Mailing List Archive: IPv6 on VoLTE

IPv6 on VoLTE

me at anuragbhatia

Nov 6, 2018, 11:43 AM

Post #1 of 10 (3713 views)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello everyone

I recently got VoLTE from my provider (AS9498). I noticed that after
VoLTE is enabled, device is creating two IPsec tunnels and also has
IPv6 address on those IPsec tunnels.

Was wondering if someone can point me to any paper/documentation on
how VoLTE works and how this IPv6 over ipsec works in the background?

Thanks.

- --

Anurag Bhatiaanuragbhatia.com
-----BEGIN PGP SIGNATURE-----
Version: Mailvelope v2.2.2
Comment: https://www.mailvelope.com

wsFcBAEBCAAQBQJb4e7MCRDfYJdcQCblmgAAN4oQAIQf7zdsDS6NbwKbi/r+
YSsYQ0Ix9Y1w0QoYnkM6BtDGGgdeppysOSD4DvNCpNN2AWSuvt6ni08p9CfW
yMClIeeX1bChaaL3GhUwo0rN5LcBQ60xksekNsERhWU1f9aapYZtplvqZcmT
TI40UC8ZbETtRAVr8fydiDu9LzeFkF+DXlD78BV8dxsNLan14CU5DDVkFzc1
nXF+oIYYgbRuYdIujhw0Gk2mOryWGM44/xsKSw6o+3nTkFj78bvFFbA0B56n
giGUrJro0Ev9GijYYTKItv+HRkb2edrSHqAlb2b9Bds/fXibTxyDRzUfqzT3
iJuzS39hKV5tAdeztLy3qu+AJZbJb36HRBHvCxtMUfHnKQ6E7xL3LZcvFl8E
Mj2/h8Q2zfgrHzkSq3SUQxnZipMThrnpUdjzzc2PYykYe4UpbBcTny/wwVUr
GQZlAHWrcHHYZ45IImuau7AKUL1VQKgTs6AUfFaLSC/hUfWU1jgZP+mClOqX
7NBgjS1zHuwORWB/z2igzAEnLbvUCBHw+5+KzIZ7pV2ZtPy4vXoT680U7A91
OToS9eG35EDuzsHi0vWS1F/K6kIR7n2PoEoIFduooktnoVlYCYWzDCPTXjGO
PD4D0ZOxGkwfyoLaVgmpkdqldaE0SLD3gWmYpUqXdd0vGwiYyRfS7RBS7ocB
NzRL
=xydv
-----END PGP SIGNATURE-----

Re: IPv6 on VoLTE [ In reply to ]

Nov 7, 2018, 6:44 PM

Post #2 of 10 (3708 views)

On Wed, 7 Nov 2018, Anurag Bhatia wrote:

> I recently got VoLTE from my provider (AS9498). I noticed that after
> VoLTE is enabled, device is creating two IPsec tunnels and also has
> IPv6 address on those IPsec tunnels.
>
> Was wondering if someone can point me to any paper/documentation on
> how VoLTE works and how this IPv6 over ipsec works in the background?

https://en.wikipedia.org/wiki/Voice_over_LTE , there should be links to
the 3GPP specifications.

I have not heard of VoLTE using IPSEC, that's not how it was supposed to
work at least when I looked into this 5 years ago. Instead it should have
additional bearer on mobile interface to handle this traffic.

How are you identifying this as IPSEC tunnels? What kind of device is it
you're looking at?

--
Mikael Abrahamsson email: swmike@swm.pp.se

Re: IPv6 on VoLTE [ In reply to ]

xieweing762 at icloud

Nov 7, 2018, 8:15 PM

Post #3 of 10 (3708 views)

?????????????????????

???? iPhone

> ? 2018?11?8????10:44?Mikael Abrahamsson <swmike@swm.pp.se> ???
>
>> On Wed, 7 Nov 2018, Anurag Bhatia wrote:
>>
>> I recently got VoLTE from my provider (AS9498). I noticed that after
>> VoLTE is enabled, device is creating two IPsec tunnels and also has
>> IPv6 address on those IPsec tunnels.
>>
>> Was wondering if someone can point me to any paper/documentation on
>> how VoLTE works and how this IPv6 over ipsec works in the background?
>
> https://en.wikipedia.org/wiki/Voice_over_LTE , there should be links to the 3GPP specifications.
>
> I have not heard of VoLTE using IPSEC, that's not how it was supposed to work at least when I looked into this 5 years ago. Instead it should have additional bearer on mobile interface to handle this traffic.
>
> How are you identifying this as IPSEC tunnels? What kind of device is it you're looking at?
>
> --
> Mikael Abrahamsson email: swmike@swm.pp.se

Re: IPv6 on VoLTE [ In reply to ]

Nov 7, 2018, 9:57 PM

Post #4 of 10 (3708 views)

Dear Customer,

Greetings from Airtel!

This is in reference to your email regarding your concern for your Airtel number.

Kindly note that I am unable to open your profile with the given details. To enable us to process your request, please write back with the exact Airtel fixed line number along with the STD code or the account number as mentioned in the bill.

I request you to revert with your exact query/requirement as the details in your mail is not clear.

I regret for the inconvenience caused.

Thanks for reaching out to us.

Regards
Rameshvar Mahadal
Advisor ?C Customer Experience
Bharti Airtel Ltd

On Thu, 08 Nov 2018 at 09:45 AM <xieweing762@icloud.com> wrote:
???????????????????????????????????

??????? iPhone

> ?? 2018??11??8???????10:44??Mikael Abrahamsson <swmike@swm.pp.se> ?????
[http://www.airtel.in/transparency/banner1.png]

Re: IPv6 on VoLTE [ In reply to ]

Nov 8, 2018, 12:25 AM

Post #5 of 10 (3708 views)

Mikael Abrahamsson <swmike@swm.pp.se> writes:

> I have not heard of VoLTE using IPSEC, that's not how it was supposed
> to work at least when I looked into this 5 years ago. Instead it
> should have additional bearer on mobile interface to handle this
> traffic.

This might be confusing VoLTE with VoWiFI. The latter will use IPSEC.

Bjørn

Re: IPv6 on VoLTE [ In reply to ]

tarko at lanparty

Nov 8, 2018, 2:15 AM

Post #6 of 10 (3708 views)

hey,

> This might be confusing VoLTE with VoWiFI. The latter will use IPSEC.

Correct. What probably happened is that together with activating VoLTE,
VoWIFI was also activated on the device. Makes sense as VoLTE users are
typically moved to IMS environment.

--
tarko

Re: IPv6 on VoLTE [ In reply to ]

xieweing762 at icloud

Nov 8, 2018, 6:19 AM

Post #7 of 10 (3708 views)

????????

???? iPhone

> ? 2018?11?8????6:15?Tarko Tikan <tarko@lanparty.ee> ???
>
> hey,
>
>> This might be confusing VoLTE with VoWiFI. The latter will use IPSEC.
>
> Correct. What probably happened is that together with activating VoLTE, VoWIFI was also activated on the device. Makes sense as VoLTE users are typically moved to IMS environment.
>
> --
> tarko

Re: IPv6 on VoLTE [ In reply to ]

angiejoel2 at sympatico

Nov 8, 2018, 6:40 AM

Post #8 of 10 (3708 views)

NOT ME REMOVE ME OR I AM REPORTING TO RCMP CYBER FRAUD DEPARTMENT

On 11/8/2018 12:57 AM, E Support wrote:
>
> Dear Customer,
>
> Greetings from Airtel!
>
> This is in reference to your email regarding your concern for your
> Airtel number.
>
> Kindly note that I am unable to open your profile with the given
> details. To enable us to process your request, please write back with
> the exact Airtel fixed line number along with the STD code or the
> account number as mentioned in the bill.
>
> I request you to revert with your exact query/requirement as the
> details in your mail is not clear.
>
> I regret for the inconvenience caused.
>
> Thanks for reaching out to us.
>
> Regards
> Rameshvar Mahadal
> Advisor – Customer Experience
> Bharti Airtel Ltd
>
>
> On Thu, 08 Nov 2018 at 09:45 AM <xieweing762@icloud.com> wrote:
>
> ?????????????????????
>
> ???? iPhone
>
> > ? 2018?11?8????10:44?Mikael Abrahamsson <swmike@swm.pp.se>
> ???
>
> image001.png (679×133)
>
>
>
> ***********************************************************************************************************************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager. This message contains confidential information and
> is intended only for the individual named. If you are not the named
> addressee you should not disseminate, distribute or copy this e-mail.
> Please notify the sender immediately by e-mail if you have received
> this e-mail by mistake and delete this e-mail from your system. If you
> are not the intended recipient you are notified that disclosing,
> copying, distributing or taking any action in reliance on the contents
> of this information is strictly prohibited . The information contained
> in this mail is propriety and strictly confidential.
> ***********************************************************************************************************************************************************************
>
>
> “CONFIDENTIALITY NOTICE This e-mail message and any attachments are
> only for the use of the intended recipient and may contain information
> that is privileged, confidential or exempt from disclosure under
> applicable law. If you are not the intended recipient, any disclosure,
> distribution or other use of this e-mail message or attachments is
> prohibited. If you have received this e-mail message in error, please
> delete and notify the sender immediately. Thank you.”

Re: IPv6 on VoLTE [ In reply to ]

shefys at gmail

Nov 8, 2018, 7:05 PM

Post #9 of 10 (3696 views)

IMS 3GPP specification requires SIP integrity and confidentiality. You
may see IPsec/IPsec security association on the device when it is
communicating and/or registered with P-CSCF (uses SIP protocol). With
VoWiFi IPsec is used to establish a tunnel between UE (user
equipment/phone) and mobile network operator packet core (EPDG node).
So they're two different use cases.

More info:
[0] https://en.wikipedia.org/wiki/IMS_security#IMS_Access_Security_for_SIP
[1] 3G Security: 3GPP TS 33.203 - https://www.3gpp.org/DynaReport/33203.htm
[2] Access to the 3GPP Evolved Packet Core (EPC) via non-3GPP access
networks (VoWiFi) / 3GPP TS24.302- www.3gpp.org/dynareport/24302.htm
On Thu, Nov 8, 2018 at 2:15 AM Tarko Tikan <tarko@lanparty.ee> wrote:
>
> hey,
>
> > This might be confusing VoLTE with VoWiFI. The latter will use IPSEC.
>
> Correct. What probably happened is that together with activating VoLTE,
> VoWIFI was also activated on the device. Makes sense as VoLTE users are
> typically moved to IMS environment.
>
> --
> tarko

--
Yury.

Re: IPv6 on VoLTE [ In reply to ]

tarko at lanparty

Nov 8, 2018, 10:57 PM

Post #10 of 10 (3696 views)

hey,

> IMS 3GPP specification requires SIP integrity and confidentiality. You
> may see IPsec/IPsec security association on the device when it is
> communicating and/or registered with P-CSCF (uses SIP protocol).

Correct. While IPsec might be an option, all popular terminals support
SIP-TLS. Our VoLTE implementation happily uses SIP-TLS + IPv6 only
bearer without any IPsec.

> With
> VoWiFi IPsec is used to establish a tunnel between UE (user
> equipment/phone) and mobile network operator packet core (EPDG node).

Correct, ePDG usecase is totally different and also applicable for more
services than just voice.

--
tarko