V500R005
Product Description
Issue 01
Date 2017-3-16
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees or
representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Website: http://www.huawei.com
Email: support@huawei.com
Purpose
This document describes the HUAWEI AAA product, including the positioning, structure,
networking, application scenarios, and technical specification of the product.
Notice: the product AAA is the same as the product AAA-SW to be quoted in BOQ.
Revision Records
Updates between document issues are cumulative. Therefore, the latest document issue
contains all updates made in previous issues.
Updates in Issue 01
Initial release
Contents
2 Architecture .................................................................................................................................2-1
2.1 Overview ....................................................................................................................................................... 2-1
2.1 Logical Structure ........................................................................................................................................... 2-1
2.2 Hardware Structure ....................................................................................................................................... 2-5
2.2.1 Hardware View .................................................................................................................................... 2-5
2.2.2 Hardware Features ............................................................................................................................... 2-6
2.2.3 Physical Parameters ............................................................................................................................. 2-6
Figures
Figure 2-2 AAA Physical Architecture and External Interface ........................................................................... 2-2
Figure 2-3 Front view of the ATAE .................................................................................................................... 2-5
Figure 3-1 Broadband application Network Diagram .......................................... Error! Bookmark not defined.
Figure 3-2 WCDMA/GPRS Network Diagram .................................................... Error! Bookmark not defined.
Figure 3-4 Proxy application Network Diagram .................................................. Error! Bookmark not defined.
Figure 3-5 VPDN Application Network Diagram ................................................ Error! Bookmark not defined.
Tables
Table 2-1 Application, production function, external NE and protocol relationship .......................................... 2-3
Table 2-2 Main physical parameters of the ATAE shelf ..................................................................................... 2-6
1 Introduction
1.1 Positioning
The description based on HUAWEI AAA V500R005 Version.
With the 3G network operators around the world large-scale construction, intelligent terminals,
such as iPhone, Android rapid adoption, a variety of mobile broadband applications like the
outbreak mushroomed, mobile applications from the original simple voice communication
into the era of multi-service convergence, VoIP, Online Game, Streaming Media, MTV, GPS
navigation and community networks, etc., marking the mobile network into the mobile
broadband era. According to the industrys leading research institutions, the authority Informa
Telecoms & Media predicted that the next 5 years, mobile broadband data volume will be
about 100 times than 2009 years.
With the growth of data services, there are different users and business existing in the mobile
broadband networks. How to better operate pipeline, reduce CAPEX and OPEX costs of
operators, bring more benefits and better user experience, which is the biggest challenge faced
by all the full-services operators.
Mobile broadband networks exist on the face of different users and different business
situations, how to better operate a good pipeline, reduce CAPEX and OPEX costs of operators,
for operators to bring greater benefits and better user experience, is full-service operators face
the biggest challenge.
As the core component of the Huawei data and voice next-generation billing and business
supporting solution, AAA supports all business, the entire users pipeline policy control. As
the charging gateway with OCS system, the AAA supports controlling and charging for the
E2E pipeline resources. The AAA will help operators well managed and operated network
pipeline, ensure traditional voice channel ongoing operations, better support data pipeline
continuing operations.
Huawei AAA can work as traditional INs SCP, named OCG, Online Control and Charging
Gateway, PCRF, Policy and Charging Rules Function, Service Broker and Routing. AAA,
Authentication Authorization and Accounting.
This document describes the AAA function
Figure 1-1 shows the position of the AAA in the network:
1.2 Benefits
The AAA will bring the following benefits for the operators:
The AAA supports configure the accounting message forwarding policy based on the
subscriber identity, domain, NAS client etc. And can forward to the multiple targets for
one accounting message.
High Reliability
The two-node cluster redundancy mechanism prevents single-point failures.
The N+1 cluster mode provides the load balancing function.
High Performance
A high-performance underlying communication platform is used to shield the differences
between operating systems and to provide a componentized, distributed, and
high-performance service running and development environment.
2 Architecture
2.1 Overview
The AAA adopts modularized design. The module can be deployed based on demands.
SEE Core
HUAWEI AAA adopts HUAWEI SEE (Service Execution Environment) platform.
The SEE Core is a basic platform and it encapsulates the operating system and the hardware.
Engineers do not need to consider the features of the operating system and the hardware when
they are developing services on the platform.
The SEE Core provides various basic services, including component containers, message
buses, distributed objects management, network management, log management, and
component integration.
The SEE Core also provides a unified interface definition language (IDL) for internal
components by using message buses. The IDL simplifies the communication between internal
components.
Resource Adapter
The resource adapters in the access layer enable the system to communicate with external
network entities by converting external messages and internal IDL messages. These adapters
are included Radius adapter, diameter adapter, MAP adapter and so on.
SCS
The Service Capability Set (SCS) provides call control based on RADIUS/diameter and
service schedule functions. It also provides some commonly used components.
Reusable Unit
The layer provides the reusable unit, for example, policy rule, for the up layer application
Application
The application is the functions which can be provided by AAA.
Physical Structure
Huawei AAA physical entity and its external interface:
1 CPU Two Intel Xeon 5138 dual-core processors with low power
consumption
2 Memory 32 GB
3 Interface Six Gigabit Ethernet interfaces and one FC loopback daughter
card
4 Operating SuSE Linux 10
system
5 Power Two -48V DC power inputs for redundant backup (provided by
the backplane of the shelf)
6 Maximum 214.2 W
power
7 Maximum 4.76 kg
weight
8 Hard disk 2 * 73 GB
9 Dimensions W * D * H = 322.3 mm * 280 mm * 29 mm
The physical parameters provided here are only for reference. The actual parameters may vary in actual
situation.
3.1 Overview
As an access server, AAA AAA authenticates, authorizes, and charges subscribers who access
the network from Network Access Server (BRAS/AC/GGSN). AAA interacts with the
operation support system (OSS) to manage subscriber data, service data, and AAA.
Through BSS system, user request for using LTE networks and get account from BSS.
The BSS system synchronizes the user access profile to AAA system through SOAP
interface.
A user powers on the mobile phone and requests to access the Internet. The GGSN
interacts with the HUAWEI AAA to authenticate the user.
The HUAWEI AAA generates CDR for subscribers.
The PDN GW allows the user to access the Internet. When the user is online, the GGSN
collects the information about the duration and volume that the user uses and reports the
information to the HUAWEI AAA.
HUAWEI AAA supports forward messages to 3rd application such as DPI, and supports
session information query via HTTP protocol.
4.1 Overview
The HUAWEI AAA operation management mode is described as follows:
Network maintenance personnel of a carrier configure the devices and manage the NEs
on the I2000.
Maintenance personnel of the central telecommunications room configure service data
on the Web Client, i.e. SMAP.
Customer service personnel handle services on the SMAP or in a third-party system such
as the CRM or Provisioning system.
4.2 Benefits
4.2.1 Unified Maintenance
The benefits refer to that the I2000 provides unified maintenance and management functions
for the HUAWEI AAA system during installation, upgrade, routine maintenance,
troubleshooting, statistics analysis and Management.
I2000 Server is the convergent manage point of the whole OM system, it communicates with
UOA (Uniform Operation and maintenance Agent, also known as UOAgent), AMOS (Alarm
Monitor of Outsourcing System) running on the CBP, BMP and other servers, to realize
network entity monitor and management. Usually, each equipment room will be equipped
with one set of I2000 server.
As the client of I2000, iTrace, iConfig and I2000 client provides friendly GUI for to operator
to carry out diagnoses, configuration and other management operations.
AAA OM system provide alarm, statistics, diagnose and other functions, it can connect to
Huawei iManager I2000 or other NMS via SNMP.
4.2.2 OM Functions
OM provides abundant statistics and measurement items, include:
Traffic items, such as numbers of Radius messages received/sent in the unit period
Key service performance items
Resource related items and etc.
Statistics items will be collected by I2000 periodically from AAA components, the result can
be stored in OM system, and retrieved by external system such as data warehouse.
OM system provides AAA wide unified alarm numbering and management, including alarm
collection, alarm report and resume, alarm enquiry. The content of alarm in OAM system
includes:
ID
Category, fault or event
Level, critical, major, minor and prompt
Timestamp
Entity ID, used to locate which component raise the alarm
Reason
Advice for troubleshooting
Additional information
I2000 client provides visible and audible alarm prompt. Equipment contains different level
alarm will be displayed in different icon, and the sound for different alarm is also different.
5 Technical Specification
AAA complies with the following standards, but not all the feature or the field can be
supported by the AAA.
No Name Notes
RFC 1901: Introduction to Community-based
1
SNMPv2
RFC 1902: Structure of Management Information
2 for Version 2 of the Simple Network
SNMP V2 Standards
Management Protocol (SNMPV2)
RFC 1905: Protocol Operations for Version 2 of
3 the Simple Network Management Protocol
(SNMPV2)
4 RFC 2618: RADIUS Authentication Client MIB
5 RFC 2619: RADIUS Authentication Server MIB Radius Protocol Standards
6 RFC 2620: RADIUS Accounting Client MIB MIB
No Name Notes
RFC 2868:RADIUS Attributes for Tunnel
14
Protocol Support
15 RFC 2869: RADIUS extension
EAP-TTLS Reference
16 draft-funk-eap-ttls-v1-01.txt
Standard
17 draft-funk-tls-inner-application-extension-03.txt EAP-TLS Reference Standard
EAP-TTLS Reference
18 draft-ietf-pppext-eap-ttls-05.txt
Standard
RFC2716: PPP EAP TLS Authentication
19 EAP-TLS Reference Standard
Protocol
20 RFC2246: The TLS Protocol Version 1.0 TLS Reference Standard
RFC2759: Microsoft PPP CHAP Extensions, Microsoft CHAP Used in
21
Version 2 EAP-TTLS
RFC3579: RADIUS (Remote Authentication Dial
22 In User Service) Support For Extensible EAP Reference Standard
Authentication Protocol (EAP)
RFC3748: Extensible Authentication Protocol
23 EAP Reference Standard
(EAP)
RFC3749: Transport Layer Security Protocol
24 TLS Reference Standard
Compression Methods
RFC4346: The Transport Layer Security (TLS)
25 TLS Reference Standard
Protocol Version 1.1
3GPP TS29.273 Technical Specification Group
26 Core Network and Terminals; Evolved Packet
System; 3GPP EPS AAA Interfaces (Release 8)
3GPP TS23.402 Technical Specification Group
27 Services and System Aspects; Architecture
enhancements for non-3GPP accesses (Release 8)
3GPP TS33.402 Technical Specification Group
3GPP
Services and System Aspects; 3GPP System
28
Architecture Evolution (SAE); Security aspects
of non-3GPP accesses (Release 8)
3GPP TS 29.002:Mobile Application Part (MAP)
29
specification R9
3GPP TS29.234 3GPP system to Wireless Local
30
Area Network (Release 8)
Notes:
Fault resume duration above for critical or major faults is achieved by dual-cluster switchover. For
troubleshooting, critical fault will be handled in 24 hours; major fault will be handled in 48 hours. In
case of hardware spare part replacement, additional hours are needed.
Item Specification
Item Specification
Transmissi Connecting with outer network through Firewall, each E200 firewall
on provide 2*10/100M Ethernet electrical interface
Interface
Input DC -48 V
Power
Electromag EN 60950-1:2001
netic EN 55022: 1998 + A1: 2000 + A2: 2003
Compatibil
ETSI EN 300 386 V1.3.3: 2005
ity
ROHS
Availabilit 99.999%
y
Switching 2Minutes
Time
MTTR 48 Minutes
AC Apply Charging
LN Love Number