23-08-2022 – OFR SDM HLD - 1 / 34

Orange France SDM SWAP

HLD

© Nokia 2015
23-08-2022 – OFR SDM HLD - 2 / 34

Contents
Contents ............................................................................................................................................................... 2
Summary of changes ........................................................................................................................................ 5
1 About this Document ...................................................................................................................... 7
2 Solution Overview ............................................................................................................................ 7
3 Architecture Overview ..................................................................................................................... 8
3.1 Functional architecture ................................................................................................................... 8
3.2 Network Equipments ....................................................................................................................... 8
3.2.1 FE Applications .................................................................................................................................. 8
3.2.2 One-NDS ............................................................................................................................................. 11
3.2.3 ETL ......................................................................................................................................................... 11
3.2.4 HSM ...................................................................................................................................................... 13
3.2.5 OAM ..................................................................................................................................................... 13
3.3 Pre-Production .................................................................................................................................. 16
3.4 Production .......................................................................................................................................... 17
4 Provisioning........................................................................................................................................ 19
4.1 Provisioning routing ........................................................................................................................ 19
4.2 Unified Plugin .................................................................................................................................... 20
5 Configuration Use Cases ................................................................................................................ 21
5.1 MAP version negotiation table extension ................................................................................. 21
5.2 CAMEL Agreement table extension ............................................................................................ 21
5.3 EPS NSR QoS table extension ....................................................................................................... 21
5.4 SLh interface configuration ........................................................................................................... 21
5.5 GenericConfig .................................................................................................................................... 21
5.6 GroupIMPU configuration ............................................................................................................. 23
6 Dimensioning and Traffic Model ................................................................................................. 24
6.1 Pre-Production .................................................................................................................................. 24
6.2 Production .......................................................................................................................................... 25
7 High Availability, Failover and Disaster Recovery ................................................................... 26
7.1 High Availability ................................................................................................................................ 26
7.1.1 FE application servers ...................................................................................................................... 26
7.1.2 One-NDS ............................................................................................................................................. 26
7.1.3 HSM ...................................................................................................................................................... 26
7.1.4 NetAct and ARC ................................................................................................................................ 26
7.2 Failover and recovery ...................................................................................................................... 27

© Nokia 2015
23-08-2022 – OFR SDM HLD - 3 / 34

7.2.1 HLR to/from STP connection ........................................................................................................ 27

7.2.2 HSS to/from DRA connection ....................................................................................................... 27
7.2.3 FEs to/from R-DS connection ....................................................................................................... 27
7.2.4 FEs to/from NTF ................................................................................................................................ 27
7.2.5 PGW ...................................................................................................................................................... 27
7.2.6 R-DS to BE-DS ................................................................................................................................... 28
7.2.7 FEs to/from HSM .............................................................................................................................. 28
8 High Level Design Assumptions and Decisions ...................................................................... 29
9 Security ................................................................................................................................................ 29
10 NT-HLR Features ............................................................................................................................... 30
11 CMS8200 Features ........................................................................................................................... 31
12 One-NDS Features ........................................................................................................................... 31
13 IP Architecture ................................................................................................................................... 33
14 Remote Access .................................................................................................................................. 33
15 References .......................................................................................................................................... 33

© Nokia 2015
23-08-2022 – OFR SDM HLD - 4 / 34

Figure 1: Orange France SDM Architecture .........................................................................................................................8

Figure 2: Orange France SDM Functional Architecture – Pre-Production .............................................................. 17
Figure 3: Orange France SDM System Overview – Pre-Production .......................................................................... 33

Table 1: NT HLR Interfaces ........................................................................................................................................................9

Table 2: CMS8200 (HSS) Interfaces ..................................................................................................................................... 10
Table 3: One-NDS components............................................................................................................................................ 11
Table 4: Pre-Production NEs .................................................................................................................................................. 16
Table 5: Production NEs .......................................................................................................................................................... 18
Table 6: H1H2 repartition ....................................................................................................................................................... 20
Table 7: Production Dimensioning Result ......................................................................................................................... 25
Table 8: NT-HLR Features ....................................................................................................................................................... 31
Table 9: CMS8200 Features.................................................................................................................................................... 31
Table 10: One-NDS Features ................................................................................................................................................. 32

© Nokia 2015
23-08-2022 – OFR SDM HLD - 5 / 34

Summary of changes

Issue Date Author Changes

V0.1 10/07/2015 Anahita Gouya Draft for internal review

V1.0 16/07/2015 Anahita Gouya First version

V1.1 25/11/2015 Anahita Gouya Update based on OFR comments
V1.2 18/03/2016 AG Update LSS and ETL sections and adding reference to
Enterprise Migration Strategy document
V1.3 08/04/2016 AG Update for SLh feature introduced in HSS16
Adding SCTP timers
Adding KPI requirements reference
Adding Unified Plugin details
Updating Configuration Use Cases section
V1.4 17/06/2016 AG Update based on OFR comments
Updating Configuration Use Cases section (ongoing
feature requests and GroupIMPU configuration)
V1.5 08/11/2016 Sébastien Julienne Update NEBR version to 16MP1

V1.6 03/05/2017 Jacques Dangas Update NEs Software version

Update Configuration Use cases
V1.7 31/07/2017 Jacques Dangas Update HSM boxes (PRE-PROD + PROD site)

V1.8 15/02/2018 Jacques Dangas With “SDM capacity upgrade” project, update of:
- - Chapter 3.3 Pre-Production NEs
- - Chapter 3.4 Production NEs
- - Chapter 7.2 / Table 6: Production Dimensioning Result
- Update of OS installed base on PP & PROD (chap 3.3 &
3.4)
V1.9 14/03/2018 Jacques Dangas Update of OS installed base on PP & PROD (chap 3.3 &
3.4)
V1.10 22/05/2018 Jacques Dangas Update of:
- Chapter 3.4 - Production NEs
- Chapter 7.2 - Production Dimensioning Result
Chapter 14 - add of IP PROD diagram

V1.11 07/01/2019 Jacques Dangas Add of S3 project + 18.5 upgrade:

- Chapter 3.3 - Pre-Production NEs
- Chapter 3.4 - Production NEs
- Chapter 4.1 - Routing
- Chapter 7.2 - Production Dimensioning Result
- Chapter 14 - IP Architecture

© Nokia 2015
23-08-2022 – OFR SDM HLD - 6 / 34

Issue Date Author Changes

V1.12 22/03/2019 Jacques Dangas Add of ARC NEs:
- Chapter 3.2.1 – FE Applications (HLR, HSS)
- Chapter 3.2.5.2 – Add of ARC solution
- Chapter 3.3 - Pre-Production NEs
- Chapter 3.4 - Production NEs
- Chapter 8.1.5 - Add of ARC resilience description
- Chapter 14 - IP Architecture
4.1 Provisioning chapter update:
- Add of H1H2 table
Migration part removal
V1.13 28/05/2019 Jacques Dangas Removal of RCSe profile subs
Update of OS installed base on PP with ARC (chap 3.3)

V1.14 26/06/2019 Jacques Dangas Update based on OFR comments

V1.15 29/04/2020 Jacques Dangas Update for HW modernization, FP7 ARC SW upgrade &
ETL:
- Chapter 3.2.3 - ETL
- Chapter 3.3 - Pre-Production NEs
- Chapter 3.4 - Production NEs
Removal of NEBR reference

V1.16 03/11/2020 Jacques Dangas Update for HW modernization & ETL:

- Chapter 3.2.3 - ETL
- Chapter 3.3 - Pre-Production NEs
- Chapter 3.4 - Production NEs
- Chapter 4 - Provisioning - H1H2 repartition
- Chapter 6.2
V1.17 16/12/2020 Jacques Dangas Update for NETACT upgrade:
- Chapter 3.3 - Pre-Production NEs
- Chapter 3.4 - Production NEs
V1.18 24/03/2021 Jacques Dangas Update for 20.8 upgrade
V1.19 23/08/2022 Marc Jouin Upgrade for RDS swap (GEN9 -> GEN10) and RDS
decommissioning (GEN9)

© Nokia 2015
23-08-2022 – OFR SDM HLD - 7 / 34

1 About this Document

The main goals of this document are:
- Presenting the Orange France SDM Swap project for mobile and Enterprise services
- Describing the overall architecture of the solution
- Detailing SDM network components
- Specifying the interaction between SDM network components and external systems
- Describing the features and services provided through the solution

2 Solution Overview
The Orange France SDM Swap project intends to:
• Design and integrate SDM solution (containing Nokia One-NDS, NT-HLR, CMS-8200,
Netact, ARC) in Orange France network
o Note: The SDM solution is used for Orange France 2G/3G/4G,
VoLTE/VoWiFi IMS and Fixed Business VoIP subscribers.
The SDM platforms to be deployed for Orange France are:
• Testbed (located in Poland, one physical site) for validation purpose (Not discussed in
this document)
• Pre-Production on 3 physical sites (Neuilly sur Marne, Bagnolet, Beaujon)
• Production on 3 physical sites (Blanc-Mesnil, Massena, Saint-Lambert)
The technical solution description and service solution description are detailed in [1 and 2].
The OFR SDM solution contains as well ETL (Extract Transform and Load Converter) and LSS
(Light Supervision System) solutions detailed in 3.2.3 and 3.2.5.3 respectively.
ETL is deployed in Blanc Mesnil and LSS in Saint Lambert.
The ARCHIVE CLOUD Solution is deployed at the Beaujon site for pre-production and at the
Saint-Lambert site for production.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 8 / 34

3 Architecture Overview
3.1 Functional architecture

Following figure summarizes the functional architecture of SDM solution for Orange France.

CS/PS Domain LTE/EPS Domain IMS Domain (Mobile) IMS Domain (Fixe)
SGSN

I/S-CSCF TAS
SCP SNP MSC/VLR MME SAE-GW I/S-CSCF TAS

SS7/MAP Diameter
Hd
Application Front-Ends
IP

NT HLR FE HSM CMS-8200 HSS FE (mobile) CMS-8200 HSS FE (Enterprise)

SDM
Subscriber
Data One-NDS
Management LDAP PGW-DSA
LDAP

Routing DSAs
Provisioning Gateway
BE DSAs

NetAct
Status
Notification Manager Administrator Service

SOAP

Figure 1: Orange France SDM Architecture

3.2 Network Equipments

3.2.1 FE Applications
3.2.1.1 NT-HLR

NT-HLR is Nokia HLR solution based on ETSI and 3GPP specified HLR function for CS and PS
networks. NT-HLR is data-less and contains a distributed architecture in which application logic
and subscriber data are separated. In the Nokia SDM solution, the subscriber data are stored in
One-NDS. For details on NT-HLR functions refer to [3].

© Nokia 2015
23-08-2022 – OFR SDM HLD - 9 / 34

Below table summarizes the functional interfaces between NT HLR and other NEs:

NE Interface

VLR via STP D-Interface MAP SS7

MSC-S via STP C-Interface MAP SS7

SGSN via STP Gr-Interface MAP SIGTRAN

SMS-C via STP Hi-Interface MAP

IP-SM-GW via STP J-Interface MAP

NT-HLR
PGW-DSA (Notification Server) http/SOAP

HSM Proprietary protocol

R-DSA LDAP

CMS8200 via DRF Hd (Diameter)

ARC B&R

NetAct OAM

Table 1: NT HLR Interfaces

3.2.1.2 CMS8200

CMS8200 is Nokia HSS solution that provides IMS-related functions of HSS as specified by
3GPP. CMS8200 deployment for Orange France SDM project is distributed (HSSd) containing
HSS FE and the subscriber data repository (in One-NDS). For details on CMS8200 functions refer
to [4].

© Nokia 2015
23-08-2022 – OFR SDM HLD - 10 / 34

Below table summarizes the functional interfaces between HSS and other NEs:

NE Interface

CSCF via DRF Cx (Diameter)

AS (SCC-AS/MMTel) via DRF Sh (Diameter)

IP-SM-GW via DRF Sh (Diameter)

AAA via DRF SWx (Diameter)

MME via DRF S6a (Diameter)

HSS PGW-DSA (Notification Server) http/SOAP

HSM Proprietary protocol

R-DSA LDAP

NT-HLR via DRF Hd (Diameter)

GMLC SLh (Diameter)

ARC B&R

NetAct OAM

Table 2: CMS8200 (HSS) Interfaces

Note: for HSS Enterprise only Cx and Sh (to AS) interfaces as well ARC and NetAct are relevant.

Note: The support of 3GPP SLh interface for location services (FC123_106621) is introduced in
HSS16. The related configuration for OFR SDM in detailed in 5.4.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 11 / 34

3.2.2 One-NDS
One-NDS (Network Directory Server) is a real-time and distributed data base for 2G, 3G, and 4G
networks. One-NDS contains a distributed and replicated architecture to ensure high service
availability and provides a common centralized database for multiple applications (here HSS
and HLR). For details on One-NDS functions refer to [5].
Below table summarizes the One-NDS components and their functions:
One-NDS component Description

R-DSA Contains references to subscriber data to allow

fast access to subscriber directory by FE
(Routing Directory System Agent)
Applications (via LDAP)
All R-DSA contain same directory

BE-DSA (Back End DSA) Contains subscriber data

Comprises 3 nodes each containing same
directory data

PGW Single subscriber provisioning point

PGW-DSA Contains PGW configuration data

NTF Distributes SOAP notifications, based on event-

driven triggers generated from One-NDS

Install Server One-NDS SW management/update

ADM One-NDS management central point

Table 3: One-NDS components

3.2.3 ETL

ETL (Extract Transform and Load Converter) provides Orange France the possibility of exporting
the One-NDS data on a daily basis in order to allow full data post processing and enhanced
reporting.

ETL is deployed in production site (Blanc Mesnil) on an HP ProLiant DL380 & DL 360 8SFF
Gen10 server.

ETL solution is integrated in both pre-production and productions One-NDS sites.

ETL contains following components:

- Collector: which performs a selection of the most recent backup files from DSA, transfers
to ETL server (via sFTP) and performs subsequent management of the conversion
process. DS selection is automatic, based on time backup has been done.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 12 / 34

- Loader: which performs the generation of output files and loads converted files into
Apache Drill
- Apache Drill: this is the embedded SQL engine which serves as an interface for SQL
clients and provides SQL access. The client queries will be transformed and responded
back to by Apache Drill Foreman layer.
Note: The conversion performed by collector consists of converting NDS backup data into a
configured set of SQL table into Apache Drill. There is hence no intermediary files which will
be processed and generated by ETL.
Note: ETL output format (SQL access) is single objectclass per file with no customization. To
provide SQL Access, the standard ETL Snapshot will be integrated with an embedded
Apache Drill and the extracted data will be loaded in Apache Drill. Each objectclass would
generate a table which can then be queried by ETL client.
ETL will extract relevant objectclasses from subscriber data. Objectclasses without information
on subscriber data or the ones containing of limited use, will not be extracted and will be
filtered out. ETL removes from the extracted backup files the object classes containing empty
attribute.
ETL can be configured to output selected Non-Subscriber Related (NSR) data from the One
NDS R-DSA, in a similar format to subscriber data. However, this is typically lower volume in
terms of actual number of objects but large numbers of actual objectclasses. This puts an
increased load on any system that needs to process the output as there will be significantly
more output files produced. In the scope of OFR, the identifier of NSR objectclasses needs to be
retrieved (example: hlr.tcsi.<operatorServiceName> ->objectClass : T-CSI or hlr.<NATSS01> to
<NATSS15> -> SSPLAN object, ssId attribute).
Below, some example of SQL queries that can be launched by ETL client:
• query subscribers with Roaming Service (odbBaroam=‘0’)
select tbl1.dsa_id,tbl1.uid,tbl1.dn,tbl1.odb_baroam,tbl2.msisdn from
bqr.latest.subinnss as tbl1 join bqr.latest.msisdninnss as tbl2 on tbl1.uid=tbl2.uid where
tbl1.odb_baroam='0'
• query subscribers having CLIR+CLIP+Multi Party
select uid,supp_service from bqr.latest.subinnss where
CONCAT(',',supp_service,',') LIKE '%,81,%'
and CONCAT(',',supp_service,',') LIKE '%,17,%'
and CONCAT(',',supp_service,',') LIKE '%,18,%'
• query subscribers having CFU on 201099999998
select uid,ftno_cfu from bqr.latest.ssinnssparam where ftno_cfu='201099999998'
• query subscribers having PDP profile =1
select uid,pdp_type from bqr.latest.gprsdata where pdp_type=1
• count total number of subscribers
select count(*) from bqr.latest.subinnss

ETL is connected to NetAct, so SW and HW ETL servers alarms are managed by NETACT.
© Nokia 2015
23-08-2022 – OFR SDM HLD - 13 / 34

3.2.4 HSM
Utimaco Hardware Security Module (HSM) box is connected to HLR and Mobile HSS to ensure
safe and secure handling of the authentication data including the calculation of vectors for
mobile subscriber authentication and encryption key management.

3.2.5 OAM
3.2.5.1 NetAct
NetAct is the management solution providing OAM for SDM solution equipments. NetAct
provides following main features for network management:
- Fault Management
- Performance management
- Configuration management
- Hardware management
- Software management
NetAct Northbound interfaces are used for connecting NetAct to service management systems.
The southbound interfaces are used for integrating NEs to NetAct.

3.2.5.2 ARC

ARchive Cloud solution is used to perform backup and restore functionality from the Cloud
Environment and is able to manage backup Bare Metal and Cloud based products. The main
features are:
- Cloud deployment (hardware independent)
- Support of B&R functions for PNF/VNF
- Strong data deduplication implemented on the Client side
- Easy, scalable solution up to 108TB of raw capacity
- Automatic configuration of backup and restore processes means that less configuration
is required from the operator
- Support for pre/post backup/restore scripts, allowing to take advanced backups
- Support of monitoring of backup and restore processes visible in dedicated console.
- Ability to integrate backup and restore processes for standard network elements

3.2.5.3 LSS (Light Supervision System)

LSS provides limited supervision functions (alarms retrieving and displaying, remote NE
connections) when no NetAct is available for supervision. LSS retrieves from NetAct the list of
NE to supervise and NE information to be connected. When monitoring is required by LSS, this
latter retrieves NE alarms by polling them and allows users to access NE for troubleshooting
purpose.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 14 / 34

In the scope of OFR SDM project, LSS is deployed as a specific software solution to secure Fault
Management in case of NetAct unavailability. LSS is installed in production site (Saint Lambert)
on an HP DL380 G9 server with a Linux OS.
LSS interacts with NetAct (SQL-LDAP/ssh) to get:
• The list of NE to supervise
• NE information to be connected to.
NE covered in the scope of OFR project are NT-HLR, One NDS, CMS, CFX 5000, ACME BGW.
LSS is permanently on and when required interacts with NEs to:
• Retrieves and displays defined NE’s alarmsby polling them (every 5 minutes on average).
o NE are polled in parallel using standard interfaces (EsyMac-over-ssh, fmc or
MML)
o Only active and new (younger than 5 minutes) alarms are inserted in LSS
database.
• Allow remote NE connections for troubleshooting using appropriated protocol. In OFR
SDM project, direct ssh will be used.

To detect automatically a NetAct unavailability, LSS implements a heartbeat mechanism to ping

regularly the NetAct OSS FM processes (e.g. every 15 minutes). LSS will retrieve both the
topology and the list of acknowledged alarms.

• If FM processes are up, topology and acknowledged alarms have been retrieved → No
actions

• If FM processes are down, topology and acknowledged alarms cannot be retrieved

•
o LSS uses the latest retrieved topology to get access to NE and starts polling
alarms

o LSS loads its database with retrieved active alarms

o LSS acknowledged active alarms that were acknowledged in NetAct before the
breakdown

LSS provides also re-routing function to enable NE reconfiguration to get them connected to a
second NetAct when first one is down. On primary NetAct failure detection (through Heart-bit),
LSS reconfigures NEs to send their data (FM, PM, CM) to second NetAct.
Switching from primary to backup NetAct can be manual or automatic. Nokia recommendation
is to use manual option to perform analyses before switching. Coming back from backup to
nominal NetAct is manual only.

LSS provides a web-based user interface (https) for end user access.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 15 / 34

For details on LSS solution, refer to [9].

© Nokia 2015
23-08-2022 – OFR SDM HLD - 16 / 34

3.3 Pre-Production
Nokia SDM pre-production NEs are distributed on 3 separate sites (Neuilly sur Marne, Bagnolet,
Beaujon). Following table summarizes the version and number of NEs of the pre-production
platform:

Product Version Number of NEs

NT-HLR FE 20.8 Neuilly sur Marne : 1 G10 blade (S3) + 1 G9 blade

Bagnolet : 2 G9 blades
Beaujon : 2 G9 blades

HSS FE 20.8 Neuilly sur Marne : 1 G10 blade (Entreprise)+ 1 G10

blade (S3) + 1 G9 blade.
Bagnolet : 1 G9 blade
Beaujon : 1 G10 blade (Entreprise)

PGW 2 (one in site 1 and one is site 2 with G10 blade)

PGW-DSA 1 per site (G10 blade)

BE-DS 4 per site (G10 blades)

Note: As per Orange requirement, 1 BE-DS per site will
19 be dedicated to Enterprise service, 1 BE-DS per site will
be dedicated to S3 project.

R-DS 1 per site (G10 blade)

Admin Server 1 per site (G10 blades)

Install Server 1 per site (G10 blades)

HSM 4 2 per site + 1 HSM (S3) in Neuilly

NetAct 20 SP2009 1 in one site

ARC FP7 1 in one site: Beaujon (2 G9 servers + 1 EMC Data

Domain)

Table 4: Pre-Production NEs

© Nokia 2015
23-08-2022 – OFR SDM HLD - 17 / 34

Following figure illustrates the functional architecture of SDM solution on pre-production.

Figure 2: Orange France SDM Functional Architecture – Pre-Production

Note: Except one HSS-FE and one BE-DSA dedicated to Enterprise service, all other NEs are
commonly used for both mobile and Enterprise services.
Note: since authentication of Enterprise users is based on SIP Digest, HSM is not relevant for
HSS Enterprise.
Note: considerations on dedicated HSS and BE-DSA for enterprise:
- Data models: Orange confirms that SCE and BtelU (two Orange enterprise
services on current HSSc) data models are identical
- Audit on HSSc configuration for SCE and BtelU services
The list of up-to-date installed OS is detailed in:

OFR_SDM_PreProduc
tion_OSF_1.24_20220823.xlsx

3.4 Production

© Nokia 2015
23-08-2022 – OFR SDM HLD - 18 / 34

Nokia SDM production NEs are distributed on 3 separate sites (Blanc-Mesnil, Massena, Saint-
Lambert). Following table summarizes the version and number of NEs of the production
platform:

Product Version Number of NEs

NT-HLR FE 20.8 6 per site (6 G9 blades) + 1 for Roaming test on

Blanc-Mesnil site (G9 blade)
1 per site for S3 (G10 blades)

HSS FE 20.8 3 per site for mobile (G9 blades)

1 per site for Enterprise (G10 blades)
1 for Roaming test on Blanc-Mesnil site (G9 blade)
1 per site for S3 (G10 blades)

PGW 5 (2+2+1) (G10 blades)

PGW-DSA 1 per site (G10 blade)

BE-DS 17 per site for mobile (G10 blades)

1 per site for Enterprise (G10 blade)

19 1 per site for Roaming test (G10 blade)

1 per site for S3 (G10 blade)

R-DS 7 per site (G10 blades)

Admin Server 1 per site (G10 blade)

Install Server 1 per site (G10 blade)

HSM 4, 4C 6 per site for HLR mobile

2 per site for S3

NetAct 20 SP2009 1 in one site

ARC FP7 1 in Saint-Lambert (2 G9 servers + 1 EMC Data

Domain)

ETL Server: 1 in Blanc-Mesnil: 8 G10 servers (2 ETL, 2 Master, 4

segment)
Backup 1.4+
Collector:
1.5.8.01.01+
Master/Segment :
Greenplum – 4.3.23.0

Table 5: Production NEs

© Nokia 2015
23-08-2022 – OFR SDM HLD - 19 / 34

The list of up-to-date installed OS is detailed in:

OFR_SDM_Productio
n_OSF_1.37_20220823.xlsx

4 Provisioning
4.1 Provisioning routing

PGW is entry point in One-NDS for managing subscriber and service directory data based on
commands provided by IT provisioning system. Provisioning requests are forwarded from IT
system to PGW towards SPML provisioning interface for processing and injecting to directory
systems in One-NDS.
All PGWs are in active mode and provisioning traffic should be load balanced between PGWs by
IT system.
Initially, in the scope of Orange SDM project, Nokia recommended to let One-NDS assign UID
to distribute subscribers across DSAs. As per Orange requirement, the Mobile/Enterprise
subscribers will be placed to dedicated BE-DSA. This will be performed via specific rules based
on prefixes provided in UID in IT provisioning requests.
This UID prefix will be used as distribution rule to affect the location of subscribers in One-NDS.
The UID field needs to be provided in provisioning SPML requests by IT with appropriate prefix
to distinguish mobile/enterprise subscribers. The provisioning requests for mobile/Enterprise
users shall include dedicated UID prefix.
- For mobile subscribers: In nominal case, the UID can be provisioned with digit “0” only.
Mobile subscribers are divided into IMSI ranges on different pools of BE-DSA. The
roaming test users belong to mobile subscribers with H1H2=”10”, hence the UID prefix
to be used is “010”. This leads to “0H1H2” prefix on UID for mobile subscribers.

o Note that splitting subscribers per IMSI range on different pools of BE-DSA
requires the use of around 100 rules on PGW that lead to more operational
activities. Besides there will be a slight speed impact in case of mass provisioning
(no impact on nominal case).

- For enterprise subscribers: the UID can be provisioned with “9” and the main IMPI
should be used.

The below rules are actually used:

- Mobile: uid prefix = 0H1H2 towards all-Mobile BE-DSAs
- Roaming: uid prefix = 010 towards Roaming BE-DSA
- Entreprise: uid prefix = 9 towards Entreprise BE-DSA

© Nokia 2015
23-08-2022 – OFR SDM HLD - 20 / 34

Table 6: H1H2 repartition

Note that these rules need to be updated during extensions of One-NDS.

- For S3 subscribers: Orange network will route SDM queries concerning S3 subs only to
dedicated S3 FE’s. S3 FE’s will receive only queries concerning S3 subs.

4.2 Unified Plugin

The unified Plug-In used for OFR SDM for providing single point of provisioning for subscriber
data is detailed in [20].

This 20.8 Unified Plugin contains below Extension packages:

ONENDS-XXX0.165.020.00-P0504_ADM
ONENDS-XXX0.165.020.00-P0102_PGW
ONENDS-XXX0.165.020.00-P0201_NTF
ONENDS-WX-3GPPHSS-V170.05.02_01
ONENDS-WX-CommonHLRHSSV1650.01.01_01
ONENDS-WX-Common-V902.26.02_01
ONENDS-WX-HLR20-V1700.05.02_01
ONENDS-WX-HSSEPS-V1700.05.02_01
ONENDS-WX-HSSIMS-V1700.05.02_01

© Nokia 2015
23-08-2022 – OFR SDM HLD - 21 / 34

5 Configuration Use Cases

In this section, the main configuration use cases to be considered in the scope of OFR
environment/requirements are detailed.

5.1 MAP version negotiation table extension

Feature request is raised to extend MAP version Negotiation table from 2k entries to 10k.

5.2 CAMEL Agreement table extension

Feature request is raised to extend CAMEL Agreement table from 1499 entries to 10k.

5.3 EPS NSR QoS table extension

EPSQoS table will support up to 2500 entries.

5.4 SLh interface configuration

In the scope of OFR SDM project this feature is configured as per below.
- GMLC = 33689005218 (preprod SOLO), 33689005214 (prod SOLO)
- ServingNode/Priority
SLhServingNodePriority[0]. ServingNode=MME
SLhServingNodePriority[0]. Priority=1
SLhServingNodePriority[1]. ServingNode=SGSN
SLhServingNodePriority[1]. Priority=2
SLhServingNodePriority[2]. ServingNode=MSC
SLhServingNodePriority[2]. Priority=3
- SLhBlockLCSInterfaceCheck = not configured
- SLhLCSInterfacePriority = False
- SLhAdditionalNodeAVP = True
- SLhAddAllRegisteredServingNodes = True
- MaxNoPPR = 256
- SLhMMEIndicateLCSNotSupported = False
- Overload.BlockSLhRIROverLoadLevel = 4

5.5 GenericConfig

As per OFR requirement, the system.GenericConfig parameter on HSS dedicated to entreprise

service (Olympus tenant) is changed from 0 to 1024.
The Repository data is sent in User-Data structure of Sh-UDA/SNA/PNR (and is marked as
CDATA) only System.GenericConfig, Bit-9 (value of 1024) is set.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 22 / 34

CDATA marking is done using special character sequence in XML that marks particular part as
CDATA. The character sequence is defined in W3C standards. The part of the XML string marked
as CDATA shall not be parsed by the standard XML parser and thus it can contain characters
not allowed in XML elements. A CDATA section starts with “<![CDATA[“ and ends with “]]>”.
Depending on the value of the configuration parameter System.GenericConfig (Bit-9: value of
1024), the HSS may or may not mark the Repository data to the AS in UDA, SNA or PNR as
CDATA. According to 3GPP, CDATA must not be used in this context but the HSS always
accepts it in Sh-PUR and is capable of using that format in UDA, SNA, and PNR. When the
application server provides the data with CDATA, the HSS keeps that format regardless of the
configuration.
When configured, the Repository data the string inside the <ServiceData> tags is marked.
Example: <ServiceData>
<![CDATA[<BuddyList1>MyBuddy</BuddyList1>]]>
</ServiceData>

© Nokia 2015
23-08-2022 – OFR SDM HLD - 23 / 34

5.6 GroupIMPU configuration

To optimize GroupIMPU handling on Enterprise HSS, below parameters should be set:

• System. FeatureFlagInteger = 1
• System.GrpImpuBulkRead = True
• LDAPAccess. SpecificLDAPSearchFilter = 7
• bit 19 of system.GenericConfig to be activated (to enable staggering of group IMPU
NSR cache)
• LID.TriggerOutofSeqTimer= 5 seconds
• LID.TriggerMaxWaitTime = 120 seconds
• SearchSequenceCx= 3
• System.SearchSequenceSh =3
• Overload.BlockNSRCacheOverLoadLevel = 1
• LDAPAccess.NSRTimer = 2100 seconds
The GroupIMPU performance in SDM is detailed in FC123_106529 and [21].

On PGW, the feature flag GroupImpuValidation should be set to allow overlapping checks
during Group IMPU provisioning.
When the “GroupIMPU validation” is set:
- In case of a distinct IMPU provisioning, overlap validation is done only inside the IRS
where provisioning is requested.
o If this distinct IMPU is added to the same IRS:
▪ if “IsChildIMPU” flag is set, the distinct IMPU provisioning request will be
accepted, even if it overlaps with the already provisioned Group IMPU.
▪ if “IsChildIMPU” flag is not set, distinct IMPU provisioning request will
NOT be accepted in case of overlap. PGW will throw error that operation
can be done only if isChildImpu flag is set.
o If this distinct IMPU is added to the different IRS, there will be no overlap
verification between this distinct IMPU and already exiting GroupIMPUs in other
IRS. So, distinct IMPU provisioning request will be accepted in any case.

- In case of a Group IMPU provisioning, there will be two overlap verifications:

o Among all other GroupIMPUs

o Among distinct IMPUs inside the IRS where provisioning is requested

▪ If this range contains an IMPU already provisioned distinctly, GroupIMPU
provisioning is rejected, since in same IRS.

o If group IMPU is added to the different IRS, there will be no overlap verification
and the GroupIMPU provisioning shall be accepted.

If a subscriber is provisioned both as distinct and Group-IMPU, since System.SearchSequenceSh

and System.SearchSequenceCx are set to 3, search order in HSS will start with Group IMPU
cache, meaning that only the Group IMPU profile will be retrieved.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 24 / 34

6 Dimensioning and Traffic Model

6.1 Pre-Production

The pre-production platform is dimensioned to support 5 million subscribers on HLR

(provisioned and active subscribers), with following assumptions:

- All SDM subscribers have an HLR profile.

- In addition, some subscribers have an LTE profile with corresponding LTE traffic.

- Provisioned LTE subscribers and active LTE subscribers are estimated to 1.1 million
subscribers (included in the number of HLR subscribers).

- In addition, some subscribers have a VoLTE+VoWiFi profile with corresponding

VoLTE+VoWiFi traffic. Provisioned and active VoLTE+VoWiFi subscribers are estimated
to 0.4 million subscribers.

HSS traffic for pre-production has same rate as per production.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 25 / 34

6.2 Production

The Orange France traffic model inputs and assumptions for SDM mobile are detailed in [7] and
Nokia dimensioning study results are presented in [8].

Final dimensioning agreement is as below table:

Nodes Mobile Enterprise Roaming test S3 Total
One-NDS BE-DS 51 3 3 3 60
(Back-End DS)
One-NDS R-DS 21
(Routing DS)
One-NDS PGW 5
(Provisioning GW)
One-NDS PGW- 3
DSA (Provisioning
GW DS)
One-NDS ADM 3
(Administration)
& Status Server
One-NDS 3
Installation server
NT-HLR Front- 18 1 3 22
Ends
HSS CMS 8200 9 3 1 3 16
Front-Ends
HSM (AUC 18 6 24
Hardware
Security Module)
TIAMS 12
(Installation
server)
Number of racks 12
Number of 16
enclosures
Table 7: Production Dimensioning Result

© Nokia 2015
23-08-2022 – OFR SDM HLD - 26 / 34

7 High Availability, Failover and Disaster

Recovery
The SDM solution resilience and overload control are detailed in [10]. This section highlights the
main HA and failover/fallback mechanisms on SDM.

7.1 High Availability

7.1.1 FE application servers

In order to ensure service availability, all FE servers have at least one redundant server running
in active and load sharing mode. The FE application servers are deployed in geographically
distributed sites (3 sites). The redundancy scheme applied for OFR NT HLR and HSS guarantees
service availability in case of one site failure or loose of one third of servers. If more FEs are
unavailable, service is ensured with reduced capacity.

7.1.2 One-NDS
All One-NDS servers have at least one deployed redundant server in active mode and in load
sharing with other servers of the same type. The servers are distributed across 3 different
physical location sites.

• R-DSA and BE-DSA are deployed with N+K redundancy policy (N = number of servers
required to handle maximum load and K number of redundant servers)
o All the 3 DSs of a DSA contain the same information ➔ 3N redundancy
o The system is scaled so that one DS per DSA cluster can handle all the traffic of
the cluster on its own.
• PGW is deployed with N+K redundancy ➔ setting up at least one redundant PGW for
failover handling
• ADM is deployed as a two nodes cluster with internal 1+1 server redundancy
(active/standby)

7.1.3 HSM
The traffic between NT-HLR/CMS8200 FEs and HSM boxes shall be kept local at a side and
there is no inter site traffic for HSM boxes. N+K redundancy scheme is applied for HSM leading
to at least 6 HSM boxes for each site.

7.1.4 NetAct and ARC

The OFR SDM solution contains one NetACT and one ARC. No redundancy is considered.
In case of NetAct unavailability, LSS provides limited supervision functions (alarms retrieving
and displaying, remote NE connections). This switch over to LSS is detailed in 3.2.5.3.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 27 / 34

7.2 Failover and recovery

7.2.1 HLR to/from STP connection

In nominal case, the SS7 traffic is load shared between STPs and HLR FEs. STP shall route
requests to all NT-HLR FEs in load balancing mode. On HLR, the SS7 connection is checked
periodically (default 5 s). STP shall also check this connection periodically.
In case of NT-HLR failure, STPs shall route requests to the remaining active NT-HLRs FEs. In case
of IP path failure, STP shall use secondary IP path (SCTP multi-homing). If all links are down the
NT-HLR goes to idle state and redundant HLR-FE takes over the traffic. STP shall checks
regularly the NT HLR availability to add it to available servers list once NT HLR failure is
corrected.
In case of STP failure, NT-HLR selects different route to alternative STP. The NT HLR checks
regularly the STP availability to bring the route up again.

7.2.2 HSS to/from DRA connection

In nominal case, the Diameter traffic is load shared between DRAs and HSS servers. DRA should
route requests to all HSS FEs in load sharing mode. On HSS, this connection is checked
periodically. DRA shall also check this connection periodically.
In case of HSS failure, DRA shall route the request to remaining HSS FEs. DRA shall check
regularly HSS availability to add it to available servers list once HSS failure is corrected.
In case of diameter delivery failure detection by HSS, based on received error code, retry to next
available connection is possible. Otherwise the error message is retransmitted. HSS checks
regularly the DRA availability to reconnect once DRA is available again.

7.2.3 FEs to/from R-DS connection

In nominal case, each FE is connected to R-DSs of same site. In case of R-DS failure, FE closes
the connection and attempts to connect to the next priority R-DS. The connection to the
priority 0 R-DS is checked regularly. When the connection can be established, FE switches back
to that server. In case of FE failure, transaction is ending and STP/DRA should try another
HLR/HSS.

7.2.4 FEs to/from NTF

In case of subscriber data modification, a SOAP trigger is initiated in BE-DS and send to
respective FE over a SOAP interface (via NTF). In case of NTF unavailability, notifications are
routed to alternate NTF nodes. In OFR configuration, one NTF is deployed per site.
In case of FE unavailability, notification transmission is repeated by NTF for a number of delivery
attempts. Message is then resent to different endpoint from the list of registered endpoints for
each subsequent retry. Periodic probing connection attempts are done to check FE availability.

7.2.5 PGW
PGW servers are all in active mode and provisioning requests are load balanced towards PGW
servers by IT. In case of PGW failover, request should be routed to available servers.
© Nokia 2015
23-08-2022 – OFR SDM HLD - 28 / 34

7.2.6 R-DS to BE-DS

Query operations can be handled by any available DS server in DSA. By default, same site is
considered i.e. the queries are sent to the node on the same site. If no node is on the same site,
the Least Utilized algorithm is used (queries are sent to the node that has the fewest number of
outstanding queries).
The update operations should always be sent to primary BE-DS. In case of primary BE-DS
failover, the nominated secondary BE-DS in cluster assumes primary role and performs the
required operation. In case of connection loss between R-DS and primary BE-DS, the R-DS
sends back error to FE.

7.2.7 FEs to/from HSM

In case of HSM box/link failure, the FE uses redundant link/box (same site). If all connections to
HSM boxes are down, FE terminates ongoing connection and STP/DRA shall select different
HLR/HSS.

© Nokia 2015
23-08-2022 – OFR SDM HLD - 29 / 34

8 High Level Design Assumptions and Decisions

In this section the design decision and assumptions are highlighted.
- No connection to HSM boxes for HSS Enterprise (Digest Authentication is used)
- Diameter and SIGTRAN SCTP parameters are set as below

SDM_Nokia_Diamet
er_SIGTRAN_timers_v03_Preprod.xlsx

9 Security
The security aspects of SDM solution are defined in [15] for NT-HLR, [16] for HSS and [17] for
One-NDS.

On FEs, static routes are set for contacting relevant peers (STP and DRA). All requests coming
from other NEs than the one defined based on these routing tables will not be answered.

On One-NDS security package enables packet filtering based on defined IP tables. The One-
NDS IPTABLES is hardcoded during the SW Installation and opens the ports necessary for the
applications to work. Beside the Ports allowed in the One-NDS IPTABLES, there is an additional
security mechanism as only the applications whose IP address are allowed (added via ADM) will
succeed to query/write to the One-NDS database. Here we set all the LDAP clients IP addresses
that will be allowed to send LDAP command to One-NDS.

From the Provisioning point of view security can be performed through certificates. If that
request does not have the certificates it will be rejected. Based on configuration, whether the
provisioning requests are received on HTTP for SOAP and FTP for bulk requests (no security) or
PGW can be configured to accept HTTPS/SFTP. In latter case PGW can apply self-signed
certificates (default) or use a SSL certificate signed by IT system.

© Nokia 2015
 23-08-2022 – OFR SDM HLD - 30 / 34

10 NT-HLR Features
Following NT-HLR features are included in Orange France SDM solution:
Sale Feature Title Description

SW_NT-HLR_BaseFT NT-HLR - FE Media data for SW

Base SW
package for Data media for license documents
FT-Orange
SF884210 NT HLR provisioning

SF884103 Camel phase 1-3

SF884110 RBT handling

SF884114 3G network access control

SF884101 Multi 2G Auth. algorithms

SF884102 Multi 3G Auth. algorithms

SF884113 Supplementary serv. adv. 1

SF885018 HSPA+ BW down The HSPA sales feature with respectively

28Mbps/up 5,8Mbps licensed downstream and upstream
bandwidth
SF885019 HSPA+ BW down
42Mbps/up 11,5Mbps

SF885020 HSPA+ BW down

84Mbps/up 11,5Mbps

SF885021 HSPA+ BW down

168Mbps/up 23Mbps

SF885022 HSPA+ BW down

337Mbps/up 23Mbps

SW_NT-HLR_SF884507 SF884507 Premium Service Security Fraud Detection for USSD

Multiple Authentication Vectors in a
segmented SAI response
HLR Control over Maximum Number of
Authentication Vectors
MAP Policing

SW_NT-HLR_SF884512 SF884512 Roaming dependent subs profile (RDSP) Activate, deactivate, change, replace and
induce services depending on the PLMN
where subscriber roams.
Manipulate the subscriber’s data based on
the current location of the subscriber.

SW_NT-HLR_SF885014 SF885014 Advanced FTN translation rules Analyzing and converting short-codes
and/or FTNs to desired formats

SW_NT-HLR_SF885015 SF885015 Common CLI for multiple subscribers More than one mobile phones under the
common identifier i.e. using several phones
with a common shared MSISDN.

© Nokia 2015
 23-08-2022 – OFR SDM HLD - 31 / 34

SW_NT-HLR_SW886010 SF886010 CS Fallback support for LTE Based on Mobile Terminated Roaming Retry
feature to delay/retry the mobile
terminating call such that the incidence of
incorrectly routed calls is reduced (use case:
the called mobile is moving from an old to a
new MSC/VLR where the serving MSC/VLR
changes during this fallback, the incoming
call might be routed into the wrong (old)
MSC/VLR and fail)
Table 8: NT-HLR Features

11 CMS8200 Features
Following CMS8200 features are included in Orange France SDM solution:

Sale Feature Title

SW_IMSHSS_Base FT CMS-8200 HSS-FE Standard SW

SW_IMSHSS_STD0021 CMS-8200 LTE EPS Access 50Mb (S6a)

SW_IMSHSS_STD0031 CMS-8200 2/3G EPS Access 42Mb (S6d)

SW_IMSHSS_STD0041 CMS-8200 EPS Access (SWx&Wx)

SW_IMSHSS_STD0051 CMS-8200 IMS HSS services (Cx&Sh)

SW_IMSHSS_VF0001 CMS-8200 Roaming depend.subs.profile

SW_IMSHSS_VF0002 CMS-8200 VoLTE support

SW_IMSHSS_VF0003 CMS-8200 Location information (Sh)

SW_IMSHSS_SLH CMS-8200 SLh

Table 9: CMS8200 Features

12 One-NDS Features
Following One-NDS features are included in Orange France SDM solution:
Sale Feature Title

SW_OneNDS_BaseFT oneNDS Base SW (FT Package - for all application)

SW_OneNDS_HLR_NAL One-NDS NAL NT-HLR & OneHLR

SW_OneNDS_HLR_NAL 20M One-NDS NAL NT HLR vol >20M

© Nokia 2015
23-08-2022 – OFR SDM HLD - 32 / 34

SW_OneNDS_IMSHSS_NAL One-NDS NAL NT HSS

Table 10: One-NDS Features

© Nokia 2015
23-08-2022 – OFR SDM HLD - 33 / 34

13 IP Architecture
The OFR SDM IP architecture, inter-site and intra-site traffic and related protocols are detailed
in [11] for pre-production and in [1] for production.

Following figure illustrates system overview for pre-production. For more details refer to pre-
production DNP document [11].

Figure 3: Orange France SDM System Overview – Pre-Production

14 Remote Access
OFR SDM remote access procedure is detailed in [13] and accounts for pre-production are
listed in [14].

15 References

© Nokia 2015
23-08-2022 – OFR SDM HLD - 34 / 34

1. Nokia_Orange_France_SDM_Technical_Solution_Description_Final.docx
2. Nokia_Orange_France_SDM_Services_Solution_Description.docx
3. NT HLR FE – Technical Description (A50016-E3880-D018-1-7618).pdf
4. CMS8200 HSS – Technical Description (A25001-A0006-A1958-01-76P1).pdf
5. One-NDS – Product Description.pdf
6. SDM Mobile Migration Strategy
7. Mix_trafic_SDM_2016-2017.xlsx
8. Dimensioning OFR SDM 2016-2017 – Mix & Resultsv2.xlsx
9. LSS Solution Orange France v0.3.ppt
10. SDM OFR Resilience & Overload Workshop.v8.pptx
11. SDM Pre-Prod DNP.pdf
12. SDM Prod DNP.pdf
13. OFR-SDM-remote-access.pptx
14. OFR_SDM URL info_v4_status_20151023.xlsx
15. NT-HLR Technical Description.pdf
16. FC136_001793 Security Enhancements.pdf
17. One-NDS Platform Security Description.pdf
18. Strategie Migration HSS entreprise-vFinal08022016.pptx
19. KPI_SDM_OFR_15.12.2015_v10 - clean.docx
20. UPC_OFR_V2.pdf
21. 00-Peter-Kim – Orange – Group-IMPU-Performance-v1.pdf
22. Reg 16.5 Feature Change.xlsx
23. OFR SDM Capacity upgrade 2018 Kick-off meeting slides_v1.pptx
24. PMR - Extensions SDM OFR - 28.11.2018 - v8 presented.pptx
25. OFR SDM Software upgrade 2019 Kick-off meeting slides_v1.0.pptx

© Nokia 2015