Theory of Operations Guide
SURPASS hiQ 8000 Version 10.0
November 2005
A30828-X1121-A807-02-7671
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, mechanical, electronic, photocopying, recording, or otherwise, without prior written permission of Siemens. The software described in this publication is furnished under a license agreement and may be used only in accordance with the terms of that agreement. Request Siemens publications from your Siemens representative or the Siemens branch serving you. Publications are not stocked at the address below. Siemens Network Convergence LLC 271 Mill Road Chelmsford, MA 01824 SURPASS and NetManager are trademarks of Siemens AG or its affiliates and subsidiaries. All other trademarks and company names are the property of their respective owners. © 2005 Siemens Communications, Inc. All rights reserved. bkhis.fm History of Changes
History of Changes 0
Document Version Date Summary 01 August 2005 Initial issue for Version 10.0 02 November 2005 Modifications / additions
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 0-iii bkhis.fm History of Changes
A30828-X1121-A807-02-7671, November 2005 0-iv SURPASS hiQ 8000, Theory of Operations Guide
bkTOC.fm Contents
Contents 0
History of Changes ...... 0-iii List of Figures ...... 0-x List of Tables ...... 0-xi 1 About This Guide ...... 1-1 1.1 Intended Audience...... 1-1 1.2 What You Need to Know ...... 1-1 1.3 What’s New in This Guide ...... 1-1 1.4 How to Use This Guide ...... 1-2 1.5 Conventions...... 1-2 1.6 Support Information ...... 1-3 2 SURPASS hiQ 8000 Overview ...... 2-1 2.1 Softswitch Introduction...... 2-1 2.1.1 Hardware...... 2-1 2.1.2 Middleware ...... 2-2 2.1.3 Software ...... 2-2 2.1.4 Security ...... 2-2 2.1.5 Management ...... 2-3 2.2 Functionalities of the SURPASS hiQ 8000 Softswitch...... 2-3 2.3 Feature List ...... 2-4 2.4 Solutions Overview ...... 2-5 2.4.1 Voice Over Cable Solution ...... 2-5 2.4.2 Voice Over Broadband Solution ...... 2-5 2.4.3 Business Connection Solution...... 2-6 3 Hardware ...... 3-1 3.1 Platforms ...... 3-1 3.1.1 Sun 240 Platforms...... 3-1 3.1.2 Sun 1280 Platforms...... 3-3 3.1.3 Platform Summary...... 3-5 3.2 Other Hardware ...... 3-6 3.2.1 External Disk Arrays ...... 3-6 3.2.1.1 StorEdge S1 Disk Array ...... 3-6 3.2.1.2 StorEdge 3120 Disk Array (Available January 2005) ...... 3-8 3.2.1.3 StorEdge 3510 Disk Array ...... 3-9 3.2.2 SS7 Module...... 3-10 3.2.3 Ethernet Connectivity ...... 3-10 3.2.4 Ethernet Switches ...... 3-12 3.2.5 Technical Specifications ...... 3-12
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 0-v bkTOC.fm Contents
4 Software ...... 4-1 4.1 Software Functional Units ...... 4-2 4.1.1 Third Party Software...... 4-3 4.1.2 Resilient Telco Platform (RTP) ...... 4-3 4.1.2.1 Important RTP Components ...... 4-5 4.1.2.2 Support of Active/Active Applications ...... 4-6 4.1.3 Core Building Blocks of the Application Software...... 4-8 4.1.3.1 Universal Call Engine (UCE) ...... 4-8 4.1.3.2 Signaling Managers ...... 4-10 4.1.3.3 Connection Control Manager ...... 4-12 4.2 SURPASS hiQ 8000 Software Features ...... 4-15 4.3 SURPASS hiQ 8000 Call Processing ...... 4-19 4.3.1 Call Control...... 4-19 4.3.2 Address Translation and Routing ...... 4-20 4.3.2.1 Assigning Routes via a Route List ...... 4-23 4.3.2.2 Using Cyclic and Rotary Searches to Select a Route ...... 4-23 4.3.2.3 Alternate Routing ...... 4-24 4.3.2.4 Prefix Digit Translation...... 4-24 4.3.2.5 E.164 Directory Number Translation ...... 4-24 4.3.2.6 Most-Matched Digit Translation ...... 4-25 4.3.2.7 Interchangeable NPA and NXX ...... 4-25 4.3.2.8 Origin Dependent Routing ...... 4-25 4.3.2.9 Exchange Access/Feature Group D ...... 4-26 4.3.2.10 Alias Translation and Routing ...... 4-26 4.3.2.11 LNP Trigger Detection ...... 4-27 4.3.2.12 Default Routing ...... 4-27 4.3.2.13 Vertical Service Code Translation ...... 4-28 4.3.2.14 E.164 to H.323 Routing ...... 4-28 4.3.2.15 Least Cost Routing ...... 4-28 4.3.2.16 Glare Handling...... 4-28 4.3.3 Invocation of Features/Services ...... 4-29 4.3.4 Inherent Tandem Switching Capabilities ...... 4-31 4.3.4.1 Intercept and Announcement Handling ...... 4-31 4.3.4.2 QoS Handling ...... 4-31 4.3.4.3 IN/AIN Handling ...... 4-32 4.3.4.4 Voice Message Service (VMS) Support...... 4-32 4.3.4.5 Operator Services ...... 4-32 4.3.4.6 Emergency Calling...... 4-33 4.3.4.7 CALEA ...... 4-33 4.3.4.8 Local Number Portability ...... 4-33 4.3.4.9 Toll Free (800) Service ...... 4-34 4.3.5 Signaling Control and Endpoint Communication ...... 4-35 4.3.5.1 SS7 Signaling Protocol ...... 4-35 4.3.5.2 SS7 Endpoint Support ...... 4-36
A30828-X1121-A807-02-7671, November 2005 0-vi SURPASS hiQ 8000, Theory of Operations Guide
bkTOC.fm Contents
4.3.5.3 Session Initiation Protocol (SIP) Signaling Protocol ...... 4-37 4.3.5.4 Gateway Control (MGCP and MEGACO H.248) ...... 4-42 4.3.5.5 PacketCable (TGCP, NCS, DQoS) Signaling Protocol...... 4-44 4.3.5.6 H.323 Signaling Protocol ...... 4-44 4.3.5.7 Channel Associated Signaling (CAS) Signaling Protocol ...... 4-47 4.3.5.8 ISDN PRI Signaling Protocol ...... 4-48 4.3.5.9 POTS Endpoints...... 4-49 4.4 Application Support with the SURPASS hiG 1200/1100 ...... 4-49 4.4.1 IP Virtual Trunking Features ...... 4-49 4.4.1.1 Quality of Service Features ...... 4-50 4.4.2 PBX Access ...... 4-56 4.4.3 Integration with Media Gateway ...... 4-57 5 Security ...... 5-1 5.1 Network Security ...... 5-1 5.1.1 Layer 1 — Network Design ...... 5-1 5.1.2 Layer 2 — IPsec ...... 5-1 5.1.3 Additional SS7 Gateway Security ...... 5-1 5.1.4 Border Gateway/Firewall Security...... 5-2 5.2 Interface Security...... 5-2 5.2.1 Direct Craft Interface ...... 5-2 5.2.2 Application Interfaces ...... 5-6 5.2.3 GUI Interfaces ...... 5-6 5.2.4 Billing Server Interface ...... 5-6 5.3 Remote Access to the SURPASS hiQ 8000 ...... 5-7 5.4 User Management Security ...... 5-7 5.4.1 Command Line Interface (CLI) ...... 5-7 5.4.1.1 OS User Management ...... 5-7 5.4.1.2 RTP User Management ...... 5-7 5.4.2 NetManager iNMC...... 5-8 5.4.2.1 Node Groups ...... 5-8 5.4.2.2 Access Profiles ...... 5-9 5.4.3 NetManager iSMC...... 5-9 5.4.3.1 Users and Roles ...... 5-9 5.4.4 NetManager iSSC ...... 5-11 5.4.4.1 Management Security...... 5-12 5.4.5 NetManager iPMC...... 5-12 5.5 Security Features...... 5-14 5.5.1 Identification and Authentication ...... 5-14 5.5.2 Password Protection for Data Files...... 5-14 5.5.3 Call Detail Records ...... 5-14 5.5.4 Security Logging and Alarm Reports...... 5-14 5.5.5 Outbound Link Security...... 5-15 5.5.5.1 Transport Layer Security (TLS) ...... 5-16 5.5.5.2 TLS Between SIP Endpoints ...... 5-16
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 0-vii bkTOC.fm Contents
5.5.5.3 OpenSSL Software ...... 5-17 5.5.5.4 TTUD Dispatcher (TCP/TLS/UDP) ...... 5-18 5.5.6 Packet Cable Security ...... 5-21 5.5.7 Unrecognized MTA Alerts...... 5-21 5.5.8 CALEA Security ...... 5-21 5.6 Platform Hardening ...... 5-22 6 Management ...... 6-1 6.1 Interfaces ...... 6-1 6.1.1 Command Line Interface (CLI) ...... 6-1 6.1.2 NetManager iSuite ...... 6-2 6.1.2.1 NetManager Network Management Center (iNMC)...... 6-3 6.1.2.2 NetManager Service Management Center (iSMC) ...... 6-3 6.1.2.3 NetManager Subscriber Self-Care (iSSC) ...... 6-3 6.1.2.4 NetManager Performance Monitoring Center (iPMC) ...... 6-4 6.1.3 Operations Support Systems (OSSs)...... 6-4 6.2 Billing/Call Detail Record Generation ...... 6-6 6.3 Fault and Alarm Handling ...... 6-7 6.4 Redundancy ...... 6-8 6.5 Software Upgrades, Patches and Recovery Strategies ...... 6-8 6.5.1 Mass Provisioning ...... 6-8 6.5.2 Automated Software Installation ...... 6-8 6.5.3 Upgrades ...... 6-9 6.5.3.1 Rolling Upgrade ...... 6-9 6.5.3.2 Symbolic Links...... 6-11 6.5.3.3 Multiple Database Instance for Upgrades ...... 6-12 6.5.4 Patches...... 6-12 6.5.4.1 Fallback Procedures ...... 6-12 6.5.5 Recovery Strategies ...... 6-13 6.5.5.1 Overload Handling ...... 6-13 6.5.5.2 System Backup & Restore...... 6-13 7 Statistics, Accounting, and Diagnostics ...... 7-1 7.1 Statistics and Accounting ...... 7-1 7.2 Monitoring Support ...... 7-3 7.2.1 Operational Measurements ...... 7-3 7.2.2 Measurements ...... 7-4 7.2.2.1 Trunk Group Traffic Measurements...... 7-4 7.2.2.2 PRI Traffic Measurements ...... 7-5 7.2.2.3 NTM Trunk Group Traffic Measurements ...... 7-5 7.2.2.4 NTM Code Control Traffic Measurements ...... 7-5 7.2.2.5 Business Group Traffic Measurements ...... 7-5 7.2.3 Tracing Capabilities ...... 7-6
A30828-X1121-A807-02-7671, November 2005 0-viii SURPASS hiQ 8000, Theory of Operations Guide
bkTOC.fm Contents
7.3 Diagnostics and Audits Support...... 7-7 7.3.1 Protocol Diagnostics ...... 7-8 7.3.1.1 MTP1 Counters ...... 7-8 7.3.1.2 MTP2 Counters ...... 7-8 7.3.1.3 MTP3 Counters ...... 7-8 7.3.1.4 HDLC Counters ...... 7-9 7.3.1.5 LAP-D (Layer 2) Counters ...... 7-9 7.3.1.6 PRI Counters ...... 7-9 7.3.2 Network Diagnostics ...... 7-10 8 Technical Specifications, Support and Services...... 8-1 8.1 Product Specifications ...... 8-1 8.1.1 Sun Netra 1280 (DC power) or Sun Fire V1280 (AC power) Specifications . . . . . 8-1 8.1.2 Sun Netra 240 (DC or AC) Specifications ...... 8-4 8.1.3 SURPASS hiQ 8000 Product Specifications ...... 8-7 8.1.4 Standards Support ...... 8-9 8.2 Professional Services ...... 8-13 8.3 Pre-configuration Services...... 8-13 8.4 Educational Services ...... 8-13 8.5 Technical Assistance Center (TAC)...... 8-13 Index ...... Z-1
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 0-ix bkLOF.fm List of Figures
List of Figures 0
Figure 3-1 Basic Hardware Components (Netra 240 Server) ...... 3-2 Figure 3-2 Basic Hardware Components (Netra 1280 Server) ...... 3-3 Figure 3-3 SURPASS hiQ 8000 Duplex Configuration — Fiber Channel Connections 3-4 Figure 3-4 Dual S1 Disk Array Configuration...... 3-7 Figure 3-5 Dual 3120 Disk Array Configuration (Sun Netra 240 Server) ...... 3-8 Figure 3-6 Dual 3510 Disk Array Configuration (Sun Netra 1280 Server) ...... 3-9 Figure 4-1 Role of RTP Middleware ...... 4-5 Figure 4-2 Normal Active/Active Mode with RTP Support ...... 4-7 Figure 4-3 SS7 Message Distribution and Processing for SS7 Module Failure...... 4-8 Figure 4-4 SURPASS hiQ 8000 Universal Call Engine (UCE) Interfaces ...... 4-10 Figure 4-5 SURPASS hiQ 8000 Software Architecture and Components ...... 4-14 Figure 4-6 SURPASS hiQ 8000 Call Processing Software Architecture ...... 4-19 Figure 4-7 SURPASS hiQ 8000 Digit Translation Overview ...... 4-21 Figure 4-8 SURPASS hiQ 8000 Prefix Translator ...... 4-22 Figure 4-9 Service Control and Execution Environment ...... 4-30 Figure 4-10 LNP and 800 Services Network Architecture ...... 4-34 Figure 4-11 SURPASS hiQ 8000 SS7 Implementation ...... 4-37 Figure 4-12 SIP Redirect Server Call Setup ...... 4-40 Figure 4-13 SIP Proxy Server Call Setup ...... 4-42 Figure 4-14 MGCP Endpoint Setup ...... 4-43 Figure 4-15 SURPASS hiQ 8000 VoIP Trunking Network Application ...... 4-50 Figure 4-16 RTP Stream Setup ...... 4-55 Figure 4-17 SURPASS hiG 1200/1100 and hiQ 8000 PBX Access Network ...... 4-56 Figure 5-1 SURPASS Interface Security ...... 5-3 Figure 5-2 Hop-by-hop Application of TLS via hiQ 8000 Back to Back User Agents. 5-17 Figure 5-3 TTUD Within the SURPASS hiQ 8000 System ...... 5-19 Figure 6-1 SURPASS hiQ 8000 Interface and Network Element Architecture ...... 6-2 Figure 6-2 SURPASS hiQ 8000 OSS Interfaces ...... 6-5 Figure 6-3 Billing Files Format ...... 6-6 Figure 6-4 SURPASS hiQ 8000 — Solaris Upgrade Components ...... 6-10
A30828-X1121-A807-02-7671, November 2005 0-x SURPASS hiQ 8000, Theory of Operations Guide
bkLOT.fm List of Tables
List of Tables 0
Table 3-1 Server Platform Summary ...... 3-5 Table 3-2 IPMP0 — Administration and Management ...... 3-11 Table 3-3 IPMP1 — Control and Signaling ...... 3-11 Table 3-4 IPMP2 — Billing ...... 3-11 Table 4-1 SURPASS hiQ 8000 Software Features ...... 4-15 Table 4-2 SURPASS hiQ 8000 Glare Control Methods ...... 4-29 Table 4-3 SURPASS hiQ 8000 QoS Attributes ...... 4-31 Table 4-4 H.323 Annex Enhancements...... 4-45 Table 4-5 H.323 Terms ...... 4-47 Table 5-1 SURPASS Solution Interface Partners ...... 5-4 Table 5-2 SURPASS hiQ 8000 RTP CLI User Profile Components ...... 5-8 Table 5-3 SMC Users ...... 5-10 Table 5-4 iSMC User Roles...... 5-10 Table 5-5 iPMC User Access Roles ...... 5-13 Table 5-6 TTUD and SURPASS hiQ8000 Components ...... 5-18 Table 6-1 Event Message Types...... 6-7 Table 8-1 Sun Netra 1280 and Sun Fire V1280 Specifications ...... 8-1 Table 8-2 Sun Netra 240 (DC and AC) Specifications ...... 8-4 Table 8-3 SURPASS hiQ 8000 Specifications ...... 8-7 Table 8-4 SURPASS hiQ 8000 Standards Compliance ...... 8-9 Table 8-5 Packet Cable Standards Compliance ...... 8-11
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 0-xi bkLOT.fm List of Tables
A30828-X1121-A807-02-7671, November 2005 0-xii SURPASS hiQ 8000, Theory of Operations Guide
atg.fm About This Guide Intended Audience
1 About This Guide
This document provides an overview of the SURPASS hiQ 8000 from a software and hardware perspective. It describes product features, management tools, standards support, statistics, service and support, and product specifications.
1.1 Intended Audience
The SURPASS hiQ 8000 Theory of Operations Guide is intended for users who want a high level overview of the general operations and functionalities of the SURPASS hiQ 8000 system.
1.2 What You Need to Know
Users should be familiar with basic telecommunications equipment functionality.
1.3 What’s New in This Guide
The following changes were made in this issue:
● Information and references to the Netra t 1400 and 1405 were removed (manufacturer discontinued, no longer supported)
● Addition of information associated with Type of Service (TOS) and Differentiated Service Code Point (DSCP).
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 1-1 atg.fm About This Guide How to Use This Guide
1.4 How to Use This Guide
Refer to the following table for a description of the chapters found in this guide.
Read To Learn About Chapter 2 Offers a general overview and introduction to the SURPASS hiQ 8000 Chapter 3 Gives an overview of the hardware architecture, components, and platforms Chapter 4 Gives an overview of the software architecture and components Chapter 5 Describes the combination of network design and integrated security features to keep the SURPASS hiQ 8000 secure Chapter 6 Provides information on the operations, maintenance, and management capabilities Chapter 7 Provides information about the statistics, accounting, and diagnostic features Chapter 8 Provides product specifications, service, and support information
1.5 Conventions
This guide uses the following conventions to emphasize certain information, such as user input and system output.
Convention Indicates Example Courier Bold User input, commands, parameters, and show system default values Courier System output Please Wait... Italics Book titles, new terms, and emphasized See Chapter 1, CLI text Overview Boxes surrounding text Notes, Warnings, and Expert Mode See examples below commands
Notes provide additional information or helpful suggestions that may apply to the subject text.
A30828-X1121-A807-02-7671, November 2005 1-2 SURPASS hiQ 8000, Theory of Operations Guide
atg.fm About This Guide Support Information
1.6 Support Information
Siemens provides training, documentation, and support for all OEM equipment included as part of any SURPASS solution. Although the OEM documentation may contain statements that suggest contacting the OEM vendor for support, please note that Siemens is the official contact for support of all components (OEM included) of the SURPASS solution.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 1-3 atg.fm About This Guide Support Information
A30828-X1121-A807-02-7671, November 2005 1-4 SURPASS hiQ 8000, Theory of Operations Guide
Overview.fm SURPASS hiQ 8000 Overview Softswitch Introduction
2 SURPASS hiQ 8000 Overview
This chapter provides a general overview and introduction of the SURPASS hiQ 8000.
2.1 Softswitch Introduction
The SURPASS hiQ 8000 is a commercial platform-based softswitch and an integral part of the SURPASS Next Generation Networks (NGN) Overlay Solutions. The SURPASS hiQ 8000 enables service providers to delivery IP-based (Internet Protocol) voice services, business services and SIP-based (Session Initiation Protocol) multimedia applications to a broad range of customers. With a proven, competitive suite of features, the SURPASS hiQ 8000 operates over any existing IP or access network (HFC, Hybrid Fiber Coax; DSL, Digital Subscriber Line). It also features SS7 signaling capabilities to provide PSTN (Public Switched Telephone Network) interconnection and legacy feature support. The SURPASS hiQ 8000 softswitch is a carrier-grade universal switching and service delivery platform. Fully NEBS (Network Equipment Building System) and Telcordia certified, the SURPASS hiQ 8000 features internal SS7 signaling capabilities and support for a full range of control protocols such as TGCP, MGCP, NCS, SIP, SIP-T, SS7 ISUP, ISDN PRI, and H.323. When coupled with the Siemens SURPASS hiG 1200 or 1100 Media Gateway’s, the SURPASS hiQ 8000 is designed to reliably control connections across TDM (Time Division Multiplexing) and IP networks and to deliver voice services over those connections. The SURPASS hiQ 8000 is designed for deployment in carrier networks and provides the following:
● A protocol-independent real-time services platform to introduce new voice and multimedia services for IP-based residential subscribers or enterprise networks.
● Interworking with 3rd party application servers that enable service providers to capitalize on voice and multimedia services revenue opportunities.
● Carrier-grade reliability and availability by means of combining highly reliable hardware and software products.
2.1.1 Hardware
The SURPASS hiQ 8000 hardware platform achieves carrier grade reliability and availability based on the active/active cluster Sun Netra nodes. It supports hot swappable components, active/standby Fast Ethernet links, and crossover network connections through redundancy, interconnected Ethernet switches. The Sun Cluster controls the failover of active/standby Ethernet links and failover of the clustered Netra nodes. The main hardware platform requirement is that it be a Symmetric Multiprocessing (SMP) system with memory shared by all processors using a single UNIX operating system that supports clustering of the nodes.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 2-1
Overview.fm SURPASS hiQ 8000 Overview Softswitch Introduction
The SURPASS hiQ 8000 is available in a duplex two-node configuration. The duplex configuration provides 1:1 failover when one node fails. For signaling, it supports active/active SS7 blinks. For data storage, it supports redundancy crossover SCSI links between each Netra node and each StorEdge 3510 S1 disk array. The disk arrays are mirrored and hotswappable disk drives. For more information on SURPASS hiQ 8000 hardware, refer to Chapter 3, “Hardware”.
2.1.2 Middleware
Sandwiched between the hardware and its attendant operating system with clustering support and the SURPASS hiQ 8000 application software is a middleware layer, Resilient Telco Platform (RTP). The RTP from Siemens-Fujitsu is the middleware application that provides the level of redundancy, reliability and scalability required for carrier-grade deployments. In the event of a process or node failure, the Resilient Telco Platform is designed to enable the SURPASS hiQ 8000 to perform a process or node switchover while maintaining all active calls with no loss of billing records. For more information on SURPASS hiQ 8000 middleware, refer to Section 4.1.2, “Resilient Telco Platform (RTP)”, on page 4-3.
2.1.3 Software
The SURPASS hiQ 8000 application software is based on a modular design, which means it can easily be adapted to meet the specific needs of each service provider. It also means that new functions and features can be easily incorporated. It includes a generic call processing engine, which is able to route calls between two endpoints, using any incoming protocol and any outgoing protocol. The SURPASS hiQ 8000 uses the Sun Solaris 9.0 operating system. The SURPASS hiQ 8000 software platform achieves carrier grade reliability and availability based on the Sun Cluster software, the RTP middleware, and the Real Application Cluster (RAC) database. The RAC software provides a fault-tolerant database and supports the availability of databases with no interruption of loss of data due to node failure. The RAC supports overload control of key SURPASS hiQ 8000 objects through configurable parameters. Each node has parallel access to the database, concurrently. When a node failure occurs, the surviving node takes control without loss of service or data. For more information on SURPASS hiQ 8000 application software, refer to Chapter 4, “Software”.
2.1.4 Security
Security within the SURPASS hiQ 8000 is based on the incorporation of network design, integrated security features, and platform hardening. The first layer of defense is a proper network design such that it separates the signaling traffic from other traffic on the network (e.g., management, bearer, etc.). The second layer of defense is the integrated security features that identifies and authenticates users to prevent unauthorized access and provides data security to secure the stored information against unauthorized access and loss. Finally, to “harden” the
A30828-X1121-A807-02-7671, November 2005 2-2 SURPASS hiQ 8000, Theory of Operations Guide
Overview.fm SURPASS hiQ 8000 Overview Functionalities of the SURPASS hiQ 8000 Softswitch platform (make it safe and secure), two main areas are looked into: securing the operating system’s configuration and testing the protocol stack. For more information on SURPASS hiQ 8000 security, refer to Chapter 5, “Security”.
2.1.5 Management
Management for the SURPASS hiQ 8000 softswitch is provided by the Siemens NetManager i- Suite of Products, specifically the Network Management Center, NetManager iNMC, a standalone Java and GUI-based (Graphical User Interface) management tool for configuration, provisioning and control. In addition, a traditional command line interface (CLI) is also available. In addition to the management of the network element itself provided by the NetManager iNMC, subscriber management on the SURPASS hiQ 8000 uses another product from the NetManager i-Suite, the web-based Service Management Center, the NetManager iSMC. For more information on SURPASS hiQ 8000 management, refer to Chapter 6, “Management”.
2.2 Functionalities of the SURPASS hiQ 8000 Softswitch
All from a single platform, the SURPASS hiQ 8000 provides the various functionalities:
● It is a Media Gateway Controller (MGC) designed to control not only the SURPASS hiG 1200 or 1100 but also third party gateway’s - as long as they use the standard MGCP (Media Gateway Control Protocol), H.248 (MEGACO), or TGCP (Trunking Gateway Control Protocol, packet cable) protocols.
● It is a VoIP endpoint controller communicating either directly to IP based endpoints or communicating to a TDM to IP gateway device, e.g., IAD (Integrated Access Device), CPG (Customer Premise Gateway), or MTA (Multimedia Terminal Adapter, packet cable). The protocols used include SIP, MGCP, and NCS (Network based Call Signaling, packet cable).
● It is an integrated signaling gateway eliminating the need for another hardware device in the network performing this functionality. It provides Telcordia certified SS7 signaling, both ISUP (ISDN Signaling User Part) and TCAP (Transaction Capability Application Part) as well as AIN/IN (Advanced Intelligent Network/Intelligent Network) at the higher levels and SCCP (Signaling Connection Control Part) and MTP (Message Transfer Part) at the lower layers.
● It acts as a call agent providing the necessary logic for the routing, charging, and handling of voice calls. It is also a feature server in that many features are provided directly by the SURPASS hiQ 8000 software in not only residential categories, but also business and regulatory. When the service provider wants to use a specialized application server to provide a feature, the SURPASS hiQ 8000 provides standard SIP interface so that the service provider can take advantage of other components when creating their network.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 2-3
Overview.fm SURPASS hiQ 8000 Overview Feature List
2.3 Feature List
This section provides a listing of SURPASS hiQ 8000 features by functional category. For more information on features (i.e., feature names, numbers, definitions, initial versions, etc.) refer to the SURPASS hiQ 8000 Feature Description Guide. Features are listed for the following functional categories: 1. SURPASS hiQ 8000 Base System Software:
● Operation and Maintenance
● Traffic Management
● Routing Translation
● Emergency Calling
● Operator Services
● Billing
● Packet Cable
● System Functions
● Security
● Legacy VMS Support
● MGCP Endpoint Signaling
● H.323 Signaling
● SIP Endpoint Signaling 2. Trunking Gateway Control:
● Gateway Control
● Tandem Functions
● PRI Support
● SURPASS hiQ 8000 Inter-domain SIP Signaling 3. Subscriber Features 4. Business Features 5. CALEA and Basic Lawful Interception 6. TCAP and IN Services.
A30828-X1121-A807-02-7671, November 2005 2-4 SURPASS hiQ 8000, Theory of Operations Guide
Overview.fm SURPASS hiQ 8000 Overview Solutions Overview
2.4 Solutions Overview
The SURPASS hiQ 8000 is the softswitch used in the SURPASS NGN Overlay Solutions. Currently, the following three solutions are supported:
● Voice Over Cable (VoCable)
● Voice Over Broadband (VoBB)
● Business Connection (BC).
2.4.1 Voice Over Cable Solution
The SURPASS VoCable solution consists of an end-to-end, carrier-grade IP solution, allowing cable operators or MSOs (Multiple-Systems Operators) to leverage their existing cable network in order to provide high-quality first line telephony services and paving the way to provide new revenue-generating services. The architecture of the SURPASS VoCable solution is designed according to PacketCable 1.0 standard defined by CableLabs and meets carrier-grade standards set by the IETF (Internet Engineering Task Force), ITU-T (International Telecommunications Union - Telecommunications sector), CableLabs, ETSI (European Telecommunications Standards Institute) and other standardization bodies. The SURPASS hiQ 8000 softswitch, in this solution, is the Call Management Service (CMS — a type of VoIP endpoint controller), subscriber manager, call agent and feature server, signaling gateway and Media Gateway Controller (MGC). As a CMS, the SURPASS hiQ 8000 controls call setup to Multimedia Terminal Adapters (MTAs). As a subscriber manager, it provides provisioning capabilities to service providers that provide registration, authentication and accounting management. Coupled with the subscriber database, the call agent and feature server will authorize and control the use of subscribed features. As a signaling gateway and MGC, the SURPASS hiQ 8000 uses integrated SS7 capabilities to perform database queries, and controls the mediation, setup and teardown of voice connections to the PSTN through the SURPASS hiG 1100 trunk gateways1. For more information, refer to the SURPASS Voice Over Cable Solution Overview.
2.4.2 Voice Over Broadband Solution
The SURPASS VoBB solution is also an end-to-end, carrier-grade IP solution, allowing service providers to provide high-quality first line telephony services and paving the way to provide new revenue-generating services over a broadband access such as DSL. Thus with a single DSL not only can the service provider offer high speed Internet data connectivity but also multiple voice lines and revenue generating features. The SURPASS hiQ 8000 Softswitch in this solution is a VoIP endpoint controller, subscriber manager, call agent and feature server,
1. The SURPASS hiG 1100 Media Gateway has been developed as a low to mid-range gateway which makes it ideal for cable operators and smaller sites. The hiG 1100 V1 is equivalent to the hiG 1200 V4 with a few exceptions. For more information, refer to the SURPASS hiQ 8000 NetManager iNMC Administration Guide and the SURPASS hiG 1100 CLI Administration Guide.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 2-5
Overview.fm SURPASS hiQ 8000 Overview Solutions Overview signaling gateway and MGC. As a VoIP endpoint controller it controls call setup to Customer Premise Gateways (CPGs) and Integrated Access Devices (IADs). As a subscriber manager it provides provisioning capabilities to service providers that provide registration, authentication and accounting management. Coupled with the subscriber database, the call agent and feature server will authorize and control the use of subscribed features. As a signaling gateway and MGC, the SURPASS hiQ 8000 uses the integrated SS7 capabilities to perform database queries, and controls the mediation, setup and teardown of voice connections to the PSTN through the SURPASS hiG 1100 trunk gateways. For more information, refer to the SURPASS Voice Over Broadband Solution Overview.
2.4.3 Business Connection Solution
The SURPASS Business Connection solution allows service providers to target PBX (Private Branch Exchange) replacement opportunities as well as those enterprise customers that are looking for the advantages of IP-based telecom offerings. The SURPASS hiQ 8000 softswitch in this solution is a VoIP endpoint controller, subscriber manager, call agent and feature server, signaling gateway and MGC. As a VoIP endpoint controller it controls call setup to SIP-based phones and soft clients as well as allowing traditional phones the enhanced IP features offered by the solution when connected to MGCP and SIP controlled IADs. As a subscriber manager it provides provisioning capabilities to service providers that provide registration, authentication and accounting management. Coupled with the subscriber database, the call agent and feature server will authorize the control the use of subscribed business group and other features. As a signaling gateway and MGC, the SURPASS hiQ 8000 uses the integrated SS7 capabilities to perform database queries, and controls the mediation, setup and teardown of voice connections to the PSTN through the SURPASS hiG 1200 trunk gateways. For more information, refer to the SURPASS Business Connection Solution Overview.
A30828-X1121-A807-02-7671, November 2005 2-6 SURPASS hiQ 8000, Theory of Operations Guide
Hardware.fm Hardware Platforms
3 Hardware
The SURPASS hiQ 8000 is a carrier class, protocol-independent, switching platform capable of bridging legacy and next generation networks. The SURPASS hiQ 8000 call model enables new services that cross both existing voice and data networks. It extends services to cable modem access, xDSL, and next generation wireless networks, as well as IP and circuit switched networks. The foundation of the SURPASS hiQ 8000 is the Resilient Telco Platform (RTP) and the Universal Call Engine (UCE). The SURPASS hiQ 8000 adheres to the softswitch concept, providing next-generation call switching on an open platform. This design lends itself to the use of third-party, open platform hardware products, which means of course that different hardware platforms from different vendors can be used for the SURPASS hiQ 8000. The main hardware platform requirement is that it be a Symmetric Multiprocessing (SMP) system with memory shared by all processors using a single UNIX operating system that supports clustering of the nodes. This chapter gives an overview of the hardware architecture, hardware components, and currently used hardware platforms of the SURPASS hiQ 8000.
3.1 Platforms
The SURPASS hiQ 8000 is based on a commercially available server platform. The selected platform is delivered to the customer fully provisioned with all required hardware for the SURPASS hiQ 8000 network element. Sun 240 and Sun 1280 are the two platforms that are currently offered with the softswitch.
3.1.1 Sun 240 Platforms
The Sun 240 series consists of the Netra 240 and the Sun Fire V240. The Netra 240 is the DC powered NEBS certified version and the Sun Fire V240 is the AC powered version. Both are equipped with a two CPU (1.2 GHz) per node configuration. Figure 3-1 shows the SURPASS hiQ 8000 basic hardware components with the Sun Netra 240 server. Table 3-1 shows the Sun Netra 240/Sun Fire V240 platform characteristics.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 3-1
Hardware.fm Hardware Platforms
Service Status Indicators
Two 73 GB Drives
DC Power Supplies USB (Netra 240 - back view)
Dry Contact Alarm Card Indicators
Net Mgt for Ethernet Ethernet Ports (front views) Serial Mgt for Rj-45 SCSI Disk Array Connector
(Disk Array - back view)
DC Power Connectors
SCSI Ports
Figure 3-1 Basic Hardware Components (Netra 240 Server)
A30828-X1121-A807-02-7671, November 2005 3-2 SURPASS hiQ 8000, Theory of Operations Guide
Hardware.fm Hardware Platforms
3.1.2 Sun 1280 Platforms
The SURPASS hiQ 8000 is also offered on the Sun 1280 platform series. This configuration is intended only for those service providers that need very large processing power in a single softswitch. The Sun Netra 1280 is a DC powered, NEBS certified platform while the Sun Fire V1280 is the AC powered version. They are identical looking (other than the label) and have the same characteristics (other than the power source and the fact the DC powered version has NEBS certification). Figure 3-2 shows the SURPASS hiQ 8000 basic hardware components with the Sun Netra 1280 server. Table 3-1 shows the Sun Netra 1280/Sun Fire V1280 platform characteristics.
Figure 3-2 Basic Hardware Components (Netra 1280 Server)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 3-3
Hardware.fm Hardware Platforms
Figure 3-3 features the SURPASS hiQ 8000 duplex hardware configuration of the Sun Netra 1280 platform.
StorEdge 3510 Disk Arrays Fiber Channels
SUN Netras
Ethernet Switches
Active/Standby Active/Standby Gig Active/Standby SUN Ethernet Link Pairs Ethernet Link Pairs Cluster/OPS Link Pairs
Figure 3-3 SURPASS hiQ 8000 Duplex Configuration — Fiber Channel Connections
A30828-X1121-A807-02-7671, November 2005 3-4 SURPASS hiQ 8000, Theory of Operations Guide
Hardware.fm Hardware Platforms
3.1.3 Platform Summary
Table 3-1 shows a comparison of each platform’s components and characteristics.
Sun Netra 240 Sun Netra 1280 Processor 1.2 GHz Ultrasparc IIIi 1.2 GHz Superscalar — 2 per server SPARC V9 cache — 8 or 12 per server Memory 4 GB RAM memory per 8 - 96 GB memory using server 32-256 mg DIMMs; up to 96 - 1GB DIMMs per server Internal Disk 36 GB SCSI drives — 2 36 GB SCSI drives — 2 Drives per server per server Disk Arrays StorEdge S1 array, 3x36 StorEdge 3510 array, GB or 3x146 GB drive 9x73 GB drive space — space — 2 per hiQ 2 per hiQ system system StorEdge 3120 array, 3x73 GB drive space — 2 per hiQ system Alarm Modules Ethernet Ports 4 on-board Gigabit 2 on-board Gigabit Ethernet ports Ethernet ports SCSI Ports single on-board SCSI II port PCI Slots: 4 used (see below) 5 used (see below) QFE 2 modules per server 2 modules per server SCSI 1 SCSI/Fast Ethernet 2 Fiber Channel mod- combination card per ules — 2 GB each — server per server Ulticom SS7 1 interface module per 1 interface module per server server Table 3-1 Server Platform Summary
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 3-5
Hardware.fm Hardware Other Hardware
3.2 Other Hardware
3.2.1 External Disk Arrays
Three different external disk arrays are used depending upon which Sun Platform series is used for the SURPASS hiQ 8000. When the Sun 240 series platform is used, the Sun StorEdge S1 or StorEdge 3120 disk arrays are used. With the Sun Netra 1280 or Sun Fire V1280, the Sun StorEdge 3510 disk arrays are used.
3.2.1.1 StorEdge S1 Disk Array
Manufacture Discontinue Notifications The 36 GB drives for the StorEdge S1 disk array have been manufacture discontinued by Sun. The replacement drives will be 146 GB. The StorEdge S1 disk arrays are being manufacture discontinued by Sun. The replacement disk array is the StorEdge 3120, available January 2005.
Used with the Sun Netra 240 platforms, the StorEdge S1 disk arrays are simulated RAID (Redundant Array of Independent Disks) drives each containing three 36 or 146 gigabyte drives. The disk arrays are provided in a mirrored configuration, containing the Oracle semipermanent database and CDR (Call Detail Record) storage. They are NEBS Level 3 certified. The disk arrays have SCSI connections to each node. So, whatever is saved on these disks into the database is written in two physical locations simultaneously which provides redundancy in terms of one of these disk arrays failing. Figure 3-4 shows the SURPASS hiQ 8000 duplex disk array configuration.
A30828-X1121-A807-02-7671, November 2005 3-6 SURPASS hiQ 8000, Theory of Operations Guide
Hardware.fm Hardware Other Hardware
36 or 146 36 or 146 36 or 146 36 or 146 36 or 146 36 or 146 GB GB GB GB GB GB
StorEdge S1 StorEdge S1
SCSI-IN SCSI-OUT SCSI-IN SCSI-OUT PCI SCSI PCI SCSI M/B SCSI M/B SCSI 36 GB 36 GB 36 GB 36 GB
hiQ 8000 Node 0 hiQ 8000 Node 1 SCSI Eth. SCSI Eth. M/B Eth. M/B Eth. QFE-A QFE-B QFE-A QFE-B
Figure 3-4 Dual S1 Disk Array Configuration
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 3-7
Hardware.fm Hardware Other Hardware
3.2.1.2 StorEdge 3120 Disk Array (Available January 2005) The StorEdge 3120 SCSI disk arrays are the replacement for the StorEdge S1 disk arrays (manufacture discontinued by Sun) for use with the Sun 240 platforms. The 3120 arrays are also simulated RAID drives containing three 73 gigabyte drives and are NEBS Level 3 certified. They will be configured, formatted and partitioned in the same manner as the S1 Disk Arrays, thereby performing the same functions. In addition, the 3120 arrays include an SNMP trap sending capability via an SNMP agent. Various traps are available for notifying the craftsperson of faults in the power supplies, fans and disk drives. Figure 3-5 shows the configuration with a Sun Netra 240 platforms.
73 GB 73 GB 73 GB73 GB 73 GB 73 GB
StorEdge 3120 StorEdge 3120
SCSI-IN SCSI-OUT SCSI-IN SCSI-OUT PCI SCSI PCI SCSI M/B SCSI M/B SCSI 73 GB 73 GB 73 GB 73 GB
hiQ 8000 Node 0 hiQ 8000 Node 1 SCSI Eth. SCSI Eth. M/B Eth. M/B Eth. QFE QFE
Figure 3-5 Dual 3120 Disk Array Configuration (Sun Netra 240 Server)
A30828-X1121-A807-02-7671, November 2005 3-8 SURPASS hiQ 8000, Theory of Operations Guide
Hardware.fm Hardware Other Hardware
3.2.1.3 StorEdge 3510 Disk Array The StorEdge 3510 disk array is used with the Sun 1280 platforms because not only is there increased capacity to handle the semipermanent Oracle database and the extra capacity for CDRs with the increased Sun 1280 capacity and performance, but it also uses a Fiber Channel for connection to the Sun 1280 platform for enhanced throughput. The 3510 arrays are fully RAID drives with each drive containing nine 73 gigabyte drives and, like the S1 and 3120 drives, are NEBS Level 3 compliant. They are mirrored so two 3510s are all that are needed for a fully configured SURPASS hiQ 8000. And like the S1 and 3120 disk arrays whatever is written by the SURPASS hiQ 8000 software into the database is written in two physical locations at the same time which provides redundancy in terms of one of these disk arrays failing. Figure 3-6 shows the SURPASS hiQ 8000 duplex disk array configuration a Sun Netra 1280 platforms.
73 GB 73 GB 73 GB 73 GB 73 GB 73 GB 73 GB 73 GB
73 GB 73 GB 73 GB 73 GB 73 GB 73 GB 73 GB 73 GB 73 GB 73 GB
StorEdge 3510 StorEdge 3510
Controller 0 Controller 1 Controller 0 Controller 1
FC FC GE GE FC FC GE GE 73GB 73 GB 73GB 73 GB
hiQ 8000 Node 0 hiQ 8000 Node 1
Spare SS7 Spare SS7
QFE QFE QFE QFE
Figure 3-6 Dual 3510 Disk Array Configuration (Sun Netra 1280 Server)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 3-9
Hardware.fm Hardware Other Hardware
3.2.2 SS7 Module (1)
In order for the SURPASS hiQ 8000 to provide SS7 connectivity a combination of a third party product and Siemens’ SURPASS hiQ 8000 software is used. The third party product is a PCI module from Ulticom. There is one PCI module per node (thus two cards for the entire system) used. The Ulticom SS7 interface module, in each Netra server, has a single T1/E1 interface that is configured with up to 8 SS7 links (A/E/F) to the SS7 signaling network. Thus the entire SURPASS hiQ 8000 cluster supports up to 16 SS7 links and operates the SS7 links from both nodes in an active/active mode. The PCI interface module has the firmware/software that supports most MTP1, MTP2, MTP3, SCCP, and TCAP functions. This functionality falls under the Ulticom SignalWare product family. All of this is integrated with the SURPASS hiQ 8000 software (both RTP middleware and hiQ 8000 application software). Specifically, the ISUP signaling manager is tightly coupled to the Ulticom SignalWare ISUP component. When provisioning SS7 entities, the SNMP (Simple Network Management Protocol) commands sent to the SURPASS hiQ 8000 by the NetManager iNMC Element Manager are handled by the SURPASS hiQ 8000’s SS7b subagent software. The subagent translates the received information into an Ulticom SignalWare- compatible command, and the appropriate SS7 element is created, modified, or deleted. (1)This Module is only used when the hiQ8000 controls Media Gateways trunked to PSTN exchanges (MGC function) and the signaling required between hiQ8000 and the exchange is SS7. When hiQ8000 acts only as a Call Management Server (CMS), this module has no function. In the brazilian market, hiQ8000 is used as CMS so this interface is not used.
3.2.3 Ethernet Connectivity
Of the five pair of Fast Ethernet links available, one pair is dedicated as the Active/Active links for the Sun Cluster, Oracle Parallel Server, and OMNI SS7 connectivity. This Ethernet pair goes directly between the two SURPASS hiQ 8000 nodes. The other Ethernet pairs go from each node to the Ethernet Layer 2 switches, with one member of the pair going to each Ethernet Layer 2 switches. There is one pair that is not currently used while the other three pairs are configured as IP Multipathing (IPMP) groups. Note: IPMP is an improved mechanism for detecting Ethernet link failures that will reduce failover times significantly over the prior NAFO capability. IPMP groups insure redundancy of the links since they are monitored by the operating system and if the primary Ethernet port fails, the IP address is moved to the secondary port. External devices using that IP address will not have to be re configured. They are typically configured in the following manner; although the VLAN Provisioning feature gives the service provider control of what traffic is on what Ethernet pair, as follows:
● IPMP Group 0 - carries Administration and Management information
● IPMP Group 1 - carriers Control and Signaling information
● IPMP Group 2 - carries Billing information
A30828-X1121-A807-02-7671, November 2005 3-10 SURPASS hiQ 8000, Theory of Operations Guide
Hardware.fm Hardware Other Hardware
The recommended port assignments and support functions for the IPMP group are summarized in Table 3-2, Table 3-3, and Table 3-4 below:
Platform Interface Function Netra 240 IPMP0 = bge0 (active), qfe0 (backup) Management Netra 1280 IPMP0 = qfe0 (active), qfe4 (backup) Management Table 3-2 IPMP0 — Administration and Management
Platform Interface Function Netra 240 IPMP1 = bge1 (active), qfe1 (backup) Signaling Netra 1280 IPMP1 = qfe1 (active), qfe5 (backup) Signaling Table 3-3 IPMP1 — Control and Signaling
Platform Interface Function Netra 240 IPMP2 = bge2 (active), qfe2 (backup) Billing Netra 1280 IPMP2 = qfe3 (active), qfe7 (backup) Billing Table 3-4 IPMP2 — Billing
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 3-11
Hardware.fm Hardware Other Hardware
3.2.4 Ethernet Switches
The SURPASS hiQ 8000 connects to the media gateway (i.e., SURPASS hiG 1200, SURPASS hiG 11001), NetManager iNMC, media server, external billing server, and external IP network through a pair of Ethernet switches that provide redundant networking and insure carrier grade reliability. While not considered a part of the SURPASS hiQ 8000 softswitch hardware directly, a pair of Layer 2 (Ethernet) switches are required in order to provide crossover network connections between the dual Netra platform nodes and the dual Ethernet switches. The Ethernet switches also connect the SURPASS hiQ 8000 to external billing mediation servers and the network and element management server. The main function of the Ethernet switch is to provide for IP failover capabilities. Each of the Ethernet pairs from the SURPASS hiQ 8000 has one member of the pair going to each of the Layer 2 (Ethernet) switches. The SURPASS hiQ 8000 requires that whatever Ethernet switch is used it meets the following requirements:
● supports either AC or DC power
● NEBS certification (not all service providers will require this and applies to DC powered versions only)
● 24 x 100 Mbit ports per switch
● 2 x 1 Gbit links for switch interconnection
● support of VLANs (Virtual LANs)
● support of SSH 2.0 (Secure Shell, desirable but not every provider will require this)
● no influence on the Sun documented IPMP failover time (i.e., a IPMP link failover should not exceed 25 seconds).
3.2.5 Technical Specifications
For the Sun Netra platform specifications, refer to Chapter 8, “Technical Specifications, Support and Services”.
1. The SURPASS hiG 1100 Media Gateway has been developed as a low to mid-range gateway which makes it ideal for cable operators and smaller sites. The SURPASS hiG 1100 V1 is equivalent to the SURPASS hiG 1200 V4 with a few exceptions. For more information, refer to the SURPASS hiQ 8000 NetManager iNMC Administration Guide and the SURPASS hiG 1100 Administration Guide.
A30828-X1121-A807-02-7671, November 2005 3-12 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software
4Software
The SURPASS hiQ 8000 and media gateways (i.e., SURPASS hiG 1200, SURPASS hiG 1100) are combined into a single system that provides a scalable voice switching platform based on the International Softswitch Consortium distributed architecture. The SURPASS hiQ 8000, as a media gateway controller, centralizes call control and routing for the media gateways. The SURPASS hiQ 8000, together with its subtending media gateways, appears as any other voice switch within a network. A traditional voice switch has its own internal switching network, whereas the SURPASS hiQ 8000 uses a combination of the VoIP network and the internal backplane of the media gateway. This combined system can be deployed anywhere in the network where a voice switch is deployed. How the SURPASS hiQ 8000 and its media gateways are deployed and situated in a network depends on several factors such as, for example, whether a customer already owns Class 5 switches, provides voice calling in addition to ISP traffic, and wants to use Local Number Portability (LNP) to enhance network connectivity. For more information on system configurations, see Section 3.1, “Platforms”, on page 3-1. The SURPASS hiQ 8000 system software and application services support includes the following:
● Solaris 9 operating system
● Sun Cluster 3.1
● Oracle 9i with Real Application Cluster (RAC)
● Resilient Telco Platform (RTP) middleware package
● Element and resource management software that provides options for service and resource configuration, provisioning, maintenance, diagnostics, and accounting
● Routing of calls between any two endpoints from PSTN or IP
● TDM and IP connections
● Intelligent call control capabilities for digit translation and routing
● TDM and VoIP switching, call origination, and termination
● H.323 gatekeeper
● Full signaling capabilities: –SS7 –H.323 – SIP and SIPT
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-1
Software.fm Software Software Functional Units
–ISDN – MGCP, TGCP, NCS – CAS.
● Call and service usage collection for billing and traffic engineering
● Service logic execution environment APIs
● QoS control for IP bearer traffic
● Tandem offload services (Internet offload and grooming)
● AIN applications including 1-800 and Local Number Portability (LNP) services
● Connection to PBX systems through CAS and PRI
● Caller ID, Originating Call Blocking, and Customer Calling services
● Regulatory services for E911, operator services, and directory assistance. This chapter describes the software components of the SURPASS hiQ 8000. This includes software architecture components, and an overview of call processing, traffic flow, signaling protocols, and routing mechanisms.
4.1 Software Functional Units
Because the SURPASS hiQ 8000 softswitch is based on a modular design, it can easily adapt to meet the specific needs of each service provider. New functions and features can be easily incorporated without the need to change the software. The SURPASS hiQ 8000 is based on a number of individual functional units, as follows:
● Third Party Software (Solaris Operating System, Sun Cluster Package, Oracle Database, etc.)
● Resilient Telco Platform
● Universal Call Engine
● Signaling Managers
● MGCP Connection Control Manager.
A30828-X1121-A807-02-7671, November 2005 4-2 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Software Functional Units
4.1.1 Third Party Software
The SURPASS hiQ 8000 includes third party software for such functions as database management, SNMP management, volume management, clustering software, and the operating system. The current third party software is as follows:
● Apache Server
● Cluster Volume Manager (Veritas NetBackup)
● Emanate (SNMP Manager)
● Java Runtime Environment
● OMNI SS7, variant, and OMNI patches (Ulticom SS7)
● Oracle database, patches
● RTP and patches
● Solaris and patches/Sun Cluster software
● Lights off Management. This software can have potential reliability, system stability, and system performance impacts. As such, Siemens must make the following statement in regards to other third party software: Siemens respects the right of its customers to protect and monitor their networks through the installation and use of third party application software packages designed to perform such functions. However, Siemens’ server-based products are designed to meet specific carrier grade criteria and performance requirements that could be impacted by the installation of such software packages. To this end, Siemens assumes no responsibility or liability for the performance of the third party software, nor for any negative impacts caused to Siemens network elements specifically or the network in general.
4.1.2 Resilient Telco Platform (RTP)
The SURPASS hiQ 8000 utilizes the Fujitsu-Siemens Computers GmbH Resilient Telco Platform (RTP). The RTP is a distributed computing and fault tolerant platform that is the underlying middleware for the SURPASS hiQ 8000. The RTP middleware is based on clustering. A cluster consists of autonomous systems (nodes) that are linked together via a cluster interconnect. For the SURPASS hiQ 8000, there are two nodes. The nodes themselves are multiprocessor system, which operate in accordance with the principle of symmetric multiprocessing. The multiple processors in symmetric multiprocessing systems use a shared memory, and a single operating system takes responsibility for all processors.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-3
Software.fm Software Software Functional Units
The RTP manages node and process failovers within and across the nodes. The RTP software works in conjunction with the Sun clustering software to provide the following:
● Process pool for parallel processing
● Call contexts (data structure in memory)
● Load-balanced channels for encoding/decoding of SS7 messages
● Communication interfaces for encoding/decoding TTUD messages (MGCP, SIP). The RTP provides services that allow the applications to be implemented with two important architectural principles: location transparency and data resiliency. Location transparency is achieved via aliasing, which is the use of a logical naming mechanism for the instances of redundant process occurrences. In general, the RTP Context services, such as the Context Manager, make the distributed hiQ 8000 architecture fault tolerant and scalable at the software level, with all of the essential application transparencies. Each process instance may have an alias that acts as a redundant instance. The configuration of aliases includes active-standby and active-active. Aliases may be in the same computing element (node), or in different nodes, within a cluster. While Local Transparency provides for the saving of stable calls in the event of a single process failure on one node, Data Resiliency allows for stable calls to be saved in the event of a node failure within the cluster. The RTP Context Manager provides for the overall achievement of data resiliency in the SURPASS hiQ 8000 system. In particular, the Universal Call Engine and Signaling Managers invoke the RTP Context Manager service to save and retrieve critical call- related information. Upon failure (for example at the process, CPU, or node level) and possible loss of a given process instance, a redundant instance of the lost process can invoke the Context Manager, retrieve the latest call-related information, and resume the call signaling or processing. The RTP Node Manager provides mechanisms to monitor the application processes of the SURPASS hiQ 8000. Network Element Management (NEM) uses the ObserveProcess mechanism to monitor the UCE, Signaling Managers, Connection Control Manager, PSTN Routing Manager, Routing Manager, AAA (Authentication, Authorization, and Accounting) Manager, and Usage Collection. NEM is informed when any process becomes unavailable, and generates the appropriate critical alarms. It is also informed when a process becomes available, in order that the corresponding alarms can be cleared.
A30828-X1121-A807-02-7671, November 2005 4-4 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Software Functional Units
Figure 4-1 shows the role of the RTP middleware. Note: Computing Element = Node
S S Nu u Sunn Sun n et0 0 ra
SURPASS hiQ 8000 SURPASS hiQ 8000 Application Application
Computing Element 1 Computing Element 2 (CE 01) (CE 02) Single System Image
Resilient Telco Platform (RTP) Middleware
Sun Cluster Package
Solaris Solaris Operating System Operating System
Figure 4-1 Role of RTP Middleware
4.1.2.1 Important RTP Components The major components of the RTP portion of the hiQ 8000 are:
● Node and Communication Manager This component is responsible for the shutdown, restarting, and monitoring of RTP and hiQ 8000 application processes on each node in the cluster. There is a separate instance of the node manager on each member of the cluster. It is also responsible for maintaining the backup processes that are distributed across cluster members. Most processes started by the node manager are defined by a configuration file that is reference during startup.
● Inter-Process Communication (IPC) Communication between processes is done using well-defined messages. Processes can be combined into alias groups. For instance, there are four instances of the UCE across the cluster. Even distribution of the call load across all UCE’s is accomplished largely by the IPC.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-5
Software.fm Software Software Functional Units
● Context Manager A context is an object in memory that represents data and its state. The current state of a call, CDR-related information, timer information, active traces, and data from an external protocol packet are all candidates for context storage. The context manager is responsible for maintaining this information and maintaining a backup context on the other cluster node.
● Event and Alarm Manager Events are special messages logged into a database. Events with a severity level attached to them (critical, minor) are called alarms. On the SURPASS hiQ 8000, some RTP events are sent to the SNMP trap manager.
● Trace Manager The trace manager is used for debugging purposes. It is used to create event files that track the execution behavior, at different severity levels, of selected RTP and SURPASS hiQ 8000 processes.
4.1.2.2 Support of Active/Active Applications The SURPASS hiQ 8000 supports duplex active/active applications for cluster softswitches. During normal operation, the cluster operates in an active/active mode. In this mode, traffic is distributed evenly across the available nodes and across the available call processing instances within each node. Each node serves as a backup to the other node. During call processing, each process saves its contexts to the backup node at various points in the call. The SURPASS hiQ 8000 supports memory based data management for realtime data access. It also supports dynamic data synchronization between nodes which provides swift recovery response times when node failover occurs.
A30828-X1121-A807-02-7671, November 2005 4-6 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Software Functional Units
Figure 4-2 shows a normal active/active mode scenario with the SURPASS hiQ 8000 RTP contributing to system fault tolerance and scalability. When a hardware or software failure occurs, a backup node takes over the traffic of the failed node including the saving of stable calls. This is done by accessing the partner context pool. Note: Digit Xtion = Digit Translation.
Static Data (e.g., Digit Xtion, Routing)
ata c D ati St d te te te re ISUP ISUP rro xt UCExt xt Mi Signaling SMP SMP Signaling Static Data In Out (e.g., Digit Xtion, Routing) Context Save/Get
te te Node 2 ISUP ISUP Resilient Signaling xt UCE xt Signaling Context Pool SM SM Telco In Out Platform Context Save/Get e (RTP) av Node 1 t S ex Context Pool nt Co Node 1 e Resilient od Context Pool r-n Telco te In Platform (RTP) Node 2 Context Pool
Figure 4-2 Normal Active/Active Mode with RTP Support
In normal SS7 message load distribution and processing, both cluster nodes are active and process their share of the call load. In the SURPASS hiQ 8000 architecture, information about links, link sets, and routing is collated and propagated to the other node of the cluster.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-7
Software.fm Software Software Functional Units
Figure 4-3 shows an example of SS7 message distribution and processing when an SS7 module fails.
Sun Cluster Softswitch IAM
Sun Netra t 1400/1405 SM A’ Sun Netra 240
Comm ISUP SS7 SS7 Mgr Disp Stack Module A-Link SM STP PCI B SSP PC = Y
IAM
Figure 4-3 SS7 Message Distribution and Processing for SS7 Module Failure
4.1.3 Core Building Blocks of the Application Software
The core building blocks of the SURPASS hiQ 8000 application software are the Universal Call Engine (UCE), the Signaling Managers (SMs), and the Connection Control Manager (CCM). When all three are applied, they deliver a robust call and feature control platform that provides both legacy and next generation features.
4.1.3.1 Universal Call Engine (UCE) The UCE is a high performance, call processing engine that contains the generic switching functions of the SURPASS hiQ 8000. It provides a secure, generic interface to set up and release calls through the system. Because the UCE is a pure call-transaction processor, its only function is to route the calls between endpoints controlled by the Signaling managers. The UCE maintains contexts related to calls. It creates those contexts at the beginning of each calls, and deletes them at the end of each calls. Therefore, any event that is not related to a call cannot be sent to the UCE.
A30828-X1121-A807-02-7671, November 2005 4-8 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Software Functional Units
The UCE interacts with the service layer instead of directly with the signaling managers. The service layer interactions includes the following:
● Managing access and user/subscriber related resources
● Authorizing all requests to set up calls via the Authentication, Authorization, and Accounting (AAA) Services before proceeding with call set up
● Matching the subscribed capabilities of the users involved in each call with the resources allocated to that call
● Enabling mediation between incoming and outgoing call signaling through communication with the signaling managers
● Enabling digit translation and routing access
● Selecting the outgoing signaling manager based on the results from call routing
● Generating Call Detail Records (CDRs) via the Usage Collection function
● Coordinating the connection and release of physical and logical switching resources and the switching of connections via the Connection Control Manager
● Coordinating features and supplementary services
● Interworking with off-board services via SS7/TCAP, AIN, or SIP
● Acting on maintenance and administration requests that affect in-progress calls. The primary components for UCE call logic are as follows:
● Incoming Transaction Segment (ITS) — Executes the originating (inbound) call logic (on A-side)
● Outgoing Transaction Segment (OTS) — Executes the terminating (outbound) call logic (on B-side)
● Associator Segment (AS) — Preserves the overall call topology and maintains the relationship between all ITS and OTS involved in a single call
● Feature Segment (FS) — Provides the framework for service triggering and interactions and supports the execution of services that require call processing beyond a basic call, such as toll free (800) service and Local Number Portability (LNP). A large number of APIs provided to the UCE are crucial to SURPASS hiQ 8000 programmability and the ability to interoperate with standards-based equipment. The SURPASS hiQ 8000 interoperates with other media gateways supporting the H.323 or MGCP protocols. It also interoperates with media gateway controllers supporting the Session Initiation Protocol (SIP), an IP protocol to tunnel ISDN ISUP messages, and gatekeepers supporting H.323 version 2 (from a gatekeeper or endpoint perspective).
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-9
Software.fm Software Software Functional Units
Some existing UCE features and functions have capability limitations based on previous versions of the H.323 Signaling Manager (i.e., H.323 connections do not currently redirect). However, due to the implementation of the NQ/QSIG Interworking feature, such limitations are removed from UCE and other UCE capabilities specific to H.323 endpoints are updated. Among the known limitations are: Three-Way Calling, Call Transfer, and UCE AS segment (FSM, Util, Util1). Figure 4-4 shows the SURPASS hiQ 8000 UCE interfaces.
Figure 4-4 SURPASS hiQ 8000 Universal Call Engine (UCE) Interfaces
4.1.3.2 Signaling Managers There are various signaling managers that handle the different protocols terminated by the SURPASS hiQ 8000. The main tasks of the signaling managers are as follows:
● Handling all protocol functionality, such as: – Message encoding and decoding – Protocol state event processing – Protocol conformance checks – Protocol specific timers.
● Interfacing with the signaling stacks, where appropriate
● Adapting the external protocol messages to the common secure, normalized interface defined by the UCE
A30828-X1121-A807-02-7671, November 2005 4-10 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Software Functional Units
● Receiving/sending maintenance- and administration-related protocol messages and interacting with the SURPASS hiQ 8000 Maintenance functions
● In the case of the SIP and H.323 signaling managers, implementing the location and registration functionality in conjunction with the service layer. The following is a list of the SURPASS hiQ 8000 Signaling Managers:
● SIP-T — Control of SIP endpoints and SIP Media and Application servers
● ISUP — Control of ISUP (SS7) trunks
● ISDN (OAMP) — Control of PRI D-Channel signaling (Q.931) connections using proprietary OMAP protocol to a SURPASS media gateway
● MGCP — Control of analog lines behind an Integrated Access Device
● NCS — (embedded with the MGCP SM) Control of single phone lines behind a Multimedia Terminal Adapter (MTA) which is for PacketCable support
● DQ0S (part of NCS) — Control of resource allocation and accounting for a Cable Modem Access Network (e.g., Cable Modem Termination System (CMTS) which is for PacketCable support
● CAS — Control of MF trunks (in-band signaling passed from the SURPASS hiG media gateway)
● H.323 — Control of H.323 endpoints and gatekeeper functionality
● CSTA — Control of the Computer Supported Telecommunications Applications interface to application servers such as the Common Application Platform (CAP). Each signaling manager is responsible for converting external signaling messages into the internal SURPASS hiQ 8000 UCE-normalized messages. The UCE implements the following mediation:
● Between signaling managers of the same type. For example: – ISUP to ISUP for a pure SS7 tandem via VoIP applications – H.323 to H.323 for internal legacy H.323 network applications
● Between signaling managers of different types. For example: – ISUP to ISDN via OMAP backhaul for Internet offload applications – ISUP to H.323 for PSTN for VoIP legacy gateway applications – ISUP to SIPT for VoIP inter-zone application.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-11
Software.fm Software Software Functional Units
CSTA Signaling Manager The new CSTA (Computer Supported Telephony Application) Signaling Manager (SM) transports and handles CSTA message traffic between CTI applications and the UCE. The CSTA SM is responsible for communicating with the application via TCP connections, converting call control messages between CSTA and UCE formats, and managing a CSTA session. It uses provisioning support, at startup, for notification of configuration changes and also for database access in validating messages. The CSTA SM maintains message interfaces to CSTA service and the services’ database (SDAL/DBAL) and in turn, the CSTA SM authenticates user requests via SDAL/DBAL. Additionally, the CSTA SM acts as a signaling proxy for the user’s telephone (currently, a SIP device). To perform these functions, the CSTA SM makes use of the 3rd party call control (3PCC), MakeCall function, provided by UCE which can be used to originate a call between the SIP endpoint of the ComAssistant user and the desired destination. Therefore, the features invoked by the CSTA SM are handled by the UCE. Additionally, there is a new service called CSTA Service that handles requests from the CSTA SM. CSTA Service is active for the entire life cycle of a call and it provides for the monitoring functionality required by all ComAssistant phone users. Currently, CSTA monitoring is limited to the prime line on the SIP device. CSTA communication to the hiQ 8000 is via the Siemens CAP server platform.
4.1.3.3 Connection Control Manager The Connection Control Manager (CCM) is responsible for the creation and deletion of the media connections associated with a gateway call. The SURPASS hiQ 8000 implements the functions of a traditional PSTN switch but does not contain the physical switching elements. Instead, the media channels are switched in the media gateways. Since the SURPASS hiQ 8000 and the media gateways can be geographically separated, a control protocol is required between them that allows the SURPASS hiQ 8000 to make and break a connection in the media gateways. The CCM implements these protocols and shields the UCE from the details. The following following Connection Control Managers are implemented in the SURPASS hiQ 8000:
● MGCP
● MEGACO/H.248.
A30828-X1121-A807-02-7671, November 2005 4-12 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Software Functional Units
MGCP CCM All MGCP messages are transmitted via TTUD. Within the SURPASS hiQ 8000, the MGCP Connection Control Manager (CCM) provides the media gateway connection control function. The MGCP CCM receives internal messages in the following manner:
● Connection requests (such as create connection, modify connection, or release connection) from the UCE
● Continuity test requests from the ISUP signaling manager 1 ● Audit endpoint requests from the Prevention and Recovery Manager (PRM)
● Signal requests from the MGCP signaling manager (for residential MGCP endpoint support). The MGCP CCM converts MGCP protocol messages into SURPASS hiQ 8000 internal, normalized messages. The MGCP sends messages to the following SURPASS hiQ 8000 components:
● Restart in progress requests to the Trunk Maintenance Manager
● Connection response (such as create connection, modify connection, or release connection) to the UCE
● Continuity test response to the ISUP signaling manager
● Audit endpoint response to the prevention and recovery manager
● Signaling responses to the MGCP signaling manager. For Integrated Access Devices (IADs) and Multimedia Terminal Adapters (MTAs) controlled by MGCP/NCS or trunks controlled by MGCP/TGCP, the CCM works with the MGCP Signaling Manager to interact with signals and events in order to set up and release calls. The existing message interface between CCM and UCE and the CAS SM and MGCP SMs mandates encoding and decoding of the Session Description Protocol (SDP) in CCM, but with the SDP Transparency feature, SDP encoding and decoding is removed from CCM. Encoding of Local Connection Options (LCO) is enhanced to support Packetization period and codecs.
MEGACO/H.248 CCM The Megaco/H.248 Connection Control Manager is implemented based on the MEGACO Protocol Version 1.0. It provides the connection control functionality to interact with provisioned media gateways for the SURPASS hiQ 8000. The MEGACO CCM handles trunking gateways.
1. Call resource audits are performed on a configurable, regular basis to ensure proper operation of the SURPASS hiQ 8000. The PRM audits the ISUP trunks and PRI B channels.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-13
Software.fm Software Software Functional Units
In the current cluster environment (two nodes), each node is configured with once instance of the MEGACO/H.248 CM and each instance of the MEGACO/H.248 CCM is the backup process of the MEGACO/H.248 on the other node. Figure 4-5 shows the software components of the SURPASS hiQ 8000 system.
iSMC Subscriber NMC SNMP Master Manager (SOAP) CLI and Sub Agents
Mass Network Management Layer Maintenance Provisioning Errors/Traps Signaling Services Tracing Translation Routing Subscribers
Call Control Layer
ISUP MGCP H323 OMAP SIP SIPT TGCP
Universal Call Engine (UCE) Call Control Services
Service Administration Layer Authentication Provisioning Auditing Usage Collection
Overload Maintenance Manager Manager
hiQ Trace Manager Services Translations Routing
Database Access Layer RTP Platform Layer
Oracle
Figure 4-5 SURPASS hiQ 8000 Software Architecture and Components
A30828-X1121-A807-02-7671, November 2005 4-14 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Software Features
4.2 SURPASS hiQ 8000 Software Features
Table 4-1 lists some of the SURPASS hiQ 8000 software features. However, for a comprehensive list of all SURPASS hiQ 8000 features including appropriate titles, numbers, and descriptions, refer to the SURPASS hiQ 8000 Feature Description Guide.
Category Features
Platform ● Sun Solaris 9 operating system ● Sun Cluster 3.1 redundant platform ● Real Application Cluster (RAC) fault tolerant database support for 1:1 cluster ● Ulticom OMNI SS7 stacks support for 1:1 cluster ● Resilient Telco Platform (RTP) middleware support for 1:1 cluster ● Duplex active/active applications for clustered softswitch ● Memory-based data management for realtime data access ● Dynamic data synchronization between nodes ● Overload handling ● Call resource auditing for channels and call data contexts
Signaling Protocols ● MGCP for media control of gateways ● SS7 (ISUP, TCAP, MTP) ● H.323 version 2 (conventional H.245 and FastStart signaling with gateways and SIP endpoints) ● SIP signaling support between softswitch and application server ● ISDN signaling through OMAP backhaul ● Any to any signaling protocol mediation (ISUP, SIP, H.323, ISDN, CAS) ● Multi-rate ISDN for PRI and ISUP ● MGCP/TGCP for control of Channel Associated Signaling (CAS) trunks ● Test call capability for SS7 trunking interface Table 4-1 SURPASS hiQ 8000 Software Features (Sheet 1 of 4)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-15
Software.fm Software SURPASS hiQ 8000 Software Features
Category Features
Call Processing ● Universal Call Engine (UCE) ● Service Execution Environment (SEE) supporting these extensible native services:
● AIN Triggers ● Distinctive Ringing ● Anonymous Caller ● Enhanced Call Trace Rejection ● MLHG - Pilot Hunting ● Authentication, Audits, etc. ● Malicious Call Trace ● Automatic Call Back ● Multiple Originating Point ● Automatic Recall Codes ● Basic Business Group ● Operator Busy Line Intercom Dialing Verification ● Basic Business Group Main ● Operator Services Support Number ● Remote Access to Call ● CALEA Call Content Forwarding ● CALEA Call Data ● Simultaneous Ringing ● Call Forwarding All ● Selective Call Acceptance ● Call Forwarding Busy Line ● Selective Call Forwarding ● Call Forwarding Extended ● Selective Caller Rejection (Web based control): CF All, ● SIP Enhancements Time of Day, Busy, Don’t ● SMDI Support via SS7 Answer, Selective TCAP ● Call Forwarding No Answer ● Speed Dialing ● Call Hold ● SS7 E911 Support ● Call Park ● Teen Service ● Call Pickup ● Three Way Call ● Call Transfer ● Toll Free Dialing (e.g. 800) ● Call Waiting ● Toll Restriction and Code ● Caller ID Diversion ● Caller Identity Delivery and ● Visual/Telephone Screen Suppression (CIDS) List Management ● CIDS Call Waiting ● Voice Mail/Unified ● Caller ID Blocking Messaging support ● Calling Name Delivery ● Web Enablement of Centrex ● CAS E911 Provisioning ● Centrex Dialing Plan ● Usage Sensitive Call ● Centrex Station Restrictions Forwarding ● Directory Services Support Table 4-1 SURPASS hiQ 8000 Software Features (Sheet 2 of 4)
A30828-X1121-A807-02-7671, November 2005 4-16 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Software Features
Category Features
Translation and ● Call routing on ISUP trunk groups, ISDN hunt groups, NFAS Routing groups, and PRIs ● Rotary, sequential and cyclic routing ● Alternate routing ● Prefix digit translation (1+, 101+, 011+, 01+, 0. 00. 0+) ● International, national, and subscriber E164 directory number translation ● Most-matched digit translation ● Inter-changeable NPA and NXX ● Exchange access/feature group D ● H.323 alias translation and routing with endpoint discovery and registration ● Resource allocation (e.g., lines, trunks, PRIs, etc.) ● Keyset Operations ● Repeat Dial Key ● Station Dialing ● Dialing Plan Enhancements
QoS Control ● Originating and terminating media gateway codec control ● Echo cancellation control based on trunk group ● Originating carrier and subscriber profile control – Codec – Packetization period – Type of Service (TOS) – Resource reservation – Silence suppression Table 4-1 SURPASS hiQ 8000 Software Features (Sheet 3 of 4)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-17
Software.fm Software SURPASS hiQ 8000 Software Features
Category Features
OAM&P ● iSMC subscriber management via HTTP GUI interface ● Caller Authentication ● Call Detail Records (CDRs) generation ● CDR retrieval via push/pull mechanism ● Software productization via modular UNIX packaging for upgrades ● Mass provisioning through expert mode CLI ● Backup and restore through CLI and SNMP ● Automated software installation for repeatability of site configurations ● Traffic Measurements for Business Groups ● Billing for Business Groups ● Improved APS Upgrade ● Rolling upgrade for system and application software installation ● OAM&P integration with SURPASS hiG 1200/1100 – Startup/shutdown including add, delete, modify MGs through MGCP Restart In Progress (RSIP) – ISDN data download to SURPASS hiG 1200/1100s
Element ● Element management interfaces Management – Menu-driven CLI – Expert mode CLI (for Mass Provisioning) – SNMP Network Management Center (iNMC) ● Network management for softswitch system and all supported features – Configuration/provisioning management – Fault management (traps) – Performance management – Maintenance management Table 4-1 SURPASS hiQ 8000 Software Features (Sheet 4 of 4)
A30828-X1121-A807-02-7671, November 2005 4-18 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
4.3 SURPASS hiQ 8000 Call Processing
The SURPASS hiQ 8000 call processing functions include the software components for bearer control, signaling processing, call control, signaling interworking, service control, and back-end database services. Figure 4-6 shows the overall software architecture of the SURPASS hiQ 8000 call processing functions.
Figure 4-6 SURPASS hiQ 8000 Call Processing Software Architecture
4.3.1 Call Control
The key component of the SURPASS hiQ 8000 call processing function is the protocol- independent Universal Call Engine (UCE). The UCE contains the generic switching functions of the SURPASS hiQ 8000. It provides common logic to the signaling managers to route calls through the SURPASS hiQ 8000. See Section 4.1.3.1, “Universal Call Engine (UCE)”, on page 4-8 for more information on UCE.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-19
Software.fm Software SURPASS hiQ 8000 Call Processing
Basic Call Example The three primary components collectively responsible for handing the basic call are the Incoming Transaction (ITS) and Associator (AS) Segments which handle the originating call, and the Outgoing Transaction Segment (OTS) which handles the terminating call. The call origination is sent to the signaling manager handling the protocol of the originating call. The signaling manager communicates to a UCE ITS (Incoming Transaction Segment) instance which authenticates the origination, as follows:
● AAA authenticates a call against the originating DN at call setup
● Subscriber Profile Table contains an entry for each subscriber DN along with service information for that subscriber
● AAA manager authorizes an incoming call if originating DN is listed in the Subscriber Profile Table. Once the origination has been authenticated, the UCE Associator Segment (AS) is invoked to handle the digit analysis and routing. One of the results coming back from digit translation and routing is an indicate which signaling manager is required for the route that digit analysis determined. The UCE Outgoing Transaction Segment (OTS) instance is invoked to communicate with the appropriate signaling manager that handles the protocol of the terminating/outgoing endpoint.
4.3.2 Address Translation and Routing
Address translation (or Digit Analysis) is the process of interpreting incoming digits and determining the appropriate destination or feature. The SURPASS hiQ 8000 can be configured to support any size number blocks, and so can support several NXX codes (office codes), NPA codes (area codes) and thousands of groups. The SURPASS hiQ 8000 provides the following address translation and routing functions:
● Routing via ISUP trunk groups — rotary and cyclic
● Routing via ISDN hunt groups and NFAS groups — rotary and cyclic
● Alternate routing
● Prefix digit translation — 1+, 101+, 011+, 01+, 0, 00, 0+
● E164 DN translation — national, international and subscriber
● Most-matched digit translation
● Interchangeable NPA (Numbering Plan Area, i.e., area code) and NXX (office code)
● Origin Dependent Routing
● Exchange access/feature group D — end office and tandem
A30828-X1121-A807-02-7671, November 2005 4-20 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
● H.323 alias translation
● Location Routing Number (LRN) translation
● Default routing
● Vertical service code translation
● E.164 to H.323 routing
● Toll free service trigger detection — based on the dialed service access code (800/888/877, 800/888/877-NXX) and carrier access code “0110”
● Toll free service default routing. Figure 4-7 shows the typical digit translation and routing path.
Figure 4-7 SURPASS hiQ 8000 Digit Translation Overview
Prefix Access Codes are created to define single digits or a string of digits that enable callers to select specific number formats and services. The SURPASS hiQ 8000 derives the Prefix Type and Nature of Address (NOA) based on the digit length and prefixed digits. The resulting prefix type and NOA is used in conjunction with the remaining digit string by the E.164 translation tables (Digit Translator) for derivation of the called party’s destination. Figure 4-8 gives an overview of the Prefix Translator. Results can be a vertical service code which points to a specific service; it can be the more normal case where the E.164 digit translator is accessed; it can be a private number in which case a specific private number translator is accessed; or it can be an invalid prefix in which case intercept treatment is initiated.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-21
Software.fm Software SURPASS hiQ 8000 Call Processing
Prefix Translator is bypassed if Nature of Address and Numbering Plan are known.
Figure 4-8 SURPASS hiQ 8000 Prefix Translator
After Prefix Digit Translation, where the Nature of Address (NOA) is derived, routing management proceeds to go into the E.164 digit tables using the remainder digits (with prefix digits stripped or left based on how it should be signaled forward) and the resulting NOA. In the SURPASS hiQ 8000, Most-Matched Digit Translation always searches for the longest matching digits to determine the destination and is used to resolve ambiguity in codes or route calls to one of several possible destinations based on the longest matching leading digits. The usual result is that a Destination Table is indexed which contains a Route List to route the call on to its destination. Based on the destination and other information that digit translation provides, routing yields a specific endpoint, an inter-machine (ISUP) trunk group, an ISDN PRI hunt group, or a Non-Facility Associated Signaling (NFAS) group. The SURPASS hiQ 8000 Digit Translator receives the digits, such as NPA, Class of Service and Nature of Address codes, and delivers the Destination Type, ID, Traffic Type, etc.
A30828-X1121-A807-02-7671, November 2005 4-22 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
4.3.2.1 Assigning Routes via a Route List A route is a set of trunk groups or hunt groups that connect the current node (the SURPASS hiQ 8000 and the SURPASS hiG 1200 or 1100 Media Gateways) to one adjacent node. Routes are assigned to destinations in a prioritized manner. The routes within the same route list are checked first for available resources (ISUP trunks or ISDN PRI B channels). When there are no available channels within those routes, the next route list in the sequence is searched. The routing of a call by the SURPASS hiQ 8000 provides a route list containing the various routes that can be used for terminating the call. Each Route List consists of up to 8 routes. The maximum number of route lists is configurable up to the available memory, with minimal support for at least 4,000.
4.3.2.2 Using Cyclic and Rotary Searches to Select a Route The SURPASS hiQ 8000 supports cyclic and rotary search methods to select a route. A search method can support forward or backward search. The routes within a route list are searched according to the search method in the destination data structure. When the cyclic search method is used, the current route within the route list is searched for a free channel. Otherwise, the next route is checked. After that, the next route within the same route list becomes the current route to be searched for next routing. When the rotary (fixed sequential) method is used, the routes are checked for free channels in the order in which they are found in the linked list. The first route to have free channels is used to select a channel. A route can consist of a number of ISUP trunk groups or PRI hunt groups. The search method for the route determines how a group is selected for channel allocation from within a route. A NFAS group is a group of PRIs (1 to 20 PRIs) that share one or two D-channels for signaling purposes. Once a trunk or hunt group is selected, the channel selection method (rotary or cyclic, backward or forward) is used. For example, in the rotary hunting scenario, the hunting algorithm tries the first available channel in a linear sequence so that the lowest number channels are used over and over again. Every time a channel is requested to service a call, the algorithm begins at the first channel in the trunk group. The PRIs are hunted in terminal number order. Channels within a PRI are searched from lowest-numbered to highest-numbered. Channels included in the search can be a subset of all channels on the PRI. In the cyclic hunting scenario, the hunting algorithm tries the next available channel in sequence while remembering the previous channel tried, so that over time the calls are distributed uniformly across the channels. This algorithm does the best job to avoid a single bad channel. Each time a channel is requested to service a call, the algorithm begins at the last channel found. The PRIs are hunted in terminal number order. Channels within a PRI are searched from lowest-numbered to highest-numbered, and channels included in the search can be a subset of all channels on the PRI.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-23
Software.fm Software SURPASS hiQ 8000 Call Processing
The following sections describes some of the additional digit translation and routing capabilities in more detail.
4.3.2.3 Alternate Routing The SURPASS hiQ 8000 allows one or more alternate routes to reach a destination address, such as a E.164 destination number. A route can be to a gateway, a gatekeeper, a softswitch, a trunk, or PRI a B-channel. Routing returns a prioritized list of possible routes to reach the destination. If a Route List is not prioritized, the SURPASS hiQ 8000 distributes call traffic evenly among the routes of the destination’s Route List.
4.3.2.4 Prefix Digit Translation The SURPASS hiQ 8000 supports the following prefix dialing schemes (provisioned for the US market):
● International Call Prefixes — 01 and 011 01 + CC +N (S) N, 011+CC+N (S) N
● National and Toll Call Prefix — 1 1+NPA-NXX-XXXX, 1+NXX-XXXX
● Operator Call Prefixes — 0 and 00 0, 0#, 00, 0+NXX-XXXX 0+NPA-NXX-XXXX (except 0+SAC+NXX-XXXX for selected SACs, e.g. 800)
● FGD CAC (Feature Group D Carrier Access Code) Prefixes — 10 and 101 10XXX, 101XXXX.
4.3.2.5 E.164 Directory Number Translation The SURPASS hiQ 8000 supports national, international, and subscriber E.164 directory number translation. Digit translation is the process of interpreting incoming digits and determining the appropriate destination or feature. The features can include speed call, vertical services, and IN triggers (such as LNP and toll free). When digit translation results in a feature, the feature is invoked. Digit translation analyzes the following types of numbers:
● E.164 international, national, and subscriber numbers
● LRN (Location Routing Numbers)
● FGD CAC (Feature Group D Carrier Access Codes)
● Dialed numbers that may or may not include prefixes.
A30828-X1121-A807-02-7671, November 2005 4-24 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
Based on the destination and other information that digit translation provides, routing determines the following:
● The trunks and associated MGCP gateways
● The PRI B-channels and associated MGCP trunking gateways
● The H.323 endpoint and its IP address, signaling, and RAS port
● The H.323 gateways and their IP addresses, signaling, and RAS ports
● The H.323/SIPT gatekeepers and their IP addresses and signaling ports.
4.3.2.6 Most-Matched Digit Translation In some countries, ambiguous codes are allowed. For example, in Germany, code 08 is the area code within Bavaria and code 089 is the area code of Munich. If digit string 089 is to be translated, the destination should be Munich; if a digit string 08x, where x is not equal to 9, the destination should be within Bavaria. Speed calling codes also introduce ambiguity. For example, in speed calling code 2 and NPA 201 are both allowed. In the SURPASS hiQ 8000, Most-Matched Digit Translation always searches for the longest matching digits to determine the destination and is used to resolve ambiguity in codes. For example, in speed calling digit translation does not stop at 2 to determine whether a speed calling code or NPA is dialed.
4.3.2.7 Interchangeable NPA and NXX The same NXX code can serve as both an office code (NXX) and an area code (NPA). If prefixes are allowed for both 7 digit and 10 digit calls, then interchangeable NPA and NXX codes introduce ambiguity. In some areas where these codes exist, 10 digit dialing is required to avoid ambiguity. Use of the 0 or 1 prefix to denote 10 digit numbers avoids problems associated with critical timeout. However, this arrangement requires dialing of the home NPA code for 0+ (operator or credit card) calls within the home NPA. This problem should not arise if the MGCP and SIP subscribers signal their dialed digits enbloc. Conflict of interchangeable NPA and NXX codes is resolved by nature of address and code length. Nature of address is determined by the prefix analysis and the length of dialed digits. The SURPASS hiQ 8000 can append the NPA of the calling user when 7 digits are dialed, prior to routing the all to the PSTN, if required.
4.3.2.8 Origin Dependent Routing Digit translation can translate the same destination code into different destinations based on originating rate area and/or originating class of service thus allowing originating rate area and/ or class of service to affect routing decision. A rate area is a local calling area where
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-25
Software.fm Software SURPASS hiQ 8000 Call Processing subscribers within the area an call each other for free. The originating class of service is assigned to a trunk or line. Examples of line classes of service include single-party, hotel, motel, and prison lines.
4.3.2.9 Exchange Access/Feature Group D Exchange access was initially defined as applying to internetwork traffic between the area served by the LECs that were divided into non-overlapping Local Access and Transport Areas (LATAs). A LATA is a geographical area in which the local telephone company is allowed to carry local calls and intra-LATA toll calls. Intra-LATA toll calls (or local toll calls) are calls that go beyond a local calling area, but are still within the LATA. Every LEC station is viewed as existing in only one LATA. Traffic between LATAs is provided by IXCs, while authorized intra-LATA carriers (including LECs, IXCs, and CLECs) can handle traffic within a LATA. IXCs receive inter-LATA traffic and/or intra-LATA toll traffic (where authorized) from the LEC. Equal Access/Feature Group D allows the following:
● The subscriber to use a long distance carrier to carry intra-LATA toll calls via intra-LATA pre-subscription, or by 10XXXX dialing
● The subscriber to select a carrier by pre-subscribing to the carrier and/or by 101XXXX dialing. This feature allows the SURPASS hiQ 8000 to support the digit translation functions of an Equal-Access End Office (EAEO) or an Access Tandem (AT).
4.3.2.10 Alias Translation and Routing The SURPASS hiQ 8000 zone management capability provides alias translation, dynamic endpoint registration and unregistration, endpoint admission control, and gatekeeper discovery.
Alias Translation The SURPASS hiQ 8000 H.323 gatekeeper performs alias translation to resolve the aliases to an IP transport address when it receives a list of destination aliases for an endpoint. If the gatekeeper manages the endpoint, the aliases are translated into the call signaling address and RAS address of the endpoint. If another gatekeeper manages the endpoint, the aliases are translated into the call signaling transport address of the far-end gatekeeper.
H.323 and SIP Endpoint Registration H.323 endpoints can dynamically register their aliases and transport addresses with a gatekeeper by sending an RRQ (Registration Request) message, or dynamically unregister themselves by sending an URQ (Unregistration Request) message to the gatekeeper. The
A30828-X1121-A807-02-7671, November 2005 4-26 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing gatekeeper grants the request with an RCF (Registration Confirm) or UCF (Unregistration Confirm) message, or declines the request with a RRJ (Registration Reject) or URJ (Unregistration Reject) message. As part of their configuration process, all H.323 and SIP endpoints register with the gatekeeper identified through the discovery process. Registration occurs before any calls are attempted and may occur periodically, and dynamically with dynamic IP data, as necessary (for example, at endpoint power-up). An endpoint sends a Registration Request message to the gatekeeper to register.
H.323 Endpoint Admission Control H.323 endpoints sends an ARQ (Admission Request) message to the gatekeeper to request access to the network.When the gatekeeper grants access, it sends an ACF (Admission Confirm) message to the endpoint. Otherwise, the gatekeeper replies with an ARJ (Admission Reject) message.
H.323 Gatekeeper Discovery Gatekeeper discovery is the process an endpoint uses to determine the gatekeeper with which to register. H.323 endpoints may send a GRQ (Gatekeeper Request) message. One or more gatekeepers may accept the request by responding with the GCF (Gatekeeper Confirm) message that contains the transport address of the gatekeeper’s RAS channel. If a gatekeeper does not want the endpoint to register, it returns a gatekeeper reject message. If more than one gatekeeper responds, the endpoint chooses the gatekeeper to use.
4.3.2.11 LNP Trigger Detection Once other triggers are detected and processed, Local Number Portability can be activated. LNP, which is a network-based service for wireline networks, uses the Location Routing Number method to allow a subscriber to port their phone number from one serving switch to another. This feature provides the LNP triggering, translation, provisioning and billing support functions for the LNP implementation.
4.3.2.12 Default Routing If the SURPASS hiQ 8000 has been provisioned to perform default routing (calls sent via the predetermined original path) and the T1 timer expired or an error report indicates that an SCCP error occurred or ACG blocking is applied, the SURPASS hiQ 8000 performs default routing.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-27
Software.fm Software SURPASS hiQ 8000 Call Processing
4.3.2.13 Vertical Service Code Translation Translation of vertical service codes ultimately allows customer access to features and services provided by local exchange carriers, interexchange carrier, commercial mobile radio service providers, etc. The format of a customer-dialed vertical service code is *XX or *2XX (touch tone) and 11XX or 112XX (rotary).
4.3.2.14 E.164 to H.323 Routing Digit translation analyzes E.164 types of numbers (international, national, and subscriber). Based on the destination and other information that digit translation provides, routing determines the H.323 endpoints and gateways and their IP addresses, signaling, and RAS ports, and the H.323/SIPT gatekeepers and their IP addresses and signaling ports.
4.3.2.15 Least Cost Routing The SURPASS hiQ 8000 supports Static Least Cost Routing and up to 8 different routes. An originating line can be assigned to a different class of service to be assigned to a different dialing plan/rate plan. Time of Day routing is also supported.
4.3.2.16 Glare Handling Trunk Groups are provisioned and assigned a signaling profile. One of the parameters of the profile is the Glare Control. This field specifies the method for controlling port selection conflicts for this Signaling Profile. Upon detection of dual seizure, the call the control switch is processing is allowed to mature, while the call the non-control switch is processing is backed-off. The Glare Control method determines which circuits the SURPASS hiQ 8000 controls. Table 4-2 shows the possible entries and their functions.
A30828-X1121-A807-02-7671, November 2005 4-28 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
Possible Signaling Definition Profile Entries All Indicates that the SURPASS hiQ 8000 controls all the circuits in the associated Trunk Group when dual seizure occurs. None Indicates that the SURPASS hiQ 8000 does not control any circuits when dual seizure occurs. Even Indicates that the SURPASS hiQ 8000 controls even-numbered circuits when dual seizure occurs. Odd Indicates that the SURPASS hiQ 8000 controls odd-numbered circuits when dual seizure occurs. Point Code Controlled Indicates that the switches involved in the dual seizure determine control by each switch’s point code. That is, the switch with the higher point code controls the even-numbered circuits, while the switch with the lower point code controls the odd-numbered circuits when dual seizure occurs. Table 4-2 SURPASS hiQ 8000 Glare Control Methods
4.3.3 Invocation of Features/Services
Services on the SURPASS hiQ 8000 operate within a designated framework for implementation. The implementation of a new service relies on the following framework:
● Starting of a service
● Stopping of a service
● Allowing registration mechanism for services to request triggering from any basic call event, or another services event
● Providing notification of arrival of registered events for triggering
● Providing access to basic call data
● Allowing controlled modification of basic call events
● Allowing controlled modification of basic call data. This framework is known as the Service Execution Environment (SEE). The UCE employs an event-driven Finite State Machine (FSM)-based call model. The UCE is composed of several components that execute the call logic (ITS, AS, OTS). Services are separated from the basic call model and are only triggered by events. At UCE initialization time, services register for basic call events via the UCE Distributor and will receive notification when
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-29
Software.fm Software SURPASS hiQ 8000 Call Processing they occur in order to allow the services to carry out their FSM actions. Services will use the UCE basic call events to trigger their FSM. A service’s FMS logic may access basic call data, modify basic call events, or remove call events to get the desired behavior of that service’s requirement. Figure 4-9 shows the service control and execution environment Call Processing Services are designed within the following guidelines:
● All Call Processing services are compiled and built as a standalone entity with the capability of being loaded into the UCE, i.e., all services are Shared Libraries.
● All Call Processing services are executed as part of the UCE process.
● All services are loaded dynamically during UCE initialization time.
● All Call Processing services must have access to all basic call events and other service events.
● Call Processing services many be initiated by any UCE component or signaling manager.
● Services are addressed by their Service ID and Service Priority.
● Service’s priorities are used to resolve execution conflicts or resource contentions within the UCE (a function of the UCE Distributor).
TCAP SIP
SCP AS I/F I/F XLA I/F
Service Triggering
Service Triggering Service SM SM
SLEE
Signaling UCE Signaling Control Control Call and Service Control Call Event
Figure 4-9 Service Control and Execution Environment
A30828-X1121-A807-02-7671, November 2005 4-30 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
4.3.4 Inherent Tandem Switching Capabilities
4.3.4.1 Intercept and Announcement Handling This capability allows the SURPASS hiQ 8000 to use Media Servers to generate tones and announcements indicating various failure or other conditions the calling party may encounter on a dialed call. These tones and announcements provide explanatory information when a call fails to complete as dialed. The tones and announcement are available as audio clips encoded on the Media Server. Intercepts are sequences of up to three tones and/or announcements that the SURPASS hiQ 8000 and its Media Server repeat a specified number of times. Administrative options are available to specify a tone’s duration and also whether an announcement is “barge-in” or "non-barge-in.”
4.3.4.2 QoS Handling The SURPASS hiQ 8000 uses MGCP to populate a number of connection control parameters to the media gateway to control Quality of Service (QoS) on the bearer capability. Table 4-3 describes the QoS control parameters configurable through MGCP.
Attribute Description Codec The encoding methods (G.711, G.723.1, G.729A, and G.726) the media gateway uses for VoIP calls. Packetization Period The packetization interval for a VoIP call, in milliseconds of speech to put into each packet. Type of Service Enables differentiated services when IP packets are routed through QoS-capable routers. Resource Reservation Reserves resources along the voice/data path. The values are: ● Guaranteed service ● Controlled load ● Best effort Silence Suppression Automatically detects silence to prevent the transmission of empty packets. The options are on or off. Table 4-3 SURPASS hiQ 8000 QoS Attributes The SURPASS hiQ 8000 supports originating and terminating media gateway CODEC control. The SURPASS hiQ 8000 routing capability determines the gateway CODEC attributes via the softswitch configuration database, such as the CODECs the gateways support. The SURPASS hiQ 8000 also supports echo cancellation control for the media gateway. The SURPASS hiQ 8000 routing capability determines echo cancellation on a per trunk group basis.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-31
Software.fm Software SURPASS hiQ 8000 Call Processing
DQoS (Dynamic Quality of Service) is a fundamental and critical element to the PacketCable architecture as it addresses access to enhanced QoS resources. Enhanced QoS resources are the basis for tiered services.
4.3.4.3 IN/AIN Handling The SURPASS hiQ 8000 supports INAP (Intelligent Network Application Protocol) which is required for IN/AIN support. The INAP version supported is compliant with GR-1299-CORE of AIN0.2. This allows the SURPASS hiQ 8000 to develop applications and service features that are mostly built with the AIN model. Support of IN/AIN by call processing allows definition of a number of trigger checkpoints at the SURPASS hiQ 8000, which when encountered in the course of call processing, causes the call to be temporarily suspended and a query to be sent to a centralized database (the SCP - Service Control Point) asking for instructions on how to proceed with the call. Once the SCP returns with instructions, call processing resumes at the softswitch. The SURPASS hiQ 8000 uses a combination of IN and AIN triggers to provide 800, LNP (Local Number Portability), and CNAM (Calling Name) services.
4.3.4.4 Voice Message Service (VMS) Support The SURPASS hiQ 8000 supports both legacy Voice Mail servers and next generation VM Application Servers. For legacy voice mail systems, the SURPASS hiQ 8000 for busy subscribers who have subscribed to voice mail (using Call Forwarding, Don’t Answer, or Busy Line) to a third party’s messaging system. This routing happens via the SURPASS hiG 1200 Media Gateway so that the messages can be left at the voice mailbox of the busy or not answering subscriber. The office the messaging system is connected to send a message waiting indication (MWI) to the softswitch when instructed by the third party message system. The SURPASS hiQ 8000 then sends this MWI to the VM subscriber via either a SIP or MGCP message. The VM subscriber retrieves messages by dialing the system directly and then following voice prompts.
4.3.4.5 Operator Services The SURPASS hiQ 8000 currently supports Operator Services by handing off calls via ISUP trunks through a tandem connection to an Operator Services platform. The following operator capabilities are supported:
● Directory Assistance
● International Directory Assistance
● Directory Assistance Call Completion
● Alternate Billing Services
A30828-X1121-A807-02-7671, November 2005 4-32 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
● Calling Card and Charge Calls
● General Assistance
● Person-to-Person
● Busy Line Verification
● International Collect. Operator Assistance is supported through a set of established dialing patterns on the SURPASS hiQ 8000. The digit ‘0’ dialed immediately preceding a 7-digit or 10-digit number triggers operator assistance for that call, while the digit ‘0’ dialed alone triggers a connection with an operator. Other dialing plans are also supported, e.g., 411, 00, etc.
4.3.4.6 Emergency Calling The SURPASS hiQ 8000 currently supports emergency calling (E911) by handing off calls via ISUP trunks or MF Channel Associated Signaling (CAS) trunks through a tandem connection to a Public Safety Answering Point (PSAP). Additionally, the softswitch provides the Automatic Number Identification (ANI) of the calling party to the E911 tandem/PSAP via SS7 or MF, provides called party control/forced release so that only on-hook from the E911 tandem/PSAP can release the call, and disables subscriber features (such as call waiting) that could interfere with the handling of the E911 calls.
4.3.4.7 CALEA The Communications Assistance for Law Enforcement Act (CALEA) is a U.S. Government requirement to voice telecommunications service providers to allow for the lawful intercept of communications through wiretapping any telephone line connected to the public network. For more information on CALEA, refer to the Subscriber Accounts/Services Administration Using NetManager iSMC guide.
4.3.4.8 Local Number Portability LNP provides the ability for subscribers to move from one service provider to another, from one type of service to another, without the need to change their telephone numbers. LNP support on the SURPASS hiQ 8000 involves recognition and interpretation of Location Routing Numbers (LRNs), which is independent of the dialed number, and which may be ported from one central office exchange to another. A single SURPASS hiQ 8000 supports a maximum of 500 LRNs. The SURPASS hiQ 8000 supports Local Number Portability (LNP) by interacting with an external SCP through TCAP. The SURPASS hiQ 8000 interacts with a LRN database to identify the switches within the telephone network for LNP. Each LRN entry associates a six to ten digit LRN with the appropriate switch within the network. To process a call to a ported telephone number, the SURPASS hiQ 8000 identifies the LRN included in the call information and
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-33
Software.fm Software SURPASS hiQ 8000 Call Processing searches for the corresponding entry in its LRN database. Upon locating the switch that corresponds to a call’s LRN, the SURPASS hiQ 8000 routes the call to the correct recipient switch hosting the ported subscriber and telephone number. Figure 4-10 shows the network architecture for toll free (800) and LNP services.
SCP
800/LNP Database
TCAP/SS7
hiQ 8000 ISUP/SS7 CO ISUP/SS7
CO MGCP OMAP Trunk
Trunk hiG 1200 SMX PRI PBX
Figure 4-10 LNP and 800 Services Network Architecture
4.3.4.9 Toll Free (800) Service The SURPASS hiQ 8000 supports toll free (800) service by interacting with an external SCP through TCAP. The dialing of an 800 Service Access Code (SAC) indicates that the call requires special treatment. The digits following the 800 SAC determine the routing of the call. This determination is made at the SCP where the 800 number is translated to select the carrier (IXC, LEC, or other carriers). This carrier transports the call and specifies a call party number to use in the subsequent routing of the call. A call that requires toll free service processing is routed to the SURPASS hiQ 8000, which interacts with the SCP to determine how the call is routed. The SURPASS hiQ 8000 passes the dialed number and calling customer identity (if available) to the SCP, which responds with detailed call handling information.
A30828-X1121-A807-02-7671, November 2005 4-34 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
4.3.5 Signaling Control and Endpoint Communication
The SURPASS hiQ 8000 supports the processing and interworking of protocols that communicate with endpoints to deliver communications to end users. The supported protocols are SS7 (ISUP, MTP, TCAP), SIP/SIP-T, MGCP, MEGACO/H.248, PacketCable (NCS, TGCP, DQoS), H.323, MF CAS, and ISDN PRI. In addition to the signaling protocols, the following endpoints are supported: SIP, MGCP, H.323, MF CAS, POTS, and, ISDN PRI.
4.3.5.1 SS7 Signaling Protocol The SURPASS hiQ 8000 SS7 protocol stacks include MTP1, MTP2, MTP3, ISUP, SCCP, and TCAP. The SS7 signaling control and its interworking with other types of signaling protocols are implemented on top of the SS7 stacks within the SURPASS hiQ 8000. The SS7 signaling protocol and control functions include basic signal unit format, signal unit delimitation, basic error correction method, initial alignment procedures, remote processor outage, receiver busy condition, and signal link error monitoring. The SURPASS hiQ 8000 MTP3 functions include MTP network management, signaling link test and maintenance procedures, MTP message handling, changeover/changeback procedures, management inhibiting, MTP restart, cluster routing and management, congestion control, and false link congestion detection. The SURPASS hiQ 8000 ISUP functions include:
● Receiving/generating Initial Address Messages (IAMs) for tandem calls via SS7 trunks
● Continuity Testing procedures
● Handling of various release conditions
● Responding to circuit queries
● Circuit validation test procedures
● Suspend/resume procedures
● Blocking and unblocking procedures
● Responding to reset circuit requests
● Handling messages specifying unequipped circuits
● Interworking with LNP
● Handling various error conditions (protocol errors, timer expirations, etc.)
● Hop counter procedures
● Automatic congestion control.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-35
Software.fm Software SURPASS hiQ 8000 Call Processing
SS7 Continuity Testing is supported by the SURPASS hiQ 8000 by sending test requests that are run on the SURPASS media gateways. Test can be run for incoming and outgoing SS7 signaling. Incoming and outgoing tests can be done simultaneously. Support is provided for 4 wire to 4 wire, 4 wire to 2 wire, 2 wire to 4 wire, and 2 wire to 2 wire testing. The SURPASS hiQ 8000 ISUP signaling control and processing is supported through the ISUP signaling manager (SM). The ISUP SM normalizes all sources of SS7 ISUP signaling information. It brings an endpoint located at the SURPASS hiG 1200/1100 into the call. It supports call control by maintaining the ISUP protocol specific state information of individual circuits. The ISUP SM interacts with the Trunk Selection Manager to select trunks, route calls, and maintain appropriate trunk state. During a call setup, the outgoing ISUP SM selects an outgoing trunk from the identified Trunk Group through the Trunk Selection Manager. Trunks involved in a call are marked as busy during call setup and marked as idle when the call is released.
TCAP The SURPASS hiQ 8000 supports TCAP (Transactional Capabilities Application Part) allows the SURPASS hiQ 8000 to communicate with databases in the SS7 network. Also, the TCAP protocol layer is required for IN/AIN (Intelligent Network/Advanced Intelligent Network) support.
4.3.5.2 SS7 Endpoint Support SS7 is a layered signaling protocol that exchanges messages through the public switched network for call setup, supervision, teardown, and application processing. The SS7 network is a parallel, packet-based network that provides an out-of-band signaling system for the exchange of call control information between network switching offices or intermachine systems. The SURPASS hiQ 8000 currently supports the ANSI and ITU implementations of SS7. Within the SS7 signaling and trunking network, the SURPASS hiQ 8000 acts as a Signaling End Point (SEP). In this role, the SURPASS hiQ 8000 terminates SS7 messages in support of call processing activities and accesses the facilities of Service Control Points (SCPs). It does not forward SS7 messages to other network elements. Figure 4-11 shows SS7 implementation in the SURPASS hiQ 8000. The PCI module, MTP1, and MTP2 layers interface with a compatible Solaris PCI driver. The MTP3 layer is integrated into RTP and an ISUP stack interfaces with SURPASS hiQ 8000 ISUP signaling manager.
A30828-X1121-A807-02-7671, November 2005 4-36 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
Secure Normalized Interface
Universal Call ISUP Signaling Manager Engine (UCE)
ISUP
MTP-3 RTP
SURPASS hiQ 8000 Solaris Platform Solaris-side Driver
PCI Bus
Board-sideBoard Driver - side Driver Active Cluster Node
B A MTP-2 Ulticom OMNI MTP-1 SS7 PCI Board
T1/E1
Max 8 SS7 Links
Figure 4-11 SURPASS hiQ 8000 SS7 Implementation
4.3.5.3 Session Initiation Protocol (SIP) Signaling Protocol The SURPASS hiQ 8000 uses the Session Initiation Protocol (SIP) to control calls between various SIP endpoints. SIP controls connections and calls between various endpoints as follows:
● A SIP endpoint and a SIP Application Server (AS)
● A SIP endpoint and a MGCP endpoint, such as a Trunking Gateway (TGW), a Residential Gateway (RGW), or an Integrated Access Device (IAD)
● A SIP endpoint and a H.323 endpoint. The SURPASS hiQ 8000 supports a Back to Back User Agent (B2BUA) to control the calls between the two SIP endpoints.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-37
Software.fm Software SURPASS hiQ 8000 Call Processing
The SURPASS hiQ 8000 also includes a SIP registrar and SIP location services. The SIP registrar allows SIP endpoints to register with the SURPASS hiQ 8000 and supply the mapping between the contact information and the present location at which that endpoint can be reached. SIP endpoints view the SURPASS hiQ 8000 as a proxy server, and attempt to register themselves. The registration will fail unless endpoint contact information has been entered into the SURPASS hiQ 8000 Oracle database. After registration, session “Invites” will be sent to the SURPASS hiQ 8000. SIP registration is not related to call authentication, although authentication is performed as part of the registration to be used throughout the registration lifetime. Registrations expire and must be refreshed. The SIP location server allows the UCE to perform lookup requests for an E.164 number and returns the current IP address for the corresponding contact. An AS does not register with the SURPASS hiQ 8000 SIP registrar. Instead, the AS is statically provisioned into the SURPASS hiQ 8000 routing database based on service triggering criteria. A service could be triggered by the SURPASS hiQ 8000 receiving a call with a particular dialed number, such as a 1-800 number. In this case, the SURPASS hiQ 8000 simply routes the call to the AS using the SIP protocol. The SURPASS hiQ 8000 SIP functionality is able to address a wide number of SIP network scenarios, as follows:
● Business and residential service delivery to SIP user endpoints
● PSTN gateway for subscriber services delivered via Application/Feature Servers
● Interworking gateway to other media and signaling types, e.g., MGCP, MEGACO, H.323, ISDN PRI, NCS, and TGCP. The SURPASS hiQ 8000 also provides the SIP for Telephone (SIP-T) which is a framework that uses the SIP protocol to transport call signaling managers over TTUD between softswitches located in different zones.
SIP Endpoint Support The Session Initiation Protocol (SIP) is an application layer protocol for the establishment, modification, and termination of conferencing and telephony sessions over an IP network. SIP is part of the overall IETF multimedia data and control architecture. It supports user mobility by proxying and redirecting requests to the user's current location. The SURPASS hiQ 8000 uses SIP for interacting with application servers to provide enhanced voice and IP telephony services and to control connections to SIP endpoints. The SURPASS hiQ 8000 supports the following SIP services:
● Multiple types of call forwarding
● Calling number delivery
● Flexible naming (e-mail address, individual's name, E.164)
A30828-X1121-A807-02-7671, November 2005 4-38 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
● Personal mobility
● Terminal-type negotiation and selection
● Caller and callee authentication
● Blind and supervised call transfer
● Invitations to multicast conferences.
SIP extensively uses the Session Description Protocol (SDP) to convey media capabilities and MIME encoding to facilitate formatting flexibility. SDP is provided transparently without parsing. The SDP Transparency feature allows the SIP SM to forward the received SDP body of the second leg of the call without any modification in the parameters. For SIP to SIP calls, SDP message parsing is not required, still SIPSM need to call the SDP parser and fillout “uceMedisInfo” structure before passing the call request to the UCE. MGCP and other signaling managers will then make use of this information to construct local connection parameters.
SIP Call Examples This section describes two examples of SIP operation. In this example, [email protected] is placing a call to [email protected]. The first example, Figure 4-12, establishes a call using a SIP Redirect Server.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-39
Software.fm Software SURPASS hiQ 8000 Call Processing
The second example, Figure 4-13, establishes a call using a SIP Proxy Server. The calls are placed on a packet network with no PSTN or SS7 interactions.
SIP Location Server
DNS Server (2) martinak
Locate SIP Server (3) [email protected] (using DNS protocol)
(1) INVITE [email protected] (4) 302 Moved Temporarily SIP Contact: [email protected] Redirect Server (5) ACK [email protected] SIP User Agent Client [email protected] (7) "ring" (6) INVITE [email protected]
(8) 200 OK (9) ACK [email protected]
SIP User Agent Client martinak@blue
bebo.com tool.com
Figure 4-12 SIP Redirect Server Call Setup
The message sequence in Figure 4-12 is as follows: 1. An INVITE message from [email protected] which contains his contact information is sent to the SIP Redirect Server. 2. The SIP Redirect Server receives the INVITE message and sends the hostname to the SIP Location Server. 3. The SIP Location Server returns the current address to reach [email protected].
A30828-X1121-A807-02-7671, November 2005 4-40 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
4. [email protected] has moved from her normal location and registered this new information by sending a REGISTER method to the SIP Location Server. The SIP Redirect Server responds to the invitation from [email protected] with a status code of 302, which indicates that [email protected] has temporarily moved to a new address. Her new address is [email protected]. 5. An ACK message from [email protected] acknowledges the SIP Redirect Server’s response, which closes the INVITE transaction. 6. A new INVITE message is sent by [email protected] to [email protected]. 7. The telephone for [email protected] rings. 8. When [email protected] goes off-hook, a 200 OK response is sent to [email protected]. 9. A final acknowledgement message from [email protected] to [email protected] indicates the call has been established. Assuming a normal telephone call is established, an audio real-time transport protocol (RTP) stream flows between the two callers with bearer traffic. The call terminates with a BYE message which releases the call. In Figure 4-13, [email protected] is placing a call to [email protected] using a SIP Proxy Server. The message sequence is as follows: 1. An INVITE message from [email protected] which contains his contact information is sent to the SIP Redirect Server. 2. The SIP Location Server identifies that [email protected] is now [email protected]. 3. The SIP Location Server passes this information back to the SIP Proxy Server. 4. The SIP Proxy Server, acting as a User Agent Server, forwards the INVITE request to [email protected]. 5. The telephone for [email protected] rings and is answered. 6. The User Agent Server for [email protected] sends a status code 200 OK response to the SIP Proxy Server. 7. The SIP Proxy Server sends a status code 200 OK response to the User Agent Client for [email protected]. 8. An acknowledge (ACK) method retraces the path in the opposite direction through the SIP Proxy Server. 9. Another acknowledge method retraces the path to the User Agent Server for [email protected] and closes the call setup signaling.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-41
Software.fm Software SURPASS hiQ 8000 Call Processing
SIP Location Server DNS Server
(2) martinak
Locate SIP Server (using DNS protocol) (3) martinak@blue
(5) "ring" (1) INVITE [email protected] (4) INVITE martinak@blue SIP (6) 200 OK (7) 200 OK Proxy Server (8) ACK [email protected] (9) ACK martinak@blue
SIP SIP User Agent Client User Agent Server [email protected] martinak@blue
bebo.com tool.com
Figure 4-13 SIP Proxy Server Call Setup
4.3.5.4 Gateway Control (MGCP and MEGACO H.248) The SURPASS hiQ 8000 uses MGCP to cross connect TDM-based Inter-Machine Trunks (IMTs) to packet-based IP interfaces on the media gateway. It also uses MGCP to initiate continuity tests (COT), change the properties of an existing connection, terminate local connection, and check endpoint and COT statuses. The media gateway notifies the SURPASS hiQ 8000 of endpoint availability using MGCP.
.MGCP Endpoint Support The Media Gateway Control Protocol (MGCP) is an IP-based telephony protocol typically used between a Media Gateway Controller (MGC) and a Media Gateway (GW) to control connections between a PSTN and VoIP network. Figure 4-14 shows the setup of an MGCP endpoint. The SURPASS hiQ 8000 uses MGCP v1.0 to control access to a variety of native MGCP endpoints, as follows:
● Trunking gateway (TGW)
● Residential gateway (RGW)
A30828-X1121-A807-02-7671, November 2005 4-42 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
● Integrated access device (IAD)
● Cable modem. The SURPASS hiQ 8000 also uses MGCP to control audiocodes MT-200 and TP-400 TGWs for ISUP trunking. The SURPASS hiQ 8000 controlled MGCP RGWs include Netergy Symphony 8x8 and Mediatrix APA III - 4FXS. The SURPASS hiQ 8000 controlled MGCP IADs include Kenetec EdgeXpress 1000 for CAS trunking. The MGCP uses Session Description Protocol (SDP) to convey media information. SDP is provided transparently. To enable SDP Transparency, UCE messages that convey media information between UCE and Signaling Managers are enhanced with new data to transport SDP data transparently. For MGCP, formation of Local Connection Options (LCO) that accommodates multiple codecs and packetization periods are supported. For MGCP devices, the LCO provides the preferred network connection option for the call.
Determine the endpoint ID 1 in hiG 1200 Send MGCP CRCX to hiG 1200 hiQ 8000 Data Path MGCP Endpoint
SS7 IP Network TDM Highway PSTN SCE CPE IPM DXM2 IMTs MGCP MGCP MGCP 2 Redirect Proxy Mgr Server Transcoders hiG 1200 3 4 Receive OMAP OMAP MGCP CRCX Control Path (over TCP) (OMAP XCONN)
Packet Network Voice Circuit
1. The hiQ 8000 receives an initial address message (IAM) from the PSTN and finds the circuit identification code (CIC) to use. 2. The hiQ 8000 determines the endpoint ID in the hiG 1200 and sends the MGCP cross-connect (CRCX) to it. 3. The SCE forwards the MGCP packet to the CPE. 4. The CPE selects the IPM and media channel on the IPM, forwards the MGCP message to the IPM, and sends an Add XCONN OMAP message to the DXM2 and IPM.
Figure 4-14 MGCP Endpoint Setup
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-43
Software.fm Software SURPASS hiQ 8000 Call Processing
4.3.5.5 PacketCable (TGCP, NCS, DQoS) Signaling Protocol The SURPASS hiQ 8000 uniquely addresses the needs of the SURPASS Voice Over Cable solution by integrating the CMS, MGC, and Signaling Gateway functions. The Trunking Gateway Control Protocol (TGCP) provides the PacketCable architecture with the ability to interface with the PSTN. This capability is critical to service providers that intend to deploy and manage voice-capable, high-speed, and bi-directional cable access networks as the existing telephone user community is almost exclusively connected over the PSTN. During the rollout of PacketCable telephony service, almost all calls that are initiated On-Net (e.g. from a PacketCable telephone and access network) terminate Off-Net, on the PSTN. Network-based Call Signaling (NCS) is a profile of the Media Gateway Control Protocol (MGCP) for PacketCable embedded clients. MGCP is a call signaling protocol for use in centralized call control architecture, for relatively simple client devices. The call signaling protocol is one layer of the overall PacketCable suite of specifications and relies upon companion protocol specifications to provide complete end-to-end PacketCable functionality. NCS is embedded Voice-Over-IP client devices in a PacketCable environment. The NCS profile has simplified and, in some cases, modified the base MGCP 1.0 protocol accordingly. Media Gateway Control Interface (MGCI) functions provide for connection control, endpoint control, auditing and status reporting. Each function uses the same system model and naming conventions.
4.3.5.6 H.323 Signaling Protocol The SURPASS hiQ 8000 supports H.323 to implement communication between IP-based telephony endpoints. H.323 provides the combined access of various endpoints (terminals and gateways) to a converged voice network controlled by the SURPASS hiQ 8000. The SURPASS hiQ 8000 supports H.323 v4 with both conventional H.323 and Fast Start Signaling with gateways and endpoints. For conventional H.323, the H.245 control messages are used in conjunction with RAS and H.225 messages. For FastStart, the media control information is carried over H.225 messages. In particular, the SURPASS hiQ 8000 can mediate between conventional H.323 endpoints or FastStart-enabled H.323 endpoints, and the PSTN. The SURPASS hiQ 8000 also provides a standard H.323 gatekeeper function for access to and from the H.323 configuration. The SURPASS hiQ 8000 supports the following H.323 access types:
● H.323 compliant gateways
● H.323 compliant PC clients
● IP phones, such as the Siemens LP5100
● H.323 compliant terminal adapters, such as the Siemens TA1100.
A30828-X1121-A807-02-7671, November 2005 4-44 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
The SURPASS hiQ 8000 provides H.323 signaling entry through the H.323 signaling manager (SM). The H.323 SM handles signaling interworking with external H.323 devices such as H.323 gateways and endpoints. The H.323 SM also enables the SURPASS hiQ 8000 to act as a signaling gateway between a H.323 network and PSTN. The SURPASS hiQ 8000 H.323 SM processes H.225, H.245 Registration, Admission, and Signaling (RAS) messages. H.323 Version 4 provides two new capabilities that are required for interoperability with HG 3550 v2: Parallel Fast Connect and Third Party Pause and Reroute. Parallel Fast Connect provides for tunneling of H.245 Terminal Capability Set (TCS) and Master Slave Determination (MSD) messages within the H.225 SETUP message. H.245 tunneling is implemented within the H.323 Signaling Manager using Trillium v1.3 capabilities. Third Party Pause and Reroute (TPPR) provides for suspension, resumption, and redirection of media session(s) within the context of a single H.225 call. This procedure is also implemented within the H.323 Signaling Manager to provide for hold/resume, transfer, and related features. Recent enhancements to H.323 include the implementation of annexes and a new H-series standard to improve the H.323 protocol suite. Table 4-4 describes the new H.323 annexes.
Annex Name Description E Call Control over TTUD Specifies that call control is done over TTUD without the full feature negotiation transactions required by earlier H.323 versions. By not requiring socket connections, TTUD provides improved scalability and avoids TCP back-off timers that can be unacceptably long. F Simple Ethernet Terminal Allows a minimally featured IP telephone to be defined based on the “fast connect” H.323 profile. This annex eliminates the need for an ASN.1 compiler and it is fully compatible with H.323 Versions 1 and 2. G Inter-domain Allows the deployment of larger H.323 networks by Communications defining domains with numerous H.323 Gatekeeper Zones. This annex includes the ability to hide information within domains to facilitate keeping confidential information private. J H.235 (module within the Computes a value (using a password) for all incoming H.323 layer) and outgoing messages to maintain and validate the authentication and integrity of a given message. Table 4-4 H.323 Annex Enhancements
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-45
Software.fm Software SURPASS hiQ 8000 Call Processing
Annex Name Description M1 NQ/QSIG Message Tunnels QSIG / CorNet-NQ v2.4 messages between Tunneling the hiPath 4000 and SURPASS hiQ 8000 systems for various interworking features. Table 4-4 H.323 Annex Enhancements
NQ/QSIG Tunneling CorNet NQ and/or QSIG Protocol (NQ/QSIG) uses H.323 standard communications between the hiPath 4000 Communications Server (hiPath 4000) via the HG-3550 Version 2 Gateway (HG 3550) to interoperate with the SURPASS hiQ 8000. Primarily, this link is accomplished using SURPASS hiQ 8000 H.3232 stack (version 1.3) and the H323 Signaling Manager. H.3232 standards applicable to this interface include H.323 Version 4, H.225.0, H.235, and H.245.
NQ/QSIG functionality is also known as Annex M1.
This feature provides interworking between the SURPASS hiQ 8000 system and the hiPath 4000 system using H.323 signaling to provide the following:
● H.235 authentication and integrity of signaling
● H.323 Version 4 capabilities between the HG 3550 Trunking Gateway in the hiPath 4000 and the SURPASS hiQ 8000 softswitch (including FastStart, Parallel Fast Connect, and Third-Party Pause and Reroute capabilities)
● Tunneling of QSIG / CorNet-NQ v2.4 messages between the hiPath 4000 and SURPASS hiQ 8000 systems for:
● Basic Call, including support of H.323 endpoint as transferred and transferred-to party
● Calling, Called, Alerting, and Connected name and number identification
● Carrier Identification Code (CIC) exchange
● Conference notification (both directions).
H.323 Endpoint Support H.323 is a proposed standard for communication with IP-based telephony endpoints. It allows combined access of various endpoints (terminals and gateways) to the converged voice network controlled by the SURPASS hiQ 8000 gatekeeper. H.323 uses Session Description Protocol (SDP) to convey media capabilities.
A30828-X1121-A807-02-7671, November 2005 4-46 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software SURPASS hiQ 8000 Call Processing
SDP is provided transparently for H.323 endpoints. To support the SDP Transparency feature, the H.323 Signaling Manager (H323SM) must map the H.245 messages to SDP messages and vice versa. The feature requires H323SM to map the SDP messages to H.245 messages for an interworking call with H.323 as the B-side, and to map the H.245 messages to SDP message for an interworking call with H.323 as the A-side. However, for each and every A-side call, the H323SM must map the H.245 messages for SDP messages, as it is not known, at this stage, if it is an interworking call or not. Table 4-5 describes the main terms associated with the H.323 standard.
H.323 Term Description Terminal An H.323 endpoint made up of a user and audio/video I/O. Gatekeeper Controls usage of the network and performs address translation and other services. Gateway Enables H.323 terminals to connect to ITU terminals on ISDN, POTS, and other types of networks. Multipoint Controller Provides centralized control for a conference of three or more terminals or gateways. Multipoint Control Unit Provides audio and/or video processing for a conference. Table 4-5 H.323 Terms The SURPASS hiQ 8000 provides a standard H.323 gatekeeper function in a carrier Integrated Services Digital Network (ISDN) for access to and from the H.323 configuration. The SURPASS hiQ 8000 supports the follwing access types:
● H.323 compliant gateways
● H.323 compliant PC clients
● IP phones, such as the Siemens LP5100, which is a phone handset with an Ethernet connection compliant with H.323
● Terminal adapters, such as the Siemens TA1100, which is an H.323-compliant adapter that connects “black” phones to an Ethernet port and provides the line supervision and signaling normally provided by the central office switch.
4.3.5.7 Channel Associated Signaling (CAS) Signaling Protocol Channel Associated Signaling (CAS) is the transmission of signaling information within a voice channel. CAS trunking is terminated and translated to MGCP on the SURPASS hiG 1200/1100 and backhauled to the SURPASS hiQ 8000 using MGCP. CAS DTMF interfaces for PBX and IAD accesses and CAS MF interfaces for operator services, directory assistance, and E911 are supported.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-47
Software.fm Software SURPASS hiQ 8000 Call Processing
CAS Endpoint Support Channel Associated Signaling (CAS) provides inband signaling with voice channels for CAS endpoint access. The SURPASS hiQ 8000 controls access to CAS endpoints, such as analog PBX and channel banks, through the media gateway. In CAS signaling, DS0 channel states are encoded in bits and transmitted on the trunks in the following two ways:
● CAS T1 trunks — A technique called robbed-bit signaling (RBS) is used. A single bit in every DS0 bearer channel is taken from every sixth frame and used to carry signaling information. The robbed bit in frames that are odd multiples of six is termed the A bit. The robbed bit in frames which are even multiples of six is termed the B bit.
● CAS E1 trunks — A DS0 carries the signaling bits for all channels in a bit-to-channel mapped format. Each frame, except the first, carries a 4-bit signaling payload for two DS0s. This requires 15 frames to deliver the signaling information for the 30 DS0 bearer channels. CAS supports Emergency Service for the U.S. Market where the SURPASS hiQ 8000 acts as an End Office receiving E911 calls via MGCP (either from an IAD or trunk gateway) or via SIP signaling from an application server and routes the call to a tandem switch that has the connection to the emergency service bureau via CAS signaling over a trunk group dedicated to E911 service. The SURPASS hiQ 8000 uses TGCP to control the trunk gateway with the CAS 911 trunk. In the SURPASS hiQ 8000, CAS supports the termination of ISUP trunk-originated CAS lines and trunk calls. Calls are routed from the PBX using voice switched virtual circuits (SVCs). Once you create the CAS lines, one or more of the CAS lines can be assigned to a hunt group. Also, you can mix ISDN and CAS objects in a single hunt group. A CAS group profile is assigned to the CAS trunk groups.
4.3.5.8 ISDN PRI Signaling Protocol To support ISDN PRI call control, ISDN signaling information (one or more DS1 facilities - up to 20 DS1s for NFAS) is passed through the D channel (B-channels too) on the PRI terminated at the media gateway (i.e., SURPASS hiG 1200, SURPASS hiG 1100) and relayed to the SURPASS hiQ 8000. This allows the media gateway to handle the bearer information and the SURPASS hiQ 8000 to handle the signaling. The OMAP protocol backhauls the D-channel signaling information from the media gateway to the SURPASS hiQ 8000 via TCP/IP transport. The OMAP backhaul capability within the SURPASS hiQ 8000 consists of the OMAP Message Dispatcher and the OMAP signaling manager (SM). The OMAP Message Dispatcher receives the OMAP messages from the SURPASS hiG 1200/1100 and passes them to the OMAP SM and vice versa. The OMAP SM converts the OMAP call control external messages to UCE call control messages and vice versa.
A30828-X1121-A807-02-7671, November 2005 4-48 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Application Support with the SURPASS hiG 1200/1100
ISDN PRI Endpoint Support The SURPASS hiQ 8000 works with the SURPASS hiG 1200/1100 media gateway to provide access to ISDN PRI (Integrated Services Digital Network/Primary Rate Interface) endpoints such as ISDN PBX, Remote Access Server (RAS), and ISP modem pools. This is implemented using a proprietary ISDN backhaul interface between the media gateway and the SURPASS hiQ 8000. On demand from the gateway or at provisioning time from the GUI, the hiG data download capability extracts relevant ISDN configuration data from hiG shared memory. It then sends the ISDN configuration data to the SURPASS hiG 1200/1100 using the OMAP (Operations, Maintenance, and Administration Part) protocol over TCP/IP.
4.3.5.9 POTS Endpoints Plain Old Telephone Service (POTS) is the standard telephone service today. A next- generation switch must be able to support connections between POTS endpoints. A POTS endpoint, such as a POTS phone, is physically connected to a PSTN end office switch such as a Class 5 switch, a PBX, a Residential Gateway (RGW), or an Integrated Access Device (IAD). The SURPASS hiQ 8000 supports connections to POTS endpoints by interworking with the PSTN switch, RGW, and IAD directly. It interworks with a PBX indirectly through the media gateway (i.e., SURPASS hiG 1200, SURPASS hiG 1100). POTS endpoints use a variety of signaling protocols depending on where the call is going. For connections to POTS endpoints, the SURPASS hiQ 8000 uses SS7 signaling to interact with the PSTN switch. It uses MGCP signaling to interact with the RGW and IAD. For POTS connections to a PBX, the SURPASS hiQ 8000 uses MGCP to manage the connections between the SURPASS hiG 1200/1100 and PBX through Channel Associated Signaling (CAS) trunks.
4.4 Application Support with the SURPASS hiG 1200/1100
4.4.1 IP Virtual Trunking Features
IP Virtual Trunking provides a VoIP backbone solution. It converts circuit-oriented voice streams into packet data streams and vice versa to establish virtual trunks through an IP data network. Figure 4-15 shows the SURPASS hiQ 8000 VoIP trunking network architecture.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-49
Software.fm Software Application Support with the SURPASS hiG 1200/1100
(to another hiQ 8000/feature server)
SIP hiQ 8000
SS7 IP SS7
MGCP
IMTsVoIP IMTs End Office End Office RTP hiG 1200 hiG 1200 PSTN
Figure 4-15 SURPASS hiQ 8000 VoIP Trunking Network Application
4.4.1.1 Quality of Service Features To enable efficient IP virtual trunking, collective processing is performed for each voice path within the SURPASS hiG 1200/1100. This includes voice compression and decompression, encoding and decoding, queuing, silence suppression, echo cancellation, tone detection, and Real-Time Transport Protocol (RTP) packetization. The next sections describe the IP virtual trunking Quality of Service (QoS) features.
Delay and Jitter Management The SURPASS hiQ 8000/SURPASS hiG 1200/1100 platform makes voice QoS acceptable for the IP virtual trunking application. Delay is carefully allocated among coding, packetization, queuing, and play-out so that the maximum ingress/egress delay is controlled within an acceptable range. The QoS parameters (codec, packetization period, ToS, echo cancellation, resource reservation, and silence suppression) are provisioned on the SURPASS hiQ 8000. These QoS parameters are populated to the SURPASS hiG 1200/1100 through MGCP. For the VoIP trunking application, the ingress SURPASS hiG 1200/1100 performs silence suppression and encoding; the egress SURPASS hiG 1200/1100 performs jitter buffer management and decoding. At the ingress SURPASS hiG 1200/1100, silence suppression does not introduce delay but allows for higher bandwidth utilization through multiplexing.
A30828-X1121-A807-02-7671, November 2005 4-50 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Application Support with the SURPASS hiG 1200/1100
In the case of G.729, the delay internal to the SURPASS hiG 1200/1100 is estimated as follows:
● Encoding or decoding delay (5 ms)
● Packetization delay (10 ms)
● Queuing and service delay (10 — 15 ms)
● Jitter buffer management delay adapted to minimum size (20 — 30 ms).
The total ingress SURPASS hiG 1200/1100 delay is about 25 — 30 ms; the total egress hiG 1200/1100 delay is 45 — 60 ms. The actual delay introduced by the hiG 1200/1100 depends on the codec used and is measured as follows:
● G.711 coding — 65 ms (with 20 ms speech per packet)
● G.729A/B coding — 80 ms (with 10 ms speech per packet)
● G.723.1 coding — 95 ms (with 10 ms speech per packet) The SURPASS hiG 1200/1100 IPM module supports an adaptive jitter buffer of up to 150 ms. It provides jitter buffer management that automatically adjusts to changes in IP network delay. This minimizes overall voice transport delay.
Echo Cancellation A concern of the VoIP trunking application is the degradation of voice quality due to delay and jitter. Another issue is echo when it compounds with delay. For example, up to 150 ms one-way transmission delay is acceptable only for connections with adequate echo control. If round-trip delay is more than 30 ms, echo can affect voice quality. The SURPASS hiG 1200/1100 supports up to 30 ms of echo cancellation at full channel density. It can support up to 60 ms of echo cancellation with reduced channel density. Echo cancellation is provisioned at the SURPASS hiQ 8000 on a per ISUP trunk group basis. The SURPASS hiG 1200/1100 controls silence suppression and comfort noise generation on a per call basis via MGCP from the SURPASS hiQ 8000. The SURPASS hiQ 8000 allows for an on/off choice of these operations on the SURPASS hiG 1200/1100.
Compression The SURPASS hiG 1200/1100 supports multiple codecs to enhance interworking between media gateways. This includes G.711, G.723.1, G.729A, and G.726. All codecs (excluding G.711) involve some form of voice compression. The benefit of voice compression is that it reduces the bandwidth required to transmit voice packets through the VoIP channel. The SURPASS hiQ 8000 specifies the codec algorithm(s) upon call setup through MGCP messages. The SURPASS hiG 1200/1100 performs realtime, bidirectional transcoding of audio signals between TDM and IP packet interfaces.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-51
Software.fm Software Application Support with the SURPASS hiG 1200/1100
TOS and DSCP The SURPASS hiQ 8000 employs both TOS (Type of Service) and DSCP (Differentiated Service Code Point) TOS when provisioning its QoS policies. Type of Service (TOS) and Differentiated Service (DiffServ) are byte indicators that are used in network routing to aid in priority controls. Each is a network-specific setting that is passed as part of the packet header to the routers for their use. TOS or DIFFSERV is used by Hosts and Routers to differentiate between different traffic flows and treat them accordingly (i.e., High Priority QoS vs. Low Priority QoS). These settings can be used to determine how packets can be discarded during periods of congestion. They also allow voice traffic and signaling to be treated as high priority.
Type of Service (TOS) and Precedence Because the Internet cannot optimize the path for a particular application or user, the IP protocol provides a limited facility for upper layer protocols to convey information to the Internet Layer about how the tradeoffs should be made for the particular packet. This facility is the "Type of Service" facility. Routing protocols (e.g., OSPF - Open Shortest Path First) have been developed which can compute routes separately for each type of service. These routing protocols make it practical for routers to consider the requested type of service when making routing decisions. Setting the TOS field is intended to give better service when it is available, rather than to deny service when it is not. Applications are responsible for choosing appropriate TOS values for any traffic they originate. It is essential for applications to have the capability to override the TOS value(s) which the application would otherwise choose. The use of the Delay, Throughput, and Reliability indications may increase the cost (in some sense) of the service. In many networks better performance for one of these parameters is coupled with worse performance on another. Except for very unusual cases at most two of these three indications should be set. NOTE: The Network Control precedence designation is intended to be used within a network only. The actual use and control of that designation is up to each network. The Internetwork Control designation is intended for use by gateway control originators only. If the actual use of these precedence designations is of concern to a particular network, it is the responsibility of that network to control the access to, and use of, those precedence designations.
Differentiated Services The differentiated services architecture is based on a simple model where traffic entering a network is classified, conditioned at the boundaries of the network, and assigned to different behavior aggregates. Each behavior aggregate is identified by a single Differentiated Services Code Point (DSCP). Within the core of the network, packets are forwarded according to the per-hop behavior (PHB) associated with the DSCP.
A30828-X1121-A807-02-7671, November 2005 4-52 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Application Support with the SURPASS hiG 1200/1100
Services can be constructed by a combination of the following:
● setting bits in an IP header field at network boundaries (autonomous system boundaries, internal administrative boundaries, or hosts)
● using those bits to determine how packets are forwarded by the nodes inside the network
● conditioning the marked packets at network boundaries in accordance with the requirements or rules of each service. The codepoint contained in a DS field in the IP packet header is mapped to a particular forwarding treatment, or per-hop behavior (PHB), at each network node along its path. PHB is the way packets of a classification will be queued, forwarded, and considered for discard during congestion, as compared to other packets of other streams routed through the node. Differentiated Services defines a replacement header field, called the DS field.
Signaling TOS in the SURPASS hiQ 8000 When signaling packets traverse the carrier’s IP network, the core and access routers will use the DS Field or TOS Field settings to determine priority and precedence during queuing and forwarding. The carrier will control the value of the field via NetManager iNMC or CLI provisioning. In V10.0, Systemwide Signaling Quality of Service is performed by the provisioning either TOS or DSCP to the following signal managers:
● NCS, originating from the hiQ 8000 and destined for the eMTA
● MGCP, originating from the hiQ 8000 and destined for the Media Gateway
● TGCP, originating from the hiQ 8000 and destined for the PSTN Trunk Gateway
● DQoS, originating from the hiQ 8000 and destined for the CMTS
● SIP, originating from the hiQ 8000 and destined for a SIP endpoint (interswitch SIP endpoint, SIP-based media server, SIP soft-client endpoint or SIP phone endpoint)
Bearer TOS in the SURPASS hiQ 8000 Similar to Signaling TOS, Bearer packets crossing the IP network need to receive priority and precedence during queuing and forwarding. Bearer TOS is configured for each subscriber and can vary greatly depending upon the desired traffic. The following are SURPASS hiQ 8000 components that define Bearer TOS:
● Network components provisioned by iNMC/CLI: – ISDN Call Profiles (TOS only) – Retailer Profiles (TOS only).
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-53
Software.fm Software Application Support with the SURPASS hiG 1200/1100
● Subscriber components provisioned by iSMC: – QoS Profile (Contains both TOS and DSCP) – Endpoint Profile (Contains both TOS and DSCP).
RTP and RTCP The Real-Time Transport Protocol (RTP1) channel carries voice data across IP networks. The SURPASS hiG 1200/1100 uses RTP for VoIP to ensure that voice data reaches the correct destination. The SURPASS hiG 1200/1100 uses the Real-Time Transport Control Protocol (RTCP) to pass session information between the SURPASS hiG 1200/1100 involved in a VoIP call. The RTCP uses a separate session than the RTP sessions. Figure 4-16 describes the process for setting up RTP streams.
1. Not to be confused with RTP (Resilient Telco Protocol).
A30828-X1121-A807-02-7671, November 2005 4-54 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Application Support with the SURPASS hiG 1200/1100
IAM hiQ 8000
3 2 1 R1 R2 E1 IMTs E2 IMTs IP E3
hiG 1200-1 hiG 1200-2
E2 E3 128.128.1.2 192.10.10.10 Source UDP: xxxx Source UDP: yyyy Destination IP: 192.10.10.10 Destination IP: 128.128.1.2 Destination UDP: yyyy Destination UDP: xxxx
Step 1: y The hiQ 8000 requests a connection between the IPM module and the IMT DS0 on hiG 1200-1. y The IPM selects the media channel, determines the IP address (128.128.1.2), and selects the UDP source port number (xxxx) from a range of available numbers. y The IPM returns an acknowledgement to the hiQ 8000 (via CPE/SCE) and passes the IP address/UDP source port information. Step 2: y The hiQ 8000 requests a connection between the IPM and the IMT DS0 on hiG 1200-2 and passes the IP address/UDP port of hiG 1200-1 to hiG 1200-2. y The IPM on hiG 1200-2 selects a media channel, determines the IP address (192.10.10.10), and selects the UDP source port number (yyyy) from a range of available numbers. y The IPM on hiG 1200-2 returns an acknowledgement to the hiQ 8000 (via CPE/SCE) and passes the IP address/UDP source port information. Step 3: y The hiQ 8000 modifies the existing connection on hiG 1200-1 and passes the IP parameters of hiG 1200-2. y Both hiG 1200-1 and hiG 1200-2 can now send VoIP packets either way.
Figure 4-16 RTP Stream Setup
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-55
Software.fm Software Application Support with the SURPASS hiG 1200/1100
4.4.2 PBX Access
A Private Branch Exchange (PBX) is the typical telephone system for large organizations. As a telephony system, it is a resource-sharing system that provides the ability to access dial tone and outside trunks to the end user. The SURPASS hiG 1200/1100 and hiQ 8000 can access an analog PBX through the CAS interface and a digital PBX through the PRI or H.323 interface as shown in Figure 4-17.
hiQ 8000
SS7
H.323
hiG 1200
MGCP H.323 SS7 IMT Gateway IP Network
PRI PRI CAS Trunk
ISDN PBX
DACS or Channel Bank
Tie Lines
Analog PBX
Figure 4-17 SURPASS hiG 1200/1100 and hiQ 8000 PBX Access Network
A30828-X1121-A807-02-7671, November 2005 4-56 SURPASS hiQ 8000, Theory of Operations Guide
Software.fm Software Application Support with the SURPASS hiG 1200/1100
The SURPASS hiG 1200/1100 accesses an analog PBX through the CAS interface on the DXM2 module. The analog lines from the analog PBX consist of individual DS0s. These analog lines travel through a channel back or a 3/1/0 DACS (Digital Access and Cross-Connect System) prior to delivery to the SURPASS hiG 1200/1100. The DXM2 recognizes the in-band CAS, sends a dial tone, and interrupts DTMF tones from the PBX. It then forwards the signaling information and collected digits to the SURPASS hiQ 8000 for call processing. The SURPASS hiG 1200/1100 accesses a digital PBX through the ISDN PRI interface. The ISDN signaling information is backhauled to the SURPASS hiQ 8000 for call processing. The SURPASS hiQ 8000 uses H.323 to control access to a digital PBX through a H.323 gateway.
4.4.3 Integration with Media Gateway
The following features ensure integration of the SURPASS hiQ 8000 with the SURPASS hiG 1200/1100s from an OAM&P perspective:
● Startup and Shutdown of SURPASS hiG 1200/1100s — The SURPASS hiQ 8000 enables startup and shutdown of the SURPASS hiG 1200/1100s using MGCP Restart In Progress (RSIP) messages. When the MGCP Connection Control Manager (CCM) receives a RSIP message from a media gateway, the softswitch routing capability records the media gateway endpoint operating status change. When a network operator adds, deletes, or modifies a SURPASS hiG 1200 via the CLI interface or iNMC, the MGCP CCM receives corresponding request messages from the routing configuration management capability within the SURPASS hiQ 8000. The MGCP CCM retrieves the media gateway data from the database and updates its local data for the gateway when a gateway is added or modified. When a gateway is deleted, the MGCP CCM deletes the local data for that gateway.
● ISDN Data Download to SURPASS hiG 1200/1100 — The SURPASS hiQ 8000 has an ISDN configuration data download capability. It extracts the relevant ISDN configuration data from the ISDN configuration database and downloads the data to the SURPASS hiG 1200/1100s through the OMAP interface. The SURPASS hiG 1200/1100 uses the ISDN configuration data received from the SURPASS hiQ 8000 for call processing. ISDN configuration information can be provided statically in the configuration of the SURPASS hiQ 8000. The ISDN Configuration Download Manager (CDM) acts as an interface between the SURPASS hiQ 8000 database representation of this information and the dynamic operation of SURPASS hiG 1200/1100 modules. ISDN data may be sent or received from the SURPASS hiQ 8000 to the SURPASS hiG 1200/1100. The Routing and Trunking Manager (RTM) sends provisioned ISDN data to the CDM for downloading to the SURPASS hiG 1200/1100. When rebooted, the SURPASS hiG 1200/1100 requests downloading of this data to the CDM. The CDM does this provisioning with OMAP-formatted messages via client socket connections to SURPASS hiG 1200/1100 gateways.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 4-57
Software.fm Software Application Support with the SURPASS hiG 1200/1100
● CDR Compatibility — The CDRs generated by the SURPASS hiQ 8000 follow the same format as that of the SURPASS hiG 1200/1100 switches. This ensures the consistent handling of CDRs by an external billing server such as Telesciences.
● Compatibility of Element Management — The SURPASS hiQ 8000 and SURPASS hiG 1200/1100s are managed under the common NetManager iNMC application.
A30828-X1121-A807-02-7671, November 2005 4-58 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security Network Security
5Security
The Security Concept within the SURPASS hiQ 8000 is based on a layered approach. The first layer of security is the network design that separates bearer, signaling, and OAM&P traffic from each other and from other traffic on the network. The second layer of security is the support for integrated end-to-end secure interfaces within the SURPASS equipment itself. This chapter describes the different levels of security found in the SURPASS hiQ 8000 network, interfaces, and product.
5.1 Network Security
5.1.1 Layer 1 — Network Design
The first layer of defense is a proper network design such that it separates the bearer, signaling, and OAM&P traffic from other traffic on the network. This is done by using separate Ethernet links upon which specific signaling traffic can be directed. The signaling network needs to be further protected by the use of border gateway (also known as a firewall) elements that isolate the end user signaling from the core signaling network. These border gateway elements must be VoIP aware (with either a VoIP firewall or a VoIP specific gateway device).
5.1.2 Layer 2 — IPsec
The second layer of defense is the integrated IPsec and Packet Filter mechanisms provided within the SURPASS hiQ 8000 itself. The Packet Filter (IPsec BYPASS) option is available. Generic support for IPsec encryption of any signaling interface will be available in V10.0. Network-based secure VPNs may be used in the interim for encrypted signaling. When IPsec is configured for a protocol, the SURPASS hiQ 8000 will accept that protocol without IPsec protection (IPsec BYPASS) only from those nodes that are provisioned into a ‘white list’. In this case, a white list is a list of approved or trusted addresses. For subscriber access, this white list will typically be provisioned for the subnet or range of addresses for subscriber access. The white list may also be provisioned at an individual IP address level.
5.1.3 Additional SS7 Gateway Security
The SURPASS hiQ 8000, with its integrated SS7 gateway, isolates the SS7 gateway functionality from the IP network. This provides protection from attacks against the SS7 network, especially against stand-alone SS7 gateway elements connected to the IP network. In the SURPASS solution, IP messages are not sent to the SS7 gateway for conversion to SS7. Instead, access to the SS7 network is through the SURPASS hiQ 8000 call routing functions. There is no direct access to the SURPASS hiQ 8000 SS7 gateway functions from the IP network.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-1
Security.fm Security Interface Security
5.1.4 Border Gateway/Firewall Security
The typical network scenario will have a border gateway/firewall between the carrier network and the enterprise network to protect the carrier network and, when Network Address Translation (NAT) is used, to hide the configuration of the service provider’s network from the outside world. The firewall/NAT function needs to be VoIP aware to properly handle traffic within a VoIP environment. VoIP traffic has the following characteristics:
● uses dynamic ports
● declares where to send media to (IP address/Port number)
● embeds IP addresses in payload
● bi-directional.
5.2 Interface Security
5.2.1 Direct Craft Interface
The SURPASS hiQ 8000 has direct Telnet and FTP interfaces. The NetManager iNMC is implemented on a Solaris or Windows platform. While the iNMC application itself does not support a direct Telnet or FTP interface, Telnet and FTP are needed to manage the servers on which the iNMC application resides. The first layer of security for these interfaces is again the network design that separates management traffic from other traffic on the network. The SURPASS hiQ 8000 and iNMC platforms implement a second layer of security via Secure Shell. OpenSSH is configured on the SURPASS hiQ 8000 and iNMC platforms to provide the security for the direct CLI and SFTP interface to the SURPASS hiQ 8000 and iNMC servers. The iNMC application, itself, is not configured to use OpenSSH, which can only protect TCP traffic. The iNMC application is configured to protect both SNMP (UDP) and FTP (TCP) traffic with its managed network elements via IPsec.
A30828-X1121-A807-02-7671, November 2005 5-2 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security Interface Security
Figure 5-1 illustrates the interface security in a SURPASS hiQ 8000 network scenario.
Figure 5-1 SURPASS Interface Security
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-3
Security.fm Security Interface Security
Table 5-1 provides a listing of the protocols and usages for each interface partner illustrated in Figure 5-1.
SURPASS hiQ 8000 Protocol Comments / Usage Interface Partner (1) hiQ Cluster partner Remote Shell (RSH) and RTP (create, delete), upgrade, SS7 node Remote Copy (RCP) subagents, etc. (2) Craft Access SSH (Telnet) via Terminal Server to hiQ console port (serial port) (3) Craft-IP Access SSH/SFTP (CLI) Telnet is used for OAM&P and mass provisioning. FTP is used for SW download, patching, debugging, etc. (4) iNMC IPsec (SNMP/FTP) SNMP is used for alarming, maintenance, service and performance data. FTP is used for backup and restore. (4) iSMC IPsec (XML/HTTP) SOAP 1.1 (4) iSSC IPsec (XML/HTTP) SOAP 1.1 (4) Billing Server IPsec (FTP) hiQ 8000 pushes, Billing Server pulls. This port accepts requests only from the billing server. (4) CAP Server IPsec (CSTA III, XML) IPsec will be used to secure the CSTA III, XML data between CAP and the hiQ8000 CSTA Manager. HTTPS is used between the ComAssistant application and a web browser. (5) Endpoint Devices SIP (Digest e.g., optiPoint 400, Pingtel SIP and Softclients Authentication) telephones and Sigma Client Optional TLS when over TCP (5) IP Unity Server SIP/MGCP IVR, Messaging, Conference Optional TLS Optional IPsec (future) 1) hiQ 8000 Cluster: Pair of directly connected cross-links for cluster communication 2) Craft Console: Serial craft console port accessible via Terminal Server. 3) Craft-IP Console: Redundant Ethernet port pair for craft IP access 4) OAM&P: Redundant Ethernet port pair for NMC, iSSC, iSMC, Billing Server, CAP Server 5) Signaling: Redundant Ethernet port pair for signaling (e.g., SIP, H.323) 6) Media Stream: Direct RTP connection between IP endpoints and media gateways. Table 5-1 SURPASS Solution Interface Partners (Sheet 1 of 2)
A30828-X1121-A807-02-7671, November 2005 5-4 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security Interface Security
SURPASS hiQ 8000 Protocol Comments / Usage Interface Partner (5) hiG1200 Media GW MGCP/MEGACO/TGCP/ NCS Optional IPsec (future) (5) hiG1200 Media GW OMAP ISDN PRI signaling TCP/IP ISDN PRI configuration data (5) Other Media MGCP/MEGACO/TGCP/ e.g., for PacketCable environment Gateways NCS Optional IPsec (5) Other hiQ 8000s/ SIP-T / SIP Inter-Machine Trunks SoftSwitches Optional TLS Optional IPsec (future) (6) Media Stream RTP RTP media stream does not pass through HiQ Other Interfaces (not shown in Figure 5-1) hiQ-MTA (NCS) IPsec/Kerberos PacketCable only hiQ-CMTS COPS IPsec/IKE PacketCable only hiQ-MG TGCP IPsec/IKE PacketCable only hiQ-RKS IPsec/IKE PacketCable only
hiQ-DF (CALEA) IPsec/IKE PacketCable only
1) hiQ 8000 Cluster: Pair of directly connected cross-links for cluster communication 2) Craft Console: Serial craft console port accessible via Terminal Server. 3) Craft-IP Console: Redundant Ethernet port pair for craft IP access 4) OAM&P: Redundant Ethernet port pair for NMC, iSSC, iSMC, Billing Server, CAP Server 5) Signaling: Redundant Ethernet port pair for signaling (e.g., SIP, H.323) 6) Media Stream: Direct RTP connection between IP endpoints and media gateways. Table 5-1 SURPASS Solution Interface Partners (Sheet 2 of 2)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-5
Security.fm Security Interface Security
5.2.2 Application Interfaces
IPsec with IKE and pre-shared keys are currently supported. IPsec security is provided for the following SURPASS hiQ 8000 interfaces:
● iNMC via SNMP and FTP
● iSMC via SOAP
● SSC via SOAP. The SURPASS hiQ 8000 provides secure command-line and file-transfer interfaces using SSH (secure shell) and SFTP (Secure FTP).
5.2.3 GUI Interfaces
The iNMC GUI interface is provided by client software that interfaces to the iNMC server via a CORBA interface. This CORBA interface is protected by IPsec. The iSMC supports a web based GUI interface and the user client is a standard web browser. This interface is protected by HTTPS. The iSSC also supports a web based GUI. Since the iSSC is a toolkit rather than a product, the security for the client interface is provided by the web portal that the iSSC is integrated with. It is recommended that the web portal will protect this interface with HTTPS.
5.2.4 Billing Server Interface
The interface between the SURPASS hiQ 8000 and the billing server uses FTP to transfer CDR information. IPsec represents a common security solution for protecting CDR transfer for all of the elements in the SURPASS solution and will be used consistent with the SURPASS security concept to protect machine to machine interfaces with IPsec. IPsec with IKE and pre-shared keys is supported for machine to machine FTP interfaces. The billing server must be installed on a machine with IPsec.
A30828-X1121-A807-02-7671, November 2005 5-6 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security Remote Access to the SURPASS hiQ 8000
5.3 Remote Access to the SURPASS hiQ 8000
Since craft access must be possible from any machine connected to the customer network with access to the SURPASS hiQ 8000, a purely machine-based SSH interface cannot be implemented. Instead the SSH connection must be based on the craft identity. At installation a key pair is created for the SURPASS hiQ 8000 and the SURPASS hiQ 8000 is provisioned with the userids of all crafts allowed to access the SURPASS hiQ 8000. During an SSH user login into the SURPASS hiQ 8000, its public key is returned, which is checked by the craft machine to ensure that the craft is communicating with the right SURPASS hiQ 8000. Then the craft provides the SURPASS hiQ 8000 with its userid and password encrypted with the public key of the SURPASS hiQ 8000. For this to function the craft machine must support SSH.
5.4 User Management Security
5.4.1 Command Line Interface (CLI)
In the SURPASS hiQ 8000, each craft person will have his/her own unique OS level user account. After logging in on the OS level under a user ID different from that used by RTP, the craft person then executes a command to change to the RTP login. Using a predefined user ID, the craft person authenticates on the RTP CLI level and starts the CLI.
5.4.1.1 OS User Management The SURPASS hiQ 8000 provides multiple layers of login authorization. The customer’s System Administrator provisions classes or levels of authorization for craft personnel. These classes of authorization allow users to be restricted to viewing of, or to limit their access to, data for the areas they are responsible for maintaining.
5.4.1.2 RTP User Management The RTP implements its own user management, i.e., creation, modification and deletion of users, password handling, handling of privileges, etc., and is completely managed by the management function API. RTP also controls the user access to the management functionality (user identification and authorization). The CLI requires a user profile for all users who access the SURPASS hiQ 8000. A user with administrator privileges creates the user profiles. Each user is assigned exactly one role containing a list of privileges. Roles can be shared by several users thus making it easy to modify the list of privileges for a group of users at once. RTP has several pre-installed roles and users.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-7
Security.fm Security User Management Security
The components and privileges of a user profile depend on the platform. Table 5-2 lists the user profile components.
User Name A minimum length of 1 character. Maximum length of 36 characters. Password A minimum length of 8 characters. Maximum length of 36 characters. Privilege Determines the access level that a user is granted. The privileges are: ● stdop — Read only access. This is the standard administrator of the end customer. ● maxcust — Read/write access. This is the maximum authorization level for clients. ● maxint — Read/write access. This is the maximum authorization level for RTP integrators. ● super — This is for Siemens internal use only. Table 5-2 SURPASS hiQ 8000 RTP CLI User Profile Components User passwords employ the strong encryption features of the Triple DES or DESede algorithm of the Sun Java Cryptography Extension (JCE) 1.2.1.
5.4.2 NetManager iNMC
From the iNMC Main screen, you can access the user management feature. It allows you to manage iNMC security by creating iNMC users, each of which has the following properties and characteristics:
● Unique user name and password
● One or more assigned node groups, indicating the devices to which the user has management and/or viewing access
● One or more assigned access profiles, indicating the objects and iNMC tools to which the user has read/write, read only or no access. For more information on iNMC User Management, refer to the SURPASS hiQ 8000 NetManager iNMC Tools and Utilities Guide.
5.4.2.1 Node Groups Node groups define sets of devices to which iNMC users have viewing and/or management access. You assign node groups to access profiles to associate access to groups of devices. Then, you assign access profiles to iNMC users, thereby limiting the management and viewing access of these users to only the node groups included in their assigned access profiles.
A30828-X1121-A807-02-7671, November 2005 5-8 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security User Management Security
5.4.2.2 Access Profiles Access profiles are created to define the privileges, node groups, and inactivity timer for each iNMC user. If desired, you can assign the same access profile to multiple iNMC users. After you have created a series of access profiles, you assign these profiles to iNMC users. Each access profile consists of the following components:
● Node groups — You specify the devices to which an iNMC user has access by assigning one or more node groups to the access profile(s).
● Viewing and management privileges — When defining an access profile, you specify an access level for each management object and iNMC tool. Possible access levels are read/write, read only, and no access.
● Inactivity timer — For each access profile, you specify the inactivity timer for the users to whom you assign the profile. The inactivity timer prevents unauthorized access to the iNMC when an authorized user leaves an iNMC client unattended. If a client remains idle for the amount of time set as the inactivity timer, the user must log into the client again.
5.4.3 NetManager iSMC
The SURPASS hiQ 8000 interfaces with the iSMC via Simple Object Access Protocol (SOAP). Configuring the SURPASS hiQ 8000 and the iSMC to transfer SOAP over IPSec provides security for this interface. This interface is protected via network provided IPSec VLAN. Every user who works with the iSMC is given a user name and password that is assigned by a user called SuperAdmin or by another user who has been assigned the role of User Management. In addition, the SuperAdmin assigns roles to users. Roles enable users to perform various iSMC functions. An iSMC user can be assigned all roles or none. Users with no assigned roles can only login; they cannot perform any other functions. For more information on iSMC User Management, refer to the SURPASS hiQ 8000 NetManager iSMC User’s Guide.
5.4.3.1 Users and Roles Roles enable users to perform administrative or maintenance functions. These roles are assigned when a user is created and can be modified at any time. Roles are predefined and cannot be created. The iSMC is installed with the following three users:
● SuperAdmin
● CaleaAdmin
● NormalAdmin.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-9
Security.fm Security User Management Security
Table 5-3 below lists the default roles for each of these users.
User Name Roles Purpose SuperAdmin User Management Provides access to User Management and Administrator Administrator functions, as well as the Business Groups Provisioning and Security logs. Security Log Provisioning Log CaleaAdmin CALEA Provides access to CALEA features and the CALEA Log CALEA Log. NormalAdmin Administrator Provides access to Administrator function and Business Groups Provisioning Log. Provisioning Log Table 5-3 SMC Users Standard passwords accompany each user name (defaults to the user name). Once the SuperAdmin creates users, he or she can assign the following roles to them.
Role Description iSMC Administrator Can add, modify, and delete iSMC user accounts. Can also add, modify, and delete SoftSwitches. CALEA Can retrieve, add, modify, and delete CALEA intercept entries, as well as view the CALEA Log. DN Administrator Can retrieve, create, modify, disconnect, and delete DNs (subscriber profiles), including EP Profiles and EP Profile Services. This user can also modify service-related parameters, as well as perform all MLHG and numbering plan functions. DN Services Can modify service-related parameters, but cannot create, modify, disconnect, or delete DNs, nor can they view nonservice-related DN parameters. This user can also perform all MLHG functions, except creating, updating, and deleting MLHGs. BG Controller Can add, modify, retrieve, and delete Business Groups (BG), modify BG services, enable call statistics to be generated on the hiQ, and schedule BG Call Statistics collection and FTP to the iSMC. This user can also access the Get All BG Names tab and perform all numbering plan functions. Table 5-4 iSMC User Roles
A30828-X1121-A807-02-7671, November 2005 5-10 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security User Management Security
Role Description BG Administrator Can create, modify, and delete Business Group Lines (BGLs), as well as modify BGL Services. This user cannot create, modify, disconnect, or delete DNs that are not part of BGs, nor can this user access the Get All BG Names tab. This user can also perform all MLHG and BG Call Statistics functions. BGL Services Can modify service-related parameters on BGLs. This user cannot create, modify, disconnect, or delete BGLs, nor can this user view nonservice-related DN parameters. This user can also perform all MLHG functions, except creating, updating, and deleting MLHGs. Security Log Can view the iSMC security logs of all users in the iSMC Administrator role. This log records all login attempts, sessiontimeouts, logouts, and any associated messages. CALEA Log Can view the iSMC CALEA logs of all users in the CALEA role. This log records all actions taken and any associated messages. Provisioning Log Can view the iSMC Provisioning Log, which records the creation, modification, and deletion of DNs, BGs, BGLs, NPs, and MLHGs, as well as subscribing to or unsubscribing from services. Table 5-4 iSMC User Roles
5.4.4 NetManager iSSC
The iSSC is a toolkit providing screens and associated interfaces to the SURPASS hiQ 8000 to support subscriber self-management. The iSSC toolkit allows the service provider/enterprise customer to integrate self-management of SURPASS hiQ 8000 based subscriber features into their web portal. The customer’s web portal provides the security features and the customer is responsible for the security of the web portal.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-11
Security.fm Security User Management Security
5.4.4.1 Management Security The responsibility for iSSC management interfaces is split between the Web Portal provided by the service provider and the iSSC toolkit provided by Siemens. The Web Portal is responsible for the following:
● Secure customer interface for customer self management (HTTPS)
● Secure craft interface for platform and application management. The iSSC toolkit is responsible for the following:
● Secure machine-to-machine interface between the iSSC and the SURPASS hiQ 8000 The interface between the iSSC and the SURPASS hiQ 8000 is XML over SOAP. To protect the interface as well as to block unauthorized access to the iSSC interface at the SURPASS hiQ 8000, IPSec is used to protect the interface.
5.4.5 NetManager iPMC
Depending on the role assigned to your logon user name, you will be granted access to certain features. All users are assigned the View Data role by default. However, a user may be assigned more than one role, and therefore have access to more tabs, as follows:
● Only a user/administrator with the User Management role can assign roles
● Users may be assigned more than one role
● The Admin is a super user with ALL roles selected and they have access to all the tabs/ screens in the iPMC application.
A30828-X1121-A807-02-7671, November 2005 5-12 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security User Management Security
Table 5-5 lists the user roles and lists the tabs that are accessible for each user type.
Roles Accessible Tabs Description View Data Actions tab All users are automatically assigned this role when they are added. Users assigned this role can: Charts tab Change their logon password Reports tab Select the SURPASS hiQ 8000 to view the generated Data tab performance data (However, the servers the user has access to is assigned by the administrator with the User Management role.) View all performance data, charts and reports on any chosen SURPASS hiQ 8000 Download CSV data from a server to their local machine. User Actions tab Users assigned this role can: Management ● View all users on the iPMC configured servers Users tab ● Add/modify/delete users and their logon passwords ● Assign users access to specific hiQ 8000s from which they can view/access performance data Configuration Actions tab Users assigned this role can: ● Add/modify/delete servers (hiQ 8000s, hiG 1200s, Configurations tab billing) monitored by the iPMC server. ● Enable/disable a hiQ 8000 and/or it’s linked components from sending performance data to the iPMC server ● Assign each hiQ 8000 and hiG 1200 access user IDs and passwords (for FTP transfer of files) ● View/set/modify TCAs for various (CDR, DSx and Trunk Group) performance parameters ● View/set/modify QoS parameters View Alarms Actions tab Users assigned this role can view and enable/disable iPMC configured alarms. Alarms Table 5-5 iPMC User Access Roles
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-13
Security.fm Security Security Features
5.5 Security Features
The integrated security features identify and authenticate users to prevent unauthorized access and provides data security to secure the stored information against unauthorized access and loss. The following features provide preventative measures that keep the integrity of the SURPASS hiQ 8000.
5.5.1 Identification and Authentication
The SURPASS hiQ 8000 softswitch provides authorization control by requiring user identification and passwords, and provides for the administration of user ids as well as the handling of unauthorized attempts.
5.5.2 Password Protection for Data Files
Protecting data files is done by requiring extensive password procedures for users, for example:
● suppression of password display during entry
● one-way encryption for different file groups
● suppression of secret login parts within session protocol files
● restoration of all file group passwords after recovery or software upgrade.
5.5.3 Call Detail Records
Call Detail Records are buffered in the duplicated main memory of the SURPASS hiQ 8000 softswitch and their content transferred to a CDR file on the duplicated external disk arrays. Therefore, the maximum amount of data that could be lost (in the event of a total system outage) is limited to the content of the CDR buffer of the main memory. The CDR data output to disk file ensures that the probability of CDR data loss is minimized.
5.5.4 Security Logging and Alarm Reports
All activities and commands are saved in a log file to detect hacker and access violations. Reports are generated and logged according to ITU-T recommendation.
A30828-X1121-A807-02-7671, November 2005 5-14 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security Security Features
5.5.5 Outbound Link Security
The SURPASS hiQ 8000 supports a combination of IPsec (IP Security for PacketCable), SSH (Secure Shell), and TLS (Transport Layer Security for SIP) for outbound links including CDR transport links. No external equipment is necessary for this mechanism. The SURPASS hiQ 8000 provides a packet filtering security policy that restricts what protocols are supported on each of the SURPASS hiQ 8000 IP Addresses. The security policy is implemented via a set of bypass rules in the IPsec security policy database. For each of the signaling-related IP Addresses, the security policy restricts traffic to only the port assigned for that signaling protocol. For the management-related IP Addresses, the security policy restricts traffic only to SSH. Additional rules are manually provisioned as part of the installation process. These include allowing SNMP and FTP only between the SURPASS hiQ 8000 management IP addresses and the iNMC IP addresses; SOAP/XML only between SURPASS hiQ 8000 management IP addresses and the iSMC/iSSC IP addresses; etc. Additional rules may be entered for the iPMC, the telco’s fault management system, the billing server, etc. The management interfaces are separate from the signaling interfaces which allows them to be connected to a private management network or VPN (Virtual Private Network) for added security. The CLI (Command Line Interface) uses Secure Shell while the NetManager iNMC client/server interfaces use CORBA/TLS. SNMP v2c is used between the NetManager iNMC server and the SURPASS hiQ 8000 for additional security. For SIP communication, two mechanisms are used. SIP Digest Authentication is used to insure that the SIP user agent is who they say they are which involves a challenge and response with a user/password agreed upon between the two devices prior to their being in service. The other mechanism is SIP communication between two softswitches and this is handled with Transport Layer Security.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-15
Security.fm Security Security Features
5.5.5.1 Transport Layer Security (TLS) TLS is an application-independent security protocol that is based on Secure Socket Layer. TLS operates transparently to the protocols which run on top of TLS. TLS offers the following security services:
● connection-oriented data confidentiality
● connection-oriented data integrity
● unilateral (for server-client) as well as mutual authentication of the TLS peers (server- server). Besides confidentiality, integrity, and data origin authentication, TLS also provides key management. The TLS protocol works above the transport layer, thus intermediate firewalls cannot interpret the encrypted data. Because TLS is session-oriented protocol, the TLS key management establishes security sessions that define the security parameters applied for the protection of higher-level application data.
5.5.5.2 TLS Between SIP Endpoints Because TLS provides encryption and data integrity between two communicating applications, it is recommended (instead of UDP) for SIP endpoints (user agents). Therefore, TLS between SIP endpoints is supported.
SIP signaling with TLS may also be referred to as SIPS.
Since TLS is applied on a hop-by-hop basis, end-to-end signaling security between SIP endpoints can only be ensured by hiQ 8000 when the originating SIP endpoint specifies the callee using SIPS Uniform Resource Identifier (URI) and the callee is in the local administration domain. When SIPS URI is used, the system blocks the call when end-to-end TLS transport is not available between the caller and the callee, or between the caller and the administrative domain of the callee. Using the SURPASS hiQ 8000 system’s back-to-back user agent architecture, TLS is supported on the signaling connection between a SIP endpoint and the SURPASS hiQ 8000’s SIP signaling manager. See Figure 5-2. End-to-end signaling security is achieved only when all hops of the signaling connection use TLS.
A30828-X1121-A807-02-7671, November 2005 5-16 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security Security Features
When the originating SIP endpoint specifies the callee using a SIP URI (rather than a SIPS URI), the system does not block a call when end-to-end TLS transport is not available. In this case, it becomes the responsibility of the customer (i.e., Centrex Business Group or Enterprise tenant) to configure its network using only endpoint devices that support SIP over TLS in order to achieve end-to-end signaling security. SIP endpoints for which TLS support is required is as follows:
● optiPoint 400 SIP Telephone
● 3rd party SIP Telephone (e.g., Pingtel, Cisco, Mediatrix, Polycom) and softclients (e.g., Sigma) that supports TLS
● 3rd party media gateways (SIP « TDM gateway) that support TLS.
SURPASS hiQ 8000
SIP/SIPS SIP Signaling w/TLS Signal Mgr SIP Endpoint SIP Universal Call Engine Endpoint (UCE) SIP/SIPS SIP Signaling w/TLS Signal Mgr
Figure 5-2 Hop-by-hop Application of TLS via hiQ 8000 Back to Back User Agents
5.5.5.3 OpenSSL Software OpenSSL provides the command tools for administration of the TLS certificates and keys. OpenSSL is installed as a separate package for Solaris 8. However, OpenSSL is incorporated into Solaris 9.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-17
Security.fm Security Security Features
5.5.5.4 TTUD Dispatcher (TCP/TLS/UDP) The TTUD (TCP/TLS/UDP) Dispatcher provides a central routing mechanism for UDP-based SIP communications, TCP/TLS-based SIP communications, and TCP/IPSEC-based CSTA communications. The TTUD Dispatcher operates in parallel with RTP. RTP is used to instantiate one copy of the dispatcher per system mode, which means one instance handling both SIP and CSTA. RTP also monitors the state of each dispatcher and restarts them as required like any other RTP managed process. The following are the functions of TTUD:
● To receive TTUD messages or XDM messages and route them via RTP to the appropriate SIPSM/CSTA instance
● To accept inter-process messages, sent by a SIPSM/CSTA instance, and either use the connection services of TCP directly or use a TLS session to send the message to its destination. The TTUD Dispatcher has an incoming message manager thread to handle incoming messages and an outgoing message manager thread to handle outgoing messages. The TTUD Dispatcher cannot run as a daemon since it is started and stopped by RTP. In order to manage plumbing the interfaces required by the applications using TTUD services, the TTUD starts a daemon root process. Refer to Figure 5-3 for an illustration of how the TTUD fits into the SURPASS hiQ 8000 architecture and Table 5-6 shows the related components.
Component Responsibility RTP Current SURPASS hiQ 8000 middleware SIPSM11 First instance of SIP Signaling Manager SIPSM22 Second instance of SIP Signaling Manager SIP TTUD Dispatcher Dispatcher to handle SIP over TCP/TLS and SIP over TTUD messages SIP Plug-in SIP specific routing logic CSTA TCP Dispatcher Dispatcher to handle CSTA over TCP messages CSTA Plug-in CSTA specific routing logic TLS OpenSSL TLS interface layer including SSL TCP TCP stack CSTA One instance of CSTA per node Shared Memory Shared memory UNIX OS Solaris 9 Table 5-6 TTUD and SURPASS hiQ8000 Components
A30828-X1121-A807-02-7671, November 2005 5-18 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security Security Features
SIPSM11 SIPSM22 Signalling Signalling CSTA1 SHARED MEMORY
1 2 3 SIP/CSTA 4 TTUD RTP MIDDLEWARE DISPATCHER 5 SIP TTUD PLUGIN
7 6
UNIX OS TLS
TCP/IP
8
Figure 5-3 TTUD Within the SURPASS hiQ 8000 System
For the CSTA implementation the SIP-specific objects, plug-in and SIP Parser are replaced by CSTA-specific objects.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-19
Security.fm Security Security Features
Interface 1 is the TTUD Application Interface. The first instance of the SIP Signaling Manager reads inter-process messages from RTP and dispatches messages to other processes via RTP on this interface. The different message types are as follows:
● Incoming Protocol Messages
● Outgoing Protocol Messages
● Application Registration Message
● Application Control Message
● Error Message
● Plug-in Control Message. For Interfaces 2 and 3, the messaging is identical to that of Interface 1. For Interface 4, the TTUD reads inter-process messages from RTP and dispatches messages to other processes via RTP on this interface. The messages seen in this interface are identical in content to those seen in interface 1 and 2. Interface 5 is the class method interface between TTUD and the Plug-in. It is used to break up long TCP/TLS messages into protocol packets in either direction. Interface 6 is the TCP/UDP or SSL Socket Interface. The TTUD reads TCP/TLS or UDP messages from the TCP/IP layer and dispatches reads TCP/TLS or UDP messages on this interface. Interface 7 is the UNIX kernel interface. Interface 8 is the Ethernet external interface whose IP address migration is managed by TTUD. The TCP/TLS/UDP (TTUD) Dispatcher operates over OpenSSL which is a freeware implementation of the Secure Sockets Layer (SSL). Refer to Section 5.5.5.3, “OpenSSL Software”, on page 5-17.
A30828-X1121-A807-02-7671, November 2005 5-20 SURPASS hiQ 8000, Theory of Operations Guide
Security.fm Security Security Features
5.5.6 Packet Cable Security
The SURPASS hiQ 8000 supports all security standards required in the PacketCable Security specification. The SURPASS hiQ 8000 supports signaling security for both NCS and TGCP. TGCP security protects signaling communications between the SURPASS hiQ 8000 and SURPASS hiG 1100 Media Gateways.
5.5.7 Unrecognized MTA Alerts
In the Voice over Cable architecture, when a MTA initiates a call, the SURPASS hiQ 8000 verifies that the request is from a recognized MTA. The softswitch will generate an alert each time it receives a call request from an unrecognized MTA and provide this alert to the iNMC and to the Network Management System (NMS) of the service provider. The SURPASS hiQ 8000 provides protection against excessive traffic from the unrecognized MTA. The NMS will analyze the unrecognized MTA alerts, threshold to declare a DoS attack alarm, and help the service provider determine when they should initiate further actions to determine the source/location of the unrecognized MTA.
5.5.8 CALEA Security
There is additional security for the CALEA features. To insure that only authorized users can cause a call to be intercepted, access control to the CALEA function is provided by the two following capabilities:
● CALEA Logs — The SURPASS hiQ 8000 maintains secure logs and access to these logs is supported only via the iNMC. On the iNMC, a special CALEA role has been defined. Only the iNMC CALEA user and the NMC “Super User” are authorized to view the secure CALEA logs stored on the SURPASS hiQ 8000. Access to the CALEA logs is not supported from the SURPASS hiQ 8000 CLI. IPsec is used to protect the interface between the iNMC and the SURPASS hiQ 8000.
● CALEA Provisioning — Provisioning of lawful intercept surveillance is controlled by the NetManager iSMC. On the iSMC, a special CALEA role has been defined. Only the iSMC CALEA user and the iSMC “Super user” are authorized to manage surveillance in support of CALEA. Management of surveillances in support of CALEA is not supported from the SURPASS hiQ 8000 CLI. IPsec is used to protect the interface between the iSMC and the SURPASS hiQ 8000. For more information on CALEA logs and provisioning, refer to the SURPASS hiQ 8000 NetManager iSMC User’s Guide.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 5-21
Security.fm Security Platform Hardening
5.6 Platform Hardening
To “harden” the platform (make it secure and free from vulnerabilities), two main areas are addressed: securing the operating system’s configuration and testing the protocol stack. A secure OS configuration consists of the following:
● close/deny all unused ports
● eliminate any known vulnerabilities
● secure OS configuration scripts
● enforce port protocol security policy.
A30828-X1121-A807-02-7671, November 2005 5-22 SURPASS hiQ 8000, Theory of Operations Guide
Management.fm Management Interfaces
6 Management
Management of the SURPASS hiQ 8000 is supported via four methods: simple network management protocol (SNMP) version 3; a command line interface (CLI); an element management system called the Network Management Center (NMC); and a subscriber management system called the iSMC/iSSC. This chapter provides information centering around the operations, maintenance, and management capabilities of the SURPASS hiQ 8000.
6.1 Interfaces
Command Line Interface and SNMP interfaces are provided for element and network management of the SURPASS hiQ 8000. The SNMP interfaces are provided via SNMP agents running on the softswitch. The GUI-based element management applications interface to the NetManager i-Suite of products. There are also interfaces provided to the service provider’s Operations Support Systems (OSS). Local administration of the SURPASS hiQ 8000 is via the NetManager iNMC server and CLI. Remote administration of the SURPASS hiQ 8000 can be performed through secure interfaces with the CLI. Subscriber Management can be performed remotely through web sessions with iSMC and iSSC.
6.1.1 Command Line Interface (CLI)
The CLI is provided using a local console or remotely via a Secure Shell interface and requires an Ethernet or LAN connection. There are two modes of operation for the CLI as follows:
● Menu Mode — This mode is active by default. It provides menu choices for hiQ operations and is based on the Resilient Telco Platform CLI menus.
● Expert Mode — Expert Mode assumes that the user has a basic knowledge of the Java programming language, the management function API, and some experience with other command line user interfaces (i.e., UNIX). Expert mode is command driven and used for mass provisioning.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 6-1
Management.fm Management Interfaces
Figure 6-1 shows the SURPASS hiQ 8000 interfaces and network elements.
OCI Oracle DB iSMC (Solaris) (HTTP)
JDBC OCI
SRX-3000 CLI iSMC Mass Provisioning FTP Text File
Text File FTP SNMP CDRs Sun Netra t 1400/1405 Sun Netra 240 Cluster NMC Network/ telnet Service Management
hiQ 8000 CLI
Figure 6-1 SURPASS hiQ 8000 Interface and Network Element Architecture
6.1.2 NetManager iSuite
The NetManager iSuite of products are used with the SURPASS hiQ 8000 softswitch. These products, listed below, are briefly discussed in the following sections. More information can be found in the following documents.
● Network Management Center (iNMC)
● Service Management Center (iSMC)
● Subscriber Self-Care (iSSC)
● Performance Monitoring Center (iPMC).
A30828-X1121-A807-02-7671, November 2005 6-2 SURPASS hiQ 8000, Theory of Operations Guide
Management.fm Management Interfaces
6.1.2.1 NetManager Network Management Center (iNMC) The iNMC Element Management System is a tree-oriented network management system that provides a user interface to augment traditional methods of configuring the SURPASS hiQ 8000 as well as the SURPASS hiG Media Gateways. Intuitive and easy to use, the iNMC user interface provides a graphical view of network operations and stores configuration information in an object database. The NetManager iNMC connects to the SURPASS hiQ 8000 and the hiG Media Gateways to exchange fault and provisioning information and requests. While the SURPASS hiQ 8000 supports SNMPv1, SNMPv2, and SNMPv3, SNMPv2 is used for the iNMC interface. This interface is protected via network-provided IPsec Virtual Local Area Network (VLAN). The NetManager iNMC consists of an iNMC server and iNMC client; the interface between the two is CORBA. The major features provided by the NetManager iNMC are as follows:
● Graphical User Interface
● Provisioning of SURPASS network elements
● Alarm and Fault Management
● Alarm Display
● Performance Monitoring
● Authentication and access control of users.
6.1.2.2 NetManager Service Management Center (iSMC) The NetManager iSMC is a Web-enabled Service Management Center designed to provide users at a Service Provider’s Service Center with information and provisioning control over subscribers’ voice services. A service provider can also elect to allow an enterprise or business administrator to have this same control those subscribers who belong to that business or enterprise. Service provider personnel can view current service provisioning for a particular subscriber, can view the historic service actions (subscription, activation, deactivation, modification) that were undertaken by the subscriber or on the subscriber’s behalf (future requirement), and can provision service changes (subscription, activation, deactivation, modification) on behalf of the subscriber. NetManager iSMC can be installed by itself, but when NetManager iSSC is needed, it should also be installed.
6.1.2.3 NetManager Subscriber Self-Care (iSSC) The NetManager iSSC is a Siemens provided application that enables web service support for service providers who want to give their subscribers the ability to manage their own services. The NetManager iSSC is a toolkit for providing call feature control to subscribers via a Web
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 6-3
Management.fm Management Interfaces portal. In essence, NetManager iSSC provides a SOAP/XML interface into selected feature configuration subsystems on the SURPASS hiQ 8000. When integrated into a carrier Web portal, subscribers have the option to configure their features (e.g., call forwarding, caller rejection, etc.) via the Internet, in addition to via the conventional telephone keypad interface. The NetManager iSSC is intended to provide a rapid start for these providers, allowing them to customize the look and feel, the service options, and the packaging of services – and quickly roll out self-provisioning to their customers. For subscriber services and features supported by the SURPASS hiQ 8000, NetManager iSSC screens are provided to enable users to subscribe and to modify the settings of the services to suit their personal preferences and needs. Note: NetManager iSMC is a superset of the NetManager iSSC. It provides carrier personnel with the ability to control all subscriber-related capabilities and features. Some features and capabilities are only accessible via the NetManager iSMC.
6.1.2.4 NetManager Performance Monitoring Center (iPMC) The NetManager iPMC is a sophisticated performance monitoring tool that monitors service levels in near real-time. (Note: It is currently being offered only to cable operators.) It uses the Call Detail Records that have been created by one or more SURPASS hiQ 8000 systems, imports the raw CDRs, stores them locally, and processes them in 15 minute segments to provide the processed results in both graphic and tabular form. Additionally, the NetManager iPMC supports the collection of Trunk Group measurement data. This data is generated on a 15 minute basis and is transferred into the NetManager iPMC via FTP where it is used to generate graphical displays of user specified trunk group performance.
6.1.3 Operations Support Systems (OSSs)
The SURPASS hiQ 8000 provides various interfaces to try and meet the service provider’s needs as there are many different OSSs used for next generation equipment and networks when compared to the more structured PSTN environment. Refer to Figure 6-2. Switch provisioning is handled via the SNMP interface to the NetManager iNMC which has a northbound CORBA interface to any existing Configuration Management OSS. It is also possible to do this via SNMP or using commands over the CLI directly to the SURPASS hiQ 8000. Subscriber provisioning is handled via the XML/SOAP interface which can go to an existing Configuration Management OSS that supports this protocol or the NetManager iSMC can be used. Fault Management is handled via the SURPASS hiQ 8000’s SNMP interface to a Fault Management OSS. It is also possible to use the CORBA interface from the NetManager iNMC as well.
A30828-X1121-A807-02-7671, November 2005 6-4 SURPASS hiQ 8000, Theory of Operations Guide
Management.fm Management Interfaces
Performance Management (including traffic data collection) is handled via the sending of ASCII text files using FTP or Secure FTP to a Performance Management OSS. Additional values can be obtained via SNMP directly from the SURPASS hiQ 8000 by the Performance Management OSS. Accounting Management (both billing and usage data collection) is handled in a similar manner in that CDRs are sent via FTP or SFTP either directly to an Accounting Management OSS or first through a Billing Mediation Server if Billing Automatic Message Accounting (AMA) output is desired.
Figure 6-2 SURPASS hiQ 8000 OSS Interfaces
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 6-5
Management.fm Management Billing/Call Detail Record Generation
6.2 Billing/Call Detail Record Generation
The SURPASS hiQ 8000 generates Call Detail Records or Event Messages for all the calls it processes. The UCE (Universal Call Engine) passes call information to the Usage Collection component of the SURPASS hiQ 8000, and this component generates a CDR for each call. The five type of CDRs that are produced are as follows:
● Standard call record, including an intermediate record that includes QoS metrics
● Change of Time Audit Record
● Change of SW Audit Record
● Feature Activation/Deactivation Record. The SURPASS hiQ 8000 generates billing data and formats CDRs in a flat ASCII, no comma, format. It contains header and trailer information and can contain call and audit records. Figure 6-3 shows the billing files format.
Header
Records
Trailer
Figure 6-3 Billing Files Format
For details on billing files and the call and audit record fields, see the SURPASS hiQ 8000 NetManager iNMC for Windows Administration Guide. These files are retrieved by an external processing center, using FP/SFTP, and converted, if necessary, to any AMA format as required by the service provider using either their own billing center or a billing mediation server. The SURPASS hiQ 8000 makes CDR records (files) available on redundancy disk arrays. CDR records are written in the SURPASS hiQ 8000 and the size of the CDR file is provisionable. When the file has reached its provisioned size, a new file is opened and new CDRs are written
A30828-X1121-A807-02-7671, November 2005 6-6 SURPASS hiQ 8000, Theory of Operations Guide
Management.fm Management Fault and Alarm Handling to the new file. The closed file is then saved on the redundancy disk array. CDRs are transmitted on demand via FTP. Using this mechanism, the number of sent records will determine the time it takes for transmitting 99.99% of them. In addition to normal CDR records, the SURPASS hiQ 8000 can be provisioned to generate Event Messages to a Record Keeping System (RKS). This provisioning allows up to 2 RKSs to be designed to ensure reliability. In the event of a dual failure of the RKS or a communications failure, the Event Messages are maintained in a queue. The SURPASS hiQ 8000 can also generate Event Messages in compliance with Packet Cable standards. The SURPASS hiQ 8000 can be provisioned to generate either CDRs or Event Messages, but not both simultaneously. The SURPASS hiQ 8000 can be configured to send event messages to a specified RKS in one of the following ways:
● Delivery by message
● Delivery by file. There are four service specific event types as defined in Table 6-1
Service Instance This event captures the occurrence of a call control/feature service. Service Activation This event captures the successful activation of a service by a subscriber. Service Deactivation This event records successful deactivation of a service by a subscriber. Database Query This event records a database base dip by an intelligent peripheral. Table 6-1 Event Message Types
6.3 Fault and Alarm Handling
The SURPASS hiQ 8000 fault management function provides realtime monitoring of all elements that comprise a service provider’s network and all services affected by outages of those elements. In the SURPASS hiQ 8000, the RTP Event Manager generates events and alarms. Events are marked by a unique event ID containing information, for example the severity level, that details the event. Alarm objects reflect the current state of the cluster. A separate alarm manager process changes the states of the alarm objects when specific events occur. The logging function writes events to a permanent database. To filter logging events, the RTP Event Manager is integrated into the network management system and events are forwarded to the central network management console.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 6-7
Management.fm Management Redundancy
Each node has an event handler process to gather and process events logged at different instances. The event handler executes the defined filter operations (escalations, event suppressions) and distributes the events to the event manager, the SNMP agent, and other related processes. Only one event manager process is active in the cluster. In the event of a node failure, a backup manager process logs the events to the database and transfers them to the alarm manager and other interested processes. Based on the rules in the database, special events can trigger state changes in the alarm objects processed by the alarm manager. Furthermore, the RTP provides a critical event handling mechanism. Special critical events use a second independent and secure event path. They are detected and handled in the library used by the application processes. These special, critical events are administered using the management function API. For all subsystems, special processes are provided for passing external events to the event handler transparently.
6.4 Redundancy
The SURPASS hiQ 8000 provides redundancy both at the computing element (node) level and also at the process level. Computer element level clustering is supported via the hardware platform through the Sun Clustering software. Process level redundancy is supported via the SURPASS hiQ 8000’s middleware, the RTP. For more information, refer to the SURPASS hiQ 8000 Cluster Redundancy Operations Guide.
6.5 Software Upgrades, Patches and Recovery Strategies
6.5.1 Mass Provisioning
Prior to deployment, the mass provisioning function remotely populates and configures the SURPASS hiQ 8000 databases to provision large numbers of subscribers without using the CLI menu. Mass provisioning is remotely performed using the expert mode CLI commands via FTP, then executing the file’s commands on the hiQ 8000. This capability includes the provisioning of SURPASS hiQ 8000 and iSMC entities.
6.5.2 Automated Software Installation
The SURPASS hiQ 8000 provides automated software installation for repeatability of site configuration. This capability is provided to manage the installation and upgrades of various components from a number of suppliers. The SURPASS hiQ 8000 System Install Server (SIS) profiles target machines with a predefined configuration. Utilizing the Install Server, it boots a target machine from the network, partitions disks, and installs and configures Solaris or any other software.
A30828-X1121-A807-02-7671, November 2005 6-8 SURPASS hiQ 8000, Theory of Operations Guide
Management.fm Management Software Upgrades, Patches and Recovery Strategies
The configuration information required to support the installation of a clustered softswitch is obtained beforehand as a pre configuration activity. Once the information is available, it is put into a configuration file that resides in the profile directory for the target machine in the SIS server. By convention, the SIS server has a directory per machine that is used to profile configured machines.
6.5.3 Upgrades
During an update installation, any changes to the SURPASS hiQ 8000 software or applications are incorporated online. The SURPASS hiQ 8000 software is upgraded via the RTP management functionality. Each node in the cluster is first stopped, the rolling upgrade is carried out locally, and then the node is restarted (rolling update). The single-node version of the SURPASS hiQ 8000 cannot be upgraded online. Before an upgrade installation, therefore, the entire RTP including the applications must be shut down. Once the relevant node has been shut down, third party software can also be upgraded. These upgrades have no effect on the rest of the cluster. The RTP does not support the synchronization of third party software beyond the node boundaries.
6.5.3.1 Rolling Upgrade The Rolling Upgrade feature performs software upgrades without affecting service. Rolling Upgrades of the SURPASS hiQ 8000 applications in a cluster can be performed as long as the new software is compatible with the old software. In this case, one node is stopped and upgraded with new software. This node is restarted and then the other node is stopped, upgraded, and restarted. An online update mechanism for RTP can be used to upgrade RTP applications via the CLI. This procedure includes the use of mirrored disks and a fallback strategy. The two SURPASS hiQ 8000 nodes on a Solaris cluster can be upgraded using the Resilient Telco Platform (RTP) Rolling Upgrade procedure which is used for levels 1 and 2. Figure 6-4 shows two nodes on a Solaris cluster with the components that can be upgraded. Levels 3 - 7 require component-specific procedures, while Levels 1 and 2 use the RTP Rolling Upgrade procedure.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 6-9
Management.fm Management Software Upgrades, Patches and Recovery Strategies
Shared Oracle Database
CE_1 CE_2
Level 1 HiQ Applications HiQ Applications
Level 2 RTP RTP
Level 3 Oracle Oracle
Level 4 Sun Cluster Sun Cluster
Level 5 Solaris Solaris
Level 6 Veritas Veritas
Level 7 Hardware Hardware
CE_1 IP Addresses CE_2 IP Addresses
Figure 6-4 SURPASS hiQ 8000 — Solaris Upgrade Components
The RTP Rolling Upgrade procedure takes advantage of the use of mirrored internal and external hard drives, in case a fallback is necessary. The user may temporarily halt the upgrade in order to verify that the system is running as expected. Automatic fallback to the previous state is supported, up to a point. Thereafter, manual fallback is required. The following enhancements were made to the RTP Rolling Upgrade procedure:
● Implementation of a mechanism to preserve the values of RTP configuration parameters during the upgrade. Before this enhancement, when a rolling upgrade was performed, the RTP database was re-created from the RTP configuration parameter files, overwriting any manual changes made to the parameters since the last time RTP was created forcing the craft to manually re-enter these parameter values following each rolling upgrade.
● The fallback procedure is enhanced to include the complete implementation of mirrored disks. The current rolling upgrade procedure installs a new software release in place of the old release. Additionally, one of the first steps of the rolling upgrade is to completely remove all packages belonging to the old release. The next step is to install the new packages containing the new release. After the new packages are installed, if an error is encountered, the only mechanism available to fallback to the old release is the use of mirrored disks which is used by the RTP Rolling Upgrade procedure by “breaking the
A30828-X1121-A807-02-7671, November 2005 6-10 SURPASS hiQ 8000, Theory of Operations Guide
Management.fm Management Software Upgrades, Patches and Recovery Strategies
mirrors” prior to installing the new release, leaving the mirrored disks unchanged. If an error is encountered, manual steps can be used to force the system to use the mirrored disks. If the Rolling Upgrade procedure completes successfully, the saved release on the mirrored disks is no longer required, and the disks are re-mirrored with the new release.
6.5.3.2 Symbolic Links The use of mirrored disks can be relatively complicated and requires each node to be rebooted twice. The re-mirroring of the disks can take 30 minutes or longer. However, these issues can be avoided by using relative addresses for all files contained in a release, allowing the use of symbolic links to reference the files. Currently, most binary files and libraries delivered with the SURPASS hiQ 8000 load are contained in the following directory: /unisphere/srx3000 However, if srx3000 is redefined as a symbolic link, it can be modified to reference different directories. For example, if the 6.1 release were active, the value of the link would be: /unisphere/srx3000 --> /unisphere/release6_1 If the 8.0 release were active, the value of the link would be: /unisphere/srx3000 --> /unisphere/release8_0
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 6-11
Management.fm Management Software Upgrades, Patches and Recovery Strategies
Since several releases can simultaneously reside on the disk, the symbolic linking method has the following advantages:
● Software releases can be installed in the background, without terminating call processing
● Software releases can be changed by simply changing the link and restarting RTP
● Fallback procedures are quick and reliable. Note: The procedure has a requirement that any release-specific files must be addressed using relative addresses.
6.5.3.3 Multiple Database Instance for Upgrades The current mechanism to upgrade a database from one release to another is to run a database script, which converts the database schemas. The database is converted by the script prior to upgrading the software to the new release. The RTP Rolling Upgrade procedure allows the user to use disk mirroring, in case a fallback to the old database is necessary. In addition, the backup and restore procedure can be used to save the database prior to an upgrade. However, even with these existing procedures, it is a complicated and time consuming task to convert schemas from one format to another, and then copy the existing data to the new database. The creation of an Oracle instance (SID) for the new database definition allows the two database instances to exist simultaneously. Data from the old release can be copied to the new database, without the danger of corrupting a working system. Switching to the new database is a simple task and the impacts can be limited to the common database access application.
6.5.4 Patches
Software patching as well as complete software upgrades are possible on the SURPASS hiQ 8000. The Maintenance Manager upgrade procedure provides a standard interface for patching the SURPASS hiQ 8000 application software. It makes use of the RTP upgrade procedures which provides a means to control RTP software functionality, a fallback mechanism, and a procedure for splitting the system. The software patches are sent via FTP to the SURPASS hiQ 8000 Installation Server and may be applied whenever desired. There is no automatic mechanism to initiate or schedule the application of a software update.
6.5.4.1 Fallback Procedures Fallback to the original software load will not cause service interruption if the fallback occurs before the new configuration is activated. There are three fallback procedures:
● Soft Fallback — offered as long as no modification is done on the existing software on the first node; supported by the CLI.
A30828-X1121-A807-02-7671, November 2005 6-12 SURPASS hiQ 8000, Theory of Operations Guide
Management.fm Management Software Upgrades, Patches and Recovery Strategies
● Manual Fallback — must be done when any modification on the existing software was done or any undefined event occurred; not supported by the controlling function.
● Manual Completion — should be done if the software upgrade procedure is interrupted during the final cleanup activities; not supported by the CLI. The RTP determines which fallback strategy will be used and advises the system administrator that is performing the upgrade or patch installation.
6.5.5 Recovery Strategies
6.5.5.1 Overload Handling The SURPASS hiQ 8000 measures and manages overload conditions without affecting ongoing calls. The overload manager determines when overload exists and makes overload status information available to other software processes within the SURPASS hiQ 8000. To determine when an overload condition exists, the overload manager monitors realtime operation usage including CPU occupancy, RTP shared memory usage, RTP timer usage, UCE message queue occupancy per instance, and UCE context usage. Each of these parameters has a configurable threshold that determines when overload exists. To ensure that the overload manager does not affect system performance, it runs on a configurable, scheduled basis. Each time the overload manager executes, it recalculates all overload indicators. To prevent an excess of new call attempts from overloading the SURPASS hiQ 8000, each signaling manager maintains a counter of the number of new call attempts it has processed and compares it to an established threshold. This counter increments every time a new call is attempted and it is reduced periodically by the overload manager. For example, if the call handling threshold of the SURPASS hiQ 8000 is 100 calls per second, the overload manager reduces the seizure count by 100 every second. The Basic Overload Protection Controls feature ensures accepted calls result in completed calls and provides protection from overload induced node failure. The Overload sub-system measures the response time of a round trip message (overload state) between Signaling Managers or Connection Managers and the UCE. The Overload sub-system provides an API to return time-stamped call accepted and call rejected counts per process, from which the CLI can calculate the call accepted/rejected figures for that period.
6.5.5.2 System Backup & Restore The current SURPASS hiQ 8000 backup implementation only covers the Oracle database and Omni Signalware SS7 data. The file system containing executables and configuration files requires reinstallation for recovery. Additionally, patches or configuration changes applied after the installation are lost and must be manually restored.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 6-13
Management.fm Management Software Upgrades, Patches and Recovery Strategies
The SURPASS hiQ 8000’s enhanced Backup and Restore mechanism addresses the failure of a complete dual node cluster and external disk array as well as failure of either individual node (such that the local system disks are unrecoverable but the partner node remains in operation) by providing the following:
● Scripts to facilitate creation of a backup image of each node, following installation and at any time following a configuration or software change. The backup image is stored at a safe off-site location for use during recovery.
● Scripts to control a ‘bare-metal’ recovery of one or both SURPASS hiQ 8000 nodes, using the archived disk image.
● Scripts to initialize and re-configure external disk arrays in the event of a complete cluster restore. The SURPASS hiQ 8000 enables backup and restore of the system database and files through the CLI and SNMP. The Maintenance Manager Server (MMS) runs maintenance tasks (known as jobs) on the SURPASS hiQ 8000. The MMS supports the starting, stopping, and querying of jobs through a client/server API. There are several MM clients supporting the jobs control interfaces. This includes an SNMP client, a CLI client, a menu-driven client called the Command Console, and a scheduler client to schedule jobs. The backup and restore procedures are controlled through any of these clients. The NetManager iNMC is the primary administration tool to control jobs. It communicates with the MMS via the Maintenance Manager SNMP client. The NetManager iNMC provides a graphical user interface to control jobs and query job information. The NetManager iNMC can save and restore configuration data from either a single SURPASS hiQ 8000 or from multiple elements, enabling the administrator to back up configuration data for disaster recovery purposes. The NetManager iNMC offers the network operator the choice of performing either manual or scheduled backups of a configuration in specified intervals. In addition to its capability to save the configuration data of a SURPASS hiQ 8000, the NetManager iNMC provides the network operator with restoration features that can either restore the configuration data of a single element or multiple elements.
A30828-X1121-A807-02-7671, November 2005 6-14 SURPASS hiQ 8000, Theory of Operations Guide
Statistics.fm Statistics, Accounting, and Diagnostics Statistics and Accounting
7 Statistics, Accounting, and Diagnostics
This chapter describes the statistics, accounting, and diagnostic features for the SURPASS hiQ 8000.
7.1 Statistics and Accounting
To display statistics, use the NetManager iNMC or CLI. The SURPASS hiQ 8000 softswitch allows users to monitor performance counters and statistics on the following entities:
● Operational Measurements (OM)
● CDR System
● MGCP performance data
● UCE performance data: – Completed Calls And Aborted Calls Statistics – Interworking Calls Statistics.
● H323 performance data: – Gatekeeper Statistics – RAS Statistics – Call Signaling Statistics.
● SIP performance data: – Messages Sent By Client – Messages Received by Client – Messages Sent by Server – Messages Received by Server.
● ISUP performance data
● CAS Statistics
● B-side Aborted Counter SS7 Statistics: – Link Information – ISUP Information – TCAP Information.
● Message Counters
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 7-1
Statistics.fm Statistics, Accounting, and Diagnostics Statistics and Accounting
● Errors In Transaction Portion — Message Type
● Errors In Transaction Portion — General Problem
● Errors In Transaction Portion — Invoke Problem
● Errors In Transaction Portion — Return Result Problem
● Errors In Transaction Portion — Return Error Problem: – SCCP Information
● PRI performance data (collected by CDM): – Call Statistics – D-channel Statistics.
● Audits & Recovery performance data
● Overload Handling performance data: –ISUP – H323 –SIP –OMAP –MGSM – CAS.
● Services performance data: – Advanced Intelligent Network – Anonymous Call Rejection – Call Forwarding – Calling Identity Delivery – Call Waiting – Local Number Portability – Speed Calling – Toll-Free – Screen Line Editing – Selective Call Acceptance
A30828-X1121-A807-02-7671, November 2005 7-2 SURPASS hiQ 8000, Theory of Operations Guide
Statistics.fm Statistics, Accounting, and Diagnostics Monitoring Support
– Selective Call Rejection – Malicious Call Trace – Three Way Calling – Intercom Call – Voice Mail – Auto Callback/Auto Recall.
7.2 Monitoring Support
7.2.1 Operational Measurements
The SURPASS hiQ 8000 softswitch collects a range of operational measurements that may be used for account monitoring, traffic reporting, and capacity analysis. These measurements are collected at 15 minute intervals and formatted into comma-removed ASCII text files on the SURPASS hiQ 8000. The files may then be downloaded via FTP or Secure FTP to any Telco platform concerned with the collection of performance data, e.g., an Operations Support System. The NetManager iNMC can display a snapshot of specific performance counters which it collects from the SURPASS hiQ 8000 using SNMP. The NetManager iPMC can also be used for the monitoring of performance information from a SURPASS hiQ 8000. The SURPASS hiQ 8000 also supports manual congestion controls, code gapping, and trunk group controls. The controls are initiated from the CLI and aid in the overall performance of the network of which the SURPASS hiQ 8000 is a part. Call gapping code controls provide manual code controls which block traffic to destination codes that are difficult or impossible to reach. This conserves network resources for other traffic. Code controls are effective for controlling focused overloads, a condition characterized by a surge of traffic from many parts of the network to a single office or destination (e.g., radio contests). Call Gapping is a switch code control that regulates the maximum rae at which calls are released towards a destination code. Trunk Group Controls provide the ability to maintain network operations at peak capacity through timely use of Network Management Trunk (NTM) Group Controls. Multiple controls can be assigned to the same trunk group. The NMT Trunk Group Controls may be classified into pre-hunt or post-hunt controls. The SURPASS hiQ 8000 supports a total number of 64 Trunk Reservation traffic controls and a total number of 128 manual Trunk Group Controls.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 7-3
Statistics.fm Statistics, Accounting, and Diagnostics Monitoring Support
7.2.2 Measurements
Measurements in the SURPASS hiQ 8000 exist in several forms: CSV (Comma Separated Values) flat files for FTP access, SNMP, and CDRs (generated via statistical processing). The Operational Measurements Manager produces CSVs every 15 minutes for the following:
● Primary Rate Interfaces
● Trunk Groups
● Network Traffic Management Code Controls
● Network Traffic Management Trunk Controls
● Business Groups. In addition to viewing usage data via the NetManager iNMC, this data is stored in OM files on the SURPASS hiQ 8000. Configurable collection intervals, as well as configurable retention intervals, are supported. The SURPASS hiQ 8000 has the flexibility to schedule each measurement category on a 5, 15, 30, 60-minute, and daily basis. The retention period for each interval can be administered to be as much as 31 days (month) with a default of 7 days. The business group or tenet administrator may request their business group measurements on demand via the NetManager iSMC. The following two types of traffic data are collected:
● Peg Usage counters (PUC) — cumulative measurements driven by event occurrences such as successful calls; call failures and any kind of state transition
● Usage Register counter (URC) — cumulative duration of a specified event or condition. Below are the groups/classes of traffic measurements currently supported in the hiQ 8000 system.
7.2.2.1 Trunk Group Traffic Measurements
● Call Attempt Counter (PUC)
● Overflow Counter (PUC)
● Busy Trunks (PUC)
● Free Trunks (PUC)
● Total Trunk Group Usage (URC)
● Total Trunk Group Maintenance Usage (URC)
● Reset Time
● Reset Flag.
A30828-X1121-A807-02-7671, November 2005 7-4 SURPASS hiQ 8000, Theory of Operations Guide
Statistics.fm Statistics, Accounting, and Diagnostics Monitoring Support
7.2.2.2 PRI Traffic Measurements
● Per B-Channel Call Attempt Counter (PUC)
● Overflow Counter (PUC) per PRI
● Busy Circuits (PUC)
● Free Circuits (PUC)
● Total PRI Usage (URC)
● Total PRI Maintenance (URC)
● Total PRI Usage (URC)
● Total PRI Maintenance Usage (URC)
● Reset Time
● Reset Flag.
7.2.2.3 NTM Trunk Group Traffic Measurements
● Subjected to Calls (PUC)
● Cancelled Calls (PUC)
● Skipped Calls (PUC)
● Rerouted Calls (PUC)
● Reset Time
● Reset Flag.
7.2.2.4 NTM Code Control Traffic Measurements (stored in the XLA Shared Memory)
● Calls Accepted (PUC)
● Calls Blocked (PUC)
● Reset Time
● Reset Flag.
7.2.2.5 Business Group Traffic Measurements
● Originating Calls (PUC)
● Terminating Calls (PUC)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 7-5
Statistics.fm Statistics, Accounting, and Diagnostics Monitoring Support
● Intragroup Calls (PUC)
● Feature Use (PUC)
● Feature Activation (PUC)
● Feature Deactivation (PUC)
● Dial 8, Dial 9 Calls (PUC)
● Direct Inward Dialing (DID) (PUC)
● Calls Completed to Attendant (PUC)
● Calls Incomplete to Attendant Due to Busy Condition (PUC).
7.2.3 Tracing Capabilities
Within the SURPASS hiQ 8000 system, there are three existing trace capabilities: RTP Tracer, Call Tracer, and Real Time Tracer. RTP Tracer traces inter-process messages, trades application data via RTP-API, supports different trace levels, stores on local file system one trace file per process, however, is not recommended for real-time operation. Call Tracer traces UCE messages (in and out), traces signaling manager messages, can be activated for DPC-CIC (SS7 trunk), DN (subscriber), PRI-B-Ch (PRI user), and separates file per trace/process/node. Real Time Tracer addresses the limitations of RTP Trace and Call Trace. The SURPASS hiQ 8000 system requires a flexible Real Time Tracer facility for:
● Initial module/sub-system development and unit test;
● System integration — to ensure correct operation and debugging of functional tests;
● System test — to ensure correct operation and debugging of load runs, and failure/ recovery tests;
● On-line operation of the SURPASS hiQ 8000 — used by Siemens personnel for debugging software problems or assisting customers with network or equipment problems. Real Time Tracer traces protocol messages into and out of the SURPASS hiQ 8000, traces messages between signaling managers and the UCE, traces messages between the signaling sub-systems (i.e., between MGCP connection and signaling managers and SIP TTUD dispatcher and the SIP signaling manager), and traces messages that are generated by the newly combined RTP/Call Trace API to be written to RTT. The SURPASS hiQ 8000 also offers the Customer Originated Trace capability so that a user receiving malicious or nuisance calls can activate this feature and have a trace of that call print at a service location specified by the service provider.
A30828-X1121-A807-02-7671, November 2005 7-6 SURPASS hiQ 8000, Theory of Operations Guide
Statistics.fm Statistics, Accounting, and Diagnostics Diagnostics and Audits Support
The trace manager runs in an active/standby mode in the cluster and provides a generic API to all call control processes (i.e., SMs, UCE, CCM) for call tracing purpose. The API is a shared library that is called (by the process tracing a call) every time a call related message is received or sent for a specific call or a group of calls based on the trace trigger condition. Call tracing is configurable for each of the signaling managers. This processing is performed off-line so that SURPASS hiQ 8000 call traffic is not impacted. The trace files are transferred from the hiQ 8000 to an off-line workstation or PC. The Trace reader reads the CE1 and CE2 trace files maintaining chronological order. Trace analyzer utilities are then used to “crunch” the trace into specific outputs. These utilities are written in a text processing language and are done so on an as-needed basis depending on the problem to be analyzed, but typically includes the following:
● Formatting the trace into call sequences
● Isolating call sequences for specific DNs, URLs, Gateways, endpoints, trunks, etc.
● Generating message and call completion statistics, useful for obtaining an overview of the number of lost calls, missed messages, retransmitted messages, etc.
● Including a time stamp, therefore, response time information is available. To allow the analyzer to correlate messages into a call, the SURPASS hiQ8000 signaling/ connection managers and UCE tags each message with a discrete call ID. The signaling manager receiving the first message of the call assigns the called to be contained in all internal messages and contexts. The trace facility is implemented via the CLI. The off-line utilities run on any Solaris workstation; it is not required to run RTP on the workstation.
7.3 Diagnostics and Audits Support
The SURPASS hiQ 8000 runs on commercial computing platforms, thus hardware diagnostics are provided via the commercial platform’s software. Diagnostics can be run on hardware components with a time interval that is configurable per seconds in a configuration file (default is 60 seconds). On-demand diagnostics may be performed using standard Solaris tools. The SURPASS hiQ 8000 maintains an auditing program for MGCP endpoints connected to it. In this context, endpoints are MGCP subscriber endpoints that have a distinct MGCP ID. Upon initial boot up and following system recoveries, the SURPASS hiQ 8000 audits all endpoints to insure synchronization. Once the system is up and running, audits are only performed upon finding an error condition (either from call processing, maintenance or administration activities). The audit continues to monitor the endpoint with the failure condition by requesting a Connection ID every 2 minutes following the error condition detection. The auditing process stops for that particular endpoint when the softswitch receives a Connection ID from the
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 7-7
Statistics.fm Statistics, Accounting, and Diagnostics Diagnostics and Audits Support endpoint or the endpoint sends an MGCP Restart in Progress (RSIP) message indicating reset. Whereas MGCP endpoints are audited upon detection of error conditions, the SURPASS hiQ 8000 performs periodic cyclic audits for ISUP and PRI trunk ports.
7.3.1 Protocol Diagnostics
There are various diagnostic counters available, including call-related ISUP counters and SS7 counters tied to Signaling Destination Routes (SDRs). Below, the MTP counters (SS7) are provided on a signaling link basis. The ISDN counters relating to PRI performance are listed in Section 7.3.1.4, Section 7.3.1.5, and Section 7.3.1.6.
7.3.1.1 MTP1 Counters
● Frames received: – Valid – Aborted –CRC error – Length violation –Oversize.
● Frames transmitted: – Valid – Underrun.
7.3.1.2 MTP2 Counters
● Total link failure
● Excessive line error
● Failure to acknowledge
● Alignment link failure
● Congestion
● Abnormal sequence number.
7.3.1.3 MTP3 Counters
● Received MSUs
● Transmitted MSUs
A30828-X1121-A807-02-7671, November 2005 7-8 SURPASS hiQ 8000, Theory of Operations Guide
Statistics.fm Statistics, Accounting, and Diagnostics Diagnostics and Audits Support
7.3.1.4 HDLC Counters
● RX bytes
● RX frames
● RX no buffer
● RX CRC
● RX abort
● RX non octet
● RX oversize
● TX bytes
● TX frames
● TX Underrun.
7.3.1.5 LAP-D (Layer 2) Counters
● Link state
● Time link change
● Invalid frames
● Rx I frames
● Rx S frames
● Rx U frames
● Tx I frames
● Tx S frames
● Tx U frames
● SAPI frames.
7.3.1.6 PRI Counters
● Per B channel total call attempts [1...24 entries]
● Current circuits allocated
● Current circuits available
● PRI overflow total
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 7-9
Statistics.fm Statistics, Accounting, and Diagnostics Diagnostics and Audits Support
● Calls incomplete — originating to terminating
● Calls incomplete — originating to outgoing
● Calls incomplete — incoming to terminating
● Calls complete — originating to terminating
● Calls complete — originating to outgoing
● Calls complete — incoming to terminating
● Call attempts — originating
● Interval start timestamp
● Reset timestamp. This field contains a timestamp if a reset was performed during this interval. Otherwise this field contains a null string.
7.3.2 Network Diagnostics
The NetManager iNMC and CLI support the Test Line Origination (TLO) feature to run diagnostic tests on network connections for the SURPASS hiQ 8000 as well as the SURPASS hiG media gateways. The TLO feature provides the ability to create, modify, and delete test call objects (TLO objects), manually start and schedule test calls, stop test calls, and review test call results. Test calls use individual circuit paths and signaling to test switch connections between the switch and adjoining Class 4/5 switches. After the addressed switch performs the appropriate loopback or tone generation, the switch determines and reports the quality of the voice paths. Test calls can be made to T102, T108, and T108r test line numbers. These test calls use special directory numbers and test the trunks that connect switches in the PSTN. Test calls require the participation of both the originating switch and the addressed switch.
A30828-X1121-A807-02-7671, November 2005 7-10 SURPASS hiQ 8000, Theory of Operations Guide
Specifications.fm Technical Specifications, Support and Services Product Specifications
8 Technical Specifications, Support and Services
This chapter provides the product specifications for the Sun Netra 240, Sun Netra 1280, SURPASS hiQ 8000 and application modules. Additionally, Section 8.2, “Professional Services”, on page 8-13 describes Siemens’ service programs dedicated to providing support for customer operations.
8.1 Product Specifications
Specific physical and environmental values are dependent on the platform used for the SURPASS hiQ 8000. The following sections provide this information for the various hardware platforms.
8.1.1 Sun Netra 1280 (DC power) or Sun Fire V1280 (AC power) Specifications
Processor Number of processors 1.2 GHz Architecture Superscalar SPARC® V9, UltraSPARC® III Cu architecture
Cache per processor ● Level 1: Parity-protected 32-KB instruction and 64-KB data on chip (single-bit errors are corrected) ● Level 2: 8-MB external cache
Main memory ● 16 GB RAM per server (8 CPU); ● 24 GB RAM per server (12 CPU) Standard Interfaces
I/O Serial ● 2 integrated Gigabit Ethernet ports (66 MHz) ● 2 Quad Fast Ethernet (QFE) (X1034A) PCI cards - total of 10 Ethernet ports ● 2 Dual 2 Gbit Fiber Channel (FC) (X6768A) Host Bus Adapter Cards - to interface with the 3510 disk arrays System bus Sun Fireplane interconnect at 9.6 GBps, sustained
Expansion Bus ● 1 integrated 160MB/s Ultra3 SCSI port (66 MHz) ● 6 open 7-inch PCI slots (64 bit; one at 66 MHz, 5 at 33 MHz) Table 8-1 Sun Netra 1280 and Sun Fire V1280 Specifications (Sheet 1 of 3)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 8-1
Specifications.fm Technical Specifications, Support and Services Product Specifications
Mass Storage and Media External Storage 2 StorEdge 3510 RAID arrays with 9 x 73 GB drives each System controller Integrated Ultra3 SCSI supports up to 15 SCSI devices Internal disk Three 36-GB Ultra3 SCSI internal disks
Internal DVD ● DVD-ROM internal drive ● DDS-4 tape drive (optional) Software Operating Environment Solaris 9 Application Sun Cluster 3.1 Database Oracle 91 with Real Application Cluster (RAC) Middleware Resilient Telco Platform (RTP) Languages C, C++, Pascal, Fortran, Java Networking ONC/NFS, TCP/IP, SunLink OSI, X.25, DCE, NetWare System monitoring Sun Management Center 3.0, Solaris Management Console System and network Sun Cluster, Sun OpenBoot firmware, Solaris Web Start, management Solstice DiskSuite, SunScreen Secure Net, VERITAS File System, VERITAS Volume Manager, Solaris Resource Manager, Solaris Bandwidth Manager Availability Dynamic Reconfiguration of CPU/memory boards, hot CPU upgrades, redundant Sun Fireplane interconnect, redundant network connections, hot-swap disks, smart fans, 2N redundant hot-swap power supplies, hardened Operating System Kernel, hardened I/O drivers, Systems Configuration Card, proactive self-diagnostics, end-to-end data integrity including ECC, and cluster support. Resource Management Solaris Resource Manager, Solaris Bandwidth Manager Environment DC power –48VDC or –60VDC Operating 5° C to 40° C (41° F to 104° F) at 5% to 85% continuous humidity; -5°C to 55°C at 5% to 90% continuous humidity for <96 hours under the limits of Telcordia SR-3580 (NEBS) Level 3 Altitude Up to 3,048 m (10,000 ft.) Table 8-1 Sun Netra 1280 and Sun Fire V1280 Specifications (Sheet 2 of 3)
A30828-X1121-A807-02-7671, November 2005 8-2 SURPASS hiQ 8000, Theory of Operations Guide
Specifications.fm Technical Specifications, Support and Services Product Specifications
Regulations Meets or exceeds the following requirements:
Safety ● North America: UL 60950 third edition, CSA C22.2 No 60950-00 third edition (Certified: UL and UL for Canada) ● European Community: EN 60950:2000, (Certified: UL for Germany/GS-Mark and GOST R for Russia) ● Worldwide except North America: IEC 60950:1999 and CB Bulletin (Certified: DEMKO and UL for Argentina/ IRAM S-Mark) ● RFI/EMI Class A: Australia/New Zealand AS/ NZ 3548, Industry Canada ICES-003, European Community EN55022/CISPR22, Japan VCCI, Taiwan CNS 13438, and U.S. FCC 47CFR15.B
Immunity ● EN55024 (89/336/EEC) ● Telecordia GR-1089-CORE including ESD open doors (DC only)
EMI Emissions ● CFR Title 47 FCC Part 15 including 2-in-rack ● EN 55022 (89/336/EEC) including 2-in-rack ● Telcordia GR-1089-CORE including open doors (DC only)
NEBS ● GR-1089-CORE (EMC and Electrical Safety) ● GR-63-CORE (Physical Protection) ● SR-3580 Certification Levels Dimensions & Weight
Height ● 527 mm (20.75 in.) ● 12 rack units Width 445 mm (17.5 in.) Depth 558 mm (22 in.) excluding cable arm Weight 110-132 kg (240-290 lb.) Upgrades Trade-in allowances are available for the Sun Enterprise 420R, 450, 35x0, 4x00, and Netra t 140x servers. Older Sun servers and other vendors’ systems are eligible under Sun’s Server Consolidation Program. For more information, contact your local Sun sales representative or authorized Sun reseller. Table 8-1 Sun Netra 1280 and Sun Fire V1280 Specifications (Sheet 3 of 3)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 8-3
Specifications.fm Technical Specifications, Support and Services Product Specifications
8.1.2 Sun Netra 240 (DC or AC) Specifications
Processor Processor Two 1.2 GHz UltraSPARC IIIi Architecture Four 64-bit, four-way Superscalar SPARC® V9
Main Memory ● Four DIMM slots per processor registered DDR-1 SDRAM (PC2100), 128-bit and ECC databus ● System configuration from 512 MB to 8 GB Cache 64-KB data, 32-KB instruction, and 1-MB integrated L2 Standard Interfaces Network Four 10/100/1000 BaseT Ethernet; one BaseT Ethernet Serial One TIA/EIA-232-F (RJ45) port; One TIA/EIA-232-F asynchronous (DB9) port; One Ultra 160 SCSI multimode (SE/LVD) Expansion Bus Three internal PCI 2.2-compliant expansion slots: ● One 64-bit, 33/66-MHz 3.3 V full-length ● Two 64-bit, 33-MHz 5 V half-length Alarms Four fail-safe, dry-contact alarms (critical, major, minor, and user) with external reset input via DB15-pin connector System Configuration Reader Front-accessible for transfer of system configuration and Card (removable) information, including Host ID, MAC address, NVRAM Mass Storage And Media Internal DVD Slim-line ATAPI DVD-ROM Internal disk Two hot-swap Ultra160 SCSI, 73-GB, 15K-rpm disks External storage StorEdge S1 disk array (one per SURPASS hiQ 8000 system); 657 GB total drive space Software Operating environment Solaris 9 Application Sun Cluster 3.1 Database Oracle 91 with Real Application Cluster (RAC) Middleware Resilient Telco Platform Environment DC power Two (1 +1 redundant) DC power supplies -48 V DC nominal, 364W, dual input Table 8-2 Sun Netra 240 (DC and AC) Specifications (Sheet 1 of 3)
A30828-X1121-A807-02-7671, November 2005 8-4 SURPASS hiQ 8000, Theory of Operations Guide
Specifications.fm Technical Specifications, Support and Services Product Specifications
AC power Two (1 +1 redundant) AC power supplies 90-264 V AC (47-63 Hz) Operating Temperature (DC) -5° C to 45° C (23° F to 113° F); short term -5° C to 55° C (23° F to 131° F), 5% to 93% relative humidity, noncondensing Operating Temperature (AC) -5° C to 45° C (23° F to 113° F); short term -5° C to 55° C (23° F to 131° F), 5% to 93% relative humidity, noncondensing Non-operating Temperature -40° C to 70° C (-40° F to 158° F), up to 93% relative humidity, noncondensing Altitude (operating) Up to 3000 m Altitude (non-operating) Up to 12000 m ETSI EN 300-019-2-1,2,3, Table 3.1 and Table 3.1E Acoustic noise Declared noise emissions in accordance with ISO 9296: ● Operating: 7.0 B [LWAd(1B=10dB)] ● Idling: 7.0 B [LWAd(1B=10dB)] Seismic Meets GR-63-CORE requirements for earthquake zone 4 Regulations
Safety ● IEC60950 ● UL/CSA60950 ● EN60950
RFI/EMI ● FCC Class A, part 15 47 ● CFR ● EN55022 ● CISPR 22 ● EN 300-386:2001 V1.3.1. ● ICES-003 Immunity EN55024 Certifications
Certifications ● Safety: cULus Mark, TUV GS Mark, CE Mark, CCC, GOST R ● EMC CE Mark (93/68/EEC), FCC authorized Class A, VCCI, BSMI, C-Tick, MIC ● Telecommunication: Telcordia GR-63 CORE, GR-1089- CORE, SR 3580 NEBS Level3 Table 8-2 Sun Netra 240 (DC and AC) Specifications (Sheet 2 of 3)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 8-5
Specifications.fm Technical Specifications, Support and Services Product Specifications
Dimensions And Weights
Chassis ● Height 87.4 cm (3.44 in.) 2RU ● Width 425 mm (16.73 in.) not including bezel 442 mm (17.4 in.) including bezel ● Depth 483 mm (19 in.) to rear connectors 508 mm (20 in.) overall maximum depth Weight 16.3 kg (36 lbs); 18.6 kg (41 lbs) fully configured with rackmount kit
Enclosure ● Fits into a standard 19-inch wide rack. ● Rack kit included 19-inch four-post ● Additional rack kits available 19-inch two-post, 23-inch two-post, 600 mm x 600 mm, and 19-inch four-post slide adjustable up to 800 mm Upgrades Options Upgrades for the Netra 240 server are available. Table 8-2 Sun Netra 240 (DC and AC) Specifications (Sheet 3 of 3)
A30828-X1121-A807-02-7671, November 2005 8-6 SURPASS hiQ 8000, Theory of Operations Guide
Specifications.fm Technical Specifications, Support and Services Product Specifications
8.1.3 SURPASS hiQ 8000 Product Specifications
General
Hardware and Operating ● Sun Netra 240 (DC) System ● Sun Netra 240 (AC) ● Sun Netra 1280 (DC) or Sun Fire V1280 (AC) ● Sun Solaris 9
PSTN Connectivity ● V.35 ● E1/T1MTP-ANSI ● ITU-T ● ETSI LAN/WAN Connectivity 10/100 Base-T (10 connections per node) IP
Availability ● Availability > 99.9994% ● Total downtime < 3 minutes per year ● Call loss rate < 0.01% ● Hot and cold stand-by ● Rolling upgrades ● Non-stop programming through process watchdog and plausibility checks ● High-availability SS7/C7 and TTUD stacks provide stable call fail-over
Call Control Protocols ● SS7.C7 ISUP - Bellcore GR-319, GR-394, ITU-T, ETSI ● Q.931 PRI ● MGCP v1.0 ● H.323 v4 gatekeeper and direct-routed models ● H.225 fast connect option ● SIP ● SIP-T for inter-softswitch communication ● TGCP ● NCS
Application Protocols ● SIP ● SS7 TCAP - ANSI, ITU-T, ETSI ● SNMP v2 Programmability Secure, industry standard API interfaces Table 8-3 SURPASS hiQ 8000 Specifications (Sheet 1 of 2)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 8-7
Specifications.fm Technical Specifications, Support and Services Product Specifications
Back-office ● Craft Command Line Interface ● Secure Telnet remote access ● SNMP 2.0 ● LDAP directory ● FTP for bulk data import/export ● Java RMI Scalability SS7 Link Scalability Scalable up to 16 SS7 or 8 pairs MTA Scalability Supports up to 150,000 MTA/subscribers Standards SS7 Supported TTC Standard JJ-90.10 Supported (4th edition) Table 8-3 SURPASS hiQ 8000 Specifications (Sheet 2 of 2)
A30828-X1121-A807-02-7671, November 2005 8-8 SURPASS hiQ 8000, Theory of Operations Guide
Specifications.fm Technical Specifications, Support and Services Product Specifications
8.1.4 Standards Support
The SURPASS hiQ 8000 supports a large number of ANSI, ITU, IETF, Telcordia, PacketCable, and country specific standards. This includes key directives for signaling protocols, call controls, regulatory, and safety interfaces. The SURPASS hiQ 8000 supports the following signaling interface standards:
● SS7 (ISUP/MTP3/MTP2)
● ISDN PRI NI 2
● SIP/SIP-T
● MGCP
● H.323. The SURPASS hiQ 8000 complies with national and international standards. Table 8-4 lists the SURPASS hiQ 8000 standards.
Protocol / Protocol Layer / Standards Control Control Type Documentation No. Interface SURPASS hiQ 8000 ITU-T Standards Compliance SS7 ISUP Q.761, Q.762, Q.763, Q.764 MTP 2, 3 Q.701, Q.702, Q.703, Q.704, Q,707 H.323 H.225, H.245, H.323 V4, H,235 ISDN PRI Q.931 Call Control Numbering plan E. 164 SURPASS hiQ 8000 ANSI Standards Compliance SS7 ISUP T1-113 MTP 2, 3 T1-111 SCCP T1-112 TCAP T1-114, TRQ #2 SURPASS hiQ 8000 Telcordia Standards Compliance SS7 ISUP GR-317, GR-394, GR-246 MTP GR-246, GR-606 SCCP GR-246 TCAP GR-246 Table 8-4 SURPASS hiQ 8000 Standards Compliance (Sheet 1 of 2)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 8-9
Specifications.fm Technical Specifications, Support and Services Product Specifications
Protocol / Protocol Layer / Standards Control Control Type Documentation No. Interface NEBS GR-63-CORE, GR-1089-CORE LNP GR-2936 Toll Free TR-533 E911 GR-2956, GR-3017, TR-350 SURPASS hiQ 8000 TTC Standards Compliance SS7 ISUP JJ-90.10 (JT-Q.761, JT-Q.762, JT-Q.764, JT- Q.850) MTP 2, 3 JJ-90.10 (JT-Q.701, JT-Q.702, JT-Q.703, JT- Q.704, JT-Q.707) SURPASS hiQ 8000 China Standards Compliance SS7 ISUP YDN-038 MTP 2, 3 GF-001-9001 SURPASS hiQ 8000 IETF Standards Compliance SIP SIP RFC-2543 SIP-T RFC-2543 SDP RFC-2327 MGCP RFC-2705, RFC-3064 (CAS Package) SURPASS hiQ 8000 NI-2 Standards Compliance ISDN PRI SR-4287, TR-NWT-1187, TR-NWT-1268 SURPASS hiQ 8000 Safety Standards Compliance NEBS GR-63-CORE, GR-1089-CORE SURPASS hiQ 8000 Regulatory Standards Compliance E911 GR-2956, GR-3017 Table 8-4 SURPASS hiQ 8000 Standards Compliance (Sheet 2 of 2)
A30828-X1121-A807-02-7671, November 2005 8-10 SURPASS hiQ 8000, Theory of Operations Guide
Specifications.fm Technical Specifications, Support and Services Product Specifications
The SURPASS hiQ 8000 support a number of PacketCable Standards as found in Table 8-5.
PacketCable Multimedia PacketCable Multimedia Specification Specification Number PacketCable Multimedia Specification PKT-SP-MM-I01-030627 PacketCable 1.0 PacketCable 1.0 Specifications Specification Number PacketCable Audio/Video Codecs Specification PKT-SP-CODEC-I04-021018 PacketCable Dynamic Quality-of-Service Specification PKT-SP-DQOS-I06-030415 PacketCable Network-Based Call Signaling Protocol PKT-SP-EC-MGCP-I08-030728 Specification PacketCable Event Message Specification PKT-SP-EM-I06-030415 PacketCable Internet Signaling Transport Protocol (ISTP) PKT-SP-ISTP- I02-011221 Specification PacketCable MIBs Framework Specification PKT-SP-MIBS-I07-030728 PacketCable MTA MIB Specification PKT-SP-MIB-MTA-I07-030728 PacketCable Signaling MIB Specification PKT-SP-MIB-SIG-I07-030728 PacketCable MTA Device Provisioning Specification PKT-SP-PROV-I07-030728 PacketCable Security Specification PKT-SP-SEC-I09-030728.pdf PacketCable PSTN Gateway Call Signaling Protocol PKT-SP-TGCP-I05-030728 Specification PacketCable 1.1 PacketCable 1.1 Specifications Specification Number PacketCable Management Event MIB Specification PKT-SP-EVEMIB-I02-021018 PacketCable Embedded MTA Primary Line Support pkt-sp-emta-primary- I01- Specification 001128 PacketCable Management Event Mechanism pkt-sp-mem- I01-001128 PacketCable Electronic Surveillance Specification PKT-SP-ESP- I01-991229 PacketCable Audio Server Protocol Specification PKT-SP-ASP- I02-010620 PacketCable 1.2 PacketCable 1.2 Specifications Specification Number PacketCable Call Management Server Signaling pkt-sp-cmss- I02-021205 Specification Table 8-5 Packet Cable Standards Compliance (Sheet 1 of 2)
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 8-11
Specifications.fm Technical Specifications, Support and Services Product Specifications
PacketCable Interdomain Quality of Service Specification pkt-sp-iqos- I01-001128 PacketCable 1.3 PacketCable 1.3 Specifications Specification Number PacketCable CMS Subscriber Provisioning Specification pkt-sp-cmsprov- I01-021205 Table 8-5 Packet Cable Standards Compliance (Sheet 2 of 2)
A30828-X1121-A807-02-7671, November 2005 8-12 SURPASS hiQ 8000, Theory of Operations Guide
Specifications.fm Technical Specifications, Support and Services Professional Services
8.2 Professional Services
Siemens’ network architects can help design a system to meet service and uptime requirements and provide optional interoperability with other devices and applications.
8.3 Pre-configuration Services
Siemens offers a pre-shipment service that can soft-configure and test a system to meet site requirements.
8.4 Educational Services
Siemens’ classroom services provide training for customers on the configuration, operation, provisioning, maintenance, and scaling of the SURPASS hiQ 8000 and SURPASS hiG 1200/ 1100 media gateway systems.
8.5 Technical Assistance Center (TAC)
Our trained Siemens Technical Assistance Center (TAC) experts can assist in the diagnosis and correction of any SURPASS hiQ 8000 and SURPASS hiG 1200/1100 system-related issues. Access to TAC is available by phone, e-mail, or the web. Customer contacts are provided user accounts and passwords to access the Siemens Customer Service Web Site. Call your Local Company Representative for instructions about contacting TAC.
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide 8-13
Specifications.fm Technical Specifications, Support and Services Technical Assistance Center (TAC)
A30828-X1121-A807-02-7671, November 2005 8-14 SURPASS hiQ 8000, Theory of Operations Guide
bkIX.fm Index
Index Z
Symbols MTP2 7-8 4-5, 4-46, 4-54 MTP3 7-8 PRI 7-9 Numerics cyclic search method 4-23 800 service 4-34 D A Data resiliency 4-4 access profiles 5-9 delay and jitter management 4-50 active/active applications 4-6 diagnostics address translation and routing 4-17, 4-20 protocol 7-8 aliases 4-26 directory number translation 4-24 AS 4-9 DQoS 4-32 associator segment 4-9 Dynamic Quality of Service (DQoS) 4-32 B E backup and restore 6-13 E.164 4-24 billing files 6-6 E911 4-33 Business Groups, Traffic Measurements 7-5 E911 service 4-34 echo cancellation 4-51 C element management (SURPASS hiQ 8000) call control 4-19 4-18 Call Gapping 7-3 Emergency Calling 4-33 call prefixes 4-24 endpoint admission control 4-27 call processing 4-16 endpoint registration 4-26 overview 4-19 exchange access 4-26 Call Tracing RTP Tracer, Call Tracer, Real Time Tracer F 7-6 fault management (SURPASS hiQ 8000) 6-7 CAS 4-47, 4-48 feature group D 4-26 CCM 4-12, 4-13 feature segment 4-9 Channel Associated Signaling (CAS) 4-47, 4- FS 4-9 48 CLI 5-7 G command line interface (CLI) 5-7 gatekeeper discovery 4-27 compression 4-51 H connection control manager 4-12, 4-13 counters H.323 HDLC 7-9 alias translation and routing 4-26 LAP-D 7-9 description 4-44 MTP1 7-8 endpoint admission control 4-27 endpoint registration 4-26
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide Z-1 bkIX.fm Index
gatekeeper discovery 4-27 O HDLC OAM&P (SURPASS hiQ 8000) 4-18 counters 7-9 OpenSSL 5-17 I operational measurements call gapping, manual congestion, trunk INAP 4-32 group controls 7-3 incoming transaction segment 4-9 origin dependent routing 4-25 iNMC OTS 4-9 access profiles 5-9 outgoing transaction segment 4-9 main screen 5-8 overload handling 6-13 node groups 5-8 Overload Protection Controls 6-13 Integrated Services Digital Network/Primary Rate Interface (ISDN PRI) 4-49 P Intelligent Network Application Protocol (IN- Parallel Fast Connect 4-45 AP) 4-32 PBX access 4-56 IP virtual trunking 4-49 Plain Old Telephone Service 4-35 ISDN PRI 4-49 Platforms ISDN signaling backhaul 4-48 SURPASS hiQ 8000 3-1 iSMC POTS 4-35 Roles 5-9 prefix digit translation 4-24 Users 5-9 PRI counters 7-9 iSMC User Management 5-9 PRI performance counters 7-9 ITS 4-9 product specifications L Sun Netra 1280 8-1 Sun Netra 240 8-4 LAP-D counters 7-9 SURPASS hiQ 8000 8-7 LATA 4-26 profiles, access 5-9 Local Access and Transport Area (LATA) 4- protocol diagnostics 7-8 26 location transparency 4-4 Q M QoS control 4-17 QoS features 4-50 Manual congestion controls 7-3 QSIG Tunneling 4-46 measurements, operational 7-3 Media Gateway Control Protocol (MGCP) 4- R 42 Real Time Transport Control Protocol (RTCP) MGCP 4-42 4-54 MGCP endpoint setup 4-43 Real Time Transport Protocol (RTP) 4-54 most matched digit translation 4-25 realtime data management 4-6 MTP1 counters 7-8 Registration Request (RRQ) 4-26 MTP2 counters 7-8 Resilient Telco Platform (RTP) 4-3 MTP3 counters 7-8 components 4-5 N middleware 4-5 stream setup 4-54 node groups 5-8
A30828-X1121-A807-02-7671, November 2005 Z-2 SURPASS hiQ 8000, Theory of Operations Guide
bkIX.fm Index
rotary search method 4-23 H.323 4-44 RRQ 4-26 Session Description Protocol (SDP) 4- RTT 7-6 46 hardware components S Sun Netra 1280 3-3 SDP 4-46 Sun Netra 240 3-2 SEE 4-29 integration with media gateway 4-57 Service Execution Environment (SEE) 4-29 ISDN PRI 4-49 Session Description Protocol (SDP) 4-46 ISDN signaling backhaul 4-48 Session Initiation Protocol (SIP) 4-37, 4-38 location transparency 4-4 signaling managers 4-10 MGCP 4-42 signaling protocols 4-15 most matched digit translation 4-25 Signaling System 7 (SS7) 4-35, 4-36 OAM&P 4-18 SIP 4-37, 4-38 overload handling 6-13 alias translation and routing 4-26 password 5-8 call examples 4-39 platform 4-15 software installation (SURPASS hiQ 8000) 6- Sun Cluster 4-15 8 Sun Solaris 4-15 software upgrades (SURPASS hiQ 8000) 6-8 platforms 3-1 SS7 4-36 prefix digit translation 4-24 description 4-35 privileges 5-8 SS7 module 3-10, 4-8 product description 4-1 standards QoS control 4-17, 4-31 SURPASS hiQ 8000 8-9 Resilient Telco Platform (RTP) 4-3 statistics RTP middleware 4-5 SURPASS hiQ 8000 5-14, 7-1 signaling managers 4-10 SURPASS hiQ 8000 signaling protocols 4-15 active/active applications 4-6 SIP 4-37, 4-38 address translation and routing 4-17, 4-20 software aliases 4-26 features 4-15 backup and restore 6-13 upgrades 6-8 call control 4-19 SS7 4-35, 4-36 call processing 4-16, 4-19 SS7 module 3-10 CAS 4-47, 4-48 standards 8-9 connection control manager 4-12, 4-13 statistics 5-14, 7-1 data management 4-6 Ulticom 3-10 deployment 4-1 Universal Call Engine (UCE) 4-8 description 4-1 user names 5-8 duplex hardware configuration 3-1 E.164 4-24 T element management 4-18 TAC 8-13 endpoint support 4-35 TCAP 4-36 fault management 6-7 Technical Assistance Center (TAC) 8-13 features summary 2-4 Third Party Pause and Reroute 4-45
A30828-X1121-A807-02-7671, November 2005 SURPASS hiQ 8000, Theory of Operations Guide Z-3 bkIX.fm Index
TLS 5-16 toll free (800) service 4-34 TPPR 4-45 Traffic Measurements for Business Groups 7-5 Transactional Capabilities Application Part (TCAP) 4-36 Transport Layer Security 5-16 Trunk Group Controls 7-3 trunking, virtual 4-49 TTUD Dispatcher 5-18 U UCE 4-8 Ulticom SS7 module 3-10 Universal Call Engine (UCE) 4-8 Unregistered Request (URQ) 4-26 URQ 4-26 V virtual trunking 4-49
A30828-X1121-A807-02-7671, November 2005 Z-4 SURPASS hiQ 8000, Theory of Operations Guide