Core Network

(ENGINEERING
NOC)
 Core Network
Core domain is dynamic and having diversified
services which have been continuously evolving
since beginning, regarding monitoring tools &
technology, including PS-Core & CS-Core, as there
has been immense evolution within Core Network
from 2G to 4G technology!
Contents
• Basic introduction to 2G, 3G & 4G Technologies
• Evolution of Core Network from 2G to 3G & from 3G to 4G
• CS-Core
• What we are doing in CMPak NOC-FO regarding CS-Core?
• VAS (Value added services)
• PS-Core
• What we are doing in CMPAK NOC-FO regarding PS-Core?
• Gi Links & ISPs
• Escalation Matrix of CMPak Core Domain
Basic Introduction
to
2G, 3G & 4G
Technologies
2G (GSM) Architecture &
Interfaces:
• The GSM system or global system for mobile
communication was designed as a second generation or
2G cellular phone technology
• One of the basic aims was to provide a system that
would enable greater capacity to be achieved than the
previous first generation analogue systems
• By adopting this technique more users could be
accommodated within the available bandwidth
• Speech or voice calls were the primary function for the
GSM cellular system
• Another service that has grown enormously is the short
message service
• With the Internet becoming more widely used, GSM was
developed to start to meet these needs
• GPRS (2.5G), the General Packet Radio Service was an
evolution of the GSM 2G cellular telecommunications
system
• Using packet data rather than circuit switched data
circuits, has enabled data network (internet) having
speed around 50kbps to 120kbps
• GSM EDGE (2.75G), Enhanced Data rates for GSM
Evolution, was the evolution of GSM, & GPRS in which
data transfer rates reached up to 236.8 kbps
Interfaces used for GSM
network:
Um Interface: Used to communicate between BTS with
MS
Abis Interface: Used to communicate BSC TO BTS
A Interface: Used to communicate BSC and MSC
Singling protocol (SS7): Used to communicate MSC
with other network
Core Network Elements of GSM:
NSS
Network Switching Subsystem (NSS) manages the
switching functions of the system and allows MSCs to
communicate with other networks such as PSTN and ISDN. It
consists of:

• Mobile switching Centre (MSC): It is a heart of the

network. It manages communication between GSM and
other networks. It manages call set up function, routing and
basic switching. It performs mobility management including
registration, location updating and inter BSS and inter MSC
call handoff. It provides billing information. MSC does
gateway function while its customers roam to other network
by using HLR/VLR, it controls it’s under BSCs and to update
information of the mobiles
• Home Location Registers (HLR): It is a permanent
database about mobile subscriber in a large service area. It’s
database contains IMSI, IMSISDN, prepaid/post-paid, roaming
restrictions, supplementary services
• Visitor Location Registers (VLR): It is a temporary
database which updates whenever new MS enters its area by
HLR database. It controls mobiles roaming in its area. It
reduces number of queries to HLR. Its database contains IMSI,
TMSI, IMSISDN, MSRN, location, area authentication key
• Authentication Centre: It provides protection against
intruders in air interface. It maintains authentication keys and
algorithms and provides security triplets (RAND, SRES, Ki)
• Equipment Identity Registry (EIR): It is a database that is
used to track handset using the IMEI number. It is made up of
three sub classes: the white list, the black list and the gray list
GPRS/EDGE Architecture:
What is 3G (UMTS)?
• UMTS (Universal Mobile Telecommunication System) is
popularly known as a third-generation (3G) cellular
network. It was seen as a better cellular technology for
data transfer than its predecessor, the GSM technology
• UMTS initially boasted downlink data rates of 384 Kbps
to 512 Kbps (kilobytes per second). That’s significantly
faster than GPRS (General Packet Radio Service) and
even EDGE (Enhanced Data Rates for GSM Evolution)
• Its uplink speed was capped at 128 Kbps
3G (UMTS) Architecture:
Core Network Elements of
UMTS:
• SGSN: Serving GPRS Support Node forms a gateway to the
services within the network. It is responsible for authentication of
GPRS mobiles, registration of mobiles in the network, mobility
management, and collecting information on charging for the use
of the air interface
• GGSN: Gateway GPRS Support Node forms the gateway to the
outside world. It acts as an interface and a router to external
networks. It contains routing information for GPRS mobiles, which
is used to tunnel packets through the IP based internal backbone
to the correct Serving GPRS Support Node. The GGSN also collects
charging information connected to the use of the external data
networks and can act as a packet filter for incoming traffic
• PCU: Packet Control Unit differentiates whether data is to be
routed to the packet switched or circuit switched networks
• GMSC: Gateway Mobile Switching Centre is effectively the
3G (UMTS) Interfaces:
• Uu: Radio Interface
• Iub: The interface between NodeB and RNC
• Iur: The interface between RNCs
• Iu_CS: The interface between RNC and CS domain
• Iu_PS: The interface between RNC and PS domain
What is 4G (LTE)?
• LTE (Long-Term Evolution) is a fourth-generation (4G)
wireless standard that provides increased network
capacity and speed for cellphones and other cellular
devices compared with third-generation 3G technology
• LTE provides high speed, higher efficiency, peak data
rates and flexibility in bandwidth and frequency
• LTE offers higher peak data transfer rates than 3G, up to
100 Mbps downstream and 30 Mbps upstream. It
provides reduced latency, scalable bandwidth capacity
and backward compatibility with the existing Global
System for Mobile communication (GSM) and Universal
Mobile Telecommunications Service (UMTS) technology
LTE Architecture:
Core Network Elements of LTE:
• HSS: The Home Subscriber Server component has been
carried forward from UMTS and GSM and is a central
database that contains information about all the network
operator's subscribers
• P-GW: The Packet Data Network (PDN) Gateway
communicates with the outside world i.e, packet data
networks, using SGi interface. Each packet data network is
identified by an access point name (APN). The PDN gateway
has the same role as the GPRS support node (GGSN) and the
serving GPRS support node (SGSN) in UMTS and GSM
• S-GW: The serving gateway (S-GW) acts as a router, and
forwards data between the base station and the PDN
gateway
• MME: The mobility management entity controls the high-
level operation of the mobile by means of signaling
• PCRF: The Policy Control and Charging Rules Function is
a component which is responsible for policy control
decision-making, as well as for controlling the flow-
based charging functionalities in the Policy Control
Enforcement Function (PCEF), which resides in the P-GW
LTE Interfaces:
• S1-MME: Reference point for the control plane protocol between E-UTRAN
and MME
• S1-U: Reference point between E-UTRAN and Serving GW for the per bearer
user plane tunnelling and inter eNodeB path switching during handover
• S6a: It enables transfer of subscription and authentication data for
authenticating/authorizing user access to the evolved system (AAA
interface) between MME and HSS
• Gx: It provides transfer of (QoS) policy and charging rules from PCRF to
Policy and Charging Enforcement Function (PCEF) in the PDN GW
• S8: Inter-PLMN reference point providing user and control plane between
the Serving GW in the VPLMN and the PDN GW in the HPLMN. S8 is the inter
PLMN variant of S5
• SGi: It is the reference point between the PDN GW and the packet data
network. Packet data network may be an operator external public or private
packet data network or an intra operator packet data network, e.g, for
provision of IMS services. This reference point corresponds to Gi for 3GPP
accesses
LTE Advanced (4G+):
• 4G+ (or also known as LTE Advanced) is an upgrade to the existing 4G
network, doubling the current theoretical network speeds of 150Mbps
to 300Mbps for downlink and 50 Mbit/s for uplink
• It is usually marketed as LTE+, 4G+, 4GX, 4.5G or 4G LTE Ultra
Voice over LTE (VoLTE):
• VoLTE (voice over LTE) is a technology that enables voice calling over
4G. LTE only supports data. This technology is purely data-based, which
means that it is not designed to handle calls and other types of
services. VoLTE, on the other hand, can be used for both calls and data.
It is a digital packet technology that uses 4G LTE networks to route
voice traffic and transmit data
• IMS (IP Multimedia Subsystem) is a standalone system. It resides out of
the LTE network and connected to PDN Gateway through SGi interface.
It is basic component which enables voice over LTE
Evolution of Core Network from
2G to 4G:
CS-Core Network:
CS (Circuit switching) is a type of network configuration in which a physical
path is obtained and dedicated to a single connection between two endpoints
in the network for the duration of a dedicated connection. Ordinary voice
phone service uses circuit switching. This reserved circuit is used for the
duration of a call.
Advantages:
• Decreases the delay the user experiences before and during a call
• The call will be done with a steady bandwidth, dedicated channel, and
consistent data rate
• Packets are always delivered in the correct order
Disadvantages:
• Doesn’t use resources efficiently
• Dedicated channels for circuit switching are unavailable for any other use
• There is a higher cost to dedicate one channel per use
• Cannot be used for data communication
PS-Core Network:
PS (Packet switching) is the transfer of small pieces of data across various networks.
When a user sends a file across a network, it gets transferred in smaller data packets, not
in one piece. For efficiency’s sake, each data packet could go a different route. The header
address contains the source and destination nodes. Once all of the data packets reach the
correct destination, the packets are extracted and reassembled to create the sender’s
original message.
Advantages:
• Data chunks or “packets” allow for faster, more efficient data transfer
• Data packets are able to find the destination without the use of a dedicated channel
• Reduces lost data packets because packet switching allows for resending of packets
• More cost-effective since there is no need for a dedicated channel for voice or data
traffic
Disadvantages:
• Not ideal for applications that are in constant use, such as high volume voice calls
• High-volume networks can lose data packets during high-traffic times; those data
packets cannot be recovered or resent during transmission
• There is a lack of security protocols for data packets during transmission
Key Takeaways:
Circuit switching and packet switching are the two different methods of switching that
are used to connect multiple communicating devices with one another. The key
What we are doing in
CMPAK NOC-FO
regarding CS-Core?
CS Core Utility Services:
• Voice Call
• SMS (Short Message Service)
• Call Waiting
• Call Forwarding
• Call Conference
• MCA (Missed Call Alert Service)
• LBS (Location Based Services)
• RBT (Ring back tone)
• USSD
Monitoring Tools/Portals of CS-
Core:
• Huawei iMaster MAE U2020
• ZTE-Net Numen for Core elements
• Nagios (GMLC)
• Nagios (911 Help Line)
• ZABBIX SMSC Firewall
• Grafana (Protei)
• Transworld MRTG (LDI & IPLC)
• Digital View
• Huawei SMSBI System
• ZTE-Net Numen for VAS (Value added services)
• Regional Breakdown of Elements in CMPak CS-Core Network
Huawei iMaster MAE U2020:
Huawei’s iMaster Mobile Broadband Automation Engine (MAE) is cloud
based monitoring portal of basic elements of CS-Core network. It is
developed by Huawei. In CmPAK, CS-Core network in North & South
entirely consists of Huawei, along with some portion of Central region.
Alarm Management view in Huawei client:

View of all current alarms on master MAE generated on all devices:

ZTE-NetNumen Fault Management view:
ZTE-NetNumen Fault Management is also a monitoring tool of basic elements of
CS-Core network. It is developed by ZTE. In CmPAK, CS-Core major portion
consists of ZTE, along with some portion of North region.
Monitoring Elements in Huawei
& We
ZTE:
do Alarm Monitoring of North & South regions in Huawei
U2020 and of majorly Central region in ZTE-NetNumen, of below
mentioned CS-Core elements:

• MSCs, GMSCs
• MGWs
• HSS [UDM & HLR]
• STPs, SPS V3
• SBC
• PCRF
• UMG
• vUDN
• EPC [UGWs, CG & USN (NWD)] & vEPC [vUGWs, vCG,
vDG & vUSN (NWD)]
• DNS
• CSCF
• Cloud UDN, Cloud CS2980(SBC & vSBC)
• ENS(IMS)
• Traffic verification of BSCs & RNCs
• Interconnects(Jazz, Ufone, Telenor, Worldcall, PTCL,
Telecard, NTC, SCO, Witribe, 4BG, VCM, Redtone,
Beepcall, Dancom, Wisecom, ADGLDI, Wateen)
• Location query support to regulatory on demand
• KPIs verification
Traffic Types on BSCs & RNCs:
We generally check two types of traffic at any particular BSC or
RNC:
• Seizure Traffic:
An attempted call is termed a seizure which constitutes seizure
traffic
• Answer Traffic:
After attempt, telephone calls which are answered constitutes
answer traffic.
• Answer-Seizure ratio (ASR):
The answer-seizure ratio (ASR) is a measurement of network
quality and call success rates in telecommunications. The answer-
seizure ratio (ASR) is the percentage of telephone calls which are
answered.
Traffic graph in Huawei (Performance Management):

We do analyze traffic on any BSC or RNC in Performance management. It is implemented

by periodic collection of the performance data of networks, devices, functions, services, or
other objects and centralized storage and management of the collected data:
Availability of Various Parameters:
Traffic graph in ZTE (Performance Management):
What is GMLC?

• Gateway Mobile Location Centre (GMLC) contains functionality

required to support LCS (Location Services). In one PLMN
(Public Land Mobile Network), there may be more than one
GMLC. The GMLC is the first node an external LCS client
accesses in a GSM or UMTS network. The GMLC may request
routing information from the HLR (Home Location register) or
HSS (Home Subscriber Server). After performing registration
authorization, it sends positioning requests to either the VMSC
(Visited Mobile Switching Centre), SGSN (Serving GPRS Support
Node) or MSC (Mobile Switching Centre) Server and receives
final location estimates from the corresponding entity
• We monitor server alarms related to NWD GMLC server on
Nagios
• Nagios is developed by MM-Mercurial minds
Nagios (GMLC-Gateway Mobile Location Centre):
Where GMLC resides in Network?

LRF: Location Retrieval Function (LRF) fused with a GMLC obtains the
location information of the user who has started an emergency session
E-SLMC: Evolved Serving Mobile Location Centre is found within a PLMN
(Public Land Mobile Network) and is used to calculate positional information
and coordinate location based services (in roaming network)
What is 911 Pehl Help Line?
• This is an emergency helpline implemented on
directions of government to provide citizens
better emergency services
• We do monitor alarms of 911 emergency helpline
related issues on Nagios portal (regarding its
servers, memory & congestion)
• Nagios is web based portal developed by MM:
mercurial minds
Nagios (911 Pehl Help Line) Portal:
What is Firewall?
• A Firewall is a network security device that monitors and
filters incoming and outgoing network traffic based on an
organization's established security policies
• At its most basic, a firewall is essentially the barrier that sits
between a private internal network and the public Internet
• The primary use of a firewall in networking is to secure the
network from cyberattacks. For example, a firewall prevents
malicious and unwanted content from entering your
environment. As well, a firewall protects vulnerable systems
and private data in the network from unauthorized access,
such as hackers or insiders
Main 3 Types of Firewalls:
• Hardware-based firewalls: A hardware-based firewall is
an appliance that acts as a secure gateway between
devices inside the network perimeter and those outside it
• Software-based firewalls: A software-based firewall, or
host firewall, runs on a server or other device
• Cloud/hosted firewall: Cloud firewalls are software-
based, cloud deployed network devices, built to stop or
mitigate unwanted access to private networks. As a new
technology, they are designed for modern business
needs, and sit within online application environments
ZABBIX SMSC Firewall:
In CMPAK, SMSC Firewall is deployed as security solution that helps in filtering and
blocking unwanted or malicious SMS traffic from reaching mobile devices or phones and
prevents attacks such as SMS spoofing, SMS flooding, SMS faking, and spamming.
SMSCs in Network:
The short message service center (SMSC) is the portion
of a mobile phone network that handles text message
operations. It is responsible for receiving, storing, routing
and forwarding SMS messages from mobile handsets.
• There are two SMSCs in Zong, sms services delivered
to/from South region are routed via these both SMSCs
• We do monitor alarms of SMSC Firewall which is
deployed for both SMSCs in North & Central regions
• It’s vendor is Haud
Grafana:
• Grafana is an open source interactive data-visualization
platform, developed by Grafana Labs
• It is deployed in order to monitor international roaming
stats of CMPAK regarding voice, data & sms
• Its vendor is Protei
Grafana Portal:
What is an LDI operator?

• Long distance operator (LDI) Operator means an

operator licensed by the Authority to provide long
distance and international telecommunications services
• Long distance international call means the call that
originates from a country and terminates outside of that
country
• LDI operators manage to routes LDI calls (across
international borders)
LDI service provider of CMPak:

• Primary LDI service provider of CMPAK is Transworld

• We are monitoring international traffic via two network
connection points of Transworld
• These both connection points resides in North & South
regions and contain overall international traffic of
CMPAK (except for China)
• These are having strong redundancy, having 2nd backup
links of Transworld along with ibasis and PTCL as tertiary
& quaternary backups respectively
IPLC Links of CMPak with CMCC:
• An IPLC is a private leased line between two or more points. The
international private leased circuit provides businesses access to the
internet, data exchange, and video and voice communication
capabilities
• CMPAK is having two IPLCs links of Transworld connecting with CMCC-
China
• These both connection points resides in North & South regions and
contain direct international traffic of CMPAK to China and vice-versa
• Like LDI links, these IPLCs are also having 2nd backup links of
Transworld along with iBASIS and PTCL as tertiary & quaternary
backups respectively
• iBASIS is communications solutions provider which gives us (CMPaK)
international connectivity towards west (Amsterdam & Rotterdam)
via CMI & Transworld
• ISP
• MBB
• FBB
• LDI
Transworld MRTG (LDI & IPLC): ISP
TWA
MBB
Y
FBB
Y
LDI
Y
IPLC
Y
PTCL Y Y Backup Backup
We monitor LDI & IPLC traffic on Transworld MRTG portal:
CMI Y N N N
Digital View:
• Digital view is developed by Huawei
• This portal is having details of SMSCs
• We do alarms monitoring of LHR SMSC & sms delievery complaints
verifications on demand
SMS Search query portal view for Central SMSC:
Huawei SMSBI System:
It is Huawei based portal for sms query of North SMSC.
Value Added Services (VAS):
A value-added service (VAS) is a popular telecommunications
industry term for non-essential services, or, in short, all services
beyond standard voice calls, sms & data. Some examples of VAS in
CMPak are:
• Baqi Paisa Service: This service gives you the complete details
of balance consumed on the previous day, including details of
calls, SMS, mobile internet and other services
• 420 Incoming Call Screening Service: With this service Zong
subscribers have an option to maintain a Call, SMS and Call &
SMS Block List Separately
• Daily Missed Call Alert Service: Get Missed Call Alert Service
• Voicemail: To send voice message
• Caller ID: To display ID of incoming call dialer
• Ringback tone (RBT): It is the sound a caller hears while
ZTE NetNumen for VAS:
All VAS services in CMPak are deployed by ZTE and we monitor
alarms related to all VAS elements on ZTE NetNumen tool.
Regional Breakdown of Elements in CMPak CS-Core
Network:
What we are doing in
CMPAK NOC-FO
regarding PS-Core?
PS Core Utility Services:
• Internet Browsing
• Data Roaming
• CDNs
• iCaches
• DNS
• Mobile Apps
• Live Streaming
Monitoring Tools of PS-Core
• Network Cloud/NCE (Huawei iMaster)
• ISPs of CMPak
• Huawei smart care Probe
• Bluecat
• Gemalto (OTA: Over-the-Air Solutions)
• CDNs
• GenieATM (DDoS Portal for PTCL)
• Corero (DDoS Portal for Transworld)
• NSFOCUS Anti-DDoS Business Operations System Portal
(DDoS Portal for CMI)
Huawei iMaster NCE:
Huawei NCE(Network Cloud Engine) is a multi layer, multi domain solution for
CSPs that integrates the management, control and analysis of packet and
optical networks. NCE is positioned as “Brain” of the cloud bases networks.
Main Categories of NCE Client:
Nodes/Devices/Elements:
• Agile Switches & Routers
• BG Nodes
• CDN Switches
• IPDR Switches
• PCRF Switches
• ISP Anti DDoS
• DNS
• 4G Roaming
• IGW (Internet Gateways)
 ISB IGW Nodes
 KHI IGW Nodes
 LHR IGW Nodes
• Registered & Attached/Active Subscribers count & total data Traffic
Alarm Management View:
We can view all current and historical alarms generated by iMaster NCE and devices:
IGWs in CMPak:
• Internet Gateway (IGW) is used to link two separate
networks together, allowing users to communicate
across several networks. A gateway allows instances
with public IPs to access the internet.
• CMPak is having eight primary IGWs: 4 in North, 2 in
Central, & 2 in South
• These IGWs connect CMPak network to its 3 ISPs:
PTCL (Total 3 primary IGWs in North, Central & South)
Transworld (Total 3 primary IGWs in North, Central & South)
CMI (Total 2 IGWs in North)
ISPs of CMPak:
• An internet service provider (ISP) is a company that provides
access to the internet.
• CMPak is having three ISPs which provide bandwidth by which it
accommodates its data users nationwide:
PTCL
Transworld
CMI
• It means that any data user of CMPak anywhere in country must
be connected to internet via any of above ISP through CMPak
• PTCL & TWA are having backups links in each region while CMI
has no backup. In case of issue, its traffic is accommodated by
PTCL & Transworld in order to avoid outage
 North PTCL Central PTCL South PTCL
North PTCL Primary Gi Link Central PTCL Primary Gi Link South PTCL Primary Gi Link

North PTCL Backup Gi Link Central PTCL Backup Gi Link South PTCL Backup Gi Link

North TWA Central TWA South TWA

North TWA Primary Gi Link Central TWA Primary Gi Link South TWA Primary Gi Link

Central TWA Backup Gi Link

and South TWA Backup Gi Link
North TWA Backup Gi Link
Central TWA 3rd Backup Gi
Link

North CMI Both planes of CMI resides in North but they carry traffic of all
CMI P-1 Primary Link regions, i.e., North, Central & South. Due to dual advertisement,
many pools of Central & South are carried by CMI via inter-region
links. Each link having fixed capacity of 60G, cannot be changed on
CMI P-2 Primary Link
demand like PTCL & TWA
SGi Links (interfaces):
• The SGi interface is the connection between a P-GW and the Internet
or destination networks connected to a PLMN in 4G networks. It is
the reference point between the PDN-GW and the packet data
network. Packet data network may be an operator external public or
private packet data network or an intra operator packet data
network
• CMPak is connected to IP(internet) world thorught its ISPs via SGi
interface. That’s why, these are also called Gi links
 North
Inter-Region Links & Traffic Shifting:
• Inter-region links connect ISPs of different regions to each other
• These links are having different capacities (bandwidth) which carry traffic of a South Central
particular region and connects it to ISP of another region
• These links are very useful to accommodate traffic during traffic shifting
• There are 6 inter-region links in both directions North  Central, North  South, Central  South
• NOC-FO is responsible to analyze daily traffic trend of each ISP in order to prevent it from congestion &
choking
• Choking occurs when data traffic at any ISP becomes unable to go beyond certain level, this happens
mainly when number of data users becomes higher and cannot be accommodated within available
bandwidth
• In such scenarios, we shift traffic of that ISP to another ISP of same region or another region depending
upon availability of unused bandwidth
• Traffic shifting to ISP of same region is called Intra-regional shifting and to ISP of another region is called
inter-regional shifting
• This usually happens during any events like sports events (world cup, PSL, hockey series, etc), Eid days,
political gatherings, independence day, mega ceremonies, festivals, etc.
• ISPs are connected with operator via BGP (Border Gateway Protocol). This enables the internet to exchange
routing information between two different networks.
• Dual advertisement is a phenomenon by which when we shift any pool, it chooses best path as per low
latency (when it is advertised to more than one ISP)
Current Bandwidth of ISPs:
Physical Capacity of Purchased Bandwidth
Region
Link (GBPS) (Mbps)
South (TW) 70 36,300
South (PTCL) 200 101,150
Central(TW) 100 46,500
Central(PTCL) 200 167,800
North TWA 100 53,700
North(PTCL) 200 54,500
CMI North P-1 60 50,000
CMI North P-2 60 50,000

Current Bandwidth of Inter-Region Links :

Capacity
Inter-Region Links
(Mbps)
ISB <=> LHR 16/01 40000
ISB <=> LHR 16/02 40000
KHI <=> LHR 16/01 40000
KHI <=> LHR 16/01 40000
ISB <=> KHI 16/01 30000
ISB <=> KHI 16/02 30000
ISPs Filter in Huawei NCE client:
Gi Data Traffic Graphs in Performance
Management Huawei NCE:
The NCE performance management system (PMS) can collect historical performance
data, monitor real-time performance data, display and analyze statistical results, and
generate performance data for single-domain or multi-domain NEs and networks.
Gi Dashboard:
Data Traffic Trend as compared to
previous day same weak (a case
study):
Cable Landing Stations in Pakistan:
There are 6 international submarine cable systems
connecting Pakistan to rest of the world via Karachi:
• PTCL is the landing party for:
 SMW3
 SMW4
 AAE-1
 IMEWE
• Transworld is the landing party for:
TW1 cable system
SMW5 consortium
China Mobile
International (CMI):
CMI is another underground cable connecting
Pakistan to other destinations via China
through North border. CMI is having two links:
• CMI Plane-1
• CMI Plane-2

Upcoming Projects:
• Wi-Tribe LDI Pakistan is building the Orient
Express submarine cable system, to be
landed in Karachi and Gwadar
• Cyber Internet Services Private Ltd.
(Cybernet) is the landing party in Pakistan
for the PEACE cable system, to be landed
in Karachi and Gwadar
4G Roaming:
We also monitor 4G data roaming traffic of CMPak with CMCC(China) &
Etisalat(UAE). Both are having strong redundancy, i.e., 3 back-up links of CMI &
TWA.

Traffic with Etisalat:

Traffic with CMCC:
Huawei smart care:
This is a portal in which we are doing service level monitoring of
these 5 apps:
 YouTube
 WhatsApp
 Facebook
 TikTok
 Wechat

Main Parameters we are concerned with are:

• KPIs of Live Apps
• Latency
• Packet Loss
Huawei smart care Probe view:
PS Traffic of YouTube:
What is DNS(Domain Name
Server)?
• DNS lets users connect to websites using domain names
instead of IP addresses
• The Domain Name System (DNS) is the phonebook of
the Internet.
• Humans access information online through domain
names, like [Link]
• Web browsers interact through Internet Protocol(IP)
addresses.
• DNS translates domain names to IP addresses so
browsers can load Internet resources
How many DNS are in Zong?
• In North, there are 4 DNS:
 DNS-04
 DNS-05
 DNS-06
 DNS-07

• In Central, there are 4 DNS:

 DNS-03
 DNS-05
 DNS-06
 DNS-07

• In South, there are 2 DNS:

 DNS-02
 DNS-03
Bluecat view:
DNS Queries Graph:
Monitoring of DNS Servers:
• We have to keep an eye over each DNS query per second
• Queries increase during day time and reach to maximum level
during peak hours
• These remain minimum during midnight
• We have to escalate as soon as its value becomes down to Zero or
exceeds beyond 70,000 per second
Gemalto (OTA: Over-the-Air Solutions):

• Gemalto is a tool developed by OTA-Thales

• This tool is cloud based.
• Gemalto is a portal used for Complaints regarding Mobile Internet
settings
• Register complaints regarding portal issues on demand of CMC
Content Delivery Network (CDN):
• A content delivery network is a distributed group of servers that caches content
near end users. It distributes content from an “origin” server throughout the world
by caching content close to where each end user is accessing the internet via a
web-enabled device
• Widely used content is replicated over several mirrored web server
• Less burden on websites, so they remain stable, means increase in server up-time
• Cost savings for telecom operator to save bandwidth
• Increase overall browsing speed (faster page loading, improved streaming
quality, etc.)
• High availability and performance with minimum RTT & minimum packet loss
ratio (PLR: Average Percentage of Lost Packets)
• packet loss by distributing the service to end users, maximizes real
upload/download speed, after RTT & PLR
• Increase in security and less vulnerability to DDOS attacks
• Optimize live delivery of data content
• Decrease in server load
• File mirroring (data protection against natural disasters)
• Scalability by adding new servers
CDNs in CMPak Network:
• GGC: For Google,
Youtube, Gmail &
Google Maps
• FNA: For Facebook,
Instagram, &
WhatsApp
• TikTok: For TikTok
• Akamai: For mostly
used websites based
upon Akamai
intelligent networks
• Netflix: For Netflix
CMPak Regional ISPs with Local CDN Servers:
CMPak CDNs Structure:

FNA ISP Used GGC ISP Used AKAMAI ISP Used Netflix ISP Used TikTok ISP Used iCache ISP Used

ISB - CI ISB TWA ISB - CI ISB TWA ISB ISB PTCL ISB ISB TWA ISB ISB PTCL
ISB - CII ISB PTCL ISB - CII ISB PTCL
ISB - CIII ISB PTCL

LHR - CI LHR TWA LHR - CI LHR TWA LHR LHR TWA LHR LHR TWA LHR LHR TWA LHR LHR TWA
LHR - CII LHR TWA LHR - CII LHR PTCL
LHR - CIII LHR PTCL
LHR - CIV LHR PTCL

KHI - CI KHI TWA KHI - CI KHI TWA KHI KHI PTCL KHI KHI TWA KHI KHI PTCL
KHI - CII KHI PTCL KHI - CII KHI PTCL
KHI - CIII KHI PTCL
Graphical View of CDN Traffic:

Outbound Traffic is traffic from CDN

towards user
Inbound Traffic is traffic from CDN
towards ISP
Difference b/w CDNs &
iCaches:
CDNs perform caching, not everything that performs caching is a CDN!

iCache CDNs

• Used by ISP to reduce bandwidth consumption • Used by Content Providers to increase QoS to end users
• Operate Reactively
• Caching proxies cater to their users (web clients) and • Operate Proactively
not to content providers (web servers) • CDNs cater to the content providers (web servers) and
• Caching proxies do not give control of the content to the clients
content providers • CDNs give control of the content to the content
providers
Distributed Denial-of-Service (DDoS) Attack:

• DDoS Attack means "Distributed Denial-of-Service (DDoS)

Attack" and it is a cybercrime in which the attacker floods a
server with internet traffic to prevent users from accessing
connected online services and sites.
• During this attack, we can find abnormal spikes in data
traffic graphs.
• In CMPak network, initially we used to ask relevant ISP to
confirm attack, either that sudden traffic is legitimate or
illegitimate
• In case of illegitimate traffic, we immediately ask ISP to
block that specific IPs for sometime
• Two years ago, we had signed contract with all 3 ISPs (TWA,
PTCL & CMI) to have clean bandwidth, means if there
system detects any DDoS attack, it will be mitigated
automatically
DDoS Attack Monitoring Portals:

• PTCL DDoS
Portal
• TWA DDoS
Portal
• CMI DDoS
Portal
GenieATM (DDoS Portal for PTCL):
Corero (DDoS Portal for Transworld):
NSFOCUS Anti-DDoS Business Operations
System Portal (DDoS Portal for CMI):
Huawei IGW Eudemon9000E-X8
Firewall:
• It shows all MBB pools of a specific region
accommodated by regional ISPs
• Used for NAT pools adjustment
• Network Address Translation (NAT) is a service that is
used in routers
• Its purpose is to translate a set of IP addresses to
another set of IP addresses
• Every region has a separate portal
• We use this portal for traffic shifting
Huawei IGW Eudemon9000E-X8
Portal view:
Escalation Matrix of CMPak Core Network:
Level-2 Level-3 Level-5 (EMT [CTO, CCO, Email Intimation To Follow
Scenario & Definition Level-1 (Engineer/CO) (TL/AM/Manager/Sr. (DD/Director/HOD/RCT Level-4 (CTO) CFO, CRO, CHRO]) Level-6 (CEO) Notification CMC Up
Manager) O)

CS Core NEs Down Duration: 15 Minutes Duration:

After
15 Minutes Duration: 30 Minutes Duration: 60 Minutes
Incident After Incident After Incident
Duration: 60 Minutes
After Incident Duration: 90 Minutes 20 Minues After Every
(L5/L6 Will Be Engaged If After Incident To: TL, AM, Manager & To: RCTO, DD & Director To: CTO To: EMT After Incident 20 Minutes After Incident 120
There Is Regional/NWD To: Engineer Sr. Manager (NOMC) Medium: Text Message Medium: Text Message To: CEO Incident (In case of service Minutes
Impact) Medium: Call Medium: Call Medium: Call & Email & Email Medium: Text Message impact)

Duration: 15 Minutes Duration:

After
20 Minutes
Incident
CS Core NEs After Incident To: TL, AM, Manager & NA NA NA NA 20 Minutes After NA NA
Critical/Major Alarms To: Engineer Sr. Manager Incident
Medium: Call Medium: Email

Interconnect Office Down

(Complete Trunk Group or Duration: 15 Minutes Duration: 15 Minutes Duration: 30 Minutes Duration: 60 Minutes Duration: 60 Minutes Duration: 90 Minutes 20 Minues After Every
Signaling Link Set Down) After Incident After Incident After Incident After Incident After Incident After Incident 20 Minutes After Incident
To: Engineer To: TL, AM, Manager & To: RCTO, DD & Director To: CTO To: EMT To: CEO Incident 120
(In case of service Minutes
(L5/L6 Will Be Engaged If Medium: Call Sr. Manager (NOMC) Medium: Text Message Medium: Text Message Medium: Text Message impact)
There Is Regional/NWD Medium: Call Medium: Call & Email & Email
Impact)

All LDI (Point of Duration: 15 Minutes Duration: 15 Minutes Duration: 30 Minutes Duration: 60 Minutes Duration: 60 Minutes Duration: 90 Minutes
Interconnect) Down After Incident After Incident After Incident After Incident After Incident After Incident 20 Minutes After 20 Minues After Every
(Signaling Link or Trunk To: Engineer To: TL, AM, Manager & To: RCTO, DD & Director To: CTO To: EMT To: CEO Incident Incident 120
Group) Medium: Call Sr. Manager (NOMC) Medium: Text Message Medium: Text Message Medium: Text Message Minutes
(CS/PS Services) Medium: Call Medium: Call & Email & Email

All Roaming Signaling

(SCCP & Diameter) Duration: 15 Minutes Duration:
After
15 Minutes Duration: 30 Minutes
Incident After Incident 20 Minues After Every
Connectvity With CMI Is After Incident To: TL, AM, Manager & To: RCTO, DD & Director NA NA NA 20 Minutes After Incident 120
Down (All STPs & All SPS) To: Engineer Sr. Manager (NOMC) Incident (In case of service Minutes
> 15 Minutes Medium: Call Medium: Call Medium: Call impact)
(CS/PS Services)
 Level-2 Level-3 Level-5 (EMT [CTO, CCO, Email Intimation To Follow
Scenario & Definition Level-1 (Engineer/CO) (TL/AM/Manager/Sr. (DD/Director/HOD/RCT Level-4 (CTO) CFO, CRO, CHRO]) Level-6 (CEO) Notification CMC Up
Manager) O)
All Roaming Signaling
(SCCP & Diameter) Duration: 15 Minutes Duration: 15 Minutes
After Incident
Duration: 30 Minutes
After Incident 20 Minues After Every
Connectvity With iBasis Is After Incident To: TL, AM, Manager & To: RCTO, DD & Director NA NA NA 20 Minutes After Incident 120
Down (All STPs & All SPS) To: Engineer Sr. Manager (NOMC) Incident (In case of service Minutes
> 15 Minutes Medium: Call Medium: Call Medium: Call impact)
(CS/PS Services)
Duration: 15 Minutes Duration:
After
15 Minutes
Incident Every
PRI Down After Incident To: TL, AM, Manager & NA NA NA NA 20 Minutes After NA 180
To: Engineer Sr. Manager Incident Minutes
Medium: Call Medium: Call
NWD/Regional Call Duration: 15 Minutes Duration:
After
15 Minutes
Confirmation
Duration: 30 Minutes
After Confirmation
Duration: 60 Minutes
After Confirmation
Duration: 60 Minutes
After Confirmation Duration: 90 Minutes
Connectivity Issue (via After Confirmation To: TL, AM, Manager & To: RCTO, DD & Director To: CTO To: EMT After Confirmation 20 Minutes After 20 Minues After Every 60
Complaints) To: Engineer Sr. Manager (NOMC) Medium: Text Message Medium: Text Message & To: CEO Confirmation Incident Minutes
MSC/MSS CSR Degradion Medium: Call Medium: Call Medium: Call & Email Email Medium: Text Message

PS Core & VAS NEs Down Duration: 15 Minutes Duration:After

15 Minutes
Incident
Duration: 30 Minutes
After Incident
Duration: 60 Minutes
After Incident
Duration: 60 Minutes
After Incident Duration: 90 Minutes 20 Minues After Every
(L5/L6 Will Be Engaged If After Incident To: TL, AM, Manager & To: RCTO, DD & Director To: CTO To: EMT After Incident 20 Minutes After Incident 120
There Is Regional/NWD To: Engineer Sr. Manager (NOMC) Medium: Text Message Medium: Text Message & To: CEO Incident (In case of service Minutes
Impact) Medium: Call Medium: Call Medium: Call & Email Email Medium: Text Message impact)

Duration: 15 Minutes Duration:

After
20 Minutes
Incident
PS Core & VAS NEs After Incident To: TL, AM, Manager & NA NA NA NA 20 Minutes After NA NA
Major/Critical Alarms To: Engineer Sr. Manager Incident
Medium: Call Medium: Email
Duration: 15 Minutes
Abnormal Duration: 15 Minutes After Incident
Increase/Decrease On GI After Incident To: TL, AM, Manager & NA NA NA NA 20 Minutes After 20 Minues After Every 60
Interface To: ISP Sr. Manager (Only Incident Incident Minutes
(Less than 20%) Medium: Call NOC)
Medium: Call
Abnormal Duration: 15 Minutes Duration:
After
15 Minutes
Incident
Duration: 30 Minutes
After Incident
Increase/Decrease On GI After Incident To: TL, AM, Manager & To: RCTO, DD & Director NA NA NA 20 Minutes After 20 Minues After Every 60
Interface To: ISP Sr. Manager (NOMC) Incident Incident Minutes
(More than 20%) Medium: Call Medium: Call Medium: Call
 Level-2 Level-3 Level-5 (EMT [CTO, CCO,
Scenario & Definition Level-1 (Engineer/CO) (TL/AM/Manager/Sr. (DD/Director/HOD/RCTO) Level-4 (CTO) CFO, CRO, CHRO]) Level-6 (CEO) Email Notification Intimation To CMC Follow
Up
Manager)

Duration: 15 Minutes Duration: 30 Minutes Duration: 60 Minutes Duration: 60 Minutes After Duration: 90 Minutes
Outage On Gi Interface Duration: 15 Minutes After Incident After Incident After Incident Incident
(Traffic Not Adjusted on After Incident To: TL, AM, Manager & To: RCTO, DD & Director To: CTO To: EMT After Incident 20 Minutes After 20 Minues After Every 60
other Link) To: ISP Sr. Manager (NOMC) Medium: Text Message & Medium: Text Message & Medium: To: CEO Incident Incident Minutes
Medium: Call Medium: Call Medium: Call/Text Email Email Text Message
Message

Duration: 15 Minutes
Choking On GI Interface After Incident
Observation Time > 30 NA To: TL, AM, Manager & NA NA NA NA NA NA NA
Minutes Sr. Manager
Medium: Call
Duration: 15 Minutes
PRTG Monitoring Issue After Incident NA NA NA NA NA 20 Minutes After NA Every 60
To: Engineer Incident Minutes
Medium: Call

Duration: 15 Minutes Duration: 20 Minutes Duration: 60 Minutes

CDN Servers After Incident After Incident Every
Degradation/Outage To: Vendor/Engineer To: TL, AM, Manager & To: DDAfter
&
Incident
Director (NOMC) NA NA NA 20 Minutes After
Incident NA 120
Medium: Email Sr. Manager Medium: Email Minutes
Medium: Email

IN/CAP Utilization
(Abnormal Duration: 15 Minutes Duration: 15 Minutes Duration: 30 Minutes Duration: 60 Minutes Duration: 60 Minutes After Duration: 90 Minutes 20 Minues After Every
Increase/Decrease In Trend) After Incident After Incident After Incident After Incident Incident After Incident 20 Minutes After Incident
To: Engineer To: TL, AM, Manager & To: RCTO, DD & Director To: CTO To: EMT To: CEO Incident 120
(In case of service Minutes
(L5/L6 Will Be Engaged If Medium: Call Sr. Manager (NOMC) Medium: Text Message & Medium: Text Message & Medium: Text Message impact)
There Is Regional/NWD Medium: Call Medium: Call Email Email
Impact)

Duration: 15 Minutes Duration: 15 Minutes

After Incident After Incident 20 Minutes After Every 60
BLB/BOP Down To: Engineer To: TL, AM, Manager & NA NA NA NA Incident NA mins
Medium: Call Sr. Manager
Medium: Call

Duration: 15 Minutes Duration: 20 Minutes Duration: 60 Minutes

After Incident After Incident After Incident 20 Minutes After Every 60
EMS Client Disconnection To: Engineer To: TL, AM, Manager & To: RCTO, DD & Director NA NA NA Incident NA Minutes
Medium: Call Sr. Manager (NOMC)
Medium: Email Medium: Email
Portal to create TT to PTCL:
This portal is used to create TT to PTCL for escalation purpose
as this medium is only official way to make logs with PTCL.
Thank You!