CSGSN & CCN communication probem

August 31, 2009

Network: GSM

Service: GPRS
Node: WPP CGSN 4.0
CAMEL Subscribers cannot perform PDP context activation
PDP context activation request failure
Requested service option not subscribed
Timeout waiting for CCN to reply
SS7TRACE: TCAP:1 mIETtcap.c 15014
TCAP: ERROR IN DIALOGUE IDENTITY
A continue or abort message has been received from a remote node for a non-existing dialogue.
Integrating CAMEL version 3 and CCN
The communication between the SGSN and GGSN is working fine. Once the PDP tunnel is set up, the SGSN will send a sent_camel_gprs_pdp_context_est_ack to the CCN that the session is established. Unfortunately there is a timeout waiting for the CCN to respond.

 

The CCN sends the ss7 reply message with routing on GT of the CGSN. But since it uses routing on GT to the CGSN, it will match the GT rule which uses ssn 149. There is no GT rule for ssn 146.

Since the dialogue for ssn 149 does not exist, you will see the following alarm in ss7trace.log;

****  TCAP:1 mIETtcap.c  2532    1   21    1  107  15014

TCAP: ERROR IN DIALOGUE IDENTITY
A continue or abort message has been received from a remote node for a
non-existing dialogue.

Instead the CCN should use routing on ssn when routing towards the CGSN. This can be achieved by enabling termination indication for the ss7 sccp route to the CGSN.

SOLUTION:

 

CONDITIONS:

Camel interface is configured between the CGSN and the CCN

PROCEDURE:

In the CCN configure the ss7 route towards the CCN to use termination indication (ie termination indicator = yes).

PDP context activation was failing with;

 

2006-07-21 16:37:24 Camel_test Event name: activate_pdp_failed_event ; Event details: – ; Cause Value:

#requested_service_option_not_subscribed (33) ; IMSI: 413010239000002 ; MSISDN: 94716758432 ; NSAPI: 5 ; Routing Area Code: 1

; Cell Global Identity: 413-1-1000
0-273

The communication between the SGSN and GGSN is working fine. Once the PDP tunnel is set up, the SGSN will send a

sent_camel_gprs_pdp_context_est_ack to the CCN that the session is established. Unfortunately there is a timeout waiting for

the CCN to respond.

Erlang tracing was done on the camel erlang modules;

trace:start([return,caller,subscriber]).
trace:activate_imsi(413010239000002).
trace:activate(["^cmd","^cga","^gsf","^gdm","^ssf","^cas"]).
trace:activate(["^msm","^map"]).

You will see the following from the erlang trace;

call msmad:dp_release(undef_l,5,’application-timer-expired’) from nsfwos_dyn:handle_cast/2

07:45:55,275: (2_20,gss_ConServP,Cid 4414224) return gdmhan:gd_transmit_rq/4 -> {noreply,undef_l}

07:45:59,269: (2_20,gss_ConServP,Cid 4414224) call gdmhan:tc_l_cancel_ind(undef_l,146,15121,1) from nsfwos_dyn:handle_cast/2

07:46:05,275: (2_20,gss_ConServP,Cid 4414224) call gsfssf_s2:timeout(undef_l,{timerRef,#Ref<0.0.132.259827>,<0.26321.1>})

from nsfwos_dyn:handle_cast/2

When activating sccp tracing we can see the following. The camel req msg goes like this;

 

CGSN——>STP———–>CCN
2976Â Â Â Â Â Â 2988Â Â Â Â Â Â Â Â Â Â 3008

called addr = 3008, routing on ssn 146
calling addr = 947100006, routing on GT

The CCN accepts this message and replies to the CGSN;

CCN—————>CGSN
3008Â Â Â Â Â Â Â Â Â Â Â Â Â Â 2976

called addr = 947100006, routing on GT
calling addr = 2976, routing on ssn 146

#NOTE the ss7 return route doesn’t go through the original route, but this doesn’t matter.

#NOTE gsh create_ss7_sccp_gtrule -rn GtRule77 -tn GtTranslator1 -addr 947100053 -ti 1 -tis 0 -en EntitySet3, the termination

indication here is set to yes – route on ssn because the CCN uses ssn 11 and 146 for same addr 947100053.

But since it uses routing on GT to 947100006, it will match the gtrule

gsh create_ss7_sccp_gtrule -rn GtRule3 -tn GtTranslator1 -addr 947100006 -ti 0 -tis 0 -en EntitySet2
gsh create_ss7_sccp_entityset_local -en EntitySet2 -opc 2976 -ssn 149

But since ssn 149 is configured, the ss7 stack will send it on ssn 149 to the SGSN application. But no dialogue exists for

ssn 149, the dialogue is for 146.

Then you will see the following alarm in ss7trace.log;

****  TCAP:1 mIETtcap.c  2532    1   21    1  107  15014

TCAP: ERROR IN DIALOGUE IDENTITY
A continue or abort message has been received from a remote node for a
non-existing dialogue.

SOLUTION
———-

The way to solve this is to configure the CCN to use termination indicator set to YES when routing to the CGSN. This will

force it to route on SSN instead of GT. Therefore it will not match GtRule3 anymore, but it will match (N1 section);

gsh create_ss7_sccp_local_sap -opc 2976 -ssn 146 -nocon 0

Since the CGSN is a live node, we didn’t make any changes on the CGSN, we changed the CCN instead (CCN is not live).

Now PDPCA is working and SMS over GPRS is too.

 

 

Policy based routing in cisco

May 31, 2009

http://blog.humanmodem.com/?p=67

All about IPTables

April 15, 2009

http://handsonhowto.com/2007/iptables/

A joke

April 1, 2009

লিঙ্গ সমস্যা:

একবার সরকারের নীতি নির্ধারকদের একটি দল জটিল সমস্যায় পড়লেন।সমস্যাটা লিঙ্গ নির্ধারন সংক্রান্ত।

তো তারা গেলেন খালেদা জিয়ার কাছে।ম্যাডাম, কাঠাল কোন লিঙ্গ ? ম্যাডাম বললেন, এটা নির্ধারন করা কোনো সমস্যা না।আমি আজকেই বাংলা একাডেমীর ডিজিকে বলে দিচ্ছি তিনি জানিয়ে দিবেন।

কিন্তু দুইদিন গেল, ডিজি জানালেন না।তখন তারা গেল এরশাদের কাছে।এরশাদের ঝটপট জবাব-আরে কাঠাল হল পুং লিঙ্গ।কারণ কাঠালের বিচি আছে।

এরপর পত্রিকার খবর বের হল-পুলিশ একদল ছাত্রকে ডান্ডা দিয়ে বেধড়ক পেটাচ্ছে।
আচ্ছা, পুলিশ কোন লিঙ্গ ? জানতে চাওয়া হল প্রধানমন্ত্রী খালেদা জিয়ার কাছে।খালেদা বললেন, এটা স্বরাষ্ট্র মন্ত্রণালয়ে খোঁজ নিতে হবে।সেই খোঁজ আর আসে না দেখে এরশাদের কাছে জানতে চাওয়া হয়।তিনি বললেন যেহেতু পুলিশের ডান্ডা আছে তাই পুলিশ পুংলিঙ্গ।
এরপর প্রশ্ন উঠে আইন কোন লিঙ্গ।এবারও যথারীতি খালেদা জিয়া ফেলটুস।বলতে পারলেন না।অগত্যা আবার কাবিল এরশাদের কাছে জিজ্ঞাসা।তিনি ভেবেচিন্তে বললেন, আইনের ফাঁক আছে, তাই আইন স্ত্রী লিঙ্গ।

Cheers.

How to reboot single user mode

March 7, 2009

http://www.ghacks.net/2009/02/25/how-to-reset-the-root-password-in-linux/

Port mirroring in cisco,extreme,juniper

March 3, 2009

http://www.networkintrusion.co.uk/index.php/miscellaneous/switchport.html

Work with cacti

February 12, 2009

Follow the following links to install cacti:

http://docs.cacti.net/?q=system/files/manual.pdf

&

Crontab of cactiuser:
*/1 * * * * php -q /var/www/html/cacti/poller.php –force –debug >> /tmp/cacti.log 2>&1

Try run /var/www/html/cacti/poller.php mannually and see wheather found any error or not.
If found any error in 68th line in rrd.php then remove & (This is problem for php4.x, php5 does not have this problem).
You need to disable security from /etc/selinux/config like
SELINUX=disabled
Reboot required to get change.

Using chkconfig & /sbin/service to manage run start up scripts in RedHat

November 19, 2008

Red Hat includes the checkconfig & service utilities to help you manage your start up scripts and save you a lot of typing. This is handy when you’re adding your own services and also in managing the already existing services. chkconfig is available if you want to use it on other distributions that may not come with it – just go to freshmeat.net and look it up. /sbin/service is just a shell script that comes as part of Red Hat’s initscripts package.Without a tool like chkconfig, symbolic links to the scripts in /etc/rc.d/init.d are typically created by hand at the appropriate run levels. This can be messy & difficult to standardize. Also, it is necessary to view the contents of each run level directory to see which services are configured to run. Here’s some ways to use chkconfig: What’s enabled at run level 3?

[root@usr-3 init.d]# chkconfig --list | grep  3:on 
atd             0:off   1:off   2:off   3:on    4:on    5:on    6:off
syslog          0:off   1:off   2:on    3:on    4:on    5:on    6:off
sendmail        0:off   1:off   2:on    3:on    4:on    5:on    6:off
autofs          0:off   1:off   2:off   3:on    4:on    5:on    6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
random          0:off   1:off   2:on    3:on    4:on    5:on    6:off
apmd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
portmap         0:off   1:off   2:off   3:on    4:on    5:on    6:off
nfs             0:off   1:off   2:off   3:on    4:on    5:on    6:off
nfslock         0:off   1:off   2:off   3:on    4:on    5:on    6:off
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
anacron         0:off   1:off   2:on    3:on    4:on    5:on    6:off
xinetd          0:off   1:off   2:off   3:on    4:on    5:on    6:off

Enable a service for runlevel 3

[root@usr-3 init.d]# chkconfig  wine on 
[root@usr-3 init.d]# chkconfig --list wine
wine            0:off   1:off   2:on    3:on    4:off   5:off   6:off

Disable it

[root@usr-3 init.d]# chkconfig wine off
[root@usr-3 init.d]# chkconfig --list wine
wine            0:off   1:off   2:off   3:off   4:off   5:off   6:off

Checkconfig reads some lines at the beginning of an rc script to determine what run levels the script should be run at. We’ll use the openssh rc script as our example.

[root@usr-3 init.d]# head -8 sshd
#!/bin/bash
#
# Init file for OpenSSH server daemon
#
# chkconfig: 2345 55 25
# description: OpenSSH server daemon
#

The chkconfig line & description line must go into every script that is to go under the control of chkconfig. The description line seems pretty self-explanatory. the chkconfig line:

# chkconfig: 2345 55 25
|   |  |
|   |  priority for kill scripts
|   |
|   priority for start scripts
|
run levels at which to start service

If you’ve created an rc script for a service, put your chkconfig line & description line in as listed above. Then you need to add your service to those under the management of chkconfig.

[root@usr-3 init.d]# chkconfig sshd --add

Now you can enable it.

[root@usr-3 init.d]# chkconfig sshd on

You can see by looking at listings of the directories that the appropriate links have been created in each of the run levels.

[root@usr-3 rc.d]# for i in  1 2 3 4 5 6
> do
> ls rc$i.d/*ssh*
> done
rc1.d/K25sshd
rc2.d/S55sshd
rc3.d/S55sshd
rc4.d/S55sshd
rc5.d/S55sshd
rc6.d/K25sshd

If you didn’t know, the K links pass a stop parameter to the script and the S links send a start parameter. The numbers determine in what order they’ll run relative to the other scripts at a given runlevel. The rc scripts are executed in the order you see when you list them in the directory, first the K’s in numerical order, then the S’s in numerical order. So at run levels 1 and 6 the script is run with a stop parameter, and in run levels 2,3,4,5 it receives a start parameter. We also see this by running a simple command:

[root@usr-3 rc2.d]# chkconfig sshd --list
sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off

Now that you can manage your scripts using chkconfig, here’s a tip that will save you a little bit of typing. When running an rc script to restart a daemon or what have you, the path is pretty long:

[root@usr-3 rc2.d]# /etc/rc.d/init.d/sshd restart

or you could type this instead:

[root@usr-3 rc2.d]# service sshd restart

Hey, it’s 9 keystrokes less! It has some other cool features – get the status on all your services:

[root@usr-3 rc2.d]# service --status-all
apmd (pid 682) is running...
arpwatch is stopped
atd (pid 1151) is running...
cannaserver (pid 985) is running...
crond (pid 1003) is running...
cserver (pid 966) is running...
jserver (pid 946) is running...
gpm is stopped
identd is stopped
ipchains: Incompatible with this kernel
No status available for this package
kserver (pid 1023) is running...
lpd is stopped

You get the idea. Have Fun!

Best Method To Reboot Remote Linux / Windows / UNIX Server

October 20, 2008

For UNIX like system shutdown command is the best way to reboot system in a safe way. Whey you issue graceful shutdown command all logged-in users are notified that the system is going down and, within the last five minutes of TIME (if time is specified), new logins are prevented. Shutdown / reboot procedure will stop all services and unmount the file system. Login as root and type the command:
# shutdown -r +5
# shutdown -r now

How to limit ssh access to specific users or groups

October 20, 2008

Fortunately this can be easily done with openSSH. Just edit the /etc/ssh/sshd_config file and add the desired directives shown below. You don’t need them all, just use what suits you needs.

openSSH provides 4 directives, AllowUsers, AllowGroups, DenyUsers and DenyGroups

AllowUsers buddy john doe
Only users buddy, john and doe will be able to log in via ssh.

AllowGroups sysadmin bkpadmin
Only users within groups sysadmin and bkpadmin will be able to log in via ssh.

DenyUsers rambo tina
This is the opposite of AllowUsers. All users except for rambo and tina will be able to log in via ssh.

DenyGroups hr payroll


Follow

Get every new post delivered to your Inbox.