01-8 configuring mobility management
TRANSCRIPT
HUAWEI SGSN9810 Configuration Guide Volume II Contents
Issue 03 (2006-08-10) Huawei Technologies Proprietary i
Contents
8 Configuring Mobility Management.......................................................................................8-1
8.1 Background Knowledge................................................................................................................................8-2
8.1.1 Authentication ......................................................................................................................................8-2
8.1.2 Encryption............................................................................................................................................8-3
8.1.3 IMEI Check..........................................................................................................................................8-3
8.1.4 P-TMSI ................................................................................................................................................8-3
8.2 Configuring Mobility Management for a 2G System....................................................................................8-3
8.2.1 Configuring Mobility Management Parameters...................................................................................8-4
8.2.2 Configuring Mobility Management Timers .........................................................................................8-8
8.2.3 Configuring Authentication and Encryption for Specified Subscribers .............................................8-12
8.2.4 Configuring the Second Authentication .............................................................................................8-14
8.2.5 Configuring the Function of Getting the Authentication Set Based on MAP V2...............................8-15
8.2.6 Configuring Authentication Failure Threshold ..................................................................................8-15
8.2.7 Configuring the Function of Detaching Inactive Subscribers ............................................................8-16
8.3 Configuring Mobility Management for a 3G System..................................................................................8-18
8.3.1 Configuring Mobility Management Attributes...................................................................................8-18
8.3.2 Configuring Mobility Management Timers .......................................................................................8-23
8.3.3 Configuring Authentication and Encryption for Specified Subscribers .............................................8-26
8.3.4 Configuring Algorithm Priorities .......................................................................................................8-28
8.4 Configuring Special Functions for IMEI Check..........................................................................................8-29
8.4.1 Configuring the IMEI Check Based on IMSI ....................................................................................8-30
8.4.2 Configuring the Function of Permitting Unknown Subscriber Access Based on IMSI .....................8-31
8.5 Configuring the Function of Denying the 2G Subscribers Accessing the 3G Network ..............................8-32
8.5.1 Configuring the 3G Network Access Deny Based on APNNI ...........................................................8-32
8.5.2 Configuring the 3G Network Access Deny Based on IMSI...............................................................8-34
8.5.3 Configuring the 3G Network Access Deny Based on ARD...............................................................8-35
Contents HUAWEI SGSN9810
Configuration Guide Volume II
ii Huawei Technologies Proprietary Issue 03 (2006-08-10)
8.5.4 Configuring 3G Network Access Deny for SIM Subscribers ............................................................8-36
8.6 Configuring the Roaming Restriction .........................................................................................................8-37
8.6.1 Configuring the Function of Roaming Restriction by IMSI ..............................................................8-37
8.6.2 Configuring the Function of Roaming Restriction by ZC..................................................................8-38
HUAWEI SGSN9810 Configuration Guide Volume II Figures
Issue 03 (2006-08-10) Huawei Technologies Proprietary iii
Figures
Figure 8-1 Authentication procedure..................................................................................................................8-2
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-1
8 Configuring Mobility Management
About This Chapter
The following table lists the contents of this chapter.
Title Description
8.1 Background Knowledge Describes the background knowledge of mobility management.
8.2 Configuring Mobility Management for a 2G System
Describes how to configure the parameters for 2G mobility management.
This configuration is optional.
8.3 Configuring Mobility Management for a 3G System
Describes how to configure the parameters for 3G mobility management.
This configuration is optional.
8.4 Configuring Special Functions for IMEI Check
Describes how to configure special functions for IMEI check.
This configuration is optional.
8.5 Configuring the Function of Denying the 2G Subscribers Accessing the 3G Network
Describes how to configure the function of denying the 2G subscribers to access the 3G network.
This configuration is optional.
8.6 Configuring the Roaming Restriction
Describes how to configure the roaming restriction function.
This configuration is optional.
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-2 Huawei Technologies Proprietary Issue 03 (2006-08-10)
8.1 Background Knowledge The SGSN9810 mobile management is responsible for user attach and detach, routing area update (RAU), relocation, inter-system change and security management. It applies to 3G and 2.5G networks.
In this manual, GPRS mobility management (GMM) stands for general packet radio service (GPRS) mobile management and packet mobility management (PMM) stands for packet service mobile management for the universal mobile telecommunications system (UMTS) system.
8.1.1 Authentication
The purpose of authentication is to prevent the unauthorized subscribers from accessing the packet services.
In a 2G network, the authentication is based on the subscriber’s SIM card and the authentication triplet in the SGSN. The authentication triplet consists of three elements:
RAND: a random number
SRES: a sequence number
Kc: the ciphering key
As shown in Figure 8-1, the authentication procedure includes user authentication and global system for mobile communications (GSM) Kc negotiation.
Figure 8-1 Authentication procedure
1. Send Authentication Info
2. Authentication and Ciphering Request 1. Send Authentication Info Ack
2. Authentication and Ciphering Response
MS RAN HLRSGSN
If the SGSN has no authentication triplet, it requests the triplet from the HLR. When the SGSN receives the response, it sends an authentication request to the mobile station (MS) with the RAND, ciphering key sequence number (CKSN) and ciphering algorithm. The MS calculates the SRES, and then sends it back to the SGSN. If this SRES matches the SRES in the SGSN authentication triplet, the MS passes the authentication.
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-3
8.1.2 Encryption
The purpose of encryption is to secure the user data and signaling. In a 2G network, encryption covers from the SGSN to the MSs. The encryption is executed on the logical link control (LLC) layer. The SGSN9810 supports two encryption algorithms: GEA_1 and GEA_2.
Configure a UEPC board for every UGBI board to support encryption.
8.1.3 IMEI Check
The international mobile equipment identity (IMEI) is used to identify the user equipment(UE). If an equipment identification register (EIR) exists in the network, the SGSN authenticates the UE through IMEI check.
The EIR stores the IMEIs in the following three lists:
White list: permitted
Grey list: permitted, but traced for evaluation or other purposes
Black list: forbidden
8.1.4 P-TMSI
The SGSN assigns a packet temporary mobile subscriber identity (P-TMSI) to an MS and then sends it to the MS with the Attach Accept or Routing Area Update Accept message. The MS uses this P-TMSI as the user ID in the Routing Area Update Request, Detach Request and Attach Request messages. The P-TMSI is secure because the SGSN assigns it to an MS randomly and reassigns another P-TMSI to the same MS next time.
8.2 Configuring Mobility Management for a 2G System Configuring mobility management for a 2G system includes:
Configuring Mobility Management Parameters
Configuring Mobility Management Timers
Configuring Authentication and Encryption for Specified Subscribers
Configuring the Second Authentication
Configuring the Function of Getting the Authentication Set Based on MAP V2
Configuring Authentication Failure Threshold
Configuring the Function of Detaching Inactive Subscribers
All of the above tasks are optional. You may perform the tasks in any order.
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-4 Huawei Technologies Proprietary Issue 03 (2006-08-10)
8.2.1 Configuring Mobility Management Parameters
Description
The SGSN system provides default values for the mobile management attributes. The default values are also recommended values.
Prerequisites
If encryption is required, you must configure the encryption processing card (UEPC) pinch board to each Gb interface unit (UGBI) board. Check it using LST BRD.
Commands
SET GMM
Examples
Configure the following functions:
Authentication
Enable the authentication function.
The following procedures require authentication: RAU, INTER RAU, INTRA RAU and international mobile subscriber identity (IMSI) ATTACH.
The following procedures do not require authentication: DETACH and PTMSI ATTACH.
The authentication set is to be reused for once. The authentication frequency for the home PLMN (HPLMN) and VPLMN is 1.
SET GMM: NAC=YES,
AUTH=PROD_RAU-1&DETACH-0&INTER_RAU-1&INTRA_RAU-1&PTMSI_ATTACH-0&IMSI_ATTACH-1,
RNUM=1, HAUFR=1, VAUFR=1;
Encryption
Enable the encryption function. The encryption algorithm is GEA_1 and GEA_2. Admit the MS even if it does not support encryption.
SET GMM: NAC=YES, CIPH=YES, NCIPH=YES, CIPHALG=GEA_2-1&GEA_1-1;
IMEI check
Enable the IMEI check function. Accept the gray list accesses, and deny the black list accesses. The IMEI check frequency is 1. Accept the access when the IMEI check is time-out.
SET GMM: CHKIMEI=CHECKIMEI, GRALLOW=YES, BLALLOW=NO, IMEIFR=1, CTFLAG=YES;
P-TMSI re-allocation parameters
Start the P-TMSI re-allocation function. SET GMM: PTMSIREALLOC=YES;
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-5
Parameters
ID Name Description
NAC No authentication and ciphering
Master switch that controls the authentication and ciphering functions.
Value range:
YES: The SGSN initiates the security procedure based on the protocol and the configurations.
NO: The SGSN does not initiate the security procedure.
Default value: none
System default value: YES
Note: You can set the value to NO to meet the test requirement.
CIPH Ciphering Permit
If the service requires ciphering.
Value range: YES, NO
Default value: none
System default value: NO
Note: This parameter is invalid if LICENSE does not support ciphering.
If the value is YES, you must also specify a ciphering algorithm.
AUTH GPRS Authority Flag
If authentication is required for the following procedures:
PROD_RAU
INTER_RAU
INTRA_RAU
IMSI_ATTACH
PTMSI_ATTACH
DETACH
Value range: 0 (no authentication) and 1 (authentication) for each of the above procedures
Default value: none
System default value: INTER_RAU-1&INTRA_RAU-0&IMSI_ATTACH-1&P-TMSI-ATTACH-1&DETACH-0
Note: In a value, the procedures are separated by &.
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-6 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
NCIPH No Ciph After Ver Fail
If the network admits a not ciphered MS if it fails to negotiate the ciphered version with the MS when the ciphered license is configured.
If yes, the MS can access the network without ciphering. Otherwise, the network rejects the access of the MS.
Value range: YES, NO
Default value: none
System default value: YES
Note: The parameter is invalid if LICENSE does not support ciphering.
CHKIMEI GPRS Check IMEI Flag
If the network checks the IMEI of an MS.
If you specify this parameter, the network initiates an authentication procedure, no matter if AUTH is configured or not.
Value range: NOIMEI, GETIMEI, CHECKIMEI
Default value: none
System default value: NOIMEI
PTMSIREALLOC
GPRS P-TMSI Realloc Flag In Update
If P-TMSI is reallocated in a routing area update or attach procedure.
Value range: YES, NO
Default value: none
System default value: YES
Note: If you specify this parameter, the network performs the P-TMSI reallocation in a routing area update procedure or an attach procedure.
If this parameter is not configured, the network still performs the P-TMSI reallocation in case of protocol-specific exceptions to ensure the network security.
GRALLOW Allow Users in Grey-List to Access
If an MS in the grey list is admitted through the IMEI check.
Value range: YES, NO
Default value: none
System default value: YES
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-7
ID Name Description
BLALLOW Allow Users in Black-List to Access
If a MS in the black list is admitted through the IMEI check.
Value range: YES, NO
Default value: none
System default value: YES
RNUM Number to Reuse AuthSets
If the number of authentication set reuses when an MS fails to obtain an authentication set from the home location register (HLR) in a security procedure.
If the value is 0, the authentication set cannot be reused.
Value range: 0 to 255
Default value: none
System default value: 0
CIPHALG GPRS Cipher Algorithm
Cipher algorithms supported by the network
Value range: GEA1 to GEA2
Default value: none
Note: The parameter is invalid if CIPH is NO.
If a UEPC exists in the system, you can select any value within the range from GEA_1 to GEA_2.
Multiple ciphering algorithms are separated by &, for example, GEA_2-1&GEA_1-1.
If an algorithm does not configured with any license, you can modify other parameters in the GMM table only after you delete the algorithm.
DEFQOS Default QoS Specifies the value for Default QoS in the paging information when mobility management (MM) initiates a packet switched (PS) paging in the GPRS system.
Value range: 0 to 0xFFFFFF
Default value: none
System default value: 0x0B9211
Note: 00001011 (0B): 00--spare, 001--Delay class, 011--Reliability class
10010010 (92): 1001--Peak throughput, 0--spare, 010--Precedence class
00010001 (11): 000--spare, 10001--Mean throughput
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-8 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
HAUFR HPLMN Authentication Frequency
Number of procedures before the HPLMN user is authenticated.
The system decides if the MS on an HPLMN needs to be authenticated based on this parameter.
Value range: 1 to 255
System initial value: 1
VAUFR VPLMN Authentication Frequency
Number of procedures before the VPLMN user is authenticated.
The system decides if the MS on a VPLMN needs to be authenticated based on this parameter.
Value range: 1 to 255
System initial value: 1
IMEIFR CHECK IMEI Frequency
Number of procedures before the CHECK IMEI is performed on the MS.
The system decides if the CHECK IMEI needs to be performed on the MS based on this parameter.
Value range: 1 to 255
System initial value: 1
8.2.2 Configuring Mobility Management Timers
Description
The SGSN system provides default values for the mobile management timers. The default values are also recommended values.
Prerequisites
None
Commands
SET GMMTMR
Examples
Set the MS reachable timer as 100 minutes.
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-9
SET GMMTMR: MSRCHTMR=100;
Parameters
ID Name Description
T3322 Detach Req Retrans Timer (s)
This timer starts upon the transmission of the Detach Request message and stops upon the receipt of the Detach Accept message. If the timer expires, the Detach Request message will be retransmitted. The message can be retransmitted for up to 2 times.
Value range: 3 to 12
Default value: 6
Note: Do not set this timer unless specified.
T3350 Message Retrans Timer (s)
This timer starts upon transmission of the Attach Accept (P-TMSI/TMSI), Routing Area Update Accept (P-TMSI/TMSI) or P-TMSI Reallocation Command message and stops upon receipt of the Attach Complete, Routing Area Update Complete or P-TMSI Reallocation Complete message. If the timer expires, the Attach Accept (P-TMSI/TMSI), Routing Area Update Accept (P-TMSI/TMSI) or P-TMSI Reallocation Command message will be retransmitted. The message can be retransmitted for up to 2 times.
Value range: 3 to 12
Default value: 6
Note: Do not set this timer unless specified.
T3360 Auth-req Retrans Timer (s)
This timer starts upon transmission of the Authentication and Ciphering Request message and stops upon receipt of the Authentication and Ciphering Response message. If the timer expires, the Authentication and Ciphering Request will be retransmitted. The message can be retransmitted for up to 2 times.
Value range: 3 to 12
Default value: 6
Note: Do not set this timer unless specified.
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-10 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
T3370 Identity Req Retrans Timer (s)
This timer starts upon transmission of the Identity Request message and stops upon receipt of the Identity Response message. If the timer expires, the Identity Request message will be retransmitted. The message can be retransmitted for up to 2 times.
Value range: 3 to 12
Default value: 6
Note: Do not set this timer unless specified.
T3313 Paging Response Timer (s)
This timer starts upon transmission of the Paging Request message and stops upon receipt of the Trigger Indication or Paging Response message. If the timer expires, the Paging Request message will be retransmitted. The message can be retransmitted for up to 2 times.
Value range: 4 to 20
Default value: 6
Note: Do not set this timer unless specified.
RDYTMR READY Timer (s)
This timer defines the time duration when an MS remains in the READY state in the MS and the SGSN.
The READY timer resets and starts running in the MS when an LLC protocol data unit (PDU) is transmitted, and in the SGSN when an LLC PDU is correctly received. When the READY timer expires, the MS and SGSN MM contexts turn to the STANDBY state.
An MS in the STANDBY state cannot send or receive data, but it can receive packet paging and circuit paging. After a successful paging, the MS state turns to READY. An MS in READY state can send and receive packet data units.
According to 3rd generation partnership project (3GPP) 48.018, the value of the READY Timer relates to that of the Packet Procedure Timer (6s in minimum) only if the value of the READY Timer is greater than 6s. In such cases, the value of READY Timer is greater than the packet flow context (PFC) Timer.
Value range: 1 to 11160
Default value: 44
Note: Do not set this timer unless specified.
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-11
ID Name Description
PRDTMR Periodic RA Update Timer (min)
This timer defines the interval for the periodic RA update procedure in the MS.
The length of this timer is sent in the Attach Accept or Routing Area Update Accept message. When this timer expires, the MS periodiccally starts a routing area update procedure.
Value range: 1 to 186
System default value: 54
MSRCHTMR
MS reachable Timer (min)
This timer starts when an MM context enters the STANDBY state and stops when the MM context enters the READY state or when the periodic routing area update message is received. When this timer expires, the network detaches the MS.
Value range: 7 to 198
System default value: 58
Note: Do not set this timer unless specified.
The length of this timer must be greater than that of the PRDTMR but smaller than PRDTMR+12.
PTMSITMR P-TMSI Realloc Timer (h)
This timer starts when the SGSN sends a P-TMSI Reallocation Command message to an attached MS and stops when the SGSN receives the P-TMSI Reallocation Complete message from the MS. When this timer expires, the network initiates a P-TMSI Reallocation procedure to the MS to update the TMSI of the MS.
Value range: 0 to 24
Default value: 0
System default value: 0, that is, no P-TMSI is reallocated.
Note: Do not set this timer value unless specified.
NACTTMR Inactive-user Detach Timer (min)
This timer starts when Attach is successful and stops when packet data protocol (PDP) is activated. When all PDPs are deactivated, this timer restarts. When this timer expires, the MM context is set to the inactivate state. After the RAU procedure, if the MM context remains in the inactive state, the SGSN detaches the MS.
Value range: 0 to 1440
Default value: 360
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-12 Huawei Technologies Proprietary Issue 03 (2006-08-10)
8.2.3 Configuring Authentication and Encryption for Specified Subscribers
Description
The SGSN9810 may apply special authentication and encryption attributes for specified subscribers.
Prerequisites
None
Commands
ADD 2GAUTHCIPH
Examples
Set the subscriber with IMSI of 460001111 as: no authentication and no encryption.
ADD 2GAUTHCIPH: MCC="460", MNC="00", MATCHIMSI="1111", NAC=NO, CIPH=NO, NCIPH=NO;
Parameters
ID Name Description
MCC Mobile Country Code
Mobile country code.
Value range: 3 BCD codes
Default value: none
MNC Mobile Network Code
Mobile network code.
Value range: 2 or 3 BCD codes
Default value: none
MATCHIMSI Matched IMSI Additional IMSI number.
In addition to the MCC and the MNC, the IMSI also consists of other codes. This refers to the first of these codes. To differentiate the MSs, the system matches the MS IMSI based on the MCC, MNC, and this parameter.
Value range: 0 to 10 BCD codes
Default value: none
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-13
ID Name Description
NAC Enable all auth and ciph
Whether to enable the authentication and cipher switch for an MS.
Value range: NO, YES
Default value: YES
CIPH Cipher flag Whether to activate the ciphering procedure for an MS.
Value range: NO, YES
Default value: YES
Note: Use the ciphering algorithm recorded in the GMM table.
NCIPH Not cipher with version negotiated failure
Whether to permit an MS to access the network in case of version negotiation failure when the license supporting the ciphering is configured.
If the network admits the MS without ciphering, the MS can access the network freely.
Value range: NO,YES
Default value: YES
Note: If the license does not support the ciphering, this parameter is invalid.
AUTH Auth selection Whether to activate the authentication for the following procedures:
Service Request initiated by the MS
Attach using IMSI
Attach using PTMSI
INTER RAU
INTRA RAU
PROD RAU
SMS MT
SMS MO
LCS
DETACH
Value range: for each of the above 10 procedures,
0: no authentication
1: authentication
Default value: 0 (for all of the above procedures)
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-14 Huawei Technologies Proprietary Issue 03 (2006-08-10)
8.2.4 Configuring the Second Authentication
Description
Usually, the network sends an AUTHENTICATION_REJECT message to the subscriber after the first authentication failure during the attach procedure or RAU procedure.
If the second authentication function is enabled, the network sends a second authentication request after the first authentication failure in the same session. The new random number RAND2 is different from RAND1. The network sends an AUTHENTICATION_REJECT message to the subscriber after the second authentication failure. The second authentication may improve the compatibility to the terminals.
By default, the system disables the second authentication function. You can enable this function as required.
Prerequisites
None
Commands
SET SERVICE_PARA
Examples
Enable the second authentication for the attach procedure and RAU procedure.
SET SERVICE_PARA: ATTSAUTH=YES, RAUSAUTH=YES;
Parameters
ID Name Description
ATTSAUTH GPRS Second Authentication In Attach
If the SGSN enables the function of GPRS Second Authentication In Attach.
Value range: YES, NO
RAUSAUTH GPRS Second Authentication In Rau
If the SGSN enables the function of GPRS Second Authentication In Rau.
Value range: YES, NO
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-15
8.2.5 Configuring the Function of Getting the Authentication Set Based on MAP V2
Description
The SGSN9810 communicates with the HLR based on mobile application part (MAP) V2+ by default. If the major HLR version on the network is V2, you can enable the function of getting authentication set to simplify the version negotiation procedure.
Prerequisites
None
Commands
SET SERVICE_PARA
Examples
Enable the second authentication for the attach procedure and RAU procedure.
SET SERVICE_PARA: AUTHSETV2=YES;
Parameters
ID Name Description
AUTHSETV2 Get Authset From HLR using V2
If the SGSN enables the function of Get Authset From HLR using V2.
Value range: YES, NO
8.2.6 Configuring Authentication Failure Threshold
Description
If the number of authentication failures for a subscriber reaches the limit during a certain period of time, the SGSN9810 raises an alarm. Usually the limit of failures and the time interval adopt the system initial values.
Prerequisites
None
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-16 Huawei Technologies Proprietary Issue 03 (2006-08-10)
Commands
SET AUTHFAIL
Examples
Set that the system allows subscribers fail authentication for five times within 30 minutes.
SET AUTHFAIL: CAFTIMES=5, PURPERIOD=30;
Parameters
ID Name Description
CAFTIMES Auth Failure Times Max. number of authentication failures allowed.
If the number of authentication failures exceeds the value specified by this parameter within the time specified by PURPERIOD, an event alarm is triggered.
Value range: 3 to 20
System initial value: 3
PURPERIOD UserPurgePeriod (min)
The period after which the subscriber authentication failure records are cleared.
When the time of PURPERIOD is up after the first authentication failure, and the number of subscriber authentication failures does not exceed the number specified by CAFTIMES, the subscriber authentication failure records are cleared.
Value range: 3 to 30
System initial value: 5
8.2.7 Configuring the Function of Detaching Inactive Subscribers
Description
If a subscriber does not activate the PDP context within a certain period of time, the SGSN detaches this subscriber. This function ensures the effective usage of the radio source and the user resources in the SGSN.
The SGSN system disables the function of detaching inactive subscribers by default.
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-17
Prerequisites
None
Procedure
Step 1 Enable the function of detaching inactive subscribers.
Command: SET SERVICE_PARA
Step 2 Set the inactive subscriber detach timer.
Command: SET GMMTMR
----End
Examples
Enable the function of detaching inactive subscribers. Set the inactive subscriber detach timer as 300.
SET SERVICE_PARA: DETACH=YES;
SET GMMTMR: NACTTMR=300;
Parameters
ID Name Description
DETACH Detach Inactive User
If an SGSN enables the function of Detach Inactive User.
Value range: YES, NO
Default value: NO
NACTTMR Inactive-user Detach Timer (min)
This timer starts when the attach succeeds and stops when PDP is activated. When all PDPs are deactivated, this timer restarts. When this timer expires, the MM context is set to the inactive state. After the RAU procedure, if the MM context remains in the inactivate state, the SGSN detaches the MS.
Value range: 0 to 1440
Default value: 360
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-18 Huawei Technologies Proprietary Issue 03 (2006-08-10)
8.3 Configuring Mobility Management for a 3G System Configuring mobility management for a 3G system includes:
Configuring Mobility Management
Configuring Mobility Management Timers
Configuring Authentication and Encryption for Specified Subscribers
Configuring Algorithm Priorities
Configuring Authentication Failure Threshold (refer to 8.2.6 )
All of the above tasks are optional. You may perform the tasks in any order.
8.3.1 Configuring Mobility Management Attributes
Description
The system provides default values for the basic mobile management attributes. The default values are also recommended values.
Prerequisites
None
Commands
SET PMM
Examples
Set the following attributes:
Authentication attributes
Enable the authentication function and apply it to the following procedures:
− periodic RAU
− MS initiated Service Request
− INTER RAU and IMSI ATTACH.
Do not apply authentication to the following procedures:
− INTRA RAU
− Paging response
− DETACH
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-19
− PTMSI ATTACH
The authentication frequency for HPLMN and VPLMN is 1. SET PMM: NAC=YES,
AUTH=PROD_RAU-1&PAGING_RSP-1&MS_SERVICE_REQ-1&DETACH-1&INTER_RAU-1&INTRA_RAU-1&PTMS
I_ATTACH-1&IMSI_ATTACH-1, HAUFR=1, VAUFR=1;
Encryption and integrity attributes
Enable the encryption function. The encryption algorithm is UEA_1 plus NO_ENCRYPTION. The integrity algorithm is UIA1.
SET PMM: NAC=YES, CIPH=YES, CIPHALG=UEA1-1&NO_ENCRYPTION-1, INTALG=UIA1-1;
IMEI check attributes
Enable the IMEI check function. Permit the grey list, and deny the black list. The IMEI check frequency is 1.
Enable the UESBI real-time update function, where UESBI stands for UE specific behavior information. Permit user access when the IMEI check is time out.
SET PMM: CHKIMEI=CHECKIMEI, GRALLOW=YES, BLALLOW=NO, IMEIFR=1,
CTFLAG=YES,RTUPDUESBI=YES;
ID recognition attributes
Enable the ID recognition function. SET PMM: IDRQ=YES;
P-TMSI reallocation attributes
Enable the P-TMSI reallocation function. SET PMM: PTMSIREALLOC=YES;
Parameters
ID Name Description
NAC Enable all auth and ciph
Master switch that controls the authentication and ciphering functions.
If the value is YES, the SGSN initiates a security procedure to an MS based on the protocol and configuration requirements.
Value range: YES, NO
Default value: YES
Note: Set the parameter to NO to meet the test requirement.
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-20 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
AUTH AUTH selection A procedure or multiple procedures where authentication is enabled.
Value range: 0 (no authentication) or 1 (authentication) for each of the following procedures.
PROD_RAU
PAGING_RSP (Paging Response)
MS_SERVICE_REQ (MS-initiated Service Request)
DETACH
INTER_RAU
INTRA_RAU
PTMSI_ATTACH (P-TMSI-attach)
IMSI_ATTACH (IMSI-attach)
Default value: PROD_RAU-0&PAGING_RSP-0& MS_SERVICE_REQ-0&DETACH-0&INTER_RAU-1&INTRA_RAU-0&PTMSI_ATTACH-1&IMSI_ATTACH-1
Note: In a value, the procedures are separated by &.
CIPH Cipher Whether ciphering is required for the service.
Value range: YES, NO
System default value: NO
Note: This parameter is invalid if LICENSE does not support ciphering.
If the value is YES, you must specify a ciphering algorithm.
CHKIMEI Check IMEI If the network checks the IMEI of an MS.
If this parameter is configured, the network initiates an authentication procedure, no matter if AUTH is configured or not.
Value range: NOIMEI, GETIMEI, CHECKIMEI
Default value: NOIMEI
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-21
ID Name Description
IDRQ Identity in Attach This parameter controls whether to deliver the "Identity Request" message for the PTMSI attachment used on the 3G network.
Value range: YES, NO
Default value: YES
PTMSIRUPD
Realloc PTMSI in RAU
If P-TMSI is reallocated in a routing area update or an attach procedure.
If this parameter is configured, the network performs the P-TMSI reallocation in a routing area update or an attach procedure.
If this parameter is not configured, the network still performs the P-TMSI reallocation in some situations specified by the protocol to ensure the network security.
Value range: YES, NO
Default value: YES
CIPHALG Ciph Algorithm Cipher algorithms supported by the network.
Value range: NO_ENCRYPTION, UEA1
Default value: none
Note: The parameter is invalid if CIPH is NO.
NO_ENCRYPTION can be set to 0 (ciphering algorithm not supported) or 1 (ciphering algorithm supported).
UEA1 can be set to 0 (ciphering algorithm not supported) or 1 (ciphering algorithm supported).
At least one of NO_ENCRYPTION and UEA1 must be specified.
INTALG Integrity algorithm Specifies the integrity algorithm to be used.
It is used to ensure the integrity of the messages between MSs and RNC.
Value range: UIA1
Default value: None.
GRALLOW Allow Grey-List to Access
If an MS in the grey list is allowed to access the network.
Value range: YES, NO
Default value: YES
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-22 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
BLALLOW Allow Black-List to Access
If an MS in the black list is allowed to access the network.
Value range: YES, NO
Default value: YES
RTUPDUESBI Whether update UESBI real time
This parameter indicates whether update UESBI real time when a UE with new SVN access the network. if NO, the system will update UESBI on time.
Value range: YES,NO.
Default value: NO.
HAUFR HPLMN Authentication Frequency
Number of procedures before an HPLMN user is authenticated.
The system initiates the authentication based on this parameter if it judges that the procedure of an MS on the HPLMN needs to be authenticated.
Value range: 1 to 255
System initial value: 1
VAUFR VPLMN Authentication Frequency
Number of procedures before a VPLMN user is authenticated.
The system initiates the authentication based on this parameter if it judges that the procedure of an MS on a VPLMN needs to be authenticated.
Value range: 1 to 255
System initial value: 1
IMEIFR CHECK IMEI Frequency
Number of procedures before the CHECK IMEI procedure is performed on the MS.
The system initiates the CHECK IMEI procedure based on this parameter when it judges that this procedure needs to be performed on the MS.
Value range: 1 to 255
System initial value: 1
CTFLAG User access flag when check imei procedure timeout
Indicates whether the access of MS is allowed when SGSN fails to receive IMEI CHECK RESPONSE.
Value range: YES, NO
Default value: YES
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-23
8.3.2 Configuring Mobility Management Timers
Description
The system provides default values for the mobile management timers. The default values are also recommended values.
Prerequisites
None
Commands
SET PMMTMR
Examples
Set the RAU timer as 54 minutes.
SET PMMTMR: MSRCHTMR=54;
Parameters
ID Name Description
T3322 Detach Req Retrans timer (s)
This timer starts upon the transmission of the Detach Request message and stops upon the receipt of the Detach Accept message. If this timer expires, the Detach Request message may be retransmitted. The message can be retransmitted for up to 2 times.
Value range: 3 to 12
Default value: 6
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-24 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
T3350 Message Retrans timer (s) This timer starts upon the transmission of the Attach Accept (P-TMSI/TMSI), Routing Area Update Accept (P-TMSI/TMSI) or P-TMSI Reallocation Command message and stops upon the receipt of the Attach Complete, Routing Area Update Complete or P-TMSI Reallocation Complete message. If this timer expires, the Attach Accept (P-TMSI/TMSI), Routing Area Update Accept (P-TMSI/TMSI) or P-TMSI Reallocation Command message is retransmitted. The message can be retransmitted for up to 2 times.
Value range: 3 to 12
Default value: 6
T3360 Authentication-Ciphering req Retrans timer (s)
This timer starts upon the transmission of the Authentication and Ciphering Request message and stops upon the receipt of the Authentication and Ciphering Response message. If this timer expires, the Authentication and Ciphering Request message is retransmitted. The message can be retransmitted for up to 2 times.
Value range: 3 to 12
Default value: 6
T3370 Id req Retrans timer (s) This timer starts upon the transmission of the Identity Request message and stops upon the receipt of the Identity Response message. If this timer expires, the Identity Request message is retransmitted. The message can be retransmitted for up to 2 times.
Value range: 3 to 12
Default value: 6
T3313 Paging rsp timer (s) This timer starts upon the transmission of the Paging Request message and stops upon receipt of the Service Request (Paging Response) message. If this timer expires, the Paging Request message is retransmitted. The message can be retransmitted for up to 2 times.
Value range: 4 to 20
Default value: 6
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-25
ID Name Description
PRDTMR Period-RAU timer (min) This timer defines the interval for the Periodic RAU procedure in the MS. The length of the timer is sent in the Attach Accept or RAU Accept message. If this timer expires, the MS starts a Periodic RAU procedure.
Value range: 1 to 186
Default value: 54
MSRCHTMR MS reachable timer (min) This timer indicates the length of the Mobile Reachable Timer. This timer monitors the periodic RA update procedure in the SGSN. The value of this timer is slightly bigger than that of the periodic RA update timer used by an MS. The timer starts when the state when the PMM IDLE state is entered and stops when the state changes to PMM CONNECTED. If this timer expires, the SGSN detaches the MS implicitly.
Value range: 2 to 198
System initial value: 58
Note: The length of this timer must be bigger than that of the PRDTMR timer, but equal to or smaller than that of the PRDTMR+12 timer.
PTMSITMR Ptmsi Realloc Timer (h) This timer starts upon the transmission of the P-TMSI Reallocation Command message to an attached MS and stops upon the receipt of the P-TMSI Reallocation Complete message from the MS. If this timer expires, the network initiates the P-TMSI Reallocation procedure to update the TMSI of the MS.
Value range: 0 to 24
Default value: 0
Note: The value 0 means that no PTMSI reallocation is supported.
RLCTMR Reloc Res alloc timer (s) This timer starts upon the transmission of the Relocation Request from the new SGSN to the target radio network controller (RNC) and stops upon the receipt of the Relocation Request Acknowledge message. If this timer expires, a relocation preparation failure is sent to the source RNC.
Value range: 5 to 15
Default value: 10
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-26 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
RLCOLD Old SGSN RelocCmpTimer (s)
This timer starts upon the transmission of the Relocation Command message from the old SGSN to the source RNC and stops upon the receipt of the Forward Relocation Complete message from the new SGSN. If this timer expires, the subscriber information is released.
Value range: 5 to 15
Default value: 10
System default value: 10
RLCNEW New SGSN RelocCmpTimer (s)
This timer starts upon the transmission of the Forward Relocation Response message from the new SGSN to the old SGSN and stops upon the receipt of the Relocation Complete message from the target RNC. If this timer expires, the subscriber information is released.
Value range: 5 to 15
Default value: 10
UPDUESBI Update Start time Time when the system starts to update UESBI.
Value range: 00:00 to 23:59
Default value: 03:30
8.3.3 Configuring Authentication and Encryption for Specified Subscribers
Description
The SGSN9810 can apply special authentication and encryption for the specified subscribers.
Prerequisites
None
Commands
ADD 3GAUTHCIPH
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-27
Examples
Set the following attributes for the subscriber with IMSI of 460001111:
Apply authentication to all procedures.
Do not apply encryption to all procedures. ADD 3GAUTHCIPH: MCC="460", MNC="00", MATCHIMSI="1111", NAC=YES, CIPH=NO,
AUTH=PROD_RAU-1&PAGING_RSP-1&MS_SERVICE_REQ-1&DETACH-1&INTER_RAU-1&INTRA_RAU-1&PTMS
I_ATTACH-1&IMSI_ATTACH-1&LCS-1&SMS_MT-1&SMS_MO-1;
Parameters
ID Name Description
MCC Mobile Country Code
Mobile country code.
Value range: 3 BCD codes
Default value: none
MNC Mobile Network Code
Mobile network code.
Value range: 2 or 3 BCD codes
Default value: none
MATCHIMSI Matched IMSI Additional IMSI number.
In addition to the MCC and the MNC, the IMSI also consists of other codes. This refers to the first of these codes. To differentiate the MSs, the system matches the MS IMSI based on the MCC, MNC and this parameter.
Value range: 0 to 10 BCD codes
Default value: none
NAC Enable all auth and ciph
Whether to enable the authentication and cipher switch for an MS within a number range.
Value range: NO, YES
Default value: YES
CIPH Cipher flag Whether to activate the ciphering procedure for an MS.
Value range: NO, YES
Default value: YES
Note: Use the ciphering algorithm recorded in the PMM table.
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-28 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
AUTH Auth selection Whether to activate the authentication for the following procedures:
PROD_RAU
PAGING_RSP
MS_SERVICE_REQ
DETACH
INTER_RAU
INTRA_RAU
PTMSI_ATTACH
IMSI_ATTACH
LCS
SMS_MT
SMS_MO
Value range: for each of the above procedures,
0: no authentication
1: authentication
Default value: 0 (for all procedures)
8.3.4 Configuring Algorithm Priorities
Description
By default, the encryption algorithm and the integrity algorithm are of the same priority. You may change the default settings.
Prerequisites The encryption function is enabled.
The encryption algorithm and the integrity algorithm are set.
Check them using LST PMM.
Commands
ADD ALGPRIORITY
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-29
Examples
Set priority for the following algorithms:
NOCIPH: 0
UEA1: 1 ADD ALGPRIORITY: ALGTYPE=CIPH, ALG=NOCIPH, ALGPRI=0;
ADD ALGPRIORITY: ALGTYPE=CIPH, ALG=UEA1, ALGPRI=1;
Parameters
ID Name Description
ALGTYPE Algorithm Type
Algorithm type.
Value range: CIPH (ciphering), INTE (integrity)
Default value: none
ALG Algorithm Algorithm name. are two No ciphering and UEA1, and one
Value range: NOCIPH, UEA1, and UIA1
Default value: none
Note: NOCIPH (No ciphering) and UEA1 are ciphering algorithms.
UIA1 is an integrity algorithm.
ALGPRI Algorithm Priority
Priority of the algorithm.
Value range:0 to 255
Default value: none
Note: The smaller the value, the higher the priority.
8.4 Configuring Special Functions for IMEI Check Configuring special IMEI check functions includes:
Configuring the IMEI Check Based on IMSI.
Configuring the Function of Permitting Unknown Subscriber Access Based on IMSI.
All of the above tasks are optional. You may perform the tasks in any order.
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-30 Huawei Technologies Proprietary Issue 03 (2006-08-10)
8.4.1 Configuring the IMEI Check Based on IMSI
Description
If the IMEI check function is enabled in the SGSN, you can configure the IMSI number for the IMEI check.
Prerequisites
The IMEI check function is enabled. Check it using LST GMM or LST PMM.
Procedure
Step 1 Enable the IMEI check unction.
Command: SET SERVICE_PARA
Step 2 Set the IMSI for the IMEI check.
Command: ADD IMEICHKCFG
----End
Examples SET SERVICE_PARA: IMRGCHK=YES;
ADD IMEICHKCFG: CONTYPE=IMSICHK, BEGIMSI="460001111", ENDIMSI="460001112";
Parameters
ID Name Description
IMRGCHK Imsi range IMEI check
Whether an SGSN enables the Imsi range IMEI check function.
Value range: YES, NO
CONTYPE Control Type Control type.
Value range:
IMSICHK: IMEI check IMSI checking range
PERACCESS: unknown user access
BEGIMSI Begin IMSI Begin IMSI of the IMSI range.
Value range: up to 15 BCD codes
Default value: none
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-31
ID Name Description
ENDIMSI End IMSI End IMSI of the IMSI range.
Value range: up to 15 BCD codes
Default value: none
8.4.2 Configuring the Function of Permitting Unknown Subscriber Access Based on IMSI
Description
If the IMEI check function is enabled in the SGSN, you can configure the SGSN to permit the subscriber with the specified IMSI accessing the network regardless of the IMEI check result.
Prerequisites
The IMEI check function is enabled. You can check it using LST GMM or LST PMM.
Procedure
Step 1 Enable the function of permitting unknown subscriber access.
Command: SET SERVICE_PARA
Step 2 Set the IMSI number range.
Command: ADD IMEICHKCFG
----End
Examples
Permit access regardless of the IMEI check result for the subscribers from 460001111 to 460001112.
SET SERVICE_PARA: IMRGACC=YES;
ADD IMEICHKCFG: CONTYPE=PERACCESS, BEGIMSI="460001111", ENDIMSI="460001112";
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-32 Huawei Technologies Proprietary Issue 03 (2006-08-10)
Parameters
ID Name Description
IMRGACC Imsi range Unknown User Access
If an SGSN enables the function of Imsi range Unknown User Access.
Value range: YES, NO
CONTYPE Control Type Control type.
Value range:
IMSICHK: IMEI check IMSI checking range
PERACCESS: unknown user access
BEGIMSI Begin IMSI Begin IMSI of the IMSI range.
Value range: up to 15 BCD codes
Default value: none
ENDIMSI End IMSI End IMSI of the IMSI range.
Value range: up to 15 BCD codes
Default value: none
8.5 Configuring the Function of Denying the 2G Subscribers Accessing the 3G Network
Configuring the function of denying the 2G subscribers accessing the 3G network includes the following tasks:
Configuring the 3G Network Access Deny Based on APNNI
Configuring the 3G Network Access Deny Based on IMSI
Configuring the 3G Network Access Deny Based on ARD
Configuring 3G Network Access Deny for SIM Subscribers
All of the above tasks are optional. You may perform the tasks in any order.
8.5.1 Configuring the 3G Network Access Deny Based on APNNI
Description
The SGSN9810 denies the 2G subscribers accessing 3G network based on the APNNI. The operator assigns different APNNIs to distinguish the 2G subscribers from the 3G subscribers.
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-33
Prerequisites
None
Procedure
Step 1 Enable the function of 3G access control by APNNI.
Command: SET SERVICE_PARA
Step 2 Configure the APNNI.
Command: ADD APNNILST
----End
Examples
Set that the subscribers with the APNNI as wideband code division multiple access (WCDMA)
SET SERVICE_PARA: APNREJGPRS=YES;
ADD APNNILST: MCC="460", MNC="00", APNNI="wcdma";
Parameters
ID Name Description
APNREJGPRS Reject GPRS MS according to APNNI
If an SGSN enables the function of Reject GPRS MS according to APNNI.
Value range: YES, NO
MCC Mobile country code Mobile country code in a PLMN number.
Value range: 3 BCD codes
Default value: none
MNC Mobile network code Mobile network code in a PLMN number.
Value range: 2 or 3 BCD codes
Default value: none
Note: If the MCCs of two network numbers are the same, the first two BCD codes of the MNCs must be different.
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-34 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
APNNI APN network ID APN network identifier.
Value range: a string of up to 64 characters
Default value: none
Note: It consists of one or more labels separated by dots.
A label consists of letters, digits and dash -.
It contains at least one label and consists of up to 63 octets.
It must not start with rac, lac, sgsn, or mc and must not end with .gprs.
It must not contain a star *.
8.5.2 Configuring the 3G Network Access Deny Based on IMSI
Description
The SGSN9810 denies the 2G subscribers accessing the 3G network based on the IMSI numbers.
Prerequisites
None
Procedure
Step 1 Enable the function of 3G accessing deny by IMSI.
Command: SET SERVICE_PARA
Step 2 Configure the 3G IMSI range.
Command: ADD USRATTIMSI
----End
Examples
Set that the subscriber 111111111111 is allowed accessing the 3G network.
SET SERVICE_PARA: IMSIREJGPRS=YES;
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-35
ADD USRATTIMSI: BEGIMSI="111111111111", ENDIMSI="1111111111", USRATT=UMTS;
Parameters
ID Name Description
IMSIREJGPRS Reject GPRS MS according to IMSI
This parameter indicates whether an SGSN enables the function "Reject GPRS MS according to IMSI."
Value range: YES, NO.
BEGINIMSI Begin IMSI Start IMSI of an USRATTIMSI range.
Value range: up to 15 BCD codes
Default value: none
Note: The start IMSI is also included in the IMSI range.
ENDIMSI End IMSI End IMSI of an USRATTIMSI range.
Value range: up to 15 BCD codes
Default value: none
Note: The end IMSI is also included in the IMSI range.
USRATT User attribute in the segment
User attribute in the IMSI range.
Value range: GPRS, UMTS, and GPRS_UMTS
Default value: none
Note: A GPRS subscriber can only access the 2G USPU board.
A UMTS subscriber can only access the 3G USPU board.
A GPRS_UMTS subscriber can access all USPUs.
If a subscriber is not configured with this attribute, this attribute is GPRS by default.
8.5.3 Configuring the 3G Network Access Deny Based on ARD
Description
The access restriction data (ARD) is subscribed data that indicates whether to adopt the radio access technology (RAT). If the visitor location register (VLR) or SGSN supports RAT, but does not receive the RAT parameters from the HLR, the VLR or SGSN assumes the user does not subscribe this data.
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-36 Huawei Technologies Proprietary Issue 03 (2006-08-10)
Prerequisites
None
Commands
SET SERVICE_PARA
Examples SET SERVICE_PARA: ARDSPT=YES;
Parameters
ID Name Description
ARDSPT Support ARD Function or not
If an SGSN enables the function of Reject GPRS MS according to ARD.
Value range: YES, NO
8.5.4 Configuring 3G Network Access Deny for SIM Subscribers
Description
The SGSN9810 allows the SIM card subscribers accessing 3G network by default. You can change this setting.
Prerequisites
The 3G attach and inter RAU authentication functions are enabled. Check it using LST PMM.
Commands
SET SERVICE_PARA
Examples SET SERVICE_PARA: SIMREJ=YES;
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-37
Parameters
ID Name Description
SIMREJ Reject SIM User Access 3G
If an SGSN enables the function of Reject SIM user access 3G.
If this function is enabled, authentication must be performed for a 3G attach and inter RAU.
Value range: YES, NO
8.6 Configuring the Roaming Restriction Configuring the roaming restriction includes the following tasks:
Configuring the Function of Roaming Restriction by IMSI.
Configuring the Function of Roaming Restriction by ZC.
All of the above tasks are optional. You may perform the tasks in any order.
8.6.1 Configuring the Function of Roaming Restriction by IMSI
Description
The SGSN9810 can recognize the roaming subscribers by IMSI.
Prerequisites
None
Procedure
Step 1 Enable the function of roaming by IMSI.
Command: SET SERVICE_PARA
Step 2 Set that the subscribers within certain IMSI range are not allowed to roam in a location area or routing area.
Command: ADD RESTRICTAREA
----End
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-38 Huawei Technologies Proprietary Issue 03 (2006-08-10)
Examples
The subscribers from 460017551111111 to 460017552222222 are not allowed to roam in routing area 46000712305.
SET SERVICE_PARA: ROAM=YES;
ADD RESTRICTAREA: BEGIMSI="460017551111111", ENDIMSI="460017552222222",
RLAI="460007123", RRAC="5";
Parameters
ID Name Description
BEGIMSI Begin IMSI Begin IMSI of the restricted IMSI range.
Value range: up to 15 BCD codes
Default value: none
ENDIMSI End IMSI End IMSI of the restricted IMSI range.
Value range: up to 15 BCD codes
Default value: none
RLAI Restricted location area identifier
Identity of the restricted location area.
Value range: LAI = MNC + MCC + location area code (LAC)
Default value: none
RRAC Restricted routing area code
Code of the restricted routing area (optional).
Value range: 0x00 to 0xFF
Default value: FF
8.6.2 Configuring the Function of Roaming Restriction by ZC
Description
The operators use the zone code (ZC) to control the roaming. An operator may divide a service area into multiple zones, and label them with different ZCs. A user may subscribe the roaming service in certain zones.
If the zone code of the current location area or routing area of the subscriber is on the subscribed zone code list, the SGSN permits the access. Otherwise, the SGSN denies the access.
Prerequisites
None
HUAWEI SGSN9810 Configuration Guide Volume II 8 Configuring Mobility Management
Issue 03 (2006-08-10) Huawei Technologies Proprietary 8-39
Procedure
Step 1 Enable the function of roaming by ZC.
Command: SET MAPFUNC
Step 2 Configure the ZC.
Command: ADD MAPZC
----End
Examples
Enable the function of roaming by ZC. Set the zone code for routing area 4600011110001 as 1234.
SET MAPFUNC: ZC=YES;
ADD MAPZC: ZC="1234", LAI="460001111", ZCN="test", RAC=1;
Parameters The parameters of SET MAPFUNC
ID Name Description
ZC Area restriction Whether to enable area restriction.
Value range: YES, NO
System initial value: NO
The parameters of ADD MAPZC
ID Name Description
ZC Area code Area code.
Value range: 0x0000 to 0xFFFF
Default value: none
Note: It is a hexadecimal number. You can add 0X or 0x before the number or not.
LAI Location area ID Location area identity of the zone, LAI = MCC + MNC + LAC.
Value range: 5 or 6 BCD codes plus 4 hexadecimal digits
Default value: none
8 Configuring Mobility Management HUAWEI SGSN9810
Configuration Guide Volume II
8-40 Huawei Technologies Proprietary Issue 03 (2006-08-10)
ID Name Description
ZCN Area name Name of the zone.
Value range: a string of up to 19 characters
Default value: noname
RAC Routing area code Routing area code of the zone.
Value range: 0 to FF
Default value: none