Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Security: External document for authorized RIM partners only, Disclosed under NDA
The contents of this document are proprietary and confidential and are restricted to Research In Motion Limited’s (“RIM”) partners
only. This document is provided for information purposes only, and does not constitute a binding legal agreement. Nothing
contained in this document can be construed as RIM granting a warranty or making a representation. All dates contained in this
document are tentative. This information is shared under Non-Disclosure Agreement and may not be shared with any third party
without the express written consent of RIM.
1 Introduction ........................................................................... 4
3.6 HTTP Header Injection for BlackBerry App World Billing ....... 9
7 Appendix ............................................................................. 16
For the purpose of this document, BlackBerry 10 devices and 3G+, 4G, and 4G LTE BlackBerry
PlayBook tablets will be referred to as “BlackBerry 10” devices. BlackBerry devices running
software versions 4.0-7.1 will be referred to as “BlackBerry OS” devices.
BlackBerry 10 BlackBerry OS
Internet
Optional for full-tariff users
Connectivity and Mandatory
Blocked for low-tariff users
DNS services
BlackBerry 10 BlackBerry OS
Communications Communications
Content/Traffic
Mgmt
MNO Isolated MNO
PDN
Internet Content/Traffic blackberry.net PDN Multi-Purpose PDN
DNS Management
WAN
BlackBerry OS
BlackBerry OS architecture mandates use of “blackberry.net” as the Primary APN. BlackBerry
OS devices will maintain persistent connections to the blackberry.net APN for purposes of
exchanging data with the BlackBerry Infrastructure. The bulk of the data transferred by
BlackBerry OS devices is to/from the BlackBerry Infrastructure.
BlackBerry 10
BlackBerry 10 architecture allows the MNO to choose the Primary APN. There are three general
options for the Primary APN discussed in section 4 of this document called BlackBerry 10
Primary APN Requirements. BlackBerry 10 devices will maintain persistent connections to the
Primary APN, and will exchange data with both the BlackBerry® Infrastructure, and the Internet
from that APN.
Wi-Fi coverage with Internet access is the preferred network path for communications between
BlackBerry devices and the BlackBerry Infrastructure. In cellular-only coverage communications
will be through the Primary APN. To ensure service continuity and quality, the Primary APN
must have highly available connectivity to the BlackBerry Network. Connectivity options for
BlackBerry 10 devices are detailed later in the document.
BlackBerry OS
Network Address Translation (NAT) and Port Address Translation (PAT) support for
communications between BlackBerry OS devices and the BlackBerry Infrastructure depends on
the access network being used for the communications:
BlackBerry 10
Communications between BlackBerry 10 devices and the BlackBerry Infrastructure can traverse
through NAT and/or PAT.
Internet connectivity and DNS requirements are different for devices in cellular-only coverage:
BlackBerry 10
Internet connectivity and Internet DNS services are required to be available from the primary
APN used for BlackBerry 10 devices. The majority of the traffic (bytes transferred) by a
BlackBerry 10 device will be to/from the Internet.
BlackBerry OS
Note that if BlackBerry Service Tiering has been/will be implemented, it is highly
recommended that subscribers of the “BIS-Lite” or “BIS-Social” BlackBerry service tiers are
not provided Internet connectivity. Availability of Internet access for these subscription levels
may result in revenue leakage.
Otherwise, availability of Internet connectivity and Internet DNS services on the
blackberry.net APN is optional for BlackBerry OS devices.
BlackBerry 10
BlackBerry applications on BlackBerry 10 devices generally retrieve Internet content directly
from the Internet using standard protocols. HTTP and other traffic can be intercepted and
filtered by the MNO’s content filtering systems.
MNO content filtering will not be able to filter BlackBerry® Mobile Fusion traffic, as it is
encrypted between the BlackBerry 10 device and the customer’s BlackBerry Mobile Fusion
server.
BlackBerry OS
BlackBerry applications on BlackBerry OS devices generally request Internet content
through the BlackBerry Infrastructure, as the BlackBerry Infrastructure offers efficiencies
through transcoding, compression and other technologies.
Communications between BlackBerry OS devices and the BlackBerry Infrastructure use a
BlackBerry-proprietary protocol, and cannot be easily filtered by MNO content filtering
systems.
It is recommended that all idle timeouts in the network path are configured 15 minutes or longer.
These connection/translation timeouts may be found on equipment such as GGSNs/PGWs,
firewalls, and NAT/PAT gateways.
BlackBerry 10 devices may be assigned a private (RFC-1918) IP address(es), and the traffic
passed through a NAT/PAT function where the device’s source address is changed to a
public/registered address before travelling to the Internet or BlackBerry network.
Internet-facing NAT/PAT functions for UDP traffic should utilize endpoint independent mapping
to ensure that Session Traversal Utilities for NAT (STUN) mechanisms function; STUN
mechanisms are used by many peer-to-peer communications, including video conferencing.
Considering that BlackBerry Network and much of the Internet are IPv4-only, when introducing
IPv6, it is a common and recommended practice to assign the BlackBerry 10 device IPv4 and
IPv6 addresses.
RIM Confidential – Disclosed Under NDA – Do Not Distribute 8
3.5 HTTP Content Caching and Filtering
BlackBerry 10 devices use standard protocols for accessing Internet content. This creates an
opportunity for content caching and/or filtering proxies to be added to the path. These proxies
must be inserted in the path using a “transparent proxy” configuration, where the network
performs the HTTP traffic interception and forwarding to the proxies.
There are three options for the Primary APN, all of which are detailed in this section. MNOs may
decide which of the three options is most appropriate by taking into consideration their network,
systems, and business models.
The APN used as the Primary APN must be home-routed in roaming scenarios. Local breakout
on visited network is not supported.
BlackBerry 10 devices maintain a persistent connection to a Primary APN, and one or more
persistent TCP connections to BlackBerry and Internet services. Connections established to the
RIM Confidential – Disclosed Under NDA – Do Not Distribute 9
BlackBerry services have anti-idle functions where a “keep alive” packet will be transmitted after
15 minutes of idle time. It is recommended that the Primary APN, firewalls, and NAT/PAT
gateways are configured with session/bearer, connection, and translation idle-timeouts of 15
minutes or longer.
Most of the communications (bytes) to/from a BlackBerry 10 device is direct with the Internet.
Implementation Considerations
This option may use an existing APN, which may result in
fewer core network, transport network, billing system, and
user provisioning system changes.
This option potentially allows for common rate-plans/tariffs and SIM swapping between mobile
platforms.
Usage of the existing BlackBerry Network/Mobile Network WAN solution may be more difficult.
Interconnectivity information is detailed in section 5 of this document.
The MNOs that use dual-IMSI/multi-IMSI technologies for roaming should select a globally
unique APN name to avoid APN name conflicts with “sponsor networks”. Name conflicts can
affect the ability of the “sponsor network” to route roaming PDP Contexts/PDN bearers to “home
network” packet gateways.
This option also allows the ability for the MNO to separate
new mobile devices from existing devices: new APN on
new core network, and blackberry.net APN remains on
legacy network core.
Implementation of content filtering solution and other MNO services on the APN may be
required.
Usage of the existing BlackBerry Network/Mobile Network WAN solution may be more difficult.
Interconnectivity information is detailed in section 5 of this document.
The MNOs that use dual-IMSI/multi-IMSI technologies for roaming should select a globally
unique APN name to avoid APN name conflicts with “sponsor networks”. Name conflicts can
affect the ability of the “sponsor network” to route roaming PDP Contexts/PDN bearers to “home
network” packet gateways.
Implementation Considerations
This option uses an existing APN. When compared to other
APN options, this option may have fewer core network,
transport network, billing system, and user provisioning
system changes.
Addition of Internet access may also require implementation of content filtering solutions on the
APN.
The MNOs that use dual-IMSI/multi-IMSI technologies for roaming should avoid using the
blackberry.net APN for BlackBerry 10 devices, as the common APN name can affect the ability
of the “sponsor network” to route roaming PDP Contexts/PDN bearers to “home network” packet
gateways.
In cellular-only coverage communications will be through the Primary APN. To ensure service
continuity and quality, the Primary APN must have highly available connectivity to the
BlackBerry Network. There are three options for network connectivity between the Primary APN
and the BlackBerry Network, which are detailed in this section.
All IPv4 traffic from BlackBerry 10 devices bound for the Internet or the BlackBerry Network
must pass through a NAT/PAT function such that the IPv4 addresses assigned by the Primary
APN are changed to public IPv4 addresses that are registered to the MNO. The BlackBerry 10
devices may simultaneous maintain one or more persistent TCP sessions to BlackBerry
Services or Internet Services. Assuming 64,000 connections per IP address, NAT/PAT IP pool
sizing may start with 256 IP addresses for 1,000,000 BlackBerry 10 users, and then adjusted as
usage profile is better understood.
Note that BlackBerry 10 web browsing and other Internet content does not traverse the
BlackBerry Infrastructure. BlackBerry 10 devices have much less user traffic (bytes) traversing
the BlackBerry Network/Mobile Network interconnections when compared to BlackBerry OS
users.
There are two types of Internet Peering available: public and private.
Private peering requires a dedicated connection between Mobile Network Internet segment
and the BlackBerry Network Internet segment. See section 5.3.
Public peering requires connectivity from the Mobile Network Internet segment to an Internet
Peering Exchange.
The BlackBerry Network Public Internet Peering Policy is open – the BlackBerry Network will
peer with any network at the exchanges listed below. Additional exchanges will be considered if
there is sufficient interest from MNOs to meet at those exchanges.
The BlackBerry Network has connectivity to the following public peering Internet Exchanges:
AMS-IX, Amsterdam
Equinix Chicago
Equinix Dallas
Equinix Paris
MNOs that participate or are interested in Internet peering are encouraged to contact at
peering@rim.com.
The remainder of the BlackBerry and non-BlackBerry traffic will traverse the Internet
BlackBerry Services
RIM Confidential – Disclosed Under NDA – Do Not Distribute 14
options, all of which can be used for BlackBerry 10 traffic.
o Equinix Paris
APN Details
APN
Credentials
IP addressing
APN Idle timers
Confirm DNS service availability
Rate-plan details (if available)
Connectivity Details
Routing option selected (Existing WAN Solution, New WAN Solution, Internet)
NAT IP Pool
216.9.240.176/28, 216.9.240.56/29,
Asia Pacific (AP) 216.9.240.64/28, 68.171.240.80/28, WAN or Internet BlackBerry Registration Transactional
180.149.149.16/28
68.171.240.96/27, 216.9.240.96/27,
BlackBerry Data - PIM, Push, BBM,
AP 216.9.240.128/27, 216.9.240.192/27, WAN or Internet Persistent
Mobile Fusion
180.149.149.96/27, 180.168.204.96/27
United States,
206.53.154.64/28, 206.53.154.80/28,
Canada, Latin
216.9.242.176/29, 68.171.242.240/29, WAN or Internet BlackBerry Registration Transactional
America and
216.9.242.160/28, 68.171.242.160/28
Caribbean (US/CLA)
68.171.242.64/27, 68.171.242.96/27,
216.9.242.128/27, 216.9.242.64/27, BlackBerry Data - PIM, Push, BBM,
US/CLA WAN or Internet Persistent
216.9.242.96/27, 206.53.154.0/27, Mobile Fusion
206.53.154.32/27
Europe 178.239.81.64/27, 93.186.17.176/28,
Middle East 93.186.17.8/29, 93.186.25.8/29, WAN or Internet BlackBerry Registration Transactional
Africa (EMEA) 131.117.168.32/28, 5.100.168.32/28
93.186.17.96/27, 93.186.17.192/27,
93.186.27.160/27, 178.239.81.0/27, BlackBerry Data - PIM, Push, BBM,
EMEA WAN or Internet Persistent
178.239.81.32/27, 131.117.168.96/27, Mobile Fusion
5.100.168.96/27
RIM ON BEHALF OF ITSELF AND ITS AFFILIATES MAKES NO REPRESENTATIONS ABOUT THE SUITABILITY OF THE
INFORMATION OR GRAPHICS CONTAINED IN THIS DOCUMENT FOR ANY PURPOSE. THE CONTENT CONTAINED IN THIS
DOCUMENT, INCLUDING RELATED GRAPHICS, ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. RIM HEREBY
DISCLAIMS ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION, INCLUDING ALL IMPLIED
WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-
INFRINGEMENT. IN NO EVENT SHALL RIM BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF
CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF INFORMATION CONTAINED HEREIN. THIS DOCUMENT, INCLUDING ANY GRAPHICS CONTAINED
WITHIN THE DOCUMENT, MAY CONTAIN TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS. UPDATES ARE
PERIODICALLY MADE TO THE INFORMATION HEREIN AND RIM MAY MAKE IMPROVEMENTS AND/OR CHANGES IN THE
PRODUCT(S) AND/OR THE PROGRAM(S) DESCRIBED HEREIN AT ANY TIME.
This document may contain references to third party sources of information. Such third party information is not under the control of
RIM, and RIM is not responsible for the contents of any such information, including without limitation the accuracy or any other
aspect of such third party information. The inclusion of any third party information does not imply endorsement or disparagement by
RIM of the third party in any way. RIM shall not be responsible or liable for any part of any dealings that you may have with such
third parties, nor for any inferences that you may draw from such third party information.
© 2012 Research In Motion Limited. All rights reserved. BlackBerry®, RIM®, Research In Motion®, SureType®, SurePress™ and
related trademarks, names and logos are the property of Research In Motion Limited and are registered and/or used in the U.S. and
countries around the world. All other trademarks are the property of their respective owners.