the location update. To the end of the preferred and non-preferred statistics a custom alarm list can be made.
23
The event’s placement in the list (row number) can be defined in the configuration files. The SMS-Fraud function The purpose of the SMS-Fraud system is to filter illegal sms-s coming from foreign countries to our SMSC. Under the term “illegal SMS” we mean when an SMS have been posted on behalf of a subscriber who is not in the MSC from which the SMS was posted. It is also illegal if some parameters of the SMS can’t be interpreted, or we can’t locate the subscriber’s residence. This way we can filter an illegal SMS when it’s GT address is from out network, but originally it have been posted from abroad. The further handling of an illegal SMS is up to the user to decide, based on the rules in the program, and based on what’s the problem with the SMS. Various actions can be added to the rules (log, alarm, generate CDR, drop SMS, forward SMS)
Implementation
Apart from the LocationUpdate, and GPRSLocationUpdate messages which needed for the Roaming Steering, additional messages needed for the SMS-Fraud function to operate. These messages are the ForwardSM and Mo-ForwardSM from the international traffic. So these messages are must be routed to RSS as well. The SMS-fraud function is available in the Sga-RS_SS7 module after version 1.01. This module analyzes the inbound ForwardSM messages for the MSISDN numbers. If the MSISDN is picked, it sends a sendRoutingInfoForSM request for the HLR. The decision is based on the answer from the HLR (VLR address).
Operation
We receive, and process the ForwardSM, Mo-ForwardSM messages. The rest of the Map messages are forwarded transparently according to the Sga-RS specification. From the ForwardSM, Mo-ForwardSM messages we extract the sender’s MSISDN, and with a sendRoutingInfoForSM message to the HLR we can locate its VLR. The process of the ForwardSM, Mo-ForwardSM messages are going according to predefined rules. These rules are based on the ForwardSM, Mo-ForwardSM messages parameters, and the reply to sendRoutingInfoForSM. Data used:
• SCCP Calling Party Address: SccpCpa
• Sender IMSI: AMsisdn • Sender IMSI: AImsi
24
• Recipient MSISDN: BMsisdn • Location according to HLR: MscAdd • HLR MAP error codes: HlrErrC
Analyzing and filtering on SMS MO side:
• If the subscriber is not in that VLR, where the SMS has been submitted, the message should be filtered
• Alarm message can be generated from the events where automated intervention happened. As intervention we mean that some SMS MO can be blocked.
The SMS-fraud system sorts every message to groups according to predefined rules. If one of the inbound messages can’t be sorted, it’s placed to the “default” group. The predefined rules for each group are:
• Rule #1 = SCCP.ClgPA.GT is empty or non-decodable • Rule #2 = SCCP.ClgPA ---> HomeNetworkPrefix • Rule #3 = SCCP.ClgPA.GT <> SRI4SM(SM-RP-OA/MSISDN).Result.LocationInfo(MSC • Rule #4 = SCCP.ClgPA.GT.Prefix <> SRI4SM(SM-RPOA/
MSISDN).Result.LocationInfo(MSC).Prefix
• Rule #5 = SRI4SM.Result.Error is among 'ConsideredHLRErrors' • Rule #6 = SCCP.ClgPA(SGSN).GT.Prefix == SRI4SM(SM-RPOA/
MSISDN).Result.LocationInfo(MSC).Prefix • Rule #7 = SCCP.ClgPA(SGSN).GT.Prefix <> SRI4SM(SM-RPOA/
MSISDN).Result.LocationInfo(MSC).Prefix • Rule #8 = SM-RP-OA/MSISDN ---> not HomeNetworkPrefix • Rule #0 = (default)
• Rule #-1= Non-decodable ForwardSM • Rule #-2= HLR answer times out
The handling of the messages can be changed in the “SgaRS_SS7.ini/[SMS Fraud]/sRuleX” section. Possible commands:
• 'FwdAll' – Forward all without modify and log. • 'FwdN=...' – Forward maximum N message per period • 'LogDSP' – The message is saved to a daily message file to directory given at .ini file
„[SMS Fraud]/sSS7FilesPath”
• 'CDR' – The message is written to CDR to a directory given at ini file „[SMS Fraud]/sCDRFilesPath”; the CDRs contain timestamp, and the performed Rule
25
• 'Trap' – When the Rule is performed an ERR alarm is generated, which contains the Rule’s name
• If the FwdAll event not included, the MSU is dropped. In the system the following configuration is currently active:
• sRule1=LogDSP+CDR • sRule2=LogDSP+CDR • sRule3=LogDSP+FwdAll+CDR • sRule4=LogDSP+FwdAll+CDR+Trap
• sRule5=LogDSP+FwdAll+CDR • sRule0=FwdAll • sRule-1=LogDSP+FwdAll • sRule-2=LogDSP+FwdAll+CDR
The module is logging ForwardSM, Mo-ForwardSM messages that have parameters that can’t be decoded. If this portion of the message can be isolated, the text of the SMS is overwritten. The Sga-RS_SS7 module gives statistics every quarter hour to its log:
• Number of messages in each group
• Missing answers from the HLRs. • Number of error messages from the HLRs. • Number of SMSs that contain non-decodable parameter.
26
Logging
Every module writes a text file as log. The log file is daily scale. Logging levels:
• Off (0) – Only the warnings, errors are visible (smallest size) – Not recommended • Normal (1) – Details of normal operation are visible - Recommended
• Detailed (2) – Every one of the inbound and outbound messages are visible • Debug (3) - The messages are logged hexadecimally to the log file – Not recommended
Color code of the log file: Code Color Usage 0 Black Compact data record 1 Red Errors 2 Green Open/close output file/stream 3 Blue Open/close input file/stream 4 Yellow Warnings 5 Light Gray Detailed data (debug info) 6 Dark Gray Detailed data (user info) 7 Purple Operator intervention; Errors with emphasis
27
MAP Firewall function The implemented function listed above is an active element of the operator’s network and can set filtering rules for values in protocols SCCP, TCAP, MAP. Operations can be applied for these rules, that include forwarding, omitting, answering with End or Abort messages, create alarm etc. Multiple operations can be attached to a filtering rule. The MAPFirewall funtcion is integrated into the RSS/SS7 module regarding to maintenence resaons. The incoming messages are processed in the MAPFirewall first, than in the steering logic to priorize the module’s function as a MAP firewall. The MAPFirewall rules are implemented in the Sga-MAPFW-Filter.dll connected to the RSS/SS7 module. Parameters and their types to use in the filtering section:
SCCP.MT Integer (0..255) SCCP.ClgPA Integer (0..255) SCCP.ClgPA_NP Integer (0..15) SCCP.ClgPA_NAI Integer (0..127) SCCP.ClgPA BCD number SCCP.ClgPA_CountryName Text SCCP.ClgPA_OpPrefName Text SCCP.CadPA_TT Integer (0..255) SCCP.CadPA_NP Integer (0..15) SCCP.CadPA_NAI Integer (0..127) SCCP.CadPA BCD number SCCP.CadPA_CountryName Text SCCP.CadPA_OpPrefName Text MAP.OpCode Integer (0..255) MAP.OpCodeInvoke Integer (0..255) MAP.OpCodeResult Integer (0..255) MAP.HLRNum BCD number MAP.HLRNum_CountryName Text MAP.HLRNum_OpPrefName Text IMSI BCD number IMSI_CountryName Text IMSI_PrefName Text MSISDN BCD number MSISDN_CountryName Text MSISDN_OpPrefName Text
28
- A BCD number value may contain a wildcard ("*") at the end. The maximum length of this type is 15 digits.
- The value of an integer type can be a single number or a range of numbers. A range is defined by its lower and upper bounds separated by 2 dots (e.g. "10..15").
- The value of a text type can be a string literal enclosed in double quotes or another parameter of text type. The length of a string literal can be at most 63 characters.
- In case of the Countryname and OpPrefName, the text must match exactly with the name given is the OpPref.cfg.
- An expression item begins with a parameter name, continues with an equality operator ("==" or "!="), and ends with one or more comma-separated values.
- The expression can contain one or more items separated by ampersands ("&").
Operations to perform in case of a matching expression:
- FwdAll Forward message unchanged - LogSGA save msu to message file - CDR save msu to text based extract - Trap create SNMP alarm - EndN Answer with END message. N refers to:
(SgaRS_SS7_X.ini/[ SS7 MAP Error #N]) - Abort Answer with Abort message If neither 'FwdAll', 'EndN' or 'Abort' command included then MSU is dropped. If the msu is to dissipate, it is wise to include at least ’CDR’ or ’LogSga’ to document the dissipated messages. The default behaviour if no operation defined, is ’FwdAll’. Multiple operation can be defined to a profile, if separated by ’+’ sign.
29
Defining Rules:
Formatting:
Rule "name" ProfileCode N: (list of filtering terms)
- Each rule has a name (of max 15 characters), a profile code and an expression. - "N" can be between 0 and 9. If no rules match then the profile code 0 will be used. - An expression item begins with a parameter name, continues with an equality operator
("==" or "!="), and ends with one or more comma-separated values. - The expression can contain one or more items separated by ampersands ("&"). Some example to help define the rules:
Rule "R00a" ProfileCode 1: (SCCP.ClgPA_TT == 120..130, 140..150)
Rule "R00b" ProfileCode 1: (SCCP.ClgPA_NP == 6)
Rule "R00c" ProfileCode 1: (SCCP.ClgPA_NAI != 4)
Rule "R01a" ProfileCode 1: (SCCP.ClgPA == 36701234567)
Rule "R01b" ProfileCode 1: (SCCP.ClgPA == 3620*)
Rule "R01c" ProfileCode 1: (SCCP.ClgPA == 36301*,36309*)
Rule "R02a" ProfileCode 1: (SCCP.ClgPA_CountryName == "Austria", "Germany")
Rule "R03a" ProfileCode 1: (SCCP.ClgPA_OpPrefName == "Austria-Telekom")
Rule "R10a" ProfileCode 2: (SCCP.CadPA_TT == 120..130, 132)
Rule "R10b" ProfileCode 2: (SCCP.CadPA_NP == 7)
Rule "R10c" ProfileCode 2: (SCCP.CadPA_NAI == 3)
Rule "R11a" ProfileCode 2: (SCCP.CadPA == 36701234567)
Rule "R11b" ProfileCode 2: (SCCP.CadPA != 36301*,36309*)
Rule "R12a" ProfileCode 2: (SCCP.CadPA_CountryName == "Austria", "Germany")
Rule "R12b" ProfileCode 2: (SCCP.CadPA_CountryName == IMSI_CountryName)
Rule "R13a" ProfileCode 2: (SCCP.CadPA_OpPrefName != "Austria-Telekom")
Rule "R13b" ProfileCode 2: (SCCP.CadPA_OpPrefName != IMSI_OpPrefName)
Rule "R20" ProfileCode 2: (MAP.OpCode == 1..5, 8..10, 12)
Rule "R21" ProfileCode 2: (MAP.OpCodeInvoke == 15,19)
Rule "R22" ProfileCode 2: (MAP.OpCodeResult == 15,19)
Rule "R23a" ProfileCode 3: (MAP.HLRNum == 36301234*)
Rule "R23b" ProfileCode 3: (MAP.HLRNum_CountryName == "Netherlands")
Rule "R23c" ProfileCode 3: (MAP.HLRNum_OpPrefName == "Netherlands-Tele2")
Rule "R25a" ProfileCode 4: (IMSI == 216303003370879,2163033*)
Rule "R25b" ProfileCode 4: (IMSI_CountryName == "Slovakia")
Rule "R25c" ProfileCode 4: (IMSI_OpPrefName == "Slovakia-Orange")
Rule "R25d" ProfileCode 5: (IMSI_OpPrefName == SCCP.ClgPA_OpPrefName)
Rule "mix" ProfileCode 1: (MAP.OpCodeInvoke == 111..222 & IMSI == 2163* & SCCP.ClgPA ==
362*)
30
The rules are checked in order (from top to bottom). The rule name and profile code of the first matching rule will be used. If no rules match then the profile code 0 will be used. A rule expression is true only if all of the composing items are true. In case of the '==' operator, an item is true only if any of its values match the parameter and the parameter exists. In case of the '!=' operator, an item is true only if none of its values match the parameter and the parameter exists. Rules for multiple MAP content: - if any of it matches Abort operation, the answer will be Abort (only one), - if none matches Abort, but any of it matches EndN , the answer will be EndN, with the last
ErrorCode (only one), - if none matches Abort or EndN, but all match FwdAlll, the answer will be FwdAll - if any of it matches Trap operation, Trap will be created (multiple if needed), - if any of it matches CDR operation, CDR will be created (multiple if needed), - if any of it matches LogSga operation, SGA record will be created (only one), Handling special messages: udts: Udts messages are forwarded untouched, due to the fact, that these are error indicating messages on SCCP level. xudt / xudts: Not segmented xudt messages are handled, but converted to udt on the transmit side. Segmented messages are handled also, but right now there is no assembly operation. Handled on per segment basis, these messages are binded to profile -1. Xudts messages are forwarded untouched, due to the fact, that these are error indicating messages on SCCP level. ludt / ludts: Currently all ludt / ludts messages are forwarded untouched. (MAPfirewall function is skipped)
Modules related to the MAPFirewall function:
- SgaRS_SS7_XT v1.20 - Sga-MAPFW-Filter.dll v1.03
Configuration changes related to the MAPFirewall function:
SgaRS_SS7_XT.ini
[Setion]/entry=value comment [Advanced]/sIMSIPrefFile=IMSIPref.cfg IMSI prefix list for the IMSI filtering
[Advanced]/sOpPrefFile=OpPref.cfg VLRGT-prefix – operator list
[SS7 MAP Error #N]/byLocalErrorCodeTag=34 Value used in case of the ENDN operation. LocalErrorCode. (N=0..9)
[SS7 MAP Error #N]/byLocalErrorCodeParameterTag=4
Value used in case of the ENDN operation. LocalErrorCode. (N=0..9)
[FireWall Actions]/sSGAfilesPath=d:\SgaFiles Directory for the message files
[FireWall Actions]/sCDRfilesPath=d:\FwCDRFiles Directory for the text extracts
[FireWall Actions]/sRulesFile=Sga-MAPFW-rules.txt
MAPFw filtering rules file
31
[FireWall Actions]/ProfileN= FwdAll + CDR Operations to execute in case of matching filtering rule N. (N=0..9) In this example if an MSU matches for profile N in the Sga-MAPFW-rules.txt, it is forwarded untouched, but logged to a text based extract.
[FireWall Actions]/Profile0=FwdAll Default operation if no filtering criteria is matched.
[FireWall Actions]/Profile-1=LogSGA Profile for MAP parts that cannot be decoded, and segmented xudt messages.
Configuration Files
Below, we will describe the configuration files needed to fill in the databases. These files are editable with arbitrary text editor. Please find the sample configuration files in the appendix.
Roaming server config files
These files needed for the proper operation of the RS server:
• Server INI file - SgaRS_Serv.ini • IMSI-prefix list - SgaRS_Serv_IMSIPref.lst • Operator prefix list - SgaRS_Serv_OpPref.lst • List of rules - SgaRS_Serv_Rules.ini • Operator MCC, MNC list - SgaRS_MCCMNClist.lst
SgaRS_Serv.ini file
[RS SS7]
• wMaxConcurrentConnectionCount – Maximum number of allowed connections to the SS7_XT module
• sIPAddress - IP address of the SS7_XT module • wTCPPort - Port number of the connection
[Remote Server]
• bIInitializeConnection - If “true” it tries to connect to the second server module • wAutoConnectIntervalSec - Time interval for auto connect, if connection is interrupted • sIPAddress - IP address of the second server module • wTCPPort - Port number of the connection • dwKeepHalvingRuleAfterConnectSec - Halving mode timeout after successful
reconnection
32
[Rules]
• dwIMSIMemoryEntryCount - Record count for IMSI memory • dwIMSIMemoryEntryLifeSec - Timeout for the IMSI records (aging time) • sRulesFile - Path for policy rules file (SgaRS_Serv_Rules.ini) • sIMSIPrefFile - Path for IMSI prefix list (SgaRS_Serv_IMSIPref.lst) • sOpPrefFile - Path for operator prefix list (SgaRS_Serv_OpPref.lst)
• sMCCMNClistFile - Path for the MCC, MNC list file. (SgaRS_MCCMNClist.lst) • chPrefixDelimiter - Delimiter character between the country name, and operator in
OperatorName list [2G-Steering] - filled from MAP, used from LDAP
• dwIMSIMemoryEntryCount - Record count for 2G IMSI memory, loaded at startup • dwIMSIMemoryEntryLifeSec - Timeout for the 2G IMSI records, loaded at startup
[4G-Steering] - filled from Syslog, used from MAP
• dwIMSIMemoryEntryCount - Record count for 4G IMSI memory, loaded at startup • dwIMSIMemoryEntryLifeSec - Timeout for the 4G IMSI records, loaded at startup
[4G-Steering / Syslog]
• wLocalUDPport - UDP Port number of the SysLog connection, loaded at startup [4G-Steering / LDAP]
• wLocalTCPport - TCP Port number of the LDAP connection, loaded at startup
• sUsername - Username of the LDAP connection (Bindreq), loaded on-the-fly • sPassword - Password of the LDAP connection (Bindreq), loaded on-the-fly • iNegativeAnswerCode - Answer code used in the reject cases, loaded on-the-fly • dwNegativeAnswerCount - MaxRejectCount for 4G cases:
o If the dwNegativeAnswerCount entry is missing, or empty we use the MaxRejectCount value as in the 2G case.
o If the dwNegativeAnswerCount entry is filled, we use the following formula: � We generate the MaxRejectCount – CurrentRejectCount number (minimally
1) and use the smaller one out of this number and the dwNegativeAnswerCount.
• 127.0.0.1 = LDAP client 01 - Allowed IP addresses with remark, remark mandatory but ignored
[Statistics Server]
• wAutoConnectIntervalSec - Time interval for auto connect, if connection is interrupted • sIPAddress - IP address of the statistical module • wTCPPort - Port number of the connection
[Advanced]
• wLogDetailLevel - Log file detail level • dwMaxLinesInLogWindow - Maximum lines visible in the main window
33
• bAlternateTrapUID - trap-identifiers managing, should it generate new identifier each time or not
• sLogFilesPath - Path for log files • sTrapFilesPath - Path for trap files • sAlarmFilePath - Path for the alarm list
34
Operator VLR Prefix list
Each row holds a VLR prefix followed by a space then OperatorPrefix. The latter consists of two parts, the country name, and the operator. This two are separated by a character defined by chPrefixDelimiter key in SgaRS_Serv.ini file
Operator MCC, MNC list
Each row holds a MCC and MNC number separated by a vertical bar “|”, followed by a space then OperatorPrefix. The latter consists of two parts, the country name, and the operator. This two are separated by a character defined by chPrefixDelimiter key in SgaRS_Serv.ini file
Policy name list
Each row consists of IMSI Prefix followed by a space, and then the Policy name
Rules ini file
[RejectSchemePerVLR]
• VLRprefix = error number – Reference to SgaRS_SS7_XT ini file [SS7 MAP Error #N] section
[IMSISeriesInHLRs]
• IMSI prefix = HLR GT – Specifies that what HLR GT belongs to each IMSI Prefix [RequiredPercentages]
• VLRPrefixName = percent – Specifies the required percentages to each operator [Policy "xxx"]
• VLRPrefixName = MaxRejectCount –Specifies, what is the maximal reject count to the “xxx” policy name and operators
SgaRS_SS7_XT.ini file
[SS7]
• byReplacementTT – The Translation Type value, what should be changed • bMTP2NeedsRSServer – The MTP connection should only built up if the RS server is up
and running
35
[SS7 over GyX] - connection to remote SS7 module
• sRemoteIPAddress - IP address of the SIGTRAN module
• wRemoteTCPPort - TCP port of the SIGTRAN module • wConnectRetryDelaySec - Time between reconnection attempts
[SMS Fraud]
• sHLRQueryLocalGT - The SS7 Global Title of the module (ClgPA/GT in this module initiated BEGIN messages)
• sHLRQueryFakeGT - This value will be used as the originating SC-address in SRI4SM and ForwardSM BEGIN messages (sm-rp-OA)
• dwHLRQueryTimeoutMS – timeout for SRI4SM query. • dwHLRQueryTimeoutCountLimit – Maximum number of HLR queries at the same time. • sHomeNetworkPrefix – Prefix of the Home Network. • sSS7FilesPath – Path for message files (*.dsp).
• sCDRFilesPath – Path for CDR files. • sHLRQueryConsideredErrors – This list of errors are taken into account at Rule #5 • sRule1 – Events to perform in case of Rule #1 • sRule2 – Events to perform in case of Rule #2 • sRule3 – Events to perform in case of Rule #3
• sRule4 – Events to perform in case of Rule #4 • sRule5 – Events to perform in case of Rule #5 • sRule6 – Events to perform in case of Rule #6 • sRule7 – Events to perform in case of Rule #7 • sRule8 – Events to perform in case of Rule #8 • sRule0 – Events to perform in case of Rule #0 • sRule-1 – Events to perform in case of Rule #-1 • sRule-2 – Events to perform in case of Rule #-2 • sOpPrefFile – Prefix list of the operators prefix
[SMS Fraud: "Rule #3" Exceptions]
• sException#nn - (nn=00,01,...,99) LocationInfo.Prefix exceptions for Rule 3. [SMS Fraud: "Rule #4" Exceptions]
• sException#nn - (nn=00,01,...,99) LocationInfo.Prefix exceptions for Rule 4. [SMS Fraud: "Rule #5" Exceptions]
• sException#nn - (nn=00,01,...,99) CalgPA.Prefix exceptions for Rule 5. [SMS Fraud: "Rule #6" Exceptions]
• sException#nn - (nn=00,01,...,99) CalgPA.Prefix exceptions for Rule 6. [SMS Fraud: "Rule #7" Exceptions]
36
• sException#nn - (nn=00,01,...,99 CalgPA.Prefix exceptions for Rule 7. [RS Server]
• bAllowAutoConnect – Allow auto connect or not. Can also be configured from the menu. • wAutoConnectIntervalSec - Time interval for auto connect, if connection is interrupted
bForwardUpdLocRequests – Transmit the Location Updates, or not. Can also be configured from the menu
• sIPAddress - IP address of the server module
• wTCPPort - Port number of the connection [Advanced]
• wLogDetailLevel – Log file detail level • dwMaxLinesInLogWindow – Maximum lines visible in the main window • bAlternateTrapUID - trap-identifiers managing, should it generate new identifier each
time or not • sLogFilesPath - Path for log files
• sTrapFilesPath - Path for trap files • wThreadPeriod - Time period, when idle threads are given CPU time slice (millisecond)
[SS7 MAP Error #n] ; CallBarred
• byLocalErrorCodeTag - Error code for the n-th error • byLocalErrorCodeParameterTag - Optional parameter for the error code
GyX_SCTP.ini file
[Position] • iLeft - Position of the program module on the display screen • iTop - Position of the program module on the display screen • iWidth - Position of the program module on the display screen • iHeight - Position of the program module on the display screen
[Options]
• bAutoScroll - (Refer to the [Options]/Auto scroll menu item!) [SCTP]
• wAutoConnectIntervalSec - Period for automatic connection of SCTP associations • bAllowAutoConnectAtStartup_A - (Refer to the [SCTP]/A: Allow auto-connecting menu
item!) • bAllowAutoConnectAtStartup_B - (Refer to the [SCTP]/B: Allow auto-connecting menu
item!) • sLocalIPAddress#N - Local IP addresses for SCTP connections. If more IP addresses are
listed then multiple paths are used in associations (MultiHoming). N runs from 0 to 9.
37
• sRemoteIPAddress_A#1, sRemoteIPAddress_A#2 - Alternative IP addresses of the SCTP server A.
• sRemoteIPAddress_B#1, sRemoteIPAddress_B#2 - Alternative IP addresses of the SCTP server B.
• wRemoteSCTPPort_A - SCTP port of the SCTP server A • wRemoteSCTPPort_B - SCTP port of the SCTP server B • wLocalSCTPPort - Optional parameter if the SCTP server sticks to a given port. Normally,
it should not be used.
• wHeartbeatIntervalSec - SCTP/HEARTBEAT period • dwMaxRTOmsec - Retransmission Timeout value in milliseconds • dwMaxRetransmitsPerInit - Maximum number of retransmission for INIT chunks
• dwMaxRetransmitsPerAssociation - Maximum number of retransmissions per association • dwMaxRetransmitsPerPath - Maximum number of retransmissions per path • dwDelayedACKmsec - Defines the delay in millisec used during delayed acknowledgement
algorithm
• byIPfieldDSCP - Default value of DSCP field of IP protocol level can be overwritten by this value
[SS7]
• wTxRLDPCIfRemotelyNotSetA - The point code of the remote SS7 device on association A if it is not set by the main module
• wTxRLDPCIfRemotelyNotSetB - The point code of the remote SS7 device on association B if it is not set by the main module
• wTxRLOPCIfRemotelyNotSetA - Local point code used on association A if it is not set by the main module
• wTxRLOPCIfRemotelyNotSetB - Local point code used on association B if it is not set by the main module
[RemoteRequest]
• wLocalTCPPort - Port number, where the remote modules can connect • bSuppressDisconnectTrap - When it is true traps on disconnecting TCP connection are
suppressed
• sRemoteIPAddress - The main module with this IP address can connect to the GyX module. Used for station restriction, leave it empty for no restriction.
[SGAfiles] - entries in this section are reloaded once per every second
• sFilesPath – Path of the SGA files, if left empty no file will be written, entry reloaded in case of opening a new file
• sFileNamePrefix – Name prefix of the SGA file, entry reloaded in case of opening a new file
• sSigLinkID – LinkID in the SGA file, may consist of 2 characters [Advanced]
38
• sID - Freetext in the caption of the module • wLogDetailLevel - Log file detail level • dwMaxLinesInLogWindow - Number of lines in the log window on screen
• sLogFilesPath - Path for the LOG files • sTrapFilesPath - Path for the SNMP Trap files to be sent • bAlternateTrapUID - Allows using fixed UIDs in SNMP traps (See SNMP trap list below for
details)
• wThreadPeriod - Time period when idle threads are given CPU time slice (given in milliseconds)
SgaRS_Stat.ini file
[RS Servers]
• wMaxConcurrentConnectionCount – Maximum number of allowed connections to the RS Server module
• wTCPPort – Port number of the connection [Statistics]
• dwIMSIMemoryEntryCount – Record count for IMSI memory • dwIMSIMemoryEntryLifeSec – Timeout for the IMSI records (aging time) • dwStat1MemoryEntryCount – Max number of rows in the first statistics
• dwStat2MemoryEntryCount - Max number of rows in the second statistics • dwFlushPeriod – Time interval in second. Specifies the frequency of writing the statistical
data into file. (300 means 5 minutes, however the file won’t be generated after five minutes, but every round five minutes: 00, 05, 10, 15 etc.)
• dwFlushDelay – Delay of writing to file. This is necessary to avoid overload of the PMS. If several statistics module writes its statistics to file the same moment the PMS tries to read them all, and in result it may become malfunctioned.
• sStatisticsFilesPath – Path for statistical files. [Advanced]
• wLogDetailLevel – Log file detail level • dwMaxLinesInLogWindow – Maximum lines visible in the main window • bAlternateTrapUID - trap-identifiers managing, should it generate new identifier each
time or not • sLogFilesPath - Path for log files • sTrapFilesPath - Path for trap files • wAlarmThresholdRejectCountNowInPreferred – Alarm threshold in preferred cases for
making alarm list
• wAlarmThresholdRejectCountStillInNonpreferred - Alarm threshold in non-preferred cases for making alarm list
• sAlarmFilesPath - Path for the alarm list
39
Output Files
Logs
GyX_SCTP_yyyymmdd.log SgaRS_SS7_X_yyyymmdd.log SgaRS_Serv_yyyymmdd.log SgaRS_Stat_yyyymmdd.log
Statistics
SgaRS_Stat1(...)_yyyymmddhhmm_n.csv
SgaRS_Stat2(...)_yyyymmddhhmm_n.csv
Alarm lists
SgaRS_Serv_Alarms_ yyyymmdd.txt SgaRS_Stat_Alarms_ yyyymmdd.txt
Traps
Temporal files in a separate directory, which are sent by the Trapper module to the NOC in standard SNMP trap format.
40
Start, stop
The program should be started with its icon in the program folder instead of the .exe file itself. It is necessary because the working directory should be set to where the input files are. (see installation section) To stop the program gracefully, click to the button marked with “x” in the top right corner. The program will ask, if you really want to shut it down. Introduction to the GUI
Server module
41
The main window shows the log messages At the bottom line:
• RemServ o Gray – If the connection to the other server is up and running o Purple – When connecting is in progress o Red – If the connection is broken
• StatServ o Gray – If the connection to the statistical server is up and running o Purple – When connecting is in progress o Red – If the connection is broken
• MAP o IMSI memory used: IMSI records collected so far, in brackets the overflown IMSIs o updated: Number of the updated lines o forgotten: Forgotten IMSIs because of the aging time o 2G-IMSI memory used: Successful 2G-IMSI records collected so far, in brackets
the overflown IMSIs o updated: Number of the updated lines o forgotten: Forgotten IMSIs because of the aging time
• SysLog o 4G-IMSI memory used: Successful 4G-IMSI records collected so far, in brackets
the overflown IMSIs o ULA: Number of SysLog/ULA messages seen from the SDC o CLR: Number of SysLog/CLR messages seen from the SDC o PUR: Number of SysLog/PUR messages seen from the SDC o AIA: Number of SysLog/AIA messages seen from the SDC o ?: Number of undecoded messages o forgotten: Forgotten IMSIs because of the aging time o UDPskip: Number of UDP messages arrived with bad sequence number.
• LDAP o PDUs rx: Number of LDAP PDUs received o PDUs tx: Number of LDAP PDUs transmitted o BindReq: Number of Bind Requests received/transmitted o BindResp: Number of Bind Responses received/transmitted o SearchReq: Number of Search Requests received/transmitted o SearchResp: Number of Search Responses received/transmitted (Accept/Reject) o UnbindReq: Number of Unbind Requests received/transmitted o ???: Number of undecoded messages received
• Requests: Location update request so far • Answers: (OK+Reject answers)=summary • RemoteInfo: Information from the other server • Bottom left corner: Time left since the module has been started (hh:mm:ss)
Clicking to the log window’s header a new list will appear instead the logged lines:
42
This list is about the connection with the SS7_XT modules:
• ID: Number of the connection • Alive: „+” if the connection is active, „-”, if the connection if broken • Remote address: The SS7_XT module’s IP address • Req.count: Number of Location Update requests received since the connection is active • Last request: Time of the last request • Last TID: The last request’s transaction ID
Color code:
• Light gray: The connection is down • Dark gray: The connection is up, but no Location update has been received so far • Black: The connection is up, and displays the last request’s details
Menu structure
• Log o Find line containing... ^F – search in the log file for the given phrase o Find next matching line F3 – find nest phrase o Details – detail of the log files
43
• Reload... o ...IMSI (prefix) policies – Reload IMSIs PolicyName table o ...rules/[RejectSchemePerVLR] - Reload Reject scheme table o ...rules/[IMSISeriesInHLRs] - Reload “IMSI in HLRs” list o ...rules/[RequiredPercentages] - Reload Required Percentages o ...operator prefix codes – Reload Operator prefix list o ...MCC|MNC list
• Connections o Disconnect *all* active ‘RS-SS7’ connections - Close SS7 connections o Zero request counters of all ‘RS-SS7’ connections - Reset of the SS7 connection’s
Req.count and Answer. count counters
• Options
o Auto scroll – Auto scroll to the end of the log file in the main window o Show log – Switch to log window o Show connections – Switch to connection window o Save settings – Write changes to .ini file
44
GyX_SCTP module
• On the top of the screen you can see the program’s name, and version number. • Below the header is the menu bar. • Below the menu bar is the quick launch bar, you can access to main features from the
menu through these buttons. • In the main window you can see the log messages. • Below the log you can see the status bar:
� 1. line: o SCTP connection:
� Red – If the connection is broken. � Yellow – When connecting is in progress � Gray – If the connection is up and running.
o ASP - Application Server Process. � Red – Not received the M3UA/ASPAC_ACK message.
45
� Gray – After received the M3UA/ASPAC_ACK message. o …bps – Transfer speed in the last second. o Rx/Tx – Number of the received and transmitted messages o Error messages
� sctp - Number of SCTP disconnections � asp - Number of M3UA disconnections � dsp - Number of communication errors between the interface card and the
program � msu - Received an uninterpretable or misaddressed MSU (for example with
wrong Point Code) � 2. line:
o MSU’s buffered for Tx – MSUs buffered, waiting to be sent � 3. line:
o TCP connection – Connection to SS7_XT module � Rx/Tx - The number of messages received and sent on the TCP interface. � RxBuffered - Number of messages in the receive buffer. � RxOverrun - Number of those messages which arrived when the TCP buffer
is full. � TxCongested - Number of messages which are dropped due to congestion.
• Bottom left corner: Time left since the module has been started (hh:mm:ss).
Menu structure
• Log o Find line containing... ^F – search in the log file for the given phrase o Find next matching line F3 – find nest phrase o Details – detail of the log files
• SCTP
o A: Allow auto-connecting - Allow/prohibit (re-)connecting to the SCTP server on association A
o A: Shutdown now! - Immediately disconnects association A o B: Allow auto-connecting - Allow/prohibit (re-)connecting to the SCTP server on
association B o B: Shutdown now! - Immediately disconnects association B
• TCP Connection o Disconnect - Shut down all active connections o Zero counters - Request and answer counters of TCP connection will be cleared on
the status bar
• Options
o Auto scroll – Auto scroll to the end of the log file in the main window
46
o Save settings – Write changes to .ini file
• Debug o A: Send an ASP/sm ASPUP message - Sends an "ASP state maintenance/ASP up"
message on association A
o A: Send an ASP/tm ASPAC message -Sends an "ASP traffic maintenance/ASP active" message on association A
o A: Send an SS7snm/DAUD(remotePC) message - Sends an "SS7 signaling network
maintenance/Destination state audit" message using “INI/[SS7]/
wTxRLDPCIfRemotelyNotSetA” as the "Affected point code"
o B: Send an ASP/sm ASPUP message - Sends an "ASP state maintenance/ASP up" message on association B
o B: Send an ASP/tm ASPAC message - Sends an "ASP traffic maintenance/ASP active" message on association B
o B: Send an SS7snm/DAUD(remotePC) message – Sends an "SS7 signaling network
maintenance/Destination state audit" message using “INI/[SS7]/
wTxRLDPCIfRemotelyNotSetA” as the "Affected point code"
o Send a T/DATA/SS7/SST(remotePC,1) message - Sends an "SS7/Subsystem status
test" message with SubSystemNumber=1 using “INI/[SS7]/
wTxRLDPCIfRemotelyNotSetA” as the "Affected point code"
o Send a T/DATA/SS7/SST(remotePC,HLR=6) message - Sends an "SS7/Subsystem
status test" message with SubSystemNumber=6 using “INI/[SS7]/
wTxRLDPCIfRemotelyNotSetA” as the "Affected point code"
o Send a T/DATA/SS7/SST(remotePC, HLR=7) message - Sends an "SS7/Subsystem
status test" message with SubSystemNumber=7 using “INI/[SS7]/
wTxRLDPCIfRemotelyNotSetA” as the "Affected point code"
o Send a T/DATA/SS7/SST(remotePC, HLR=8) message - Sends an "SS7/Subsystem
status test" message with SubSystemNumber=8 using “INI/[SS7]/
wTxRLDPCIfRemotelyNotSetA” as the "Affected point code"
47
SgaRS_SS7_XT module
• On the top of the screen you can see the program’s name, and version number. • Below the header is the menu bar. • Below the menu bar is the quick launch bar, you can access to main features from the
menu through these buttons.
• In the main window you can see the log messages. • Below the log you can see the status bar: • 1. line:
o GyX - Connection to the GyX_SCTP module: � Red – If the connection is broken. � Purple – When connecting is in progress � Gray – If the connection to the other remote module is up and running.
o …bps – Transfer speed in the last second. o Rx – Received messages from the GyX_SCTP module. o Tx – Transmitted messages to the GyX_SCTP module.
• 2. line:
48
o Rx - Number of all the inbound messages (UpdateLocation (UL), UpdateGPRSLocation (UgL), SendParameter (SP), SendAuthenticationInfo (SAI), ForwardSM (FwdSM), Unknown/not decoded messages (?))
o Tx - Number of the outbound UpdateLocation and ForwardSM (*) and Reject (Rej) messages
o Err - Error counters: MSU, TCAP errors. The interpretation of the error counters: � msu - Number of uninterpretable, or misdirected (wrong point code) msu-s. � tcap - Number of wrong TCAP messages.
o • 3. line:
o RS-Server - Connection to the RS-Server: � Red – If the connection is broken. � Purple – When connecting is in progress. � Gray – If the connection to the other server is up and running.
o Tx - Transmitted messages to the RSS server module. o Rx - Received messages from the RSS server module.
• 4. line o HLR-Query feature for SMS-Fraud. o Tx - Sent messages to the HLR. o Rx - Positive and negative answers received from the HLR. o T/O - Number of answers not received, plus received after timeout.
• 5. line o Counters for the CDF (Call Dispatch Function), for further details please check the
Sga-CDF (Eureg III) documentation • Bottom left corner: Time left since the module has been started (hh:mm:ss).
• It’s displayed in the status bar, when a trap was generated in the last fifteen minutes because of a Rule.
Menu structure
• Log o Find line containing... ^F – search in the log file for the given phrase o Find next matching line F3 – find nest phrase o Details – detail of the log files
• RS Server
o Allow auto-connect to RS-Server (^A) – Allow/prohibit auto connection to RS server
o Terminate connections to RS Server now - Disconnect from RS Server
• SMS Fraud o Reload rules - Reloads ini sections [SMS Fraud]/RuleX and
sHLRQueryConsideredErrors
49
o Reload rule exceptions - Reloads ini section [SMS Fraud: 'Rule #X']/ sException#nn o Reload operator prefix codes – Reloads the operator list
• MAPCAPv Alarms o Reload definition file - Reloads MAP and CAP requirements list (Defined by
[MAPCAPv Alarms]/sDefinitionFile) o Reset daily alarm list - Resets the MAP/CAP alarm list for the current day
• CDF o Menu item for the CDF (Call Dispatch Function), for further details please check
the Sga-CDF (Eureg III) documentation
• Options
o Auto scroll – Auto scroll to the end of the log file in the main window o Save settings – Write changes to .ini file
50
Statistical server
Th screen shows the log (main) screen of the statistics module. The status bars information at the bottom of the screen:
• IMSI memory used: IMSI records collected so far, in brackets the overflown IMSIs • Stat1 memory used: The filled statistical records so far in the first memory, in brackets
the overflown records • Stat2 memory used: The filled statistical records so far in the second memory, in brackets
the overflown records
• Bottom left corner: Time left since the module has been started (hh:mm:ss) • Answers: (OK+Reject answers)=summary
If you click to the header of the log messages (Time, Data), it will switch to the connections window similarly to the Sga-RS module.
51
Menu structure
• Log o Find line containing... ^F – search in the log file for the given phrase o Find next matching line F3 – find nest phrase o Details – detail of the log files
• Connections
o Disconnect *all* active ’RS-Server’ connections - Close connections to RS-Server o Zero counters request of *all* ’RS-Server’ connections - Reset of the RS-Server
connection’s counters • Options
o Auto scroll – Auto scroll to the end of the log file in the main window o Show log – Switch to log window o Show connections – Switch to connection window o Save settings – Write changes to .ini file
• Connections
o Disconnect *all* active ’RS-Server’ connections - Close connections to RS-Server o Zero counters request of *all* ’RS-Server’ connections - Reset of the RS-Server
connection’s counters
52
Appendix
Example of the server ini file
[Position] iLeft=65532 iTop=65532 iWidth=947 iHeight=612 [Options] bAutoScroll=True [Rules] dwIMSIMemoryEntryCount=100000 dwIMSIMemoryEntryLifeSec=3600 sRulesFile=.\SgaRS_Serv_Rules.ini sIMSIPrefFile=SgaRS_Serv_IMSIPref.lst sOpPrefFile=SgaRS_Serv_OpPref.lst sMCCMNClistFile=SgaRS_MCCMNC_list.lst chPrefixDelimiter=- [2G-Steering] ; filled from MAP, used from LDAP ; entries below are loaded and logged at start-up dwIMSIMemoryEntryCount=100000 dwIMSIMemoryEntryLifeSec=864000 [4G-Steering] ; filled from Syslog, used from MAP ; entries below are loaded and logged at start-up dwIMSIMemoryEntryCount=100000 dwIMSIMemoryEntryLifeSec=86400 [4G-Steering / Syslog] ; entry below is loaded at start-up wLocalUDPport=10002 [4G-Steering / LDAP] ; entries below are loaded at start-up wLocalTCPport=389 ; entries below are loaded on-the-fly sUsername = cn=Manager, ou=SGARSS sPassword = test iNegativeAnswerCode = 5012
53
dwNegativeAnswerCount = ; left-side values are the IP-addresses to be allowed to connect from ; right-side values are mandatory but ignored (can be used as a remark) 127.0.0.1 = machine that can connect and send simple LDAP queries to us [Statistics Server] ; remote IP address and TCP port wAutoConnectIntervalSec=5 sIPAddress=127.0.0.1 wTCPPort=5067 [RemoteRequest] wMaxConcurrentConnectionCount=3 sIPAddress=127.0.0.1 wTCPPort=5069 ; bSuppressDisconnectTrap=True [Advanced] wLogDetailLevel=2 dwMaxLinesInLogWindow=1000 bAlternateTrapUID=False sLogFilesPath=d:\SGA\RoamingSteering\Bin\Server\LogFiles sTrapFilesPath=d:\SGA\RoamingSteering\Bin\Server\TrapFiles
Example of the SgaRS_Serv_OpPref.lst
3093 Gr-TeleStet_Hellas 3094 Gr-Panafon 3097 Gr-Cosmotel 49 Germany 49151 Germany-D1 491520 Germany-Voda 49163 Germany-E-Plus 4917312 Germany-Voda__BADVLR 49176 Germany-O2
Example of the SgaRS_MCCMNC.lst
216|030 Hungary-Westel 204|008 Netherlands-KPN 450|008 South_Korea-KTF_3G
54
Example of the SgaRS_Serv_IMSIPref.lst
216401234512345 Our_Enemy 216401231231231 Our_Enemy 2 StartAs2 216401212121212 Our_Enemy 216401234567890 Normal 2164056 PrePaid 216409876543210 Our_Enemy 21640321 Normal 21640487 Normal 216407800000000 Our_Friend 216405001 Normal 216405002 Normal 216407003 Normal 21640700 Normal 2164080006 Our_Enemy 2164080008 Our_Friend
Example of the SgaRS_Serv_Rules.ini
[RejectSchemePerVLR] ; VLR-prefix=RejectScheme, where "...=N" refers to section [SS7 MAP Error #N] of SgaRS_SS7.ini ; maximum 100 entries ; "*=..." indicates default ; read from top to bottom ; reloaded on start-up and on request (from menu) 49172=2 49=3 43=4 44=4 35840=2 *=1 ========================================================== [IMSISeriesInHLRs] ; IMSIPrefix=HLR ; maximum 50 entries ; read from top to bottom ; reloaded on start-up and on request (from menu) 2164001 = 36401234567 ; HLRA
55
2164002 = 36401234568 ; HLRB 2164003 = 36401234569 ; HLRC 21640789 = 36401234560 ; pilot ========================================================== [RequiredPercentages] ; VLR-prefixname=RequiredPercent [%] ; dash ('-') within the prefix name separates country and network names ; 1000 entries at most ; prefix names are case sensitive ; reloaded on start-up and on request (from menu) Germany-D1 = 70 Germany-Voda = 20 Gr-Panafon = 20 Gr-Cosmotel = 20 ========================================================== ; [Policy "xxx"] ; VLR-prefixname=MaximumRejectCount ; marking MaximumRejectCount with '*' prohibits ignorance that would occur when required percentage is not yet met ; reloaded on-the-fly [Policy "Our friend"] Germany-D1 = 1 Germany-Voda = 1 Germany-Voda__BADVLR = *99 Gr-TeleStet_Hellas = 1 [Policy "Normal"] Germany-Voda = *3 Germany-O2 = 3 Gr-Panafon = 3 Gr-Cosmotel = *3 [Policy "Our_enemy"] Germany-D1 = 19 Germany-Voda = 19 Germany-Voda__BADVLR = 1 Gr-TeleStet_Hellas = *99
56
Example of the GyX_SCTP.ini file
[Position] iLeft=140 iTop=72 iWidth=995 iHeight=694 [Options] bAutoScroll=True [SCTP] wAutoConnectIntervalSec=2 bAllowAutoConnectAtStartup_A=True bAllowAutoConnectAtStartup_B=True sLocalIPAddress#N=10.0.123.10 sRemoteIPAddress_A#1=10.0.123.20 sRemoteIPAddress_A#2=10.0.123.21 sRemoteIPAddress_B#1=10.0.124.20 sRemoteIPAddress_B#2=10.0.124.21 wRemoteSCTPPort_A=2905 wRemoteSCTPPort_B=2905 wLocalSCTPPort=2905 wHeartbeatIntervalSec=10 dwMaxRTOmsec=15000 dwMaxRetransmitsPerInit=3 dwMaxRetransmitsPerAssociation=9 dwMaxRetransmitsPerPath=4 dwDelayedACKmsec=500 byIPfieldDSCP=0x5A byClientServerMode=1 ; 0 = ClientOnly, 1 = ServerOnly, 2 = Bisex [SS7] wTxRLDPCIfRemotelyNotSetA=201 wTxRLDPCIfRemotelyNotSetB=201 wTxRLOPCIfRemotelyNotSetA=13 wTxRLOPCIfRemotelyNotSetB=200 [RemoteRequest] wLocalTCPPort=3000 bSuppressDisconnectTrap=True sRemoteIPAddress=127.0.0.1
57
[SGAfiles] sFilesPath=D:\SGAfiles sFileNamePrefix=GyDiameter_SCTP_9 sSigLinkID=SC [Advanced] wLogDetailLevel=3 dwMaxLinesInLogWindow=1000 sLogFilesPath=d:\LogFiles sTrapFilesPath=d:\TrapFiles bAlternateTrapUID=False wThreadPeriod=100
Example of the SgaRS_SS7_XT.ini file
[Position] iLeft=65532 iTop=65532 iWidth=808 iHeight=608 [Options] bAutoScroll=True [SS7] bMTP2NeedsRSServer=True byReplacementTT=444 [SS7 over GyX] sRemoteIPAddress=127.0.0.1 wRemoteTCPPort=9002 wConnectRetryDelaySec=3 [RS Server] bAllowAutoConnect=True wAutoConnectIntervalSec=2 sIPAddress=127.0.0.1 wTCPPort=5069 [SMS Fraud] sHLRQueryLocalGT=36301234567 sHLRQueryFakeGT=36309998877 dwHLRQueryTimeoutMS=999000
58
dwHLRQueryTimeoutCountLimit=9 sHomeNetworkPrefix=36 ;sHomeNetworkPrefix=30697 sSS7FilesPath=d:\SS7Files sCDRFilesPath=d:\CDRFiles sHLRQueryConsideredErrors=27, 1, 6, ; Rule1 = SCCP.ClgPA.GT is empty or undecodeable ; Rule2 = SCCP.ClgPA ---> HomeNetworkPrefix ; Rule3 = SCCP.ClgPA(MSC).GT <> SRI4SM(SM-RP-OA/MSISDN).Result.LocationInfo(MSC) ; Rule4 = SCCP.ClgPA(MSC).GT.Prefix <> SRI4SM(SM-RP-OA/MSISDN).Result.LocationInfo(MSC).Prefix ; Rule5 = SRI4SM.Result.Error is among 'ConsideredHLRErrors' ; Rule6 = SCCP.ClgPA(SGSN).GT.Prefix == SRI4SM(SM-RP-OA/MSISDN).Result.LocationInfo(MSC).Prefix ; Rule7 = SCCP.ClgPA(SGSN).GT.Prefix <> SRI4SM(SM-RP-OA/MSISDN).Result.LocationInfo(MSC).Prefix ; Rule8 = SM-RP-OA/MSISDN ---> not HomeNetworkPrefix ; Rule0 = (default) ; Rule-1= Undecodeable ForwardSM ; Rule-2= SgaSS7-R4 is not available or HLR answer times out ; available commands = 'FwdAll', 'LogDSP', 'CDR', 'Trap', 'FwdN=...' ; if 'FwdAll' or 'FwdN=...' command is not included then MSU is dropped sRule1=LogDSP+CDR+FwdN=5 sRule2=LogDSP+CDR+FwdN=0 sRule3=FwdAll+CDR sRule4=LogDSP+CDR+FwdN=15 sRule5=LogDSP+CDR+FwdN=0 sRule6=LogDSP+CDR+FwdN=15 sRule7=LogDSP+CDR+FwdN=15 sRule8=LogDSP+CDR+FwdN=0 sRule0=FwdAll+CDR sRule-1=LogDSP+CDR+FwdN=15 sRule-2=LogDSP+FwdAll+CDR sOpPrefFile=SgaRS_Serv_OpPref.lst [SMS Fraud: "Rule #3" Exceptions] sException#01=ANTIGUA-DIGICEL sException#02=ARGENTINA-PERSONAL [SMS Fraud: "Rule #4" Exceptions] [SMS Fraud: "Rule #5" Exceptions] ;sException#00=GREECE-COSMOTE ;sException#99=AUSTRIA-A1
59
[SMS Fraud: "Rule #6" Exceptions] sException#01=AUSTRIA-ORANGE sException#02=BELGIUM-BASE [SMS Fraud: "Rule #7" Exceptions] sException#01=GERMANY-T-MOBILE sException#02=NETHERLANDS-T-MOBILE [Advanced] wLogDetailLevel=2 dwMaxLinesInLogWindow=1000 sLogFilesPath=d:\LogFiles bAlternateTrapUID=False sTrapFilesPath=d:\TrapFiles s8004FilesPath=d:\8004files [SS7 MAP Error #1] ; CallBarred byLocalErrorCodeTag=13 byLocalErrorCodeParameterTag=1 [SS7 MAP Error #2] ; AbsentSubscriber byLocalErrorCodeTag=27
Example of the statistics module INI files
[Position] iLeft=7 iTop=6 iWidth=1235 iHeight=612 [Options] bAutoScroll=True [RS Servers] ; local TCP port wMaxConcurrentConnectionCount=3
60
wTCPPort=5067 [Statistics] dwIMSIMemoryEntryCount=100000 dwIMSIMemoryEntryLifeSec=3600 dwStat1MemoryEntryCount=25000 dwStat2MemoryEntryCount=250 dwFlushPeriod=300 dwFlushDelay=120 sStatisticsFilesPath=d:\StatFiles [Advanced] wLogDetailLevel=2 dwMaxLinesInLogWindow=1000 bAlternateTrapUID=False sLogFilesPath=d:\LogFiles sTrapFilesPath=d:\TrapFiles wAlarmThresholdRejectCountNowInPreferred=3 wAlarmThresholdRejectCountStillInNonpreferred=9 sAlarmFilesPath=d:\AlarmFiles
61
Alarms (Traps)
Sga-RS SS7_XT: 0, INF, "'$MainCaption$' module is started." 0, WAR, "'$MainCaption$' module has been shut down by operator." 0, INF, "SS7(A/B)/MTP2 connection is up." ++N, CRI, "SS7(A/B)/MTP2 connection has died." ++N, CRI, "SS7(A/B)/MTP2 connection has died. (operator)" ++N, CRI, "SS7(A/B)/MTP2 connection has died. (PCM also)" N, CEA, "SS7(A/B)/MTP2 connection has died." Sga-RS Server: 0, INF, "'$MAINCAPTION$' module is started." 0, WAR, "'$MAINCAPTION$' module has been shut down by operator." ++N, ERR, "There've been $OVERFLOWNRECORDCOUNT$ records that didn't fit in IMSI table!" ++N, ERR, "Error: There is no HLR defined for IMSI='$IMSI$'!" 0, INF, "TCP(RemoteServer): Connection is up." ++N, ERR, "TCP(RemoteServer): Connection closed by remote side." ++N, ERR, "TCP(RemoteServer): Connection closed because remote side is reconnecting." ++N, ERR, "TCP(RemoteServer): Received $BYTECOUNT$ bytes of illegible request - dropping connection." ++N, ERR, "TCP(RemoteServer): Received request with bad MagicCode - dropping connection." ++N, ERR, "TCP(RemoteServer): Received request with bad CheckSum - dropping connection." ++N, ERR, "TCP(RemoteServer): Failed to send info of #$TID$; disconnecting!" N, CEA, "TCP(RemoteServer): Connection closed." 0, INF, "'RS-SS7' connection #$CONNECTIONID$ is up." ++N, ERR, "'RS-SS7' connection #$CONNECTIONID$ closed by the remote side." ++N, ERR, "'RS-SS7' connection #$CONNECTIONID$ closed by operator." ++N, ERR, "'RS-SS7' connection #$CONNECTIONID$: Received $BYTECOUNT$ bytes of illegible request on - dropping connection." ++N, ERR, "'RS-SS7' connection #$CONNECTIONID$: Received request with bad MagicCode - dropping connection." ++N, ERR, "'RS-SS7' connection #$CONNECTIONID$: Received request on with bad CheckSum - dropping connection." N, CEA, "'RS-SS7' connection #$CONNECTIONID$ closed." ++N, CRI, "No more 'RS-SS7' connections are available." Sga-RS Statistics: 0, INF, "'$MAINCAPTION$' module is started." 0, WAR, "'$MAINCAPTION$' module has been shut down by operator."
62
++N, ERR, "There've been $OVERFLOWNRECORDCOUNT$ records that didn't fit in IMSI table!" ++N, ERR, "There've been $OVERFLOWNRECORDCOUNT$ records that didn't fit in Stat1 table!" ++N, ERR, "There've been $OVERFLOWNRECORDCOUNT$ records that didn't fit in Stat2 table!" 0, INF, "'RS-Server' connection #$CONNECTIONID$ is up." ++N, ERR, "'RS-Server' connection #$CONNECTIONID$ closed by the remote side." ++N, ERR, "'RS-Server' connection #$CONNECTIONID$ closed by operator." ++N, ERR, "'RS-Server' connection #$CONNECTIONID$: Received $BYTECOUNT$ bytes of illegible request - dropping connection." ++N, ERR, "'RS-Server' connection #$CONNECTIONID$: Received request with bad MagicCode - dropping connection." ++N, ERR, "'RS-Server' connection #$CONNECTIONID$: Received request with bad CheckSum - dropping connection." N, CEA, "'RS-Server' connection #$CONNECTIONID$ closed." ++N, CRI, "No more 'RS-Server' connections are available." ++N, ERR, "There've been $ACTUALSMSCOUNT$ ForwardSM from MSISDN "$MSISDN"!" ++N, WAR, "There've been $ACTUALSMSCOUNT$ ForwardSM from MSISDN "$MSISDN"!" ++N, ERR, "There've been $ACTUALSMSCOUNT$ ForwardSM from operator "$CLGPAGTPREFIX$"!" ++N, ERR, "There've been $ACTUALSMSCOUNT$ ForwardSM to operator "$RECIPIENTPREFIX$"!" Note: The difference between the "$MAINCAPTION$" and the "$MainCaption$" bear with information. The first one is a defined name, but the second one is formed from the EXE when launched. This is important because more modules with the same name can run at the same time, so in a caption it’s always clear which module it belongs to.
63
Usable error codes in the END messages
Error codes regarding to the Location Update messages systemFailure (34) dataMissing (35) unexpectedDataValue (36) unknownSubscriber (1) roamingNotAllowed (8) Other codes:
FacilityNotSupported, UnknownSubscriber, NumberChanged, UnknownMSC, UnknownEquipment, IllegalSubscriber, IllegalEquipment, BearerServiceNotProvisioned, TeleserviceNotProvisioned, NoHandoverNumberAvailable, SubsequentHandoverFailure, TracingBufferFull, OR-NotAllowed, NoRoamingNumberAvailable, AbsentSubscriber, BusySubscriber, NoSubscriberReply, CallBarred, ForwardingViolation, ForwardingFailed, CUG-Reject, ATI-NotAllowed, IllegalSS-Operation, SS-ErrorStatus, SS-NotAvailable, SS-SubscriptionViolation, SS-Incompatibility, UnknownAlphabet, USSD-Busy,
64
PW-RegistrationFailure, NegativePW-Check, NumberOfPW-AttemptsViolation, SubscriberBusyForMT-SMS, SM-DeliveryFailure, MessageWaitingListFull, AbsentSubscriberSM, ResourceLimitation, NoGroupCallNumberAvailable, ShortTermDenial, LongTermDenial, IncompatibleTerminal, UnauthorizedRequestingNetwork, UnauthorizedLCSClient, PositionMethodFailure, UnknownOrUnreachableLCSClient, ATSI-NotAllowed, ATM-NotAllowed, InformationNotAvailable, MM-EventNotSupported, TargetCellOutsideGroupCallArea
Usable error codes in the ULR messages
The SDC uses experimental result codes for rejection; this is a short list of the usable codes Experimental result codes (3GPP TS 29.272 V12.1.0)
• Permanent failures: o DIAMETER_ERROR_USER_UNKNOWN 5001 o DIAMETER_AUTHORIZTAION_REJECTED 5003 o DIAMETER_ERROR_ROAMING_NOT_ALLOWED 5004 o DIAMETER_ERROR_UNKNOWN_EPS_SUBSCRIPTION 5420 o DIAMETER_ERROR_RAT_NOT_ALLOWED 5421 o DIAMETER_ERROR_EQUIPMENT_UNKNOWN 5422 o DIAMETER_ERROR_UNKNOWN_SERVICE_NODE 5423
• Transient failures: o DIAMETER_AUTHENTICATION_DATA_UNAVAILABLE 4181
