5G has revolutionized the use of data services for mobile users worldwide, providing high data rate / high capacity, low latency, and massive connectivity. These characteristics of 5G have forced mobile carriers to increase their focus on ways to improve network service and their customer’s Quality of Experience (QoE). This requires sophisticated network monitoring to detect and resolve issues that impact QoE immediately. Network monitoring tools need to receive control and user plane data traffic to help mobile operators meet customer expectations.
GTP (GPRS Tunneling) is a group of IP-based communications protocols used to carry GPRS traffic within mobile GSM networks. It works as a carrier for mobile packets over an underlay IP network using tunneling. GTP is used between the base station and the gateway, which are part of the mobile elements in 5G transport architecture. The packet is encapsulated over IP and delivered across the IP network.
Why do we need GTP Parsing and Filtering?
Network monitoring tools require inner header information for the mobile network for threat monitoring, analysis, and inspection. So, network packet brokers (NPB) residing in the GPRS core networks need to filter, forward, and load balance packets toward the tools for inspection. This requires NPBs to have the capability to filter based on outer and inner headers to identify the GTP sessions in the data stream to control data flow within your infrastructure. This deep packet inspection will result in the decision-making of allowing or denying traffic based on the packet policies from the mobile operator station.
A major challenge in today’s mobile network is the data traffic from the user equipment, and its application is rapidly growing. To effectively monitor the performance and obtain a better quality of service, service providers should be able to correlate the traffic flow based on each subscriber’s data and service gateway tunnel endpoint identifiers (TEID). Therefore, GTP user and control packets need to be parsed by NPBs in the core GPRS network and packets towards the underlay IP.
Open Networking Approach
The evolution of modern ASICs in their programmability, providing flexible parsers for filtering, and TCAM-scale, has created an opportunity for using them on Network Packet Brokers for the 5G mobile network to perform deep packet inspection of GTP sessions. SONiC open-source NOS, regarded as the “Linux of Networking,” supports these modern ASICs. The flexible micro-services-based software architecture exposing the ASIC capabilities using standardized SAI (Switch Abstraction Interface) has created a clear opportunity to build network packet brokers for 5G deployments.
Aviz’s Open Packet Broker (OPB) is the industry’s first software-based microservice built on SONiC using ASIC (NVIDIA Spectrum) programmability capabilities to provide deep insights on 5G mobile traffic.
flow flow1
network-ports Ethernet13/1
tool-ports Ethernet16/1
tool-ports port-channel1
rule 1 permit src-ip 1.1.1.1/32 dest-ip 2.2.2.2/32 protocol tcp gtp "teid 0x13467254 inner-sip 3.3.3.3/32 inner-dip 4.4.4.4/32 inner-protocol udp inner_l4srcport 567 inner_l4destport 789" counters enable
rule 2 permit src-ip 2401::1 src-netmask f::f dest-ip 2401::2 dest-netmask f::f protocol udp l4portsrc 789 l4portdst 456 gtp "teid 0x11112222 inner-sip 1203::1 inner-smask f::f inner-dip 1203::2 inner-dmask f::f inner-protocol tcp inner_l4srcport 909 inner_l4destport 657" counters enable
Figure 1: Simple (IPv4/IPv6) Rule configuration for GTP session monitoring with LoadBalancing
Figure 2: GTP configuration using APIs
Conclusion
By providing 5G’s high capacity, low latency, and massive connectivity to customers, mobile carriers must ensure uninterrupted network service with a higher quality of experience. Therefore, mobile operators need a cost-effective solution that can meet the increase in speeds and provide deep inspection. Aviz leverages the strengths of the open networking ecosystem for both hardware and software to provide mobile network operators with the solution that’s key to greater QoE at a lower cost: OPB (Open Packet Broker).
Authors: Chid Perumal, CTO, and Rajasekaran S, Member of Technical Staff, Aviz Networks