User and control plane correlation for intelligent load balancing in mobile networks

John Bonzey portrait

by John Bonzey
published on: 22.02.2023

Traditional load balancing involves the use of specific algorithms, such as round-robin and weighted response times, to forward IP packets. The aim is to distribute the burden of traffic processing between different machines. This reduces the traffic load on any single device and enables faster processing of traffic in IP networks.

While desirable in managing the massive growth in traffic, the implementation of traditional load balancing has its downsides. In mobile networks, for example, it leaves major visibility gaps as each network subsystem in the mobile core now operates on partial information of any given session.

ipoque’s GTP correlation module R&S®GSRM

To address this, last year ipoque introduced its GTP Subscriber Resolving Module (R&S®GSRM) which is designed to deliver real-time subscriber and session awareness. The software module can be embedded into network packet brokers (NPBs) and load balancers deployed in evolved packet core (EPC) networks for 3G, 4G and 5G NSA.

R&S®GSRM delivers subscriber awareness by analyzing the user plane (GTP-u) and control plane (GTP-c). It identifies and tags each data packet by correlating attributes such as IMSI, MS-ISDN, and IMEI. Using the subscriber awareness provided by R&S®GSRM, network packet brokers can aggregate all packets of a single session and forward them to a single device, such as an IP probe. R&S®GSRM allows for maintaining the bigger picture, including subscribers’ context, within the evolved packet core (EPC) network, preventing onward processing tools from being flooded with conflicting data about the same session.

Subscriber awareness: a growing necessity for core networks

R&S®GSRM-powered intelligent load balancing is indispensable when processing certain traffic flows where maintaining the sequence of data packets is crucial, such as when gathering real time analytics for threat detection or processing financial transactions.

Intelligent load balancing is also required in certain scenarios when the whole session must be directed to a single device, instead of being distributed to different routers, or compression or filtering engines. These include instances where the same traffic management rule must be applied to the whole session or when there are multiple, session-specific rules. Similarly, directing the entire session to a single device with the help of R&S®GSRM can eliminate post processing reconciliation delays that latency-sensitive applications like video-conferencing and financial trading cannot tolerate.

R&S®GSRM for Niagara Networks’ Open Visibility Platform

Niagara Networks is a Silicon Valley-based company specializing in network visibility and security solutions. Niagara Networks™ solutions enable actionable network intelligence that allows organizations and service providers to improve their network performance and security posture. Niagara Networks’ Open Visibility Platform (OVP) hosts a collection of virtualized security and traffic analytics tools and applications, including both third-party commercial solutions and MNOs’ in-house tools. Integrating and hosting all analytics and security tools on a single platform not only reduces tool sprawl but also minimizes integration complexities.

The deployment of OVP for mobile networks in particular integrates network wide traffic intelligence to support traffic processing from the RAN to the core. A crucial part of this intelligence is subscriber identification information. To enhance OVP deployed in mobile networks with real time subscriber awareness, Niagara Networks partnered with ipoque to embed the R&S®GSRM mobile subscriber reconciliation software within its platform. With R&S®GSRM in place, OVP now features intelligent load balancing capable of addressing the limitations inherent in traditional load balancing. It does this by streaming incoming packets through the R&S®GSRM module, where packets are identified and tagged. Every time a subscriber connection is initiated, a new session is tagged. OVP then uses this information to filter, aggregate and forward the entire flow from a session to a single device.

Efficiency and performance

Through R&S®GSRM-powered subscriber-aware network intelligence, Niagara’s OVP can now deliver comprehensive network visibility and performance benefits. R&S®GSRM enables real time session awareness, allowing OVP’s network packet broker to keep data packets from a single session together and eliminate subscriber correlation delays. Virtualized tools and applications hosted on OVP have access to the necessary subscriber and session information, without having to perform post-processing traffic reconciliation individually. Additionally, R&S®GSRM offloads certain low level processing tasks, such as packet deduplication and data masking, from the hosted tools and applications to further improve their performance.

With R&S®GSRM-enabled complete session visibility, network analytics tools hosted on OVP can determine session attributes such as speed, jitter, latency and bandwidth consumption. This allows timely issue diagnosis and resolution, enabling MNOs to improve their network performance and deliver on their SLAs. This session information also facilitates advanced sampling techniques and approval lists for optimizing performance and managing high performance networks.

Dynamic traffic management

Utilizing R&S®GSRM’s session and subscriber identification, Niagara Networks platform provides intelligent traffic delivery. It allows a network packet broker to assign data packets to the right analytics tool based on subscriber or session-specific policies and rules. For optimal traffic routing and dynamic policy enforcement, the subscriber-level traffic identifiers provided by R&S®GSRM also enable MNOs to utilize advanced traffic filtering options, such as filtering by location or service type.

Real-time traffic analysis

In addition to presenting the bigger picture, R&S®GSRM features an integrated configurable buffer for temporarily capturing and storing subscriber-aware data traffic, right from the first packet of the flow. This provides the subscriber's context and enhances visibility across the entire session. Not only does it enable MNOs to identify how subscribers respond to different networking events but it also assists them in identifying the subscribers behind network abuse and issues, such as illegal tethering, congestion and DDoS attacks.

Driving an automated future for MNOs

Just like Niagara Networks, networking vendors can tap into R&S®GSRM to augment network intelligence for their solutions and fuel many other use cases. The visibility provided by R&S®GSRM, for example, can build the basis for automating a wide range of network functions within the mobile core network. With session based triggers in place, networks can be programmed to automatically invoke the right actions based on the underlying traffic and network conditions. This includes the automation of policies within subsystems that rely on intelligent load balancing, for example next-generation firewalls, IP probes, compression engines and deep packet inspection.

R&S®GSRM can thus greatly enhance the speed and responsiveness of mobile networks, and minimize manual intervention. Additionally, with R&S®GSRM, MNOs now have the very tool that helps them to identify and separate different subscriber classes, allowing service differentiation based on priority and value that each subscriber brings to their bottom line.

Want to learn more about our technical partnership with Niagara Networks? Check out our case study.

John Bonzey portrait

John Bonzey

Contact me on LinkedIn

John Bonzey is the sales manager for the American market, which he opened successfully for ipoque since joining Rohde & Schwarz back in 2013. John has strong expertise in software and hardware system solutions for network operators, enterprise and OEM market segments. John lives with his family in Boston, Massachusetts and is a passionate ice hockey player and adventurous snowmobiler.

Email: John.Bonzey@rsa.rohde-schwarz.com
ipoque blog - discover the latest news and trends in IP network analytics

Sign up for the ipoque newsletter

Stay informed about the latest advances and trends in
deep packet inspection and network traffic visibility