IP Multimedia Subsystem (IMS) – detailed part2

This is a folow up on my previous post on IMS which described what is IMS and why it came into existing. Also how IMA can benifits with its rich feature set and huge OPEX savings. To read the previous post click here .

This post described IMS architecture and core concepts in detail.


IMS Home Network

SIP call between 2 SIP  User agents or from SIP UA to PSTN endpoint.

  • HSS ( Home subcriber subsystem ) contains all of the subscriber information.
  • AS ( Application Servers ) conatin applications for example, be originating services or terminating services.
  • Filtering for applications for users is loaded into the S-CSCF and activated when the subscriber registers with the network.
  • DNS is used to identify elements use in the session set up.
  • The CSCFs manage the session control: registration, set up, tear down, feature activation.
    • The P-CSCF is first point of interaction with the User Agent. It also manages Quality of Service and other conditions specific to a UA.
    • The I-CSCF is used in network to network signaling. The I-CSCF hides the network topology from an external network.
    • The S-CSCF is the primary signal processing engine in IMS. It manages registration, checks for triggers for services and performs routing .
  • Media Resources may be conference services, IVRs or other network services.
  • If a call must egress to the PSTN the BGCF selects the appropriate Media Gateway that can be used.
  • Media Gateways control the conversion from IP to PSTN TDM signaling. Media Gateway Control Functions control the signaling between IMS and the PSTN (e.g. IP to SS7).

IMS Vistited Network <–> Home Network

Home Network to visited Network connectivity

  • If call orignates from Visited network the P-CSCF and S-CSCF in visited network itself , process the origination of the call and select the destination network.
  • Since call receiver of the call is in Home network the I-CSCF receives the call signaling from the Visited network, chooses the appropriate S-CSCF to process the call and the call is completed with RTP flow, depicted with blue line in diagram.

UE Registration

IMS registration is where the subscriber requests authorization to use the IMS services in the IMS network. The CSCF and HSS in core IMS network authenticates and authorizes the user .

  • The UA/UE initiates the registration process .
  • The SIP registration is passed to the S-CSCF.
    • For a user in Home network , the registration request is passed via P-CSCF to S-CSCF.
    • If the user is roaming in visiting network then the P-CSCF in the Visited network would pass the registration to the S-CSCF in the Home network through a I-CSCF.
    • Users are always registered in the Home network.
  • The S-CSCF forwards the request to the HSS via the Multimedia Auth Request (MAR) message to 1) download authentication data via the Multimedia Auth Answer (MAA) message and 2) inform the HSS that this S-CSCF is in control and any other queries to the HSS should be returned to this S-CSCF.
  • The S-CSCF creates a SIP 401 Unauthorized response that includes a challenge that the IMS terminal should answer.
  • The IMS terminal sends a new Register that contains the response to the challenge.
  • The S-CSCF validates the user and sends a Session Auth Request (SAR) message to the HSS informing it that the user is now registered and requesting the user profile, including services, that come in a Session Auth Answer message (SAA).

Subcription Changes

A registered user requires to be notified of his state changes. For example,

  • registration may be valid for a fixed period of time and then the network requires the user to register.
  • user or network element may go out of service and need to inform the other of some state change.

UA/UE subscribes to the registration state also P-CSCF serving the UA/UE subscribes so it can be informed.

  1. When the IMS terminal has completed registration the P-CSCF sends a Subscribe request for the registration event. The request is directed at the S-CSCF (which is in the Home network).
  2. The S-CSCF receives the request and installs that subscription, i.e. the S-CSCF takes the role of a notifier. The S-CSCF sends a Notify request to the P-CSCF. This request includes Public User Identities and the registration state.
  3. When the IMS terminal has completed registration it sends a Subscribe request for the registration event. The request is directed at the S-CSCF (which is in the Home network).
  4. The S-CSCF receives the request and installs that subscription, i.e. the S-CSCF takes the role of a notifier. The S-CSCF sends a Notify request to the user. This request includes Public User Identities and the registration state.

In case the S-CSCF has to shutdown or there is some other stimulus the S-CSCF will inform the user (and the P-CSCF) of the event.


IMS multimedia calls sample –

  1. voice call originates from user A and enters the IMS network X at the P-CSCF
  2. P-CSCF passes the call to the S-CSCF
  3. S-CSCF interrogates the Application Server for originating services
  4. S-CSCF forwards the call to the I-CSCF of network Y.
  5. I-CSCF interrogates the HSS to determine the S-CSCF and passes the call to it.
  6. S-CSCF interrogates the Application Server for terminating services.
  7. S-CSCF passes the call to the P-CSCF assigned for the user and the voice call is completed.
  8. A video call is set up from User B to User A and the signaling path is reversed.

Finally, User A sets up a data call to User B using the same signaling path.


VPN ( Virtual Public Network ) over SIP

People working at different locations need a fast, secure and reliable way to share information across computer networks . This is were a way to connect private networks over and top of public network becomes necessary and Virtual Private Network comes into picture .


SIP ( Session Initiation Protocol ) for VPN

VOIP across an SSL-based VPN is achieved in good quality by encapsulating the UDP VOIP packets ( SIP and RTP ) in TCP/IP .

Data used for defining a VPN like its Groups, its Members and the associated profiles is organized hierarchically.It includes information like who is the operator, subscriber of VPN, group ID and member ID.

vpn+ service broker

Grouping :

Groups created to implement policies and restrictions common to a set of users.These include:

  • Apply permissions to call between the Groups and to the outside world
  • Apply pricing between distinct types of of PNP (Mobile, Fixed, Privileged list)
  • Some numbers assigned a preferential tariff plan. These numbers are not part of the VPN ( Virtual On-Net) .
  • privileged list within a VPN across multiple groups

performance issues

VPN has no negative influence on latency, jitter and packet loss

With enabling authentication, encryption, HMAC, anti-replay attack, and initialization vector, and use small RTP size for Codec, the vpn overhead is high


For developing a VPN application counters are employed , some of which could be as follows

  • * Number of calls On-Net and Off-Net
  • * Numbers of Calls VPN
  • * Number of calls with Forced On-Net

Calls between endpoints like

  • * MS to MS Normal (mobile)
  • * MS to MS Privilege
  • * MS toward PABX

Success Fail rate

  • Number of calls successful without rerouting
  • Number of calls with successful rerouting
  • Number of calls with Failure (Failed = No answer, Busy, Not reachable, Congestion)
  • Number of calls on non-response (No Answer)
  • Number of calls on Not Reachable
  • Number of calls Route Select Failure
  • Number of calls on busy
  • Number of calls barred by VPN service.

other parameters

  • Total number of queries
  • Number of States created/modified
  • Number of change in the rights of calls
  • Number of issuance of observation Reports

Service Overview

Lets see how would a SIP based VPN services over telecom application server with Service Broker works .

Leveraging the Service Broker to offer voice VPN service to existing Subscribers is an arduous task. The Subscriber shall benefit from reduced charging rates for VPN calls (ON-Net), improved employee connectivity (within the VPN scope) and a consistent user experience across fixed and mobile phones.

VPN services shall be integrated with the R-IM-SSF component of the service broker. R-IM-SSF shall provide mediation as well as session and state management capabilities that shall make VPN service available over multiple networks including SS7 and IMS networks.

note : R-IM-SSF = reverse IMS gateway to IN

The subscriber base can be interfaces via a SMP that might also be used to add groups and assign right and privilege to member

note : SMP is the Provisioning interface for VPN service subscriber

Features of VPN application

1.Private numbering plan for both mobile and fixed subscribers (Short number dialing).

2.Distribution of subscriber under a hierarchical Data Model :

  1. Subscriber VPN( Enterprise Level)
  2. Group of Users ( Group level. Can be either of type Mobile or PABX )
  3. State (End user of service)

3.Grouping of a short number on the basis of following types:

  1. Member of mobile VPN
  2. Privileged user
  3. PABX user

4. Forced On-Net call handling, which shall allow user to dial the public number of another On-Net user with On-Net call Features.

5.Virtual On-Net Call Handling which allocates On-Net extension to non VPN users( Privileged list)

6.Off-Net call Handling via exhaust code which shall allow vpn users to access non-vpn public numbers

7. Prohibit the call based on a set of rules like ( all off-net calls barred).

8.Allow calls based on destination numbers. For example allow off-net calls for numbers provisioned in the white list(allowed list)

9.Outgoing call screening on the basis of time( Time based barring)