You are on page 1of 84

Chapter 1 About This Manual ......................................................................... 1.1 Objective ................................................................................................ 1.2 Intended Readers ................................................................................... 1.2.1 Role................................................................................................ 1.2.

2 Background Knowledge Requirement ........................................... 1.3 Scope of This Manual ............................................................................. 1.4 Organization of This Manual .................................................................. Chapter 2 Huawei UMTS O&M System .......................................................... 2.1 Overview of This Chapter ....................................................................... 2.2 Huawei UMTS System ........................................................................... 2.2.1 UMTS Network Structure ............................................................... 2.2.2 Huawei UMTS Devices .................................................................. 2.3 M2000 .................................................................................................... 2.3.1 Overview of M2000 ........................................................................ 2.3.2 Networking Diagram ...................................................................... 2.3.3 IP Address Requirement ................................................................ 2.3.4 Physical Port Requirement ............................................................ 2.3.5 Utilized TCP/UDP Port Numbers ................................................... 2.4 O&M of CN-PS Devices ......................................................................... 2.4.1 Structure of the CN-PS Network .................................................... 2.4.2 SGSN9810 ..................................................................................... 2.4.3 GGSN9811 .................................................................................... 2.4.4 CG9812.......................................................................................... 2.5 O&M of CN-CS Devices ......................................................................... 2.5.1 Structure of the CN-CS Network .................................................... 2.5.2 MSOFTX3000 ................................................................................ 2.5.3 UMG8900....................................................................................... 2.5.4 HLR9820 ........................................................................................ 2.5.5 SIWF .............................................................................................. 2.6 O&M of RAN Devices ............................................................................. 2.6.1 Structure of the Radio Access Network ......................................... 2.6.2 BSC6800 ........................................................................................ 2.6.3 BTS3812/3806/3806A/3802C ........................................................ 2.6.4 RNC-NodeB Maintenance Channel ............................................... 2.7 Huawei UMTS O&M Network ................................................................. 2.7.1 Logical Topology of Huawei UMTS O&M Network ........................ 2.7.2 Centralized Network Management System.................................... 2.7.3 Local Maintenance System ............................................................ 2.8 IP Bearer Modes for O&M Networks ......................................................

1-1 1-1 1-1 1-1 1-1 1-1 1-1 2-1 2-1 2-1 2-1 2-1 2-2 2-2 2-2 2-3 2-3 2-3 2-4 2-4 2-5 2-6 2-7 2-8 2-8 2-9 2-11 2-12 2-14 2-15 2-15 2-15 2-16 2-18 2-21 2-21 2-21 2-22 2-22

2.8.1 Introduction to IP Bearer Modes .................................................... 2.8.2 Bandwidth Requirement ................................................................. 2.8.3 LAN ................................................................................................ 2.8.4 WAN over E1/T1 ............................................................................ 2.8.5 WAN over DDN/X.25 Network ....................................................... Chapter 3 Huawei Security Solutions to UMTS O&M Network .................... 3.1 Overview of the Security Solutions......................................................... 3.2 Security Requirements for the O&M Network ........................................ 3.2.1 Overview of the Security Requirements ......................................... 3.2.2 Guaranteeing Normal Operation of the O&M Network .................. 3.2.3 Guaranteeing O&M Data Security ................................................. 3.3 Security Solutions to Huawei O&M Network .......................................... 3.3.1 Features of the Security Solutions ................................................. 3.3.2 Introduction to Security Zone ......................................................... 3.3.3 Security Zone Classification Principles .......................................... 3.3.4 Firewall Deployment and Configuration ......................................... 3.3.5 Virus Protection Settings ................................................................ 3.3.6 Antivirus Software Deployment Schemes ...................................... 3.3.7 Antivirus Software Updates............................................................ Chapter 4 O&M Network Planning ................................................................. 4.1 Overview of O&M Network Planning ...................................................... 4.2 Basic Principles of O&M Network Planning ............................................ 4.2.1 Security Principles ......................................................................... 4.2.2 Cost-Saving Principle..................................................................... 4.2.3 Expandability Principle ................................................................... 4.3 Flow of O&M Network Planning ............................................................. 4.3.1 Understanding UMTS Network Information ................................... 4.3.2 Determining IP Bearing Networking ............................................... 4.3.3 Determining O&M Network Structure............................................. 4.3.4 Determining IP Addresses for Nodes............................................. 4.3.5 Determining IP Routes ................................................................... 4.3.6 Determining Firewall Configuration ................................................ Chapter 5 O&M Network Examples ................................................................ 5.1 About This Chapter ................................................................................ 5.2 UMTS O&M Network Connected into a LAN.......................................... 5.2.1 Overview of the Connection ........................................................... 5.2.2 Network Configuration ................................................................... 5.2.3 Planning Network Structure ........................................................... 5.2.4 Planning IP Addresses ...................................................................

2-22 2-22 2-23 2-24 2-25 3-1 3-1 3-1 3-1 3-1 3-2 3-2 3-2 3-3 3-4 3-4 3-5 3-7 3-9 4-1 4-1 4-1 4-1 4-2 4-2 4-3 4-3 4-3 4-4 4-5 4-6 4-6 5-1 5-1 5-1 5-1 5-1 5-2 5-3

5.2.5 Configuring IP Routes .................................................................... 5.3 UMTS O&M Network Connected into a WAN ........................................ 5.3.1 Overview of the Connection ........................................................... 5.3.2 Network Configuration ................................................................... 5.3.3 Planning Network Structure ........................................................... 5.3.4 Allocating IP Addresses to the O&M Devices in the WAN ............. 5.3.5 Planning Addresses for CN............................................................ 5.3.6 Configuring IP Routes for CN ........................................................ 5.3.7 Planning IP Addresses for RAN ..................................................... 5.3.8 Configuring IP Routes for RAN ...................................................... 5.4 Example of RNC-NodeB Maintenance Channel Networking ................. 5.4.1 Overview of the RNC-NodeB Maintenance Channel Networking .............................................................................................. 5.4.2 Network Configuration ................................................................... 5.4.3 Planning IP Addresses ................................................................... 5.4.4 Configuring IP Routes .................................................................... Chapter 6 Background Knowledge Requirements ....................................... 6.1 Overview of the Background Knowledge Requirements ........................ 6.2 IP Network Related Fundamentals......................................................... 6.2.1 IP Address ..................................................................................... 6.2.2 IP Routes ....................................................................................... 6.2.3 TCP/UDP Port Numbers ................................................................ 6.2.4 VLAN .............................................................................................. 6.3 SetWin2000 ............................................................................................ 6.3.1 Overview of SetWin2000 ............................................................... 6.3.2 Functions of SetWin2000 ............................................................... 6.3.3 Operating Environment Requirements ........................................... 6.4 SysPatron ............................................................................................... 6.4.1 Overview of SysPatron .................................................................. 6.4.2 Functions of SysPatron .................................................................. 6.4.3 Composition of SysPatron ............................................................. 6.4.4 Operating Environment Requirements ........................................... Appendix Acronyms and Abbreviations ....................................................... Index .................................................................................................................

5-4 5-4 5-4 5-4 5-5 5-6 5-7 5-8 5-9 5-10 5-11 5-11 5-11 5-11 5-13 6-1 6-1 6-1 6-1 6-4 6-4 6-5 6-5 6-5 6-5 6-6 6-6 6-6 6-6 6-7 6-7 F-1

HUAWEI

HUAWEI UMTS O&M Planning and Configuration

HUAWEI UMTS O&M Planning and Configuration


Manual Version Product Version BOM T2-030727-20041010-C-2.20 V200R002 31070027

Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. Please feel free to contact our local office or company headquarters.

Huawei Technologies Co., Ltd.


Address: Administration Building, Huawei Technologies Co., Ltd., Bantian, Longgang District, Shenzhen, P. R. China Postal Code: 518129 Website: http://www.huawei.com Email: support@huawei.com

Copyright 2004 Huawei Technologies Co., Ltd.

All Rights Reserved


No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks

, HUAWEI, C&C08, EAST8000, HONET,

, ViewPoint, INtess, ETS, DMC,

TELLIN, InfoLink, Netkey, Quidway, SYNLOCK, Radium, M900/M1800, TELESIGHT, Quidview, Musa, Airbridge, Tellwin, Inmedia, VRP, DOPRA, iTELLIN, HUAWEI OptiX, C&C08 iNET, NETENGINE, OptiX, iSite, U-SYS, iMUSE, OpenEye, Lansway, SmartAX, infoX, TopEng are trademarks of Huawei Technologies Co., Ltd. All other trademarks mentioned in this manual are the property of their respective holders.

Notice
The information in this manual is subject to change without notice. Every effort has been made in the preparation of this manual to ensure accuracy of the contents, but all statements, information, and recommendations in this manual do not constitute the warranty of any kind, express or implied.

Summary of Updates
This section provides the update history of this manual and introduces the contents of subsequent updates.

Update History
This manual is updated for a major product version to maintain consistency with system hardware or software versions and to incorporate customer suggestions. Manual Version T2-030727-20041010-C-2.20 Initial field trial release Notes

Updates of Contents
None.

About This Manual


Release Notes
This manual applies to HUAWEI UMTS O&M Planning and Configuration V200R002.

Organization
This manual introduces the general principles, procedures and configuration cases of the planning and configuration of HUAWEI UMTS O&M system. This manual acts as a guide to the planning and configuration of the O&M network. There are 6 chapters and an appendix in this manual. Chapter 1 About This Manual introduces the objective, intended readers and organization of this manual. Chapter 2 HUAWEI O&M System introduces the O&M system of Huawei's UMTS products and general IP bearer modes for UMTS networks. Chapter 3 HUAWEI Security Solution to UMTS O&M Network introduces Huawei's UMTS O&M security solutions. Chapter 4 O&M Network Planning introduces planning of O&M network, including the basic principles and planning procedure. Chapter 5 O&M Network Examples introduces typical planning of O&M networking. Chapter 6 Background Knowledge Requirements introduces the background knowledge for planning and configuration of the O&M network. Appendix Acronyms and Abbreviations

Intended Audience
The manual is intended for the following readers:

Network maintenance personnel Network management personnel Network planning personnel

Conventions

The manual uses the following conventions:

I. General conventions
Convention Arial Arial Narrow Boldface Courier New Description Normal paragraphs are in Arial. Warnings, Cautions, Notes and Tips are in Arial Narrow. Headings are in Boldface. Terminal Display is in Courier New.

II. Symbols
Eye-catching symbols are also used in the manual to highlight the points worthy of special attention during the operation. They are defined as follows:

Caution, Warning, Danger: Means reader be extremely careful during the operation. Note, Comment, Tip, Knowhow, Thought: Means a complementary description.

HUAWEI UMTS O&M Planning and Configuration

Table of Contents

Table of Contents
Chapter 1 About This Manual....................................................................................................... 1-1 1.1 Objective ............................................................................................................................ 1-1 1.2 Intended Readers .............................................................................................................. 1-1 1.2.1 Role ......................................................................................................................... 1-1 1.2.2 Background Knowledge Requirement .................................................................... 1-1 1.3 Scope of This Manual ........................................................................................................ 1-1 1.4 Organization of This Manual.............................................................................................. 1-1 Chapter 2 Huawei UMTS O&M System........................................................................................ 2-1 2.1 Overview of This Chapter .................................................................................................. 2-1 2.2 Huawei UMTS System....................................................................................................... 2-1 2.2.1 UMTS Network Structure ........................................................................................ 2-1 2.2.2 Huawei UMTS Devices ........................................................................................... 2-1 2.3 M2000 ................................................................................................................................ 2-2 2.3.1 Overview of M2000 ................................................................................................. 2-2 2.3.2 Networking Diagram................................................................................................ 2-2 2.3.3 IP Address Requirement ......................................................................................... 2-3 2.3.4 Physical Port Requirement...................................................................................... 2-3 2.3.5 Utilized TCP/UDP Port Numbers ............................................................................ 2-3 2.4 O&M of CN-PS Devices..................................................................................................... 2-4 2.4.1 Structure of the CN-PS Network ............................................................................. 2-4 2.4.2 SGSN9810 .............................................................................................................. 2-5 2.4.3 GGSN9811.............................................................................................................. 2-6 2.4.4 CG9812 ................................................................................................................... 2-7 2.5 O&M of CN-CS Devices .................................................................................................... 2-8 2.5.1 Structure of the CN-CS Network ............................................................................. 2-8 2.5.2 MSOFTX3000 ......................................................................................................... 2-9 2.5.3 UMG8900 .............................................................................................................. 2-11 2.5.4 HLR9820 ............................................................................................................... 2-12 2.5.5 SIWF ..................................................................................................................... 2-14 2.6 O&M of RAN Devices ...................................................................................................... 2-15 2.6.1 Structure of the Radio Access Network ................................................................ 2-15 2.6.2 BSC6800 ............................................................................................................... 2-15 2.6.3 BTS3812/3806/3806A/3802C ............................................................................... 2-16 2.6.4 RNC-NodeB Maintenance Channel ...................................................................... 2-18 2.7 Huawei UMTS O&M Network .......................................................................................... 2-21 2.7.1 Logical Topology of Huawei UMTS O&M Network ............................................... 2-21 2.7.2 Centralized Network Management System........................................................... 2-21 2.7.3 Local Maintenance System ................................................................................... 2-22
i

HUAWEI UMTS O&M Planning and Configuration

Table of Contents

2.8 IP Bearer Modes for O&M Networks ............................................................................... 2-22 2.8.1 Introduction to IP Bearer Modes ........................................................................... 2-22 2.8.2 Bandwidth Requirement........................................................................................ 2-22 2.8.3 LAN ....................................................................................................................... 2-23 2.8.4 WAN over E1/T1 ................................................................................................... 2-24 2.8.5 WAN over DDN/X.25 Network .............................................................................. 2-25 Chapter 3 Huawei Security Solutions to UMTS O&M Network ................................................. 3-1 3.1 Overview of the Security Solutions .................................................................................... 3-1 3.2 Security Requirements for the O&M Network.................................................................... 3-1 3.2.1 Overview of the Security Requirements.................................................................. 3-1 3.2.2 Guaranteeing Normal Operation of the O&M Network ........................................... 3-1 3.2.3 Guaranteeing O&M Data Security........................................................................... 3-2 3.3 Security Solutions to Huawei O&M Network ..................................................................... 3-2 3.3.1 Features of the Security Solutions .......................................................................... 3-2 3.3.2 Introduction to Security Zone .................................................................................. 3-3 3.3.3 Security Zone Classification Principles ................................................................... 3-4 3.3.4 Firewall Deployment and Configuration .................................................................. 3-4 3.3.5 Virus Protection Settings......................................................................................... 3-5 3.3.6 Antivirus Software Deployment Schemes............................................................... 3-7 3.3.7 Antivirus Software Updates..................................................................................... 3-9 Chapter 4 O&M Network Planning ............................................................................................... 4-1 4.1 Overview of O&M Network Planning ................................................................................. 4-1 4.2 Basic Principles of O&M Network Planning....................................................................... 4-1 4.2.1 Security Principles................................................................................................... 4-1 4.2.2 Cost-Saving Principle.............................................................................................. 4-2 4.2.3 Expandability Principle ............................................................................................ 4-2 4.3 Flow of O&M Network Planning......................................................................................... 4-3 4.3.1 Understanding UMTS Network Information ............................................................ 4-3 4.3.2 Determining IP Bearing Networking ........................................................................ 4-3 4.3.3 Determining O&M Network Structure...................................................................... 4-4 4.3.4 Determining IP Addresses for Nodes...................................................................... 4-5 4.3.5 Determining IP Routes ............................................................................................ 4-6 4.3.6 Determining Firewall Configuration ......................................................................... 4-6 Chapter 5 O&M Network Examples ............................................................................................. 5-1 5.1 About This Chapter ............................................................................................................ 5-1 5.2 UMTS O&M Network Connected into a LAN..................................................................... 5-1 5.2.1 Overview of the Connection .................................................................................... 5-1 5.2.2 Network Configuration............................................................................................. 5-1 5.2.3 Planning Network Structure .................................................................................... 5-2 5.2.4 Planning IP Addresses............................................................................................ 5-3 5.2.5 Configuring IP Routes ............................................................................................. 5-4 5.3 UMTS O&M Network Connected into a WAN ................................................................... 5-4
ii

HUAWEI UMTS O&M Planning and Configuration

Table of Contents

5.3.1 Overview of the Connection .................................................................................... 5-4 5.3.2 Network Configuration............................................................................................. 5-4 5.3.3 Planning Network Structure .................................................................................... 5-5 5.3.4 Allocating IP Addresses to the O&M Devices in the WAN...................................... 5-6 5.3.5 Planning Addresses for CN..................................................................................... 5-7 5.3.6 Configuring IP Routes for CN.................................................................................. 5-8 5.3.7 Planning IP Addresses for RAN .............................................................................. 5-9 5.3.8 Configuring IP Routes for RAN ............................................................................. 5-10 5.4 Example of RNC-NodeB Maintenance Channel Networking .......................................... 5-11 5.4.1 Overview of the RNC-NodeB Maintenance Channel Networking......................... 5-11 5.4.2 Network Configuration........................................................................................... 5-11 5.4.3 Planning IP Addresses.......................................................................................... 5-11 5.4.4 Configuring IP Routes ........................................................................................... 5-13 Chapter 6 Background Knowledge Requirements .................................................................... 6-1 6.1 Overview of the Background Knowledge Requirements ................................................... 6-1 6.2 IP Network Related Fundamentals .................................................................................... 6-1 6.2.1 IP Address............................................................................................................... 6-1 6.2.2 IP Routes................................................................................................................. 6-4 6.2.3 TCP/UDP Port Numbers ......................................................................................... 6-4 6.2.4 VLAN ....................................................................................................................... 6-5 6.3 SetWin2000 ....................................................................................................................... 6-5 6.3.1 Overview of SetWin2000......................................................................................... 6-5 6.3.2 Functions of SetWin2000 ........................................................................................ 6-5 6.3.3 Operating Environment Requirements.................................................................... 6-6 6.4 SysPatron .......................................................................................................................... 6-6 6.4.1 Overview of SysPatron............................................................................................ 6-6 6.4.2 Functions of SysPatron ........................................................................................... 6-6 6.4.3 Composition of SysPatron....................................................................................... 6-7 6.4.4 Operating Environment Requirements.................................................................... 6-7 Appendix Acronyms and Abbreviations ..................................................................................... F-1 Index ................................................................................................................................................ i-1

iii

HUAWEI UMTS O&M Planning and Configuration

Chapter 1 About This Manual

Chapter 1 About This Manual


1.1 Objective
Based on the features of operation and maintenance (O&M) for Huawei's Universal Mobile Telecommunications System (UMTS) products, this manual introduces the general principles, procedures and configuration cases of the planning and configuration of UMTS O&M system. This manual acts as a guide to the planning and configuration of the O&M network.

1.2 Intended Readers


1.2.1 Role
The intended readers of this manual are engineers engaged in the planning and configuration of the UMTS O&M network. In addition, the UMTS network management engineers can also use this manual as a reference material.

1.2.2 Background Knowledge Requirement


The engineers engaged in the planning and configuration of the UMTS O&M network must acquire the following knowledge:

TCP/IP protocol and IP network Features and designs of transmission network

and comprehend the following concepts:


UMTS network architecture and the O&M features of various network elements IP network security issues and general security solutions

1.3 Scope of This Manual


The O&M network mentioned in this manual is an IP network bearing the O&M data and providing O&M functions. It consists of the O&M subsystem of networking equipment, IP transmission network as well as networking equipment and O&M equipment (O&M terminal and network management system). This manual does not cover the planning and configuration of other IP networks in the UMTS system, such as operation supporting network, charging network and packet service network.

1.4 Organization of This Manual


This manual includes the following chapters and appendix:

1-1

HUAWEI UMTS O&M Planning and Configuration

Chapter 1 About This Manual

Chapter 2 Huawei UMTS O&M System introduces the O&M system of Huawei's UMTS products, including network topology of Huawei's UMTS O&M network, Huawei mobile element management system M2000, features and demands of Huawei UMTS network device operation and maintenance, and general IP bearer modes for UMTS networks. Chapter 3 Huawei Security Solutions to UMTS O&M Network introduces Huawei's UMTS O&M security solutions. It includes the security requirements of the O&M network and Huawei's security solutions to an O&M network. Chapter 4 O&M Network Planning introduces planning of O&M network, including the basic principles and planning procedure. Chapter 5 O&M Network Examples introduces typical planning of O&M networking, including planning of bearer mode, network structure, IP addresses and firewall traffic filter. Chapter 6 Background Knowledge Requirements introduces the background knowledge for planning and configuration of the O&M network, including basic knowledge of IP network, SetWin2000 and SysPatron. Appendix Acronyms and Abbreviations introduces the abbreviations and acronyms used in this manual.

1-2

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

Chapter 2 Huawei UMTS O&M System


2.1 Overview of This Chapter
This chapter introduces the Huawei UMTS O&M system. It including UMTS devices, O&M modes of UMTS devices, UMTS O&M network connection modes and IP bearer modes used for the O&M network. The contents of this chapter include:

Huawei UMTS system M2000 O&M of CN-PS devices O&M of CN-CS devices O&M of RAN devices Huawei UMTS O&M network IP bearer modes for O&M networks

2.2 Huawei UMTS System


2.2.1 UMTS Network Structure
The UMTS is the 3rd generation mobile telecommunications standards produced by the 3rd Generation Partnership Project (3GPP). An UMTS network consists of Core Network (CN) and Radio Access Network (RAN) . The CN further contains Packet Switched domain (PS) and Circuit Switched domain (CS). In this manual CN-PS represents the PS domain and CN-CS the CS domain of the CN.

2.2.2 Huawei UMTS Devices


There are several releases of UMTS specifications: release 3 (release 99), release 4, release 5 and release 6. The UMTS network structures differ a little in different releases. Huawei is capable to provide a whole set of UMTS system devices in release 4. Table 2-1 lists the UMTS devices from Huawei. Table 2-1 Huawei UMTS network device Subsystem CN-PS SGSN GGSN CG CN-CS HLR NE type SGSN9810 GGSN9811 CG9812 HLR9820 Product model

2-1

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

Subsystem

NE type MSC server MGW IWF MSOFTX3000 UMG8900 SIWF BSC6800

Product model

RAN

RNC NodeB

BTS3812/3806/3806A/3802C

O&M system

iManager M2000, Mobile Element Management System of Huawei Local Maintenance Terminal (LMT), provided by an NE, that is, part of the local maintenance system of the NE

Note: The Interworking Function unit (IWF) in the Huawei UMTS system works as an independent device.

2.3 M2000
2.3.1 Overview of M2000
iManager M2000 (shorted as M2000) is mobile element management system (EMS) of Huawei mobile telecommunications network. M2000 works in the client/server mode. The applications of M2000 Server run on a UNIX server and that of M2000 Client on a computer. M2000 manages UMTS NEs using TCP/IP-based internal interface protocols. It also manages the IP networking devices (such as routers and LAN Switches) in an UMTS network through the universal SNMP protocol.

2.3.2 Networking Diagram


An M2000 Client connects to the M2000 Server, which further connects to different NEs, achieving O&M on the UMTS devices. The M2000 Server provides northbound interfaces to the Network Management System (NMS). Figure 2-1 shows the networking of M2000.

2-2

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

M2000 N M S M2000 Server NE

M2000 Client

Figure 2-1 Networking of M2000 To make M2000 provide the O&M dual-plane function, configure two Ethernet adapters for the M2000 Server.

2.3.3 IP Address Requirement


The M2000 Server under two-Ethernet-adapter configuration provides external interfaces using virtual IP technology. An IP address must be allocated to each Ethernet adapter and a virtual IP address to the adapter team. The NE equipment, M2000 Client and NMS access to the M2000 Server through the virtual IP address. In a word, three O&M network IP addresses must be allocated to the M2000 Server. When the server is configured with a single Ethernet adapter, only one O&M network IP address is required. An O&M network IP address must be allocated to each M2000 Client.

Note: The M2000 Client software, LMT software and other O&M terminal software can run on one computer in actual networking. This can reduce the number of O&M network IP addresses required.

2.3.4 Physical Port Requirement


To deploy a M2000 in the O&M network, allocate LAN Switch ports as follows:

one to M2000 Server when the server is configured with a single Ethernet adapter or two when the server is under two-Ethernet-adapter configuration. one to each M2000 Client.

2.3.5 Utilized TCP/UDP Port Numbers


The M2000 Server communicates with an NE, the M2000 Client and NMS through the TCP protocol. When connecting to an NE, the M2000 Server acts as a TCP client and negotiates with the peer end for TCP port numbers during the connection setup.
2-3

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

When connecting to the M2000 Client and NMS, the M2000 Server acts as the TCP server. Table 2-2 shows the TCP port numbers used by the M2000 Server in this case. Table 2-2 TCP port numbers for the M2000 Server in connection with the M2000 Clients or NMS Port number 60006003 60066008 6010/6021/7000/7001 7777 8765 9025 9999 5100151012 5121351218 51219 53000 20 21 23 Function For M2000 proxy NE For M2000 proxy NE For M2000 proxy For M2000 system log service For northbound interface alarm transfer (non-COBRA) For M2000 user log service For the CORBA naming service of TAO For M2000 internal application process For M2000 internal application process For the CoBRA service on the northbound interface engine For M2000 monitor process FTP data transfer port FTP control port Telnet port Connects to an M2000 Client X X Connects to the NMS X X X X X X X X X

When acting as the NTP server, the M2000 Server adopts UDP protocol and uses UDP port 123. The M2000 Server communicates with an IP networking device using TCP port 23 (Telnet), UDP port 161 (SNMP AGENT) and 162 (SNMP TRAP).

2.4 O&M of CN-PS Devices


2.4.1 Structure of the CN-PS Network
The CN-PS network in a UMTS system consists of three logical NEs: SGSN, GGSN and CG. The corresponding Huawei product models are SGSN9810 (SGSN), GGSN9811 (GGSN) and CG9812 (CG).

2-4

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

This section introduces O&M access to the SGSN9810, GGSN9811 and CG9812, the required IP addresses and physical ports and the TCP/UDP port numbers used for O&M connections.

2.4.2 SGSN9810
I. O&M Access to the SGSN9810
The active or standby UOMU boards in the SGSN9810 provide external O&M interfaces for O&M access. Figure 2-2 shows the O&M access to the SGSN8810.
SGSN9810 Active UOMU Standby UOMU O&M interface

Figure 2-2 O&M access to the SGSN9810

II. IP Address Requirement


Either the active or the standby UOMU requires an IP address. In actual connections, the IP address of only the active UOMU is used.

III. Physical Port Requirement


To deploy a SGSN9810 in the O&M network, allocate two LAN Switch ports to the SGSN9810: one for connecting to the active UOMU and the other to the standby UOMU.

IV. Utilized TCP/UDP Port Numbers


The SGSN9810 communicates with an LMT and M2000 Server through the TCP protocol. The SGSN9810 acts as the TCP server and the LMT and M2000 Server as TCP clients. Table 2-3 lists the TCP port numbers used by the SGSN9810 in this case. Table 2-3 TCP port numbers used for the SGSN9810 Port number 6000 6001 6002 6006 6099 Description O&M port Alarm reporting port Performance port Tracing and panel port M2000 synchronization Connects to the LMT X Connects to the M2000 Server

2-5

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

Port number port 6100 20 21 5000

Description

Connects to the LMT

Connects to the M2000 Server X X

Alarm box data transfer port FTP data port FTP control port Debugging port

2.4.3 GGSN9811
I. O&M Access to the GGSN9811
The active and standby SRU boards in the GGSN9811 act as the O&M center. They provide external O&M interfaces through the active and standby LPU boards. The active and LPU boards connect to the active and standby SRU boards through internal routers. Figure 2-3 shows the O&M access to the GGSSN9811.
GGSN9811

Active LPU O&M interface

Active SRU Standby SRU Standby LPU

Figure 2-3 O&M access to the GGSN9811

Note: The GGSN9811, if not required to provide dual-plane function, can directly provide external O&M interfaces through the active and standby SRU boards.

II. IP Address Requirement


The active and standby LPU boards support port backup function. Therefore, only one O&M network IP address must be allocated to them.

2-6

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

III. Physical Port Requirement


To deploy a GGSN9811 in the O&M network, allocate two LAN Switch ports for it. One for connecting to active LPU and the other for standby LPU.

IV. Utilized TCP/UDP Port Numbers


The GGSN9811 communicates with an LMT and the M2000 Server through the TCP protocol. The GGSN9811 acts as the TCP server while the LMT and M2000 Server as TCP clients. Table 2-4 lists the TCP port numbers used for GGSN9811. Table 2-4 TCP port numbers used by GGSN9811 Port number 6000 6001 6002 6006 6099 6100 20 21 23 Function O&M port Alarm reporting port Performance port Tracing and panel port M2000 synchronization port Alarm box data transfer port FTP data port FTP control port Telnet port Connects to the LMT X Connects to the M2000 Server X X

2.4.4 CG9812
I. O&M Access to the CG9812
The CG9812 adopts a dual-server structure. The two servers work in the active and standby mode and directly provide external O&M interfaces. Figure 2-4 shows the O&M access to the CG9812.
CG9812 Active server O&M interface

Standby server

Figure 2-4 O&M access to the CG9812

2-7

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

II. IP Address Requirement


The active and standby servers in the CG9812 provide external O&M interfaces using virtual IP technology. An IP address must be allocated to either of them. Additionally, a virtual IP address must be allocated to the external O&M interfaces. The UMTS O&M system accesses to the CG9812 through the virtual IP address. In a word, altogether three O&M network IP addresses are required for the CG9812.

III. Physical Port Requirement


To deploy a CG9812 in the O&M network, allocate two LAN Switch ports for it: one for connecting to the active server and the other to the standby server.

IV. Utilized TCP/UDP Port Numbers


The CG9812 communicates with an LMT and the M2000 Server through the TCP protocol. The CG9812 acts as the TCP server and the LMT and M2000 Server as TCP clients. Table 2-5 shows the TCP port numbers used by the CG9812 in this case.

Note: When the CG9812 sets up an FTP connection to the M2000 Server, the M2000 Server acts as the FTP server while the CG9812 as an FTP client. The TCP port numbers for the CG9810 need to be negotiated.

Table 2-5 TCP port numbers used by CG9812 Port number 6000 6001 6002 6007 6099 6100 Description O&M port Alarm reporting port Performance port Debugging port Configuration synchronization port Configuration terminal port Connects to the LMT X X X Connects to the M2000 Server X

2.5 O&M of CN-CS Devices


2.5.1 Structure of the CN-CS Network
The CN-CS network in an UMTS system consists of three logical NEs of R4: MSC server, MGW and HLR. They respectively correspond to MSOFTX3000 (MSC server),
2-8

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

UMG8900 (MGW) and HLR9820 (HLR) in the Huawei UMTS O&M system. The Huawei CN-CS system provides SIWF for interworking. This section introduces the O&M access to the MSOFTX3000, UMG8900, HLR9820 and SIWF, the IP address requirements, physical port requirements and the utilized TCP/UDP port numbers in different connections.

2.5.2 MSOFTX3000
I. O&M Access to the MSOFTX3000
The MSOFTX3000 provides O&M function through the BAM server. The BAM provides external O&M interfaces. There is also an emergency workstation in the MSOFTX3000. It acts as the standby server of the BAM server under emergency occasions. The BAM server and emergency workstation need connect to the O&M network. The iGWB in the MSOFTX3000 provides CDR generation function. It adopts two servers that work in the active and standby mode. The local Bill Console needs to connect to the active and standby servers of the iGWB for the O&M purpose. M2000 performs centralized O&M on the iGWB through the BAM of MSOFTX3000. Figure 2-5 shows the O&M access to the MSOFTX3000.

Figure 2-5 O&M access to the MSOFTX3000

II. IP Address Requirement


The BAM server under two-Ethernet-adapter configuration provides two Ethernet ports. It provides external O&M interfaces using virtual IP technology. Therefore, an IP address must be allocated to each adapter and a virtual IP address to the adapter team. The O&M system accesses to the BAM through the virtual IP address. The active and standby servers of the iGWB provide external O&M interfaces using virtual IP technology. An IP address must be allocated to each server and a virtual IP address to the server group. The local Bill Console accesses to the iGWB through the virtual IP address. Additionally, an IP address must be allocated to the emergency workstation.

2-9

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

In a word, seven IP addresses must be allocated to the MSOFTX3000: three to the BAM server, three to the iGWB server and one to the emergency workstation.

III. Physical Port Requirement


To deploy a MSOFTX3000 in the O&M network, allocate LAN Switch ports as follows:

two for BAM server two for emergency workstation one for each iGWB server

Therefore, six LAN Switch ports must be allocated to the MSOFTX3000.

IV. Utilized TCP/UDP Port Numbers


The MSOFTX3000 communicates with an LMT and M2000 Server through the TCP protocol. It acts as the TCP server and the LMT and M2000 Server as TCP clients. Table 2-6 shows the TCP port numbers used by the MSOFTX3000 in this case. Table 2-6 TCP port numbers for the MSOFTX3000 Port number 6000 6001 6002 6005 6006 6007 6008 6099 20 21 Description O&M port Alarm reporting port Performance reporting port Alarm box data transfer port For tracing and panel Debugging port Performance port M2000 synchronization port FTP data port FTP control port Connects to the LMT X X Connects to the M2000 Server X X X

The iGWB communicates with a Bill Console through the TCP protocol. It acts as the TCP server and the Bill Console as a TCP client. Table 2-7 shows the TCP port numbers used for the iGWB in this case. Table 2-7 TCP port numbers used for the iGWB in connection with a Bill Console Port 6000 6007 6100 Description O&M port Debugging port Configuration terminal port Connects to a Bill Console

2-10

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

2.5.3 UMG8900
I. O&M Access to the UMG8900
The active and standby OMU boards in the UMG8900 provide O&M access function. Figure 2-6 shows the O&M access to the UMG8900.
UMG8900 Active OMU O&M interface

Standby OMU

Figure 2-6 O&M access to the UMG8900

II. IP Address Requirement


The active and standby OMU boards share one O&M network IP address.

III. Physical Port Requirement


To deploy a UMG8900 in the O&M network, allocate two LAN Switch ports for it: one for connecting to the active OMU and the other to the stanby OMU board.

IV. Utilized TCP/UDP Port Numbers


The UMG8900 communicates with an LMT and the M2000 Server through the TCP protocol. The UMG8900 acts as the TCP server, while the LMT and M2000 Server as TCP clients. Table 2-8 shows the TCP port numbers for the UMG8900 in this case. Table 2-8 TCP port numbers for the UMG8900 Port number 6000 6001 6002 6006 6099 20 21 Description O&M port Alarm reporting port Performance port For tracing and panel M2000 synchronization port FTP data port FTP control port Connects to the LMT X Connects to the M2000 Server X

2-11

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

2.5.4 HLR9820
I. O&M Access to the HLR9820
The network in the HLR9820 is quite complicated. The BAM or Subscriber Management Unit (SMU) server connects to the internal HLR Database Unit 1 (HDU1), HDU2 and Signaling Access Unit (SAU) and to the external O&M terminal. HDU1 and HDU2 also connect to the O&M terminal through the Terminal Concentrator (TC). Figure 2-7 shows the network in the HLR9820.

Figure 2-7 O&M access to the HLR9820 As shown in Figure 2-7, the nodes in the HLR9820 connect to each other through the active and standby internal LAN Switches. To ensure network security and reduce conflict between the networks, HLR9820 defines strict rules for classifying the internal VLANs, as shown in Table 2-8. Table 2-9 Rules for classifying the VLANs in the HLR9820 Name LAN Switch1 VLAN1 VLAN5 VLAN3 LAN Switch2 VLAN1 VLAN4 VLAN2 Type Traffic VLAN Intermediate VLAN Maintenance VLAN Traffic VLAN Intermediate VLAN Maintenance Function Connects to HDU1, HDU2, SAU and BAM/SMU Standby VLAN of V4 Standby VLAN of V2 Connects to HDU1, HDU2, SAU and BAM Connects to the TC Connects to the BAM/CSMU and provides external access for the O&M terminal,

2-12

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

Name VLAN

Type

Function centralized network management system, SMU client and the service operation supporting system

To guarantee that HDU1 and HDU2 can be monitored from an O&M terminal through the TC, VLAN4 must interwork with VLAN2, so must VLAN5 and VLAN3.

II. IP Address Requirement


One O&M network IP address is required for the BAM of HLR9820. For the purpose of communications between the VLANs in the HLR9820, IP addresses must be allocated to VLAN2, VLAN3, VLAN4 and VLAN5. VLAN2 and VLAN3 share one O&M network IP address. Totally, two O&M network IP addresses must be allocated to HLR9820.

III. Physical Port Requirement


The BAM in the HLR9820 connects to the O&M network through the internal active and standby LAN Switches. The access to the HLR9820 requires four LAN Switch ports (the HLR9820 in the dual-plane mode must connect to two external LAN Switches and each of them must connect to the internal active and standby LAN Switches).

IV. Utilized TCP/UDP Port Numbers


The HLR9820 communicates with an LMT and the M2000 Server through the TCP protocol. The HLR9820 acts as the TCP server, while the LMT and M2000 Server as TCP clients. The HLR9820 in this case uses the TCP port numbers listed in Table 2-10. Table 2-10 TCP port numbers for the HLR9820 Port number 6000 6001 6002 6005 6006 6008 6099 20 21 Description O&M port Alarm reporting port NM information output port Alarm box data transfer port O&M terminal port Performance port M2000 synchronization port FTP data port FTP control port X Connects to the LMT X X X Connects to the M2000 Server

2-13

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

2.5.5 SIWF
I. O&M Access to the SIWF
Generally, the SIWF provides O&M function using the BAM server of the MSOFTX3000. It provides external O&M interfaces through the BAM of the MSOFTX3000.

II. IP Address Requirement


Generally, no IP address needs to be allocated to the SIWF because it does not host independent server.

III. Physical Port Requirement


Generally, no LAN Switch port needs to be allocated to the SIWF because it does not host independent server.

IV. Utilized TCP/UDP Port Numbers


The SIWF communicates with an LMT and the M2000 Server through the TCP protocol. The SIWF acts as the TCP server, while the LMT and M2000 Server as TCP clients. Table 2-11 lists the TCP port numbers used by the SIWF in this case. Table 2-11 TCP port numbers used by the SIWF Port number 7000 7001 7005 7007 7011 7017 7021 7099 20 21 O&M port Alarm reporting port Alarm box data transfer port Debugging port O&M terminal port Remote tracing port Load port M2000 synchronization port FTP data port FTP control port Description Connects to the LMT X Connects to the M2000 Server X X X X X

2-14

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

2.6 O&M of RAN Devices


2.6.1 Structure of the Radio Access Network
The radio access network (RAN) in the UMTS consists of two types of logical NE: RNC and NodeB. The corresponding Huawei product models are BSC6800 (RNC) and BTS3812/3806/3806A/3802C (NodeB). In the Huawei RAN system, a BSC6800 directly connects to the centralized network management system but a BTS3812/3806/3806A/3802C does not. The BTS3812/3806/3806A/3802C connects to the centralized network management system through the O&M channel (RNC-NodeB maintenance channel) provided by the BSC6800 connected with it. This section introduces the O&M access to a BSC6800 or BTS3812/3806/3806A/3802C, the IP address requirement, physical port requirement and the TCP/UDP port numbers used for O&M connections. This section also introduces the classification, IP address planning and IP route configuration of the subnets on the RNC-NodeB maintenance channel.

2.6.2 BSC6800
I. O&M Access to the BSC6800
The active and standby BAM servers in the BSC6800 provide O&M function and external O&M interfaces. Figure 2-8 shows the O&M access to the BSC6800.

Figure 2-8 O&M access to the BSC6800

II. IP Address Requirement


The active and standby BAM servers provide two Ethernet adapters, which provide external O&M interfaces through adapter teaming technology. Therefore, a BAM server only need be allocated one IP address. The active and standby servers provide external O&M interfaces using virtual IP address technology and require the allocation of a virtual IP address. The O&M system shall access to the BSC6800 through the virtual IP address. Altogether three IP addresses are required for the BSC6800.
2-15

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

III. Physical Port Requirement


To deploy a BSC6800 in the O&M network, allocate four LAN Switch ports to the BSC6800 as follows:

two for the active BAM server two for the standby BAM server

IV. Utilized TCP/UDP Port Numbers


The BSC6800 communicates with an LMT and the M2000 Server through the TCP protocol. The BSC6800 acts as the TCP server, while the LMT and M2000 Server as TCP clients. Table 2-12 shows the TCP port numbers used by the BSC6800 in this case. Table 2-12 TCP port numbers used by BSC6800 Port number 6000 6001 6002 6007 6021 6099 20 21 Description O&M port Alarm reporting port Performance reporting port Debugging port Configuration data reporting port Configuration data reporting port FTP data port FTP control port Connects to the LMT X Connects to the M2000 Server X

2.6.3 BTS3812/3806/3806A/3802C
I. O&M Access to the BTS3812/3806/3806A/3802C
BTS3812/3806/3806A/3802C is the NodeB provided by Huawei. BTS3812/3806/3806A provides local O&M function through the active and standby NMPT boards. BTS3802C provides local O&M access function through the NMCU. BTS3812/3806/3806A/3802C does not connect to the centralized network management directly but communicates with it through the connected BSC6800. BTS3812/3806/3806A/3802C connects to a BSC6800 through an O&M channel in IPoA mode. Figure 2-9 shows the O&M access to the BTS3812/3806/3806A while Figure 2-10 shows that to the BTS3802C.

2-16

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

BTS3812/3806/3806A O&M interface with the LMT Active NMPT NDTI/NAOI Standby NMPT IPoA BSC6800

O&M interface with the centralized network manageme nt system

Figure 2-9 O&M access to the BTS3812/3806/3806A


IPoA O&M interface with the LMT BTS3802C NMCU BSC6800

O&M interface with the centralized network management system

Figure 2-10 O&M access to the BTS3802C

II. IP Address Requirement


The IP address of the BTS3812/3806/3806A/3802C on the IPoA link is that of the NodeB in the O&M system. An IP address must be allocated to each BTS3812/3806/3806A/3802C in the centralized network management system. In the local maintenance system, an IP address needs to be allocated to the NMCU (in the BTS3802C) or to the active and standby NMPTs (in the BTS3812/3806/3806A).

III. Physical Port Requirement


BTS3812/3806/3806A/3802C does not occupy LAN Switch ports of the O&M system because it does not directly connect to it.

IV. Utilized TCP/UDP Port Numbers


The BTS3812/3806/3806A/3802C communicates with an LMT and the M2000 Server through the TCP protocol. The BTS3812/3806/3806A/3802C acts as the TCP server, while the LMT and M2000 Server as TCP clients. Table 2-13 shows the TCP port numbers used by the BTS3812/3806/3806A/3802C in this case. Table 2-13 TCP port numbers used for the BTS3812/3806/3806A/3802C Port number 6000 6001 6006 6007 Description O&M port Alarm reporting port statistics port See the note below Connects to the LMT Connects to the M2000 Server X X X

2-17

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

Note: Port 6007 in Table 2-13 acts as a debugging port when connecting to an LMT and as a port for reporting alarm, maintenance, debugging data reporting port when connecting to the M2000 Server.

2.6.4 RNC-NodeB Maintenance Channel


I. Overview of the RNC-NodeB Maintenance Channel
As shown in Figure 2-9, a NodeB connects to the local maintenance system through a LAN and to the centralized network management system through the RNC-NodeB maintenance channel in IPoA mode. The RNC-NodeB maintenance channel can be divided into five subnets. Therefore, the IP addresses of ten nodes need special planning. Figure 2-11 shows the RNC-NodeB maintenance channel.
Subnetwork E Subnetwork D Subnetwork C Subnetwork B Subnetwork A

BSC6800 LMT NodeB WMUX WMPU BAM LMT/ M2000

IP10

IP9

IP8

IP7

IP6 IP5

IP4 IP3

IP2

IP1

Figure 2-11 RNC-NodeB maintenance channel For the subnets on the RNC-NodeB maintenance channel, see the next subsection II. Subnets on the RNC-NodeB Maintenance Channel. For the IP addresses of the nodes on the maintenance channel, see III. IP Addresses of the Nodes on the RNC-NodeB Maintenance Channel. For the IP routes of the subnets on the maintenance channel, see IV. IP Routes for the Subnets on the RNC-NodeB Maintenance Channel.

II. Subnets on the RNC-NodeB Maintenance Channel


As shown in Figure 2-11, the RNC-NodeB maintenance channel are divided into five subnets, as described in Table 2-14. Table 2-14 Description of the subnets on the RNC-NodeB maintenance channel Subnet External network of the BAM Description Corresponds to subnet A, connects the BSC6800 BAM and LMT/M2000, and provides external O&M interfaces of RAN Configuration requirement Requires uniform planning according to the O&M network

2-18

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

Subnet Internal network of the BAM Inter-RNC network

Description Corresponds to subnet B, connects the BAM and WMPU in the BSC6800 Corresponds to subnet C, connects the WRSS and WRBS subracks in the BSC6800 and provides inter-subrack communications channels. The WMPU in the WRSS subrack connects to the WMUX in the WRBS to form an internal LAN. The IP address segment of the LAN is fixed as 192.1.1.0/24. The IP address of the WMPU in the LAN is 192.1.1.254/24 and that of the WMUX in the LAN is 192.1.1.n (n refers to the number of a WRBS subrack).

Configuration requirement Requires planning on site Unnecessary to be planned on site

IPoA network

Corresponds to subnet D, connects the BSC6800 and NodeB in IPoA mode, and provides maintenance channel for the NodeB. Each WMUX in the WRBS sets up an IPoA connection with the connected NodeB and all the IPoA connections in a WRBS form an independent subnet. Up to 16 subnets of such type can be divided in a BSC6800. Corresponds to subnet E, provides local maintenance and reverse maintenance for NodeB. Each NodeB corresponds to a local maintenance subnet.

Requires planning on site

local maintenance subnet of NodeB

Requires planning on site

III. IP Addresses of the Nodes on the RNC-NodeB Maintenance Channel


As shown in Figure 2-11, the IP addresses of the ten nodes on the RNC-NodeB maintenance channel require special focus. Table 2-15 shows the descriptions of these IP addresses. Table 2-15 IP addresses of the nodes on the RNC-NodeB maintenance channel Number IP1 IP2 Description IP address of the BSC 6800 LMT, belongs to subnet A together with IP2 IP address of the BAM external network of BSC6800, that is, IP address of the BSC6800 in the O&M network. The M2000 and LMT access to the RAN through this IP address. This IP address is in subnet A together with IP1. IP address of the internal network of BAM in BSC6800, in subnet B together with IP4 IP address of the BAM connected to the WMPU in the BSC6800, in subnet B together with IP3 IP address of the inter-subrack IPoA interface on the WMPU in the BSC6800, fixed as 192.1.1.254/24 and located in subnet C together with IP6
2-19

Configuration requirement Requires planning on site Requires planning on site

IP3 IP4 IP5

Requires planning on site Requires planning on site Unnecessary to be planned or configured on site

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

Number IP6

Description IP address of the inter-subrack IPoA interface on the WMUX in the BSC6800, fixed as 192.1.1.n (n refers to the number of the WRBS) and located in subnet C together with IP5 IP address of the IPoA interface between the WMUX in BSC6800 and NodeB, located in subnet D together with IP8 IP address of the IPoA interface at the NodeB connected to the WMUX in the BSC6800, located in subnet D together with IP7 IP address for local maintenance of the NodeB, used for the LMT to be accessed to the RAN, located in subnet E together with IP10 IP address of the LMT in the local maintenance system for NodeB, located in subnet E together with IP9

Configuration requirement Unnecessary to be planned or configured on site Requires planning on site Requires planning on site Requires planning on site Requires planning on site

IP7 IP8 IP9 IP10

IV. IP Routes for the Subnets on the RNC-NodeB Maintenance Channel


Figure 2-16 lists the routes to be configured for the subnets in Figure 2-11. Table 2-16 IP routes on the RNC-NodeB maintenance channel Node BAM Route Route to subnet D, with the next hop of IP4, forward NodeB maintenance channel Route to subnet D, with the next hop of IP6, forward NodeB maintenance channel Route to subnet A, with the next hop of IP9, reverse NodeB maintenance channel Route to subnet D, with the next hop of IP9, reverse maintenance channel NodeB Route to subnet A, with the next hop of IP7, reverse maintenance channel Route to subnet D, with the next hop of is IP7, reverse maintenance channel WMUX WMPU Route to subnet A, with the next hop of IP5, reverse maintenance channel Route to subnet A, with the next hop of IP3, reverse maintenance channel Configuration requirement Requires planning on site

WMPU NodeB LMT

Requires planning on site Requires planning on site Requires planning on site Automatically configured by the NodeB system Automatically configured by the NodeB system Requires planning on site Requires planning on site

2-20

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

2.7 Huawei UMTS O&M Network


2.7.1 Logical Topology of Huawei UMTS O&M Network
The Huawei UMTS O&M system operates on the TCP/IP protocol stack. Figure 2-12 shows the logical topology of this O&M system.
CN-PS Local maintenance system LMT GGSN Local maintenance system LMT CG Local maintenance system SGSN LMT

RAN LMT RNC LAN Switch IP bearing network Firewall

Centralized network management system M2000 M2000 M2000 Client M2000 Server

Local maintenance system

LMT

NodeB

Router

Local maintenance system

LMT LMT LMT

LMT

IWF

LMT

MSC Server

LMT

HLR

MGW

LMT

Local maintenance system

Local maintenance Local maintenance system system

Local maintenance system CN-CS

Figure 2-12 Logical topology of the Huawei O&M network The UMTS O&M network consists of M2000 and one or more of the CN-PS, CN-CS and RAN subnets according to the scope of the managed network elements.

2.7.2 Centralized Network Management System


The centralized network management system is the O&M platform of the UMTS under normal situations. It provides NE topology management, centralized configuration, and centralized alarm, performance, software and security management functions. The centralized network management system sets up an IP connection to a managed NE through the IP bearing network. You can operate and maintenance various NEs through the centralized network management system and an LMT. The centralized network management system consists of the following:

iManager M2000, including M2000 Server and M2000 Client NE LMTs

2-21

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

IP bearing network, generally including the lower-layer transport network and IP networking devices, such as routers, firewalls and LAN Switches

An IP bearing network provides IP bearers for the O&M data such as alarm, configuration and performance data between NEs and the centralized network management system. The specific IP bearer mode can be selected according to the actual situations (See 2.8 IP Bearer Modes for O&M Networks).

2.7.3 Local Maintenance System


Local maintenance indicates that you can operate and maintain an NE at the place the NE is located. Local maintenance functions generally include local alarm query, NE configuration, signaling tracing and so on. Local maintenance is used for troubleshooting during initial software installation and system commissioning of a certain device and even under special occasions. A local maintenance system consists of the NE device and the corresponding LMT, which are connected through a LAN. A local maintenance system can be configured according to actual requirements.

2.8 IP Bearer Modes for O&M Networks


2.8.1 Introduction to IP Bearer Modes
Huawei UMTS O&M system has no restriction to the IP bearing networks, as long as it can support TCP/IP protocol and ensure the required O&M bandwidth. For the Huawei UMTS O&M bandwidth requirements, see 2.8.2 Bandwidth Requirement. The common networks over IP bearers in an O&M system are as follows:

LAN

In this networking mode, the IP connections in an O&M system are borne on an Ethernet LAN. For details, see 2.8.3 LAN.

WAN on E1/T1

In this networking mode, the IP connections in an O&M system are borne on E1/T1 links. The E1/T1 bearing includes complete E1/T1 bearing and partial E1/T1 bearing. For details, see 2.8.4 WAN over E1/T1.

WAN on DDN/X.25

This mode indicates that the IP connections in an O&M system are borne on a DDN or an X.25 network. For details, see 2.8.5 WAN over DDN/X.25 Network.

2.8.2 Bandwidth Requirement


The O&M bandwidth requirement depends on the type and number of devices in the UMTS system. Table 2-17 lists the bandwidths required for the O&M channels between the M2000 Server and other NEs.
2-22

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

Table 2-17 Bandwidth requirements for the O&M channels between M2000 Server and other NEs NE MSC server+HLR MGW SGSN+CG GGSN RNC 100 NodeBs M2000 Client 128 64 128 64 128 128 128 Bandwidth requirement (kbit/s)

2.8.3 LAN
The networking in the LAN mode indicates that all network devices are connected in an Ethernet LAN and that all O&M data is transmitted in the LAN. A LAN is suitable for the network where the NEs are located in one place. Figure 2-13 shows an O&M system in the LAN connection mode.
M2000 Server NodeB NodeB LMT LMT LMT NodeB NodeB M2000 LMT LMT Client

NE1

NE2

NE n

Figure 2-13 O&M system in the LAN connection mode

Note: Table 2-13 shows only a logical networking mode. IP network devices, such as routers and firewalls, may be required in actual networking.

2-23

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

2.8.4 WAN over E1/T1


I. Overview of E1/T1 Bearers
A WAN over E1/T1 indicates that NEs and network management devices are connected in a WAN and that the IP links in the WAN are borne on E1/T1 transport links. E1/T1 bearers include partial E1/T1 bearing and entire E1/T1 bearing. The former bearing mode indicates that some timeslots on an E1/T1 link bear a WAN. The latter indicates that all the timeslots on an E1/T1 link bear a WAN. When an IP bearing network adopts the entire E1/T1 bearing, you need to configure routers and LAN Switches for the IP bearing network. When the partial E1/T1 bearing is adopted, you also need to configure digital timeslot cross-connecting devices (for example, Mercury 3600) for the IP bearing network. The E1/T1 bearing mode is generally used to connect the NEs unable to be connected in a LAN in case of available E1/T1 resources. Compared to the partial E1/T1 bearing mode, the entire E1/T1 bearing does not involve timeslot extraction or cross-connection. It can transmit network management data using the 2 M or 1.5 M bandwidth of an entire E1/T1 link. It is applicable to the networking in case of abundant transport resources and heavy traffic.

II. WAN over Entire E1/T1


Figure 2-14 shows the networking of WAN over entire E1/T1. The routers in this diagram must be able to provide E1/T1 ports.

Figure 2-14 WAN over entire E1/T1

2-24

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

III. WAN over Partial E1/T1


Figure 2-15 shows a networking of WAN over partial E1/T1. Compared with the networking in Figure 2-14, the WAN over partial E1/T1 involves digital timeslot cross-connecting devices (shadow patterns in Figure 2-15).
Local maintenance system LMT NE1 Router M2000 Digital timeslot cross-connecting device Digital timeslot cross-connecting device LMT NE2 Router

IP bearing network

E1/T1 transport network

Digital timeslot cross-connecting device

Router

LMT LAN

Local maintenance system

Figure 2-15 WAN over partial E1/T1

Note: E1/T1 transport links are widely used to transport signaling and data in the present mobile telecommunications networks. These E1/T1 transport links form an E1/T1 transport network. An O&M system that adopts E1/T1 bearers for networking can make good use of the idle E1/T1 links in the E1/T1 transport network, raise the network utilization and save the investment from users. Therefore, WAN over E1/T1 is widely used networking mode.

2.8.5 WAN over DDN/X.25 Network


WAN over DDN/X.25 network indicates that the NEs and network management devices are connected in a WAN and that the IP links of the WAN are borne on a conventional digital communications network (DDN/X.25). An IP bearing network that adopts WAN over DDN/X.25 needs to be configured routers, LAN Switches and even firewalls. WAN over DDN/X.25 mode can provide reliable communications and stable transmission quality but it is expensive. It is generally used to connect the NEs that cannot be connected into a LAN when there is no available E1/T1 resource or the carrier has its own DDN/X.25 private network.
2-25

HUAWEI UMTS O&M Planning and Configuration

Chapter 2 Huawei UMTS O&M System

Figure 2-16 shows a WAN over DDN/X.25. The firewalls and routers need be configured according to the actual networking mode.

Figure 2-16 WAN over DDN/X.25

2-26

HUAWEI UMTS O&M Planning and Configuration

Chapter 3 Huawei Security Solutions to UMTS O&M Network

Chapter 3 Huawei Security Solutions to UMTS O&M Network


3.1 Overview of the Security Solutions
Network security is an essential role in UMTS O&M network. It is also a big issue attracting much attention from carriers. This chapter introduces the security requirements for the O&M network and solutions to Huawei O&M network security.

3.2 Security Requirements for the O&M Network


3.2.1 Overview of the Security Requirements
An UMTS O&M network adopting the IP network technology faces serious security risks. As the O&M platform of a telecommunications network, the O&M network must comply with the following security requirements:

guaranteeing normal operation of the O&M network guaranteeing O&M data security

3.2.2 Guaranteeing Normal Operation of the O&M Network


I. Typical Security Attacks
The present attacks to the normal operation of the O&M network include:

illegal intrusion to the network virus attacks failure in network devices

II. Security Protection Solutions


The commonly used measures to keep the O&M network in normal operation and from attacks in actual networking include:

Deploy firewalls

Firewalls can be deployed in the O&M network to prevent it from illegal intrusion.

Install antivirus programs in the computer

Antivirus programs can be installed in the computer that runs the O&M system to prevent or reduce the impact from the virus attacks.

Configure backup operation channels

To increase the security in the O&M network, you can set a backup O&M channel to ensure normal operation of the O&M system when the active channel is out of service.
3-1

HUAWEI UMTS O&M Planning and Configuration

Chapter 3 Huawei Security Solutions to UMTS O&M Network

3.2.3 Guaranteeing O&M Data Security


I. Typical Security Attacks
The present attacks to the security in the O&M data include:

Sniffing O&M data Illegal manipulation of O&M data

II. Protection Solutions


The commonly used measures to ensure the security in the O&M data in actual networking include:

Rational networking

Rational networking indicates that the IP bearing networks are connected using private networks and divided into VLANs properly.

Data encryption

Ciphering and encryption of the O&M date can keep the data from illegal access and utilization.

Data check

Checks of the received O&M data can detect whether it is illegally manipulated.

3.3 Security Solutions to Huawei O&M Network


3.3.1 Features of the Security Solutions
The features of Huaweis solutions to the UMTS O&M network security include:

Encryption of data

The O&M data in the Huawei UMTS O&M system is encrypted during the transmission and transmitted through internal protocols. This can ensure data security.

Provision of dual-plane networking for maintenance

All the UMTS devices of Huawei can provide dual-plane networking functions. The dual-plane O&M network can greatly increase the security and stability of the O&M network and decrease probable disruption of the O&M network due to maintenance channel failure.

Uniform planning of IP subnets and security zones

The rational planning and construction of the O&M network, and uniform planning IP subnet and security zones in the network can reduce: - network congestion and storms, - impact on the network, - and spreading of viruses on the O&M network.

3-2

HUAWEI UMTS O&M Planning and Configuration

Chapter 3 Huawei Security Solutions to UMTS O&M Network

Proper planning of backup channels can reduce or even avoid interruption of the O&M network. The deployed firewalls form a security zone for the O&M network devices. They can control the data streams and protect against external attacks.

Virus protection settings

According to the features of the servers and O&M terminals in the O&M network, different virus protection settings are used: For a Windows 2000 server-based server, the SetWin2000 and SysPatron are installed to protect against attacks. For a UNIX-based server, the server immune measures developed by Huawei are adopted. An O&M terminal is installed antivirus software.

Strict security regulations

To ensure security in the O&M network, the personnel engaged in O&M are prohibited to: - install maintenance-unrelated software in the server or client of the O&M system, - share files or copy files to the server or client of the O&M system - use the server or client for purposes other than maintenance.

Strict account and authority management

Huaweis UMTS devices provide operator management function. You can use this function to configure operator accounts and authority allocation policy, thus achieving strict management of the user names and passwords in the O&M network. The security mechanisms and authority management function in the O&M network are developed according to the actual network and requirements from carriers. This chapter does not introduce how to work out these security protection measures but describes the firewall deployment and configuration and virus protection settings.

3.3.2 Introduction to Security Zone


The concept of security zone comes from firewall products. A security zone corresponds to a logical region or area. The information assets in one security zone have the same or similar security properties, for example, security levels, threats, weekness and risks. The systems in one security zone trust each other. Each security zone contains the networks connected to one or more interfaces of a firewall device. When network data flows between different security zones, the firewall between the security zones shall check whether the data complies with the security mechanism of the firewall itself. When network data flows different interfaces in one security zone, the firewall between the interfaces does not check the data according to the security mechanism.
3-3

HUAWEI UMTS O&M Planning and Configuration

Chapter 3 Huawei Security Solutions to UMTS O&M Network

Security zones are divided in the following principles:


divide the network environments facing similar security threats into one security zone divide the service networks at the same security level to into one security zone divide the service networks requiring the same security requirements and providing the same protection measures into one security zone

A security zone can be divided into several sub-zones and each sub-zone can be divided further. Security zones serve as the basis for security in services. They can control security events and protect against security risks.

3.3.3 Security Zone Classification Principles


As shown in Figure 2-12, an UMTS O&M network consists of one centralized network management system and three subnets: CN-PS, CN-CS and RAN. Each of the subnets includes a local maintenance system. Each local maintenance system of an UMTS device can act as an independent security zone. It connects to the centralized network management system through firewall devices. If the networking condition permits, security zones can form as follows:

The local maintenance systems of all the CN-PS devices form a security zone. The local maintenance systems of all the CN-CS devices form a security zone. The local maintenance systems in each RAN form a security zone.

Generally, the O&M terminals (including the LMT and M2000 Client) in the centralized network management system form a security zone and the M2000 Server acts as another security zone.

3.3.4 Firewall Deployment and Configuration


I. Overview
A firewall mainly provides flow filtering and protects against network attacks. Firewall devices are required to be deployed between different security zones.

II. Flow Filtering Configuration


Flow filtering configuration indicates that you can set the security check mechanism of a firewall to ensure the security in the O&M network. A firewall that supports flow filtering allows the flow of data complying with the preset conditions and filters the network data not in accordance with the conditions. In an O&M network, the device types and quantity, and the type of data streams between the device nodes are limited and clear. This makes it possible to filter illegal data streams through firewall settings. For the types of data streams between different nodes, see Chapter 2 Huawei UMTS O&M System.

3-4

HUAWEI UMTS O&M Planning and Configuration

Chapter 3 Huawei Security Solutions to UMTS O&M Network

The legal data streams in an O&M network include:


Data streams between the LMT and device Data streams between the M2000 Server and UMTS devices Data streams between the M2000 Client and M2000 Server Data streams between the M2000 Server and NMS Antivirus code updating data streams

III. Attack Protection Functions


To configure a firewall, be sure to enable the following attack functions of it:

IP spoofing protection function Land attack protection function Smurfing protection function Fraggle attack protection function WinNuke attack protection function SYN Flood protection function ICMP Flood protection function UDP Flood protection function ICMP redirected packet control function ICMP unreachable packet control function IP address scan protection function Port scan protection function Control of IP packets with source route option Control of IP packets with routing record option Tracert packet control function Ping of Death attack protection function Teardrop protection function TCP packet validity detection function IP packet fragmenting detection function Control of oversize ICMP packets

3.3.5 Virus Protection Settings


Note: Huawei recommends the following virus protection solutions as network security solutions. The carrier can also adopt other virus protection solutions according to the actual requirements and through negotiations with Huawei.

3-5

HUAWEI UMTS O&M Planning and Configuration

Chapter 3 Huawei Security Solutions to UMTS O&M Network

I. Virus Protection Settings for Windows 2000 Server-based Servers


The Windows 2000 Server-based servers, for example, the BAM servers of MSOFTX3000 need to adopt SetWin2000 and SysPatron to guarantee the server security.

Note:

For the description of SetWin2000, see 6.3 SetWin2000". For the description of SysPatron, see 6.4 SysPatron.

The preceding servers to adopt the SetWin2000 and SysPatron software include:

BAM server in MSOFTX3000 Emergency workstation in MSOFTX3000 Active and standby iGWB servers in MSOFTX3000 BAM server in HLR9820 BAM server in the SIWF Active and standby BAM servers in BSC6800 Active and standby servers (WIN2000 Server-based) in CG9812

II. Virus Protection Settings for UNIX Server-based Servers


The UNIX-based servers need to adopt the server immune solution developed by Huawei to ensure security. These servers include:

Active and standby servers of M2000 Active and standby servers (UNIX-based) in CG9812

III. Virus Protection Settings for O&M Terminals


The O&M terminals in the Huawei UMTS O&M network adopt antivirus software (developed by Trend) to protect against virus invasion.

Note:

The antivirus software series of Trend is developed by Trend Micro (China) Incorporated. For the details about the software, see relevant technical documentation from Trend. The company name, trademarks, manual names and so on are all reserved for Trend.

The O&M terminals to adopt the antivirus software include:


LMTs of the devices in the O&M network M2000 Client

3-6

HUAWEI UMTS O&M Planning and Configuration

Chapter 3 Huawei Security Solutions to UMTS O&M Network

3.3.6 Antivirus Software Deployment Schemes


To deployment antivirus software for the O&M system, select different deployment schemes according to the actual networking modes.

I. Antivirus Software from Trend


Table 3-1 lists the descriptions of the antivirus software from Trend. Table 3-1 Description of the antivirus software from Trend Software TMCM Function Provides centralized virus monitor and killing for the entire O&M network, creates scheduled scans for remote and regular detection, and provides log management and updating management functions Specially used to protect servers against virus invasion and applicable to the protection of such operating systems as Windows NT Server, Windows 2000 Server. The ServerProtect is divided into two parts: server used for service management and client software used for service implementation. OfficeScan Used to protect desktop workstations against virus invasion and applicable to the protection of such operating systems as Windows 9x, Windows 2000 Professional and Windows XP. This OfficeScan software is also divided into two parts, the same as ServerProtect.

ServerProtect

Note: For the detailed descriptions of TMCM, ServerProtect and OfficeScan software, see the relevant technical documentation from Trend.

II. TMCM plus OfficeScan


The scheme of TMCM plus OfficeScan is used for virus protection of the entire O&M network or a LAN that contains multiple O&M terminals. Figure 3-1 shows the networking using the scheme of TMCM plus OfficeScan.

3-7

HUAWEI UMTS O&M Planning and Configuration

Chapter 3 Huawei Security Solutions to UMTS O&M Network

Trend updating server

Connected through Internet

TMCM

Centralized network management system

LAN 1 OfficeScan server 1 OfficeScan server 2

LAN 2

OfficeScan client

OfficeScan client

OfficeScan client

OfficeScan client

Figure 3-1 Networking using the scheme of TMCM plus OfficeScan As shown in Figure 3-1, the TMCM software is installed on a standalone computer (generally in the centralized network management system), you can connect TMCM to the Internet to obtain the latest virus codes and scan engine. The OfficeScan server must be installed on a standalone computer to provide management functions. The OfficeScan client can run an O&M terminal to provide virus protection. The computer installed TMCM and OfficaScan server is protected from virus infection through the ServerProtect software. Therefore, the following installation is necessary:

Install the ServerProtect client software on the computer installed OfficaScan server. Install the software of ServerProtect client servers on the computer already installed the TMCM software.

III. OfficeScan
If there only several O&M terminals in an O&M network, you can deploy only OfficeScan. Figure 3-2 shows a networking using the OfficeScan scheme.

3-8

HUAWEI UMTS O&M Planning and Configuration


Trend updating server

Chapter 3 Huawei Security Solutions to UMTS O&M Network

Connected through Internet OfficeScan server

OfficeScan client1

OfficeScan client2

OfficeScan clientn

Figure 3-2 Networking using the OfficeScan scheme As shown in Figure 3-2, Install the OfficeScan server on a standalone computer for management purposes and install the OfficeScan client on an O&M terminal to protect the terminal against virus attacks. You can connect the OfficeScan server (computer) to the Trend updating server through the Internet to obtain the latest virus codes and scan engines. Because the computer installed with OfficaScan server software is protected from virus invasion through the ServerProtect software, you need to install the software of ServerProtect client and server on this computer.

3.3.7 Antivirus Software Updates


To protect against computer viruses effectively, the virus codes and scan engine of the antivirus software must be updated in time. Trend provides updated server on the Internet. You can obtain the latest virus codes and scan engine from the Internet in time. The antivirus software can be updated in two modes:

Manual update

Manual updating indicates that you can log in to the Internet from an external computer of the O&M network and download the updated antivirus software package to a secure (no virus) storage medium such as floppy disk. Then you can load the software package to the TMCM or OfficaScan server.

Automatic update

After dividing the O&M network into security zones and deploying firewall devices, you can deploy the TMCM or OfficaScan server on the Internet for real-time updating of the firewall software. When the TMCM or OfficaScan server connects to the OfficaScan client through the firewall devices, the client can be updated automatically.

3-9

HUAWEI UMTS O&M Planning and Configuration

Chapter 4 O&M Network Planning

Chapter 4 O&M Network Planning


4.1 Overview of O&M Network Planning
The O&M network in an UMTS system plays an important role. It must be well planned according to the network features and O&M requirements. This chapter introduces:

Basic principles for the O&M network planning Flow of the O&M network planning

4.2 Basic Principles of O&M Network Planning


To plan the UMTS O&M network, follow the principles below:

Security principle

When planning the O&M network, guarantee the security in the O&M network and the UMTS system and keep the network in normal operation.

Cost-saving principle

Despite the provision of abundant O&M functions and guarantee of the network security, save the investment from the carrier as possible as you can during the planning.

Expandability principle

To enable the O&M network to support smooth updating, guarantee the expandability of the O&M network so that it only requires slight changes to comply with the O&M demands after the capacity expansion of the UMTS system.

4.2.1 Security Principles


When planning the O&M network, consider the following factors regarding security:

Isolate the O&M network from a service network

Generally, an UMTS system comprises an O&M network and a service network. The two networks need be physically isolated. If it is different to isolate them, plan them in different VLANs at least.

Deploy firewalls and uniformly plan security zones and IP subnets

To protect the O&M network from external attacks and to achieve flow control, deploy firewalls to form security zones for the network devices and uniformly plan IP subnets and IP routes.

Rationally plan internal subnets

To reduce network congestion and storms, rationally plan the hierarchy of the subnets and VLAN configuration of the internal LAN Switches in the O&M network.

Consider backup mechanism


4-1

HUAWEI UMTS O&M Planning and Configuration

Chapter 4 O&M Network Planning

The O&M backup mechanism includes O&M system backup and O&M channel backup. The O&M channel backup involves route backup and network backup. The Huawei UMTS system equipment supports dual-plane O&M function.

Note: Huawei security solutions to UMTS O&M networks are designed according to the features and security requirements of the UMTS O&M network. The purpose of the solutions is to provide reference for the carrier during O&M network planning. For the details about the solutions, see Chapter 3 Huawei Security Solutions to UMTS O&M Network.

4.2.2 Cost-Saving Principle


When planning the O&M network, consider the following factors to save the cost:

Guarantee user investment

To save user investment, adopt the existing equipment of the carrier as much as possible to plan the networking mode or use the cost-saving networking mode if it can satisfy the O&M requirements.

Reduce O&M work

To save the investment of carrier during network planning, make the routine O&M of the carrier easy-to-use and reduce unnecessary O&M procedures.

4.2.3 Expandability Principle


The expandability of the O&M network indicates that the O&M network in an UMTS system only requires slight changes to comply with the O&M requirements after the capacity expansion of the UMTS system. The capacity expansion of an UMTS system may involve:

New IP addresses New O&M bandwidth New IP bearing network

Therefore, consider the following factors for the probable capacity expansion in the future during O&M network planning:

Consider the requirement of new IP addresses during IP address planning Consider the requirement of new bandwidth during IP bearer mode planning Consider the future network topology and reserve some ports on the LAN Switches, routers and firewalls during the planning and selection of IP networking devices

4-2

HUAWEI UMTS O&M Planning and Configuration

Chapter 4 O&M Network Planning

4.3 Flow of O&M Network Planning


Figure 4-1 shows the O&M network planning flow.
Start

Understand the UMTS O&M network

Determine IP bearing modes

Determine the operation and maintenance network structure Determine the node IP addresses

Determine IP routes

Determine firewall configuratio

End

Figure 4-1 O&M network planning procedure

4.3.1 Understanding UMTS Network Information


To well plan an UMTS network, first know the following knowledge:

Type and quantity of the UMTS network devices Distribution of the UMTS NE devices Capacity of the UMTS network Capacity expansion planning for the UMTS network Possible bandwidth of O&M data Information about the existing transport network of the carrier and planning of the transport network

4.3.2 Determining IP Bearing Networking


According to the UMTS network layout, transport network situations, maintenance data bandwidth requirement and UMTS network expansion planning, determine which one

4-3

HUAWEI UMTS O&M Planning and Configuration

Chapter 4 O&M Network Planning

of (LAN, WAN over E1/T1 and WAN over DDN/X.25) is to be selected as the IP bearer networking mode through negotiation with the carrier. To determine the IP bearing networking, consider the factors below:

Existing transport network information of the carrier and planning of the new network Guarantee the bandwidth requirement for the UMTS O&M network Guarantee the O&M network can be expanded together with the UMTS system Reduce the cost in the IP bearing network under the precondition that the O&M network keeps working stably.

Note: For the commonly used IP bearer modes and bandwidth requirements of the UMTS devices, see 2.8 IP Bearer Modes for O&M Networks.

4.3.3 Determining O&M Network Structure


To determine the structure of the O&M network perform as follows:

Classify VLANs

Generally, classify the CN-PS, CN-CS or each RAN system to a unique VLAN.

Classify security zones

Each VLAN serves as a security zone. Different VLANs cannot access directly generally. In addition, the O&M terminals in the centralized network management system can be divided according to the maintained objects, that is: - divide the M2000 Client and LMTs used to maintain the CN-PS devices into a security zone; - divide the M2000 Client and LMTs used to maintain the CN-CS devices into a security zone; - divide the M2000 Client and LMTs used to maintain the RAN network devices into a security zone.

Rationally deploy O&M terminals

An O&M terminal consists of LMT and M2000 Client. For the CN-PS or CN-CS devices, the O&M terminals are generally deployed together with the centralized network management system and no M2000 Client needs to be deployed in the local maintenance system. For the RAN system, an RNC and the centralized network management system may be deployed in different areas. To facilitate the local maintenance personnel of the RNC to monitor the operations of the NEs in the entire system (including the RAN system,
4-4

HUAWEI UMTS O&M Planning and Configuration

Chapter 4 O&M Network Planning

CN-PS system and CN-CS system), you need to deploy one or two M2000 Clients in the local maintenance system of the RNC.

Divide network layers

When the O&M network is complicated, divide it into several layers and make clear the access layer and convergent layer.

Determine virus protection measures

This determination of virus protection measures includes: - select antivirus software - select antivirus software deployment - select antivirus software updating.

Determine IP networking devices and allocate ports

After determining the network structure, select the IP networking devices (including LAN Switches, routers and firewalls) and decide how to allocate the ports on these devices.

4.3.4 Determining IP Addresses for Nodes


The determination of IP addresses for nodes depends on the O&M network structure and the number of IP addresses required for every node.

Existing network IP

When the O&M network acts as part of the existing network (DDN/X.25), the planning of the IP addresses for the O&M network must be compatible with that of the IP addresses for the existing network. In addition, the IP address resources in the existing network are relevantly insufficient, especially, when the network needs to seize the Internet IP addresses. This requires rational planning of the quantity of IP addresses to be used in the O&M network to reduce waste of the IP address resources for the existing network. In this case, you can properly divide some subnets in the O&M network into according to the classification of VLANS to raise the security in the entire O&M network.

Private network IP

When the O&M network is a LAN or independent private network, there are abundant IP address resources. To raise the security in the O&M network, you can plan more subnets and divide a VLAN to maintain every O&M network device. During IP address planning in this case, the Class C IP address segment (192.168.0.0192.168.255.255) for private networks is recommended.

RNC-NodeB maintenance channel IP

The IP addresses on the RNC-NodeB maintenance channel are independent of the connection mode of the O&M network and of the subnet they are located. Therefore,

4-5

HUAWEI UMTS O&M Planning and Configuration

Chapter 4 O&M Network Planning

the IP addresses on the RNC-NodeB maintenance are recommended to value in the private network IP address segments.

4.3.5 Determining IP Routes


The determination of IP routes in the O&M network depends on the IP address planning and O&M requirements of the network devices

4.3.6 Determining Firewall Configuration


When there are firewall devices deployed in the O&M network, determine the flow filter configuration of the firewall according to the O&M network structure, O&M requirement of network devices, security zone planning and security mechanism. For the requirements of flow filter configuration and network attack protection functions of a firewall, see "3.3.4 Firewall Deployment and Configuration.

4-6

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Chapter 5 O&M Network Examples


5.1 About This Chapter
This chapter illustrates typical connections of an UMTS O&M network, including:

UMTS O&M network connected into a LAN UMTS O&M network connected into a WAN Connection of RNC-NodeB maintenance channel subnets

5.2 UMTS O&M Network Connected into a LAN


5.2.1 Overview of the Connection
This section presents an O&M network connected into a LAN. It cover the following contents:

Network configuration condition Planning network structure Planning IP addresses Configuring IP routes

For the planning of the IP addresses and IP routes on the RNC-NodeB maintenance channel, see 5.4 Example of RNC-NodeB Maintenance Channel Networking.

5.2.2 Network Configuration


I. Network Configuration Condition
Suppose an UMTS system is configured as follows:

One SGSN9810 One GGSN9811 One CG9812 One MSOFTX3000 One UMG8900 One HLR9820 One SIWF, which shares the BAM server of the MSOFTX3000 Two BSC6800s:

- BSC68001 contains four WRBS subracks, each of which connects to 40 NodeBs. - BSC68002 contains two WRBS subracks, each of which connects to 60 NodeBs. All the NE devices except NodeB are deployed in the same equipment room with the M2000 Server.

5-1

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

II. Existing Networks of Carrier


The carrier has a special office network, operation supporting network and O&M network. In this O&M network, a segment of 64 IP addresses (10.0.1.0/26) is allocated to the UMTS O&M system.

III. Maintenance Requirements from Carrier


The carrier requests centralized maintenance on all the UMTS devices, which needs a set of M2000 system. The carrier also requires that the NE devices can be maintained through the office network.

5.2.3 Planning Network Structure


A LAN is used to carry the O&M network because the UMTS system scale is small and all the NE devices in the system except NodeB are located in an equipment room. Figure 5-1 shows the O&M network connected in a LAN.

Figure 5-1 UMTS O&M network connected in a LAN As shown in Figure 5-1:

LAN Switch 1 and LAN Swtich 2 connect to the O&M interfaces of every NE. LAN Switch 3 connects to the O&M terminals, LAN Switch 1 and LAN Swtich 2. The O&M terminals deployed in the office network connect to LAN Switch 1 and LAN Switch 2 through a firewall.

The O&M terminals in Figure 5-1 include LMTs (including the Bill Console of the iGWB in MSOFTX3000) and M2000 Client. MSOFTX3000 provides O&M access for the SIWF. RAN1 comprises BSC68001 and all the NodeBs connected with BSC68001. It connects to the O&M network through the BAM in BSC68001. RAN2 comprises

5-2

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

BSC68002 and all the NodeBs connected with BSC68002. It connects to the O&M network through the BAM in BSC68002.

5.2.4 Planning IP Addresses


An IP address segment of 10.0.1.0/26 is reserved for the network in Figure 5-1. Table 5-1 shows the IP address planning in detail. Table 5-1 IP address planning for an UMTS O&M network connected in a LAN Device SGSN9810 GGSN9811 CG9812 2 1 3 Quantity IP address 10.0.1.1, 10.0.1.2 10.0.1.3 10.0.1.4, 10.0.1.5, 10.0.1.6 Configuration One for the active and the other for the standby UOMU One for the active and standby LPU boards One IP address for each server and one virtual IP address for a server group (active and standby servers) One IP address for each server and one virtual IP address for an external O&M interface group (active and standby interfaces) One IP address for each server and a virtual IP address for an external O&M interface group One IP address for each server and one virtual IP address for an external O&M interface group One for the emergency workstation One for both the active and standby OMU boards One for the BAM and another for the internal VLAN One IP address for each server and one virtual IP address for an internal O&M interface group One IP address for each server and one virtual IP address for an external O&M interface group One for the firewall One for each O&M terminal Varies with the number of O&M terminals configured

M2000 Server

10.0.1.7, 10.0.1.8, 10.0.1.9

MSOFTX3000

iGWB

10.0.1.10, 10.0.1.11, 10.0.1.12 10.0.1.13, 10.0.1.14, 10.0.1.15 10.0.1.16 10.0.1.17 10.0.1.18, 10.0.1.19 10.0.1.20, 10.0.1.21, 10.0.1.22 10.0.1.23, 10.0.1.24, 10.0.1.25 10.0.1.26 10.0.1.2710.0.1.31

BAM

Emergency workstation UMG8900 HLR9820 BSC68001 1 2 3

BSC68002

Firewall O&M terminal Sum

1 5 31

5-3

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Note:

The IP addresses of the O&M terminals connected through the firewall in Figure 5-1 must be planned according to that of the office network of the carrier. The planning is omitted here. The SIWF shares the IP addresses of the MSOFTX3000. It is distinguished from the MSOFT3000 by TCP ports. The other IP addresses are reserved for future network expansion and modification.

5.2.5 Configuring IP Routes


A NodeB does not directly connect to the O&M network. To operate and maintain the NodeB, configure routes on the M2000 Server and on the NodeB LMT according to the IP address planning for the O&M network.

5.3 UMTS O&M Network Connected into a WAN


5.3.1 Overview of the Connection
This section presents an UMTS O&M network connected into a WAN. It covers the following contents:

Network configuration condition Planning network structure Planning IP addresses Configuring IP routes

For the planning of the IP addresses and IP routes on the RNC-NodeB maintenance channel, see 5.4 Example of RNC-NodeB Maintenance Channel Networking.

5.3.2 Network Configuration


I. Network Configuration Condition
Suppose the devices of an UMTS system are configured in three places, as shown below: Place X:

One SGSN9810 One GGSN9811 One CG9812 Two BSC6800s, each hosts four WRBS subracks and each subrack connects with 40 NodeBs.

Place Y:

One MSOFTX3000 One UMG8900


5-4

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

One HLR9820 One SIWF, which shares the BAM server of the MSOFTX3000 Two BSC6800s, each has a WRBS subrack that connects with 60 NodeBs.

Place Z: There are only one BSC6800, which hosts two WRBS subracks. Each WRBS subrack connects with 40 NodeBs.

II. Existing Networks of Carrier


The carrier has a LAN connected to the networks in the three places and there is private O&M network in each place.

III. Maintenance Requirements from Carrier


The carrier requires the O&M system of CN (including CN-PS and CN-CS) to be separated from that of the RAN. This requires two sets of M000 systems. One set is for the O&M system of the CN. The other set is for the O&M system of the RANs. The carrier also requires that:

The O&M terminals of the UMTS network are deployed in LANs. The UMTS devices are deployed in private O&M networks (the CN devices in a private O&M network different from the RAN devices). The LANs and the private O&M networks are connected through firewalls able to support the flow filter function.

5.3.3 Planning Network Structure


Figure 5-2 shows an O&M network connected into a WAN.

5-5

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Place X RAN X1

M2000 Server R Gateway 1 Firewall for RAN O&M terminal

M2000 Server C Gateway 4 Firewall for CN O&M terminal

SGSN

GGSN

RAN X2

CG

Place Y RAN Y1 Gateway 2

MSC Server Gateway 5 O&M terminal O&M terminal MGW

RAN Y2

HLR

Place Z RAN Z

Figure 5-2 UMTS O&M network connected into a WAN As shown in Figure 5-2, M2000 Server and O&M terminals are configured in the enterprise Intranet of the carrier. M2000 Server C provides centralized network management to the CN system and M2000 Server R provides the same functions to the RANs. The M2000 Client software and LMT software of the NE run on each O&M terminal at the same time. The devices in the CN of the UMTS form a private O&M nework for the CN. The CN-PS devices in place X are converged to gateway 4; the CN-CS devices in place Y are converged to gateway 5. The converged devices connect to the enterprise Intranet through the firewall for CN. The data packets between the firewall and the gateways are routed at layer 2. The RANs in the UMTS form a private O&M network for RAN. The RAN devices in place X are converged to gateway 1; the RAN devices in place Y are converged to gateway 2; the RAN devices in place Y connect to gateway 3. Then the RAN devices in the three places connect to the enterprise Intranet through the firewall for RAN. The data packets between the firewall and the gateways are routed at layer 2. For the purpose of centralized network management, the two sets of M2000 system, all the servers and firewalls are deployed in place X.

5.3.4 Allocating IP Addresses to the O&M Devices in the WAN


Table 5-2 lists the IP addresses allocated to the O&M devices in the WAN in Figure 5-2.

Gateway 3

O&M terminal

O&M network of RAN Enterprise Intranet O&M network of CN

5-6

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Table 5-2 IP addresses allocation to the O&M devices in the WAN Place X Device M2000 Server C Quantity 3 IP address 10.120.0.1, 10.120.0.2, 10.120.0.3 Allocation One IP address for each server and a virtual IP address for the external O&M interface One for the firewall One for each terminal

Firewall for CN O&M terminal (used to maintain the CN devices) M2000 Server R

1 5

10.120.0.4 10.120.0.510.120.0.9

10.120.0.10, 10.120.0.11, 10.120.0.12

One IP address for each server and a virtual IP address for the external O&M interface One One for each terminal

Firewall for RAN O&M terminal (used to maintain the RAN devices) Y O&M terminal (used to maintain the CN devices) O&M terminal (used to maintain the RAN devices) Z O&M terminal (used to maintain the RAN devices)

1 5

10.120.0.13 10.120.0.1410.120.0. 18 10.120.1.510.120.1.9

One for each terminal

10.120.1.1010.120.1. 14 10.120.2.1010.120.2. 14

One for each terminal

One for each terminal

5.3.5 Planning Addresses for CN


The CN in Figure 5-2 is a private network and the IP addresses in the CN can be planned according to the actual requirements: Here the network segment 10.99.74.0/27 is planned for the CN. The IP addresses 10.99.74.0/28 are allocated to the CN-PS in place X and 10.99.74.16/28 to the CN-CS in place Y. Table 5-3 shows the IP address allocation in detail. Table 5-3 IP address planning for the CN Equipment SGSN9810 GGSN9811 Quantity 2 1 IP address 10.99.74.1, 10.99.74.2 10.99.74.3 Configuration One for the active and the other for the standby UOMU board One for both the active and standby

5-7

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Equipment CG9812

Quantity 3

IP address 10.99.74.4, 10.99.74.5, 10.99.74.6 10.99.74.14

Configuration LPU boards One IP address for each server and a virtual IP address for the external O&M interface One for gateway 4 because the data packets between the firewall and the gateway are routed at layer 2 One IP address for each server and a virtual IP address for the external O&M interface One IP address for each server and a virtual IP address for the external O&M interface One for the emergency workstation One for both the active and standby OMU boards One IP address for the BAM in HLR9820 and another for the internal VLAN One for gateway 5 because the data packets between the firewall and the gateway are routed at layer 2 No IP address to the firewall for CN because the data packets between the firewall and the gateways are routed at layer 2

Gateway 4

MSOFTX3000

iGWB

10.99.74.17, 10.99.74.18, 10.99.74.19 10.99.74.20, 10.99.74.21, 10.99.74.22 10.99.74.23 10.99.74.24 10.99.74.25, 10.99.74.26 10.99.74.30

BAM

Emergency workstation UMG8900 HLR9820

1 1 2

Gateway 5

Firewall for CN

Note:

The SIWF shares the IP addresses of the MSOFTX3000 and is distinguished from the MSOFT3000 according to TCP ports. The other IP addresses are reserved for future capacity expansion and modification.

5.3.6 Configuring IP Routes for CN


See Table 5-4.

5-8

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Note:

The administrator of the enterprise Intranet determines the IP routes between the nodes in the Intranet. Here the IP addresses in the Intranet are considered to be capable of interworking. Gateway 4/5 and the firewall for CN adopt layer 2 routing and no IP route is required. For the route planning on the RNC-NodeB maintenance channel, see 5.4 Example of RNC-NodeB Maintenance Channel Networking.

Table 5-4 IP route configuration for the CN Node M2000 Server R O&M terminal (used to maintain CN) SGSN9810 GGSN9811 CG9812 MSOFTX3000 UMG8900 HLR9820 Configuration Route to 10.99.74.0/27. The next hop, that is, IP address of the firewall for CN, is 10.120.0.4. Route to 10.99.74.0/27. The next hop, that is, IP address of the firewall for CN, is 10.120.0.4. Set the IP address of the gateway (gateway 4) to 10.99.74.14. Set the IP address of the gateway (gateway 4) to 10.99.74.14. Set the IP address of the gateway (gateway 4) to 10.99.74.14. Set the IP address of the gateway (gateway 5) to 10.99.74.30. Set the IP address of the gateway (gateway 5) to 10.99.74.30. Set the IP address of the gateway (gateway 5) to 10.99.74.30.

5.3.7 Planning IP Addresses for RAN


The RAN in Figure 5-2 is a private network and the IP addresses of it can be planned according to the actual requirements. Here the IP address segment 10.99.85.0/26 is allocated for the RAN. The IP address segment 10.99.85.0/28 is allocated to the RAN devices in place X, 10.99.85.16/28 to those in place Y and 10.99.85.32/28 to those in place Z. Table 5-5 shows the IP address allocation in detail. Table 5-5 IP address planning for the RAN Device BSC6800 X1 Quantity 3 IP address 10.99.85.1, 10.99.85.2, 10.99.85.3 10.99.85.4, 10.99.85.5, 10.99.85.6 10.99.85.14 Configuration One IP address for each server and a virtual IP address for the external interface One IP address for each server and a virtual IP address for the external interface One because the data packets between the gateway and the firewall are routed at layer 2

BSC6800 X2

Gateway 1

5-9

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Device BSC6800 Y1

Quantity 3

IP address 10.99.85.17, 10.99.85.18, 10.99.85.19 10.99.85.20, 10.99.85.21, 10.99.85.22 10.99.85.30 10.99.85.33, 10.99.85.34, 10.99.85.35 10.99.74.46

Configuration One IP address for each server and a virtual IP address for the external interface One IP address for each server and a virtual IP address for the external interface One because the data packets between the gateway and the firewall are routed at layer 2 One IP address for each server and a virtual IP address for the external interface One because the data packets between the gateway and the firewall are routed at layer 2 No IP address to the firewall for RAN because the data packets between the firewall and the gateway are routed at layer 2

BSC6800 Y2

Gateway 2 BSC6800 Z

1 3

Gateway 3 Firewall for RAN

1 0

5.3.8 Configuring IP Routes for RAN


See Table 5-6.

Note:

The administrator of the enterprise Intranet determines the IP routes between the nodes in the Intranet. Here the IP addresses in the Intranet are considered to be capable of interworking. Gateway 1/243 and the firewall-RAN adopt layer 2 routing and no IP route is required. For the route planning on the RNC-NodeB maintenance channel, see 5.4 Example of RNC-NodeB Maintenance Channel Networking.

Table 5-6 IP route configuration for the RAN Node M2000 Server C O&M terminal for maintaining CN BSC6800 X1/X2 BSC6800 Y1/Y2 BSC6800 Z Configuration Route to 10.99.85.0/26. The next hop, that is, the IP address of the firewall for the RAN, is 10.120.0.13. Route to 10.99.85.0/26. The next hop, that is, the IP address of the firewall for the RAN, is 10.120.0.13. Set the IP address of the gateway (gateway 1) to 10.99.85.14 Set the IP address of the gateway (gateway 2) to 10.99.85.30 Set the IP address of the gateway (gateway 3) to 10.99.74.46

5-10

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

5.4 Example of RNC-NodeB Maintenance Channel Networking


5.4.1 Overview of the RNC-NodeB Maintenance Channel Networking
The RNC-NodeB maintenance channel network planning refers to the planning of the IP addresses and IP routes for the subnets on the RNC-NodeB maintenance channel in the RAN. Generally, fixed IP addresses or private network IP addresses are used for the subnets in the RAN, but the addresses of NodeB should abide the IP address planning of O&M networks. For the RNC-NodeB maintenance channel, see 2.6 O&M of RAN Devices. This section describes IP address planning and IP route planning for the subnets on the RNC-NodeB maintenance channel.

5.4.2 Network Configuration


In the UMTS network shown in Figure 5-1, the RAN system contains two BSC6800 nodes:

BSC68001 host four WRBS subracks, each of which connects to 40 NodeBs. BSC68002 host two WRBS subracks, each of which connects to 60 NodeBs.

5.4.3 Planning IP Addresses


I. Planning IP Address for O&M Network
See Table 5-1.

II. Planning IP Address for the Internal Network of BSC6800 BAM


The IP address planning for the internal network of the BAM in RAN1 or RAN2 is the same: 192.168.1.0/29. The IP address of the internal Ethernet interface of BAM1 is 192.168.1.1, and that of BAM2 is 192.168.1.2. The virtual IP address of the BAM internal network is 192.168.1.3 and the IP address of the WMPU board is 192.168.1.4.

III. Planning IP Addresses for IPoA Subnets


BSC68001 hosts four WRBS subracks and requires four IPoA subnets. The four subnets Because are numbered 192.168.2.0/25, can host 192.168.3.0/25, up to 16 192.168.4.0/25 WRBS and 192.168.5.0/25. For the IP address planning of the nodes on the subnets, see Table 5-7. one BSC6800 subracks, 192.168.6.0/25192.168.17.0/25 is reserved for system capacity. Table 5-7 IP address planning for the subnets on the NodeB-BSC68001 maintenance channel Subnet 1 WMUX Node 192.168.2.126 IP address

5-11

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Subnet

Node NodeB1 NodeB40 192.168.2.40 192.168.3.126 192.168.3.1 192.168.2.1

IP address

WMUX NodeB1 NodeB40

192.168.3.40 192.168.4.126 192.168.4.1

WMUX NodeB1 NodeB40

192.168.4.40 192.168.5.126 192.168.5.1

WMUX NodeB1 NodeB40

192.168.5.40

BSC68002 hosts two WRBS subracks and requires two IPoA subnets. The subnets are numbered 192.168.18.0/25 and 192.168.19.0/25. Table 5-8 lists the IP address planning for the nodes on the two subnets. Because one BSC6800 can host up to 16 WRBS subracks, 192.168.20.0/25192.168.33.0/25 is reserved for system capacity. Table 5-8 IP address planning for the subnets on the NodeB-BSC68002 maintenance channel Subnet 1 WMUX NodeB1 NodeB60 2 WMUX NodeB1 NodeB60 192.168.21.60 192.168.20.60 192.168.21.126 192.168.21.1 Node 192.168.20.126 192.168.20.1 IP route

5-12

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Note: The IP address of the NodeB in an IPoA subnet is that of the NodeB in the centralized network management system. Therefore, every NodeB IP address must be unique in an UMTS system that hosts multiple BSC6800 NEs.

IV. Planning IP Addresses for Local Maintenance Subnet of NodeB


Each NodeB has a local maintenance subnet and each subnet requires two IP addresses to be allocated. Because the local maintenance subnet of a NodeB is mainly used for special processing, 192.168.255.252/30 is configured for the local maintenance subnets of all NodeBs to simplify IP address planning. The IP address of the local Ethernet port of NodeB is 192.168.255.253 and that of the NodeB LMT is 192.168.255.254.

5.4.4 Configuring IP Routes


Because a NodeB does not directly connect to the O&M network, you need to configure IP routes to maintain the NodeB in both forward and reverse directions according to the planned IP addresses of the RAN and O&M network. Table 5-9 lists the routes that require configuration. Table 5-9 IP routes to be configured on the RNC-NodeB maintenance channel Node RAN1 BSC6800 BAM (including the active and standby BAM servers) Configuration Route to 10.0.1.0/26. The next hop, that is, the virtual IP address of the BAM external network in BSC68001, is 10.0.1.20. Route to 192.168.2.0/25192.168.17.0/25. The next hop, that is, the IP address of the WMPU in BSC6800, is 192.168.1.4. WMPU Route to 192.168.2.0/25, The next hop, that is, the IP address of WMUX1, is 192.1.1.1. Route to 192.168.3.0/25. The next hop, that is, IP address of WMUX2, is 192.1.1.2. Route to 192.168.4.0/25. The next hop, that is, the IP address of WMUX2, is 192.1.1.3. Route to 192.168.5.0/25. The next hop, that is, the IP address of WMUX2, is 192.1.1.4. Route to 10.0.1.0/26. The next hop, that is, the virtual IP address of the BAM internal network, is 192.168.1.3. WMUX1 Route to 10.0.1.0/26. The next hop, that is, the IP address of the WMPU, is 192.1.1.254.

5-13

HUAWEI UMTS O&M Planning and Configuration

Chapter 5 O&M Network Examples

Node WMUX2 WMUX3 WMUX4 RAN2 BSC6800 BAM (including the active and standby BAM servers)

Configuration Route to 10.0.1.0/26. The next hop, that is, the IP address of the WMPU, is 192.1.1.254. Route to 10.0.1.0/26. The next hop, that is, the IP address of the WMPU, is 192.1.1.254. Route to 10.0.1.0/26. The next hop, that is, the IP address of the WMPU, is 192.1.1.254. Route to 10.0.1.0/26. The next hop, that is, the virtual IP address of the BAM external network, is 10.0.1.23. Route to 192.168.18.0/25192.168.33.0/25. The next hop, that is, the IP address of the WMPU in BSC68002, is 192.168.1.4. Route to 192.168.18.0/25. The next hop, that is, the IP address of WMUX1, is 192.1.1.1. Route to 192.168.19.0/25. The next hop, that is, the IP address of WMUX2, is 192.1.1.2. Route to 10.1.0.32/29. The next hop, that is, the virtual IP address of the BAM internal network, is 192.168.1.3.

WMPU

WMUX1 WMUX2 Local maintenance subnet of NodeB All the NodeB LMTs

Route to 10.0.1.0/26. The next hop, that is, the IP address of the WMPU, is 192.1.1.254. Route to 10.0.1.0/26. The next hop, that is, the IP address of the WMPU, is 192.1.1.254. Set the local gateway to 192.168.255.253, that is, IP address of the local maintenance Ethernet port of NodeB.

5-14

HUAWEI UMTS O&M Planning and Configuration

Chapter 6 Background Knowledge Requirements

Chapter 6 Background Knowledge Requirements


6.1 Overview of the Background Knowledge Requirements
This chapter describes some fundamentals required for the UMTS O&M system planning and configuration, including:

IP network related fundamentals SetWin2000 SysPatron

6.2 IP Network Related Fundamentals


6.2.1 IP Address
Note: Internet protocol (IP) networks include IPv4 network and IPv6 network. The current network is IPv4 network. It is also the network model supported by the Huawei UMTS O&M system. This chapter introduces the coding and subnet masks of the IP addresses in an IPv4 network.

I. Coding of IP Addresses
IP networks use a 32-bit address to identify a host computer and the network to which the host is attached. The 32-bit address is separated into four numerals by dot. Each numeral represents eight bits. A 32-bit address is usually denoted in the format of four decimal numerals, in which each integer corresponds to a byte. This denotion mode is called dotted decimal notation). Table 6-1 shows an IP address denoted in binary and dotted decimal formats. Table 6-1 Example of an IP address denoted in binary and dotted decimal format Binary Dotted decimal 10001100 140. 10110011 179. 11011100 220. 00000011 3

II. Classes of IP Addresses


An IP address consists of two parts: network ID and host ID. The network ID specifies the network to which the host is attached. The host address indicates a specific host in the network. Conventionally, network IDs and host IDs are classified according to the boundaries of the eight bits, that is, the dots.

6-1

HUAWEI UMTS O&M Planning and Configuration

Chapter 6 Background Knowledge Requirements

Five classes of IP address formats are defined in the Internet, as shown in Figure 6-1.
Class A Class B Class C Class D Class E 0 Network ID (7) 10 110 1110 11110 Network ID (14) Network ID (21) Multicast group number (28) Reserved Host ID (24) Host ID (16) Host ID (8)

Figure 6-1 Five classes of IP address formats defined in Internet Table 6-2 lists the value ranges for the five classes of Internet IP address formats in dotted decimal format. Table 6-2 Value ranges of five classes of Internet IP addresses in dotted decimal format Class A B C D E 0.0.0.0127.255.255.255 128.0.0.0191.255.255.255 192.0.0.0223.255.255.255 224.0.0.0239.255.255.255 240.0.0.0247.255.255.255 Value range

III. IP Addresses of Private Network


Because the IP address of the host in the Internet must be unique, the IP address of the network to be connected to the Internet must be applied from the specified institute to avoid conflict of IP addresses of different networks. In addition, some IP addresses among the IP address resources for the Internet are reserved. These reserved IP addresses can be freely used in networks without application. They are called private network IP addresses. Table 6-3 lists the value ranges of the private network IP addresses. Table 6-3 Value ranges of private network IP addresses Class A B C 10.0.0.010.255.255.255 172.16.0.0172.31.255.255 192.168.0.0192.168.255.255 Value range

6-2

HUAWEI UMTS O&M Planning and Configuration

Chapter 6 Background Knowledge Requirements

IV. Subnet and Subnet Mask


Actually, the host ID of every IP address in Figure 6-1 is further divided into two parts: subnet ID and host ID, as shown in Figure 6-2.

Figure 6-2 Division of an IP address A subnet mask identifies the expanded network ID obtained through subnet division in Figure 6-2. A subnet mask can define the number of bits used as subnet address in a 32-bit IP address. The bits of a subnet mask are in one-to-one relation with those of the IP address. If the bits of an IP address are regarded as part of the expanded network ID, set the bits of the subnet mask to 1. On the contrary, if the bits of an IP address are considered as a host ID, set the bits of the subnet mask to zero. For example, to use the third 8-bit byte in the IP address 130.5.5.25 as subnet ID, set the subnet mask to 255.255.255.0, as shown in Table 6-4. Table 6-4 Example of the correspondence between the subnet mask and IP address Network ID IP address: 130.5.5.25 Subnet mask: 255.255.255.0 10000010 11111111 00000101 11111111 Subnet ID 00000101 11111111 Host ID 00011001 00000000

In the preceding example, the subnet mask of the IP address 130.5.5.25 is a value of successive 24 1s. The address and subnet mask can be denoted as 130.5.5.25/24. A subnet can be divided into smaller subnets, which can be further divided if necessary, as shown in Figure 6-3.

6-3

HUAWEI UMTS O&M Planning and Configuration

Chapter 6 Background Knowledge Requirements

Figure 6-3 Subdivision of a subnet

6.2.2 IP Routes
An IP network uses IP addresses for communications and data transfer between host computers. It determines the direction of data packets to be transferred according to the destination IP address. The procedure of determining the transfer direction is called IP routing. For the data packets between the hosts in a subnet, the IP network can obtain the physical address of the hosts through their IP addresses and transfer the data packets. For the data packets between the hosts in different subnets, the IP network must have to route the packets using a special device, that is, a router.

6.2.3 TCP/UDP Port Numbers


In IP networks, data in the application layer is transported through TCP or UDP protocol. In the protocol port numbers are used to identify the application that sends or receives data packets. Port numbers can help the TCP/UDP protocol separate data packets and transfer the corresponding packets to the correct application. TCP/UDP port number ranges from zero to 65535. This range is divided into three segments:

01023, identifies some standard services, for example, FTP, Telnet, SMTP and TFTP 102449151, allocated to the registered applications by the Internet Assigned Number Authority (IANA) 4915265535, serves as private port numbers, flexibly assigned to any application dynamically

TCP/UDP port numbers are usually used together with IP addresses for flow filtering in the security mechanism of a firewall.

6-4

HUAWEI UMTS O&M Planning and Configuration

Chapter 6 Background Knowledge Requirements

6.2.4 VLAN
Virtual Local Area Network (VLAN) is a technology that logically divides the devices in a LAN into network segments, achieving virtual workgroups. In 1999, the IEEE released the draft standard of IEEE 802.1Q protocol used to standardize VLAN implementation. The VLAN technology allows a network administrator to logically divide a physical LAN into different broadcast fields (or virtual LAN, shorted as VLAN). Each VLAN includes a group of computers with the same requirements. Because VLANs are not physically but logically divided, the computers in one VLAN need not be deployed in one physical room, that is, not all these computers belong to a physical LAN. No broadcast or unicast traffic in one VLAN shall be transferred to the other VLANs. Therefore, VLAN classification can achieve flow control, reduce equipment investment, simplify network management and raise network security. To achieve network layer functions on a VLAN interface, you need to assign IP address and mask for the VLAN interface.

6.3 SetWin2000
6.3.1 Overview of SetWin2000
Windows 2000 has become the most popular operating system for servers and workstations presently. However, it is easy to be attacked because of its defects and weakness. To protect the Windows 2000 against attacks, Huawei provides a security customization tool, SetWin2000. This tool can be used to raise the security of the operating system and guarantee normal operation of the computer installed the software. The SetWin2000 is a universal tool and applicable to any computer installed Windows 2000. This manual briefs the functions and operating environment requirements of the SetWin2000. For details, see SetWin2000 Security Customization Tools User Manual.

6.3.2 Functions of SetWin2000


The SetWin2000 is used to protect the operating system of Windows 2000 against security attacks and record handling results and alarm information in logs. The major functions of the SetWin2000 in detail include:

Sets user authority to access system file and folders Sets user authority to access the system register Sets key assignments of the register Sets the service options allowed to run by the system Sets system communications ports
6-5

HUAWEI UMTS O&M Planning and Configuration


Chapter 6 Background Knowledge Requirements

Sets user authority to access shared folders and file of the system Sets system verification mechanism Sets system account check mechanism Sets IIS Sets Microsoft SQL Server

6.3.3 Operating Environment Requirements


I. Hardware Requirements
To install the SetWin2000 on a computer, check the computer for the following hardware configurations:

CPU: Pentium 300 MHz or higher Memory: 128 M or larger Disk capacity: at least 11 M free space (10 M for log storage) on the disk containing the setup folders

II. Software Requirements


To install the SetWin2000 on a computer, check the computer for the following software configurations:

Operating system of Windows 2000 (including the patches) IIS if the computer is required to provide the IIS Server Settings function SQL Server database management system software (including patches) if the computer is required to provide the Microsoft SQL Server Settings function No virus in the software on the computer

6.4 SysPatron
6.4.1 Overview of SysPatron
The i3 SURE SysPatron system security protector (shorted as SysPatron hereinafter) developed by Huawei is used to increase the virus detection and protection capabilities of the computers with operating system of Windows 2000. This manual only describes the major functions, software composition and operating environment requirements of the SysPatron. For the details about it, see the i3 SURE SysPatron User Manual.

6.4.2 Functions of SysPatron


The SysPatron provides the following functions:

Monitors startup of the application WIN32 Periodically detects system integrity Running control and integrity checks

6-6

HUAWEI UMTS O&M Planning and Configuration


Chapter 6 Background Knowledge Requirements

Generates check files Records operation logs Automatically triggers alarms.

Note: The application of WIN32 described here includes services.

6.4.3 Composition of SysPatron


SysPatron is not independent software but a system that comprises software and files. It includes three parts: application, files and supporting tools, as shown in Table 6-5. Table 6-5 Software composition of the SysPatron Type Application Name SpyCenter.exe Function System monitor software, used to monitor the startup of the operating system and WIN32 in the server software and to detect server integrity Parameter configuration file, used to configure various parameters for the SysPatron Alarm interface file Log file System file Running control and integrity detection software Verify file generator

Files

Ppt.ini WarnIn.dll Ppt.log ProcActionSpy.sys

Supporting tools

SpyControl.exe VerifyFileCreator.exe

6.4.4 Operating Environment Requirements


I. Hardware Requirements
The hardware that supports SysPatron must be configured as follows:

CPU: Pentium133 MHz or higher Memory: 128 M or larger Ethernet adapter: well installed and able to work normally Hard disk capacity: enough free space of the disk where the log file backup folder is located must be predicted according to the exception occurrence frequency in the actual operating environment.

6-7

HUAWEI UMTS O&M Planning and Configuration

Chapter 6 Background Knowledge Requirements

II. Software Requirements


Check that the SysPatron software complies with the following requirements:

The computer to be installed SysPatron has been installed the operating system of Windows 2000 (including patches). There is no virus in the software on the computer.

6-8

HUAWEI UMTS O&M Planning and Configuration

Appendix Acronyms and Abbreviations

Appendix Acronyms and Abbreviations


3 3GPP B BAM C CG CN CN-CS CN-PS CORBA CPU CS D DDN E EMS F FTP G GGSN GUI H HDU HLR I IANA ICMP IEEE IP IPoA Internet Assigned Number Authority Internet Control Message Protocol Institute of Electrical and Electronics Engineers Internet Protocol Internet Protocols over ATM HLR Database Unit Home Location Register Gateway GPRS Support Node; Graphic User Interface File Transfer Protocol Element Management System Digital Data Network Charging Gateway Core Network Core Network-Circuit Switched domain Core Network-Packet Switched domain Common Object Request Broker Architecture Center Processing Unit Circuit Switched domain Back Administration Module 3rd Generation Partnership Project

F-1

HUAWEI UMTS O&M Planning and Configuration

Appendix Acronyms and Abbreviations

IWF L LAN LMT LPU M MGW N NMCU NMPT NMS NodeB NTP O OMU P PS R RAN RNC S SAU SGSN SMTP SMU SNMP SRU T TC TCP TFTP U UDP UMTS

Interworking Function

Local Area Network Local Maintenance Terminal Line Processing Unit

Media Gateway

NodeB Main Control Unit NodeB Main Processor & Timing unit Network Management System WCDMA BTS Network Time Protocol

Operation & Maintenance Unit

Packet Switched domain

Radio Access Network Radio Network Controller

Signaling Access Unit Serving GPRS Support Node Simple Mail Transfer Protocol Subscriber Management Unit Simple Network Management Protocol Switch Router Unit

Terminal Concentrator Transmission Control Protocol Trivial File Transfer Protocol

User Datagram Protocol Universal Mobile Telecommunications System

F-2

HUAWEI UMTS O&M Planning and Configuration

Appendix Acronyms and Abbreviations

UOMU V VLAN W WMPU WMUX WRBS WRSS

Packet Service O&M Unit

Virtual Local Area Network

WCDMA RNC switch module Main Processing board WCDMA RNC system MUltipleXing board WCDMA RNC Business Subrack WCDMA RNC Switch Subrack

F-3

HUAWEI UMTS O&M Planning and Configuration

Index

Index
A
antivirus software from Trend, 3-7 update, 3-9

C
CG9812 IP requirement, 2-8 O&M access, 2-7 physical port requirement, 2-8 TCP/UDP port number, 2-8 CN-CS network device, 2-8 network structure, 2-8 CN-PS NE type, 2-1 network device, 2-4 network structure, 2-4 product model, 2-1 IP address, 6-1 IP route, 6-4 TCP/UDP port number, 6-4 VLAN, 6-5

B
background knowledge

BSC6800 IP requirement, 2-15 O&M access, 2-15 physical port requirement, 2-16 TCP/UDP port number, 2-16 BTS3802C IP requirement, 2-17 O&M access, 2-16 physical port requirement, 2-17 TCP/UDP port number, 2-17 BTS3806 IP requirement, 2-17 O&M access, 2-16 physical port requirement, 2-17 TCP/UDP port number, 2-17 BTS3806A IP requirement, 2-17 O&M access, 2-16 physical port requirement, 2-17 TCP/UDP port number, 2-17 BTS3812 IP requirement, 2-17 O&M access, 2-16 physical port requirement, 2-17 TCP/UDP port number, 2-17

E
E1/T1 bearers overview, 2-24 WAN over entire E1/T1, 2-24 WAN over partial E1/T1, 2-25 example RNC-NodeB maintenance networking, 5-11 WAN, 5-4

F
firewall attack protection function, 3-5 flow filter configuration, 3-4 overview, 3-4

G
GGSN9811 IP requirement, 2-6 O&M access, 2-6 physical port requirement, 2-7 TCP/UDP port number, 2-7

i-1

HUAWEI UMTS O&M Planning and Configuration

Index networking, 2-2 overview, 2-2 physical port requirement, 2-3 TCP/UDP port number, 2-3 maunal objective, 1-1 organization, 1-1 reader, 1-1 scope, 1-1 MSOFTX3000 IP address requirement, 2-9 O&M access, 2-9 physical port requirement, 2-10 TCP/UDP port number, 2-10

H
HLR9820 IP requirement, 2-13 O&M access, 2-12 physical port requirement, 2-13 TCP/UDP port number, 2-13 HUAWEI UMTS system network device, 2-1

I
intended reader, 1-1 IP address requirement MSOFTX3000, 2-9 UMG8900, 2-11 IP bearer mode LAN, 2-23 overview, 2-22 WAN over DDN/X.25, 2-25 WAN over E1/T1, 2-24 IP network related fundamental, 6-1 IP requirement BSC6800, 2-15 CG9812, 2-8 HLR9820, 2-13 M2000, 2-3 NodeB, 2-17 SGSN9810, 2-5 SIWF, 2-14

N
network plan cost-saving principle, 4-2 determine firewall configuration, 4-6 determine IP bearing network, 4-3 determine IP route, 4-6 determine network structure, 4-4 determine node IP, 4-5 expandability principle, 4-2 flow, 4-3 principle overview, 4-1 security principle, 4-1 understand network information, 4-3 NodeB IP requirement, 2-17 O&M access, 2-16 physical port requirement, 2-17 TCP/UDP port number, 2-17

L
LAN networking example IP addresses plan, 5-3 IP route configure, 5-4 network configuration, 5-1 network structure plan, 5-2 overview, 5-1 local maintenance system, 2-22 logical topology of UMTS O&M network, 2-21

O
O&M access BSC6800, 2-15 CG9812, 2-7 GGSN9811, 2-6 HLR9820, 2-12 MSOFTX3000, 2-9 NodeB, 2-16

M
M2000 IP requirement, 2-3

i-2

HUAWEI UMTS O&M Planning and Configuration SGSN9810, 2-5 SIWF, 2-14 UMG8900, 2-11 objective of manual, 1-1 OfficeScan, 3-8 organization, 1-1 security requirement guarantee normal operation, 3-1 guarantee O&M data security, 3-2 security solution antivirus software deployment, 3-7 feature, 3-2 firewall deployment, 3-4 security zone, 3-3 virus protection setting, 3-5 security zone classification principle, 3-4 introduce, 3-3 SetWin2000 function, 6-5 operating environment, 6-6 overview, 6-5 SGSN9810 IP requirement, 2-5 O&M access, 2-5 physical port requirement, 2-5 TCP/UDP port number, 2-5 SIWF IP requirement, 2-14 O&M access, 2-14 physical port requirement, 2-14 TCP/UDP port number, 2-14 SysPatron composition, 6-7 function, 6-6 operating environment, 6-7 overview, 6-6

Index

P
physical port requirement, 2-17 physical port requirement BSC6800, 2-16 CG9812, 2-8 HLR9820, 2-13 M2000, 2-3 MSOFTX3000, 2-10 SGSN9810, 2-5 SIWF, 2-14 UMG8900, 2-11

R
RAN definition, 2-1 network device, 2-15 network structure, 2-15 reader background knowledge requirement, 1-1 role, 1-1 RNC-NodeB maintenance channel node IP, 2-19 overview, 2-18 subnet, 2-18 subnet IP route, 2-20 RNC-NodeB maintenance channel network IP address plan, 5-11 IP route configure, 5-13 network configure, 5-11 overview, 5-11

T
TCP/UDP port number BSC6800, 2-16 CG9812, 2-8 HLR9820, 2-13 M2000, 2-3 MSOFTX3000, 2-10 NodeB, 2-17 SGSN9810, 2-5 SIWF, 2-14 TCP/UDP port Number i-3

S
scope of manual, 1-1 security attack, 3-1, 3-2 security protection solution, 3-1, 3-2

HUAWEI UMTS O&M Planning and Configuration UMG8900, 2-11 TMCM plus OfficeScan, 3-7 security solution, 3-1, 3-2 UMTS system network structure, 2-1

Index

U
UMG8900 IP address requirement, 2-11 O&M access, 2-11 physical port requirement, 2-11 TCP/UDP port Number, 2-11 UMTS O&M network bandwidth requirement, 2-22 example of LAN, 5-1 example of RNC-NodeB network, 5-11 example of WAN, 5-4 IP bearer mode, 2-22 local maintenance system, 2-22 logical topology, 2-21 normal situation description, 2-21 plan flow, 4-3 plan principle, 4-1 security requirement, 3-1

V
virus protection setting for O&M terminal, 3-6 for UNIX Server, 3-6 for Windows 2000 Server, 3-6

W
WAN networking example CN IP address plan, 5-7 CN IP route configur, 5-8 IP address allocate to LAN, 5-6 network configure, 5-4 network structure plan, 5-5 overview, 5-4 RAN IP address plan, 5-9 RAN IP route configur, 5-10

i.

i-4