1

Private DNS for Mobile Operators

James YuSenior Director - Strategic Technical Initiatives

NeuStar, Inc.james.yu@neustar.biz

+1-571-434-5572 (B)+1-703-622-5187 (M)

Richard XuChief Architect

Aicent, Incrichard.xu@aicent.com

+1-408-324-1830x529 (B)+1-408-834-0217 (M)

2

• The domain name system (DNS) is an Internet service that retrieves the

resources associated with a domain name. Its initial purpose was to map a

domain name to an IP address. The IP address could be the address of a

server that provides applications such as web pages, emails and VoIP calls.

• Internet is based on IP address for addressing and routing; however, IP

address is not easy for people to remember. So alphanumeric domain

names are used instead. DNS was developed to be extensible to manage the domain name space (e.g., hierarchical tree structure).

• Every time you use a domain name, DNS must translate the name into the corresponding IP address.

– For example, the domain name example.com might translate to IP address 198.105.232.4.

• DNS was expanded for many other functions such as locating the SIP servers or mail servers and accessing services on the internet.

What Is the Domain Name System?

2

3

• GPRS is a 2.5G standard for the GSM system to support packet data service.

• Serving GPRS Support Node

(SGSN) keeps track of mobile stations’ location and performs security functions and access control. It is connected to the base stations via Frame Relay

• Gateway GPRS Support Node (GGSN) provides interworking (e.g., routing, address allocation, user

authentication and tunneling) with external packet-switch networks. GGSN works as an anchor for IP traffic.

General Packet Radio Service (GPRS)

Gf

D

Gi

Gn

Gb

Gc

CE

Gp

Gs

Signalling and Data Transfer Interface

Signalling Interface

MSC/VLR

TE MT BSS TEPDN

R Um

GrA

HLR

Other PLMN

SGSN

GGSN

Gd

SM-SCSMS-GMSC

SMS-IWMSC

GGSN

EIR

SGSN

Gn

GPRS reference model

4

• SSGN is located at the visited GPRS network and GGSN is normallylocated at the home GPRS network.

• GGNS and SGSN are connected via an IP-based backbone network

– Routing GPRS traffic over Internet may result in poor QoS

– Secure connectivity between the SGSN and GGSN would require NxNrelationships and NxN pipes among the GPRS operators, too many to manage

• “GRX” was born to solve GPRS operators’ problem

• An GPRS operator has the options of routing the GPRS traffic

– Over dedicated links (usually for domestic traffic)

– Over GRX

– Both

GPRX Roaming eXchange (GRX)

3

5

End-to-end GPRS Roaming via GRX

Visited

GPRS

PLMN

GPRS

Home

PLMN

SGSN

DNS

GGSN

Internet

Intranet

Service

MS

DNS

SGSN

GGSN

GRX

BGBG

TLD

DNS

PDPContextActivation:

GTP Tunnel

6

• SGSN relies on DNS to locate either local GGSN or foreign GGSN in data roaming scenario

– Access Point Name (APN) provisioned to each MS by home network is used to generate DNS query string for identifying GGSN

– APN

• Contains the user’s and network’s desired routing access preference and is used to create the logical connection between the mobile station and external PDN.

• Network ID – points to the access point within a GPRS Operator

• Operator ID – points to a GPRS Operator

“<network id>.mnc<MNC>.mcc<MCC>.gprs”

Network Id Operator Id TLD

• “.gprs”, a private DNS suffix, is used with the APN to retrieve the IP address of the GGSN

GPRS/GRX Leveraging DNS to Locate GGSN

4

7

GRX DNS Hierarchy

“ .“

gprs grx

mcc111

mnc222

Managed by GPRS Operator

Managed by GSMA/GRX

Private to GPRS Operators

internet.mnc222.mcc111.gprs.<IP of the operator GGSN>

APN=internet

mms.mnc222.mcc111.gprs.<IP of MM4 Interface of MMSC>

mms

8

DNS Query Example in GPRS Roaming

• DNS query whilst roaming

– APN resolution using DNS in HPLMN

VSGSN

BSS

VPLMN DNS HPLMN DNS

GPRS “Root” DNS

GRX

Backbone 61

2

5

4

BG

BG

1DNS Query String: internet.mnc222.mcc111.gprs.

3

5

9

1. SGSN sends a DNS query to the DNS resolver for the A RR of “internet.mnc222.mcc111.gprs.”

2. DNS resolver sends the DNS query to GRX root DNS server for the A RR of “internet.mnc222.mcc111.gprs.”

3. GRX root DNS server returns the NS RRs and A RRs for “mnc222.mcc111.gprs.”

to the DNS resolver where the NS RRs identify the home GPRS network’s DNS servers.

4. DNS resolver sends the DNS query to one of the home GPRS network’s DNS server for the A RR of “internet.mnc222.mcc111.gprs.”

5. Home GPRS network’s DNS server returns the A RR of “internet.mnc222.mcc111.gprs.” to the DNS resolver.

6. DNS resolver returns the A RR of “internet.mnc222.mcc111.gprs.” to SGSN –SGSN now has the IP address of GGSN and can establish a packet data session with GGSN.

Locating GGSN – Steps

The packet data session is then established between SGSN and GGSN, and user traffic is tunneled via the GRX(s) or over direct connection between SGSN and GGSN.

10

Global Reach Enabled via GRX Peering

G P R S R o a m in g N etw o rk

G R X G R X

G R X

D N S D N S D N S

O p era to r A

O p e ra to r B

O p era to r C

O p e ra to r E

O p era to r D

O p e ra to r G

O p era to r F

6

11

GRX Peering Architecture at AMS-IX

AMS-IX

Virtual LAN

GRX B GRX ZGRX A

Mobile Operators

Some mobile operators use two GRX carriers for redundancy

High-speed, highly redundant optical

network

Every GRX network

has no connection with the Internet

All the IP addresses

involved in GRXs are “invisible” to the Internet

(not routable in the Internet)

...

Mobile Operators Mobile Operators

12

GSMA DNS Structure

GRX A

Mobile Operators

GSMA

Master Root Servers

Master Root Servers

Slave Root Servers

Slave Root Servers

GRX B

Slave Root Servers

Slave Root Servers

GRX Z

Slave Root Servers

Slave Root Servers

...

Mobile Operators Mobile Operators

7

13

GRX Carriers

&Mobile Operators

Data replication

NeuStar

PrimaryMaster Registry

PrimaryMaster Registry

Internet

NeuStar

SecondaryMaster Registry

SecondaryMaster Registry

Back up

- Web-based portal for registration- Each GRX carrier or mobile operator

has accounts with NeuStar- Secure ID card for for log in- Domain name can be

* IMSI-derived* Human readable

Domain Name Registration

Normal case

14

GSMA DNS Operation – Zone Transfer

AMS-IX

Virtual LAN

GRX A

Mobile Operators

NeuStar

Master Root Servers

Master Root Servers

Slave Root Servers

Slave Root Servers

Master RegistryMaster

Registry

GRX B

Slave Root Servers

Slave Root Servers

GRX Z

Slave Root Servers

Slave Root Servers

...

Zone file

updates

NeuStar

Mobile Operators Mobile Operators

Both full zone transfer (AXFR) and incremental zone transfer (IXFR) are supported

8

15

• There are about two dozen GRX carriers.

• Some big mobile operators such as Cable & Wireless, France Telecom and TeliaSonera are also GRX carriers.

– A mobile operator’s GRX can serve just itself or itself and others.

• All the GRX carriers peer at the AMS-IX in Amsterdam.

– Connections to the Virtual LAN (VLAN) via four collocation facility providers.

– A GRX carrier accesses VLAN via two separate locations.

• There is a second peering point in Singapore at Pacific Internet (PacNet); however, only two GRX carriers peer there now.

– Traffic from an Asian mobile operator to another Asian mobile operator by those two GRX carriers need not go all the way to Amsterdam then back to Asia

– There are discussions to change the peering point to another provider.

GRX Status

16

Expanding DNS Beyond GPRS Service

• GPRS DNS is extended to support many other services among GSM community

– ENUM is added to resolve number based addressing used in

• MMS and inter-working MMS

– Phone number in the destination address

• IMS/SIP, and inter-working IMS service

– TEL URI in SIP signaling

– ENUM is used to support Mobile Number Portability (MNP) associated with phone number based addressing

9

17

mncxxx.mccxxx.gprs.

6.5.4.3.2.16.2.9.6.8.e164enum.net

APN1

mms

6.5.5.3.2.1

Local DNS

1 (NANP)

4.3.2.1.2.3.8.8.0.4

6.8 (CN)

6.2.9.

mncxxx

GRX Root DNS Root

gprs

e164enum

mccxxx

4.4 (UK)

8.7.8.6.7.7

GPRS

ENUM

Extending existing GRX DNS hierarchy to support ENUM

net

Operator ENUM within GPRS DNS Hierarchy

18

GSMA DNS/ENUM Structure

GRX A

Mobile Operators

GSMA

Master Root Servers

Master Root Servers

Slave Root Servers

Slave Root Servers

GRX B

Slave Root Servers

Slave Root Servers

GRX Z

Slave Root Servers

Slave Root Servers

...

Mobile Operators

ENUMTier0/1

ENUMTier0/1

Mobile

Operators

ENUMTier2

ENUMTier2

ENUMTier2

ENUMTier2

e164enum.net

4.3.2.1.2.2.6.3.0.7.1.e164enum.net

4.3.2.1.2.2.6.3.0.7.4.4.e164enum.net

10

19

GRXPLMN A

ENUMTier 0/1

DNS ENUM

PLMN BDNS ENUM

1,62,7

3

4,85,9

1. MMSC queries local DNS/ENUM for NAPTR record of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net.2. Local DNS/ENUM queries GRX root for NAPTR record of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net. and receives NS

and A records of e164enum.net.

3. Local DNS/ENUM queries ENUM Tier 0/1 for NAPTR record of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net. and receives NS and A records of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net.

4. Local DNS/ENUM queries remote DNS/ENUM for NAPTR record of of 9.8.7.6.4.3.8.8.0.4.1.e164enum.net. and

receives NAPTR records (mailto:+14088346789@mms.mncxxx.mccxxx.gprs).

5. Local DNS/ENUM returns NAPTR records to MMSC that retrieves the mailto URI.

6. MMSC queries local DNS/ENUM for MX record of mms.mncxxx.mccxxx.gprs.

7. Local DNS/ENUM queries GRX root for MX record of mms.mncxxx.mccxxx.gprs. and receives NS and A records of mncxxx.mccxxx.gprs.

8. Local DNS/ENUM queries remote DNS/ENUM for MX record of mms.mncxxx.mccxxx.gprs. and receives MX of mncxxx.mccxxx.gprs. and A records for the hosts in MX records

9. Local DNS/ENUM returns MX and A records to MMSC

MMSC(A)

MMSC(B)

Pure IP-based solution, a proven scalable DNS architecture

ENUM for Inter-Working MMS in GSM Community

GRX Root DNS

20

ENUM for Inter-Working IMS in GSM Community

ENUM/DNS

4.3.2.1.3.0.7.2.2.6.1.e164enum.net.

I-CSCF/S-CSCFsip.OpB.

3gppnetwork.org

NAPTR RRs

sip:+17036221234@OpB.3gppnetwork.org;User=phone

tel:+1-703-622-1234 sip:100.110.10.10

IP address =100.110.10.10

S-CSCFsip.OpA.

3gppnetwork.org

RFC 3263 process performed to locate SIP servers for “OpB.3gppnetwork.org.”

11

21

Summary - Private DNS/ENUM for GSM Operators

• At present, two suffixes are supported in GSMA GRX DNS

– .gprs (used by mobile operators)

– .grx (used by GRX carriers)

• Another suffix will be added soon to GRX DNS for new services to avoid hitting the root servers in Internet by misconfigured nodes

– 3gppnetwork.org

• Another one for Infrastructure ENUM

– e164enum.net

22

Observations

• There is no common DNS infrastructure for CDMA community.

• CDMA operator designated DNS is necessary for all inter-working related

services, which require secure and scalable mechanism for addressing resolution.

• Inter-working with GSM operators requires interface to GSM existing infrastructure, such as its GRX, DNS, as well as ENUM.

– Inter-working on MMS, PoC, and IMS/MMD, etc.

• Operator ENUM is a proven mechanism for MNP.

• CRX for CDMA operators is deployed and in service. Introducing DNS would be practical and beneficial to CDMA community

• CDG MMS Team is working with GSMNA MMS Project team to resolve the MMS Inter-working issues between CDMA and GSM operators in NA

– DNS/ENUM is emerging as an important issue for CDG to consider

– CRX/GRX peering is also critical to exchange traffic

12

23

A Vision – Harmonized IP eXchange (IPX) Backbone

All of them share the same private DNS infrastructure that is separated from Internet and can exchange control- and user-plan traffic via IPX infrastructure (Peered IGRX/CRX) with one another

GSM operators

CDMA operators

Fixed/NGN operators

Cable operators

VoIP SPs

Content providers

Application providers

WLAN SPs

Harmonized IPX(Interconnected IPXs with end-to-end QoS)

24

Questions?

Please contact:

Richard Xu, Aicent+1-408-324-1830 x529 (B)

+1-408-834-0217 (M)

richard.xu@aicent.com

James Yu, NeuStar+1-571-434-5572 (B)

+1-703-622-5187 (M)

james.yu@neustar.biz