Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

[Mark Tinka <mark@tinka.africa>]

On 5/16/24 21:53, Brandon Zhi wrote:

> Are APNs like a vpn for mobile devices to access the public internet? 
> Based on the experience that I used Mobile roaming outside my country. 
> The provider would connect back to the original country via local 
> providers.

When roaming, the home mobile network has two options to deliver data 
services to their customer:

 * Breakout to the Internet using the local roaming partner, or

 * Tunnel to the home network via the local roaming partner, and
   breakout to the Internet there.

Both models are viable particularly if the roaming partner and home 
network are basing their roaming architecture on IPX rather than GRX.

Local breakout improves performance because it is low-latency, while 
remote breakout is often preferred because it does not complicate 
billing and other traffic controls imposed by the home network.

My anecdotal experience has been that you will have local breakout 
sometimes, and remote breakout most of the time. This will also vary 
from provider to provider. I also find that home networks tend to prefer 
remote breakout, while users, unsurprisingly, will have a better 
experience with local breakout.

I've never been able to find conclusive data on which mobile operators 
implement local vs. remote breakout. It doesn't appear that the GSMA 
mandate any one model over another against their membership, so mobile 
operators are likely making individual choices on what they do.

Either way, with an IPX-based roaming architecture, it is really just a 
glorified l3vpn cloud built on a standard IP/MPLS network.

If you have time, the below is an interesting read:

https://www.gsma.com/newsroom/wp-content/uploads//IR.34-v17.0.pdf

Mark.