Circuit-switched data (CSD) has been the norm in cellular networks for a few years now. In GSM, 9.6 Kbps and 14.4 Kbps are the available CSD bearer services. These channel bit rates do not supply adequate support for today's bandwidth-hungry applications. They were, however, considered sufficient at the time when the GSM CSD bearer service was defined, since at that time the speed of wireline modems was similar. UMTS defines larger-capacity CSD bearers of 64 Kbps and above. Both GSM and UMTS packet services oriented bearers—supported by GPRS and the UMTS PS domain—can be used to provide data services and foundation for Mobile VPNs. Today CSD is mostly used for WAP-based applications.
In this section we briefly describe CSD-based VPN technology. Deployment of CSD-based VPNs will not be mainstream in the future; however, it is interesting to note the integration of the legacy into the new VPN paradigms.
In Chapter 4 we described the technologies related to CSD bearer channels. To provide access to a data network, the CSD bearer on the wireless access network side needs to be terminated at an Interworking Function (IWF), where direct access to the network or conversion to wireline CS protocols takes place. Typically, PPP is used to provide link layer and host authentication configuration services over CSD bearers. In such environments there are two approaches to providing VPN services:
The IWF could terminate the wireless bearer, convert it to an ISDN circuit (for instance, part of a PRI link to some switch), and then terminate ISDN calls to some RAS device that can in turn act as an LAC or simply provide network access services.
The IWF itself could provide LAC functionality and handle L2TP tunnels established toward LNSs in customer networks or within the operator network.
The latter approach proves more effective as IP-based VPNs are becoming more and more common in the marketplace and corporations and service providers are streamlining the operation of their networks to reduce the number of different technologies that needs to be handled. It is also an effective way to provide WAP service, where the WAP gateway tightly interacts with the LNS (perhaps via the AAA infrastructure), in order to enable user identity information usage. The commercial success of these IP VPN solutions for CSD has been quite limited, but it is still worth mentioning, since this method proves to be very well suited for integration with equivalent services in the packet-switched technologies.
Two areas of CSD-based VPN usage are possible: corporate network access and WAP-based services provisioning. WAP service provisioning can also use Unstructured Supplementary Services Data (USSD), and even SMS, but these channels are more appropriate for very low bit-rate applications, transactional applications, or to support a push channel to the terminal. Web browsing mediated by WAP gateways normally requires CSD. However, the WAP protocol is also used in GPRS deployments, and WAP-based applications are commonly used in current GPRS terminals equipped with basic user interfaces and displays. It is expected that WAP, despite the consensus that it is not to be the ultimate delivery vehicle for mobile data applications, will stay alive for a while, at least until an adequate replacement is found that can provide similar functionality in a standard way.
The need for CSD VPNs typically arises when the network used to provide CSD-based access is shared for other applications. For instance, the network between the IWF and the WAP gateway may be used for other purposes than simply carrying WAP traffic, and the same IWF could support connectivity to multiple WAP gateways, possibly outside the domain of the network operator itself. For instance, some banks may require terminating the circuit—possibly over an L2TP tunnel—at a WAP gateway or a RAS owned by the bank itself. The same network could also be used to tunnel traffic back to corporate data centers (possibly hosted in outsourcing arrangements by some ISP), third-party ASP networks, and ISPs. A different telephone number is normally required to access different services when a CSD bearer is used. The telephone number may be associated to an NAS, an LAC, or a WAP gateway access point.
Figure 6.1 illustrates the case where the CSD traffic is tunneled via L2TP to an LNS that provides access to a WAP and value-added services network. The same network can be accessed using L2TP from a Gateway GPRS Support Node (GGSN), that is, via packet-based access. Thus, it is possible to define an L2TP-based IP VPN that allows the provisioning of the same services.