In this section, a high-level, abstract overview of the features and limitations of the 1NCE Data Services is given. This shows the possibilities of the 1NCE SIM, the data services and points out certain limitations.
Besides basic internet connectivity, the 1NCE Data Service offers additional features to provide advanced integration into IoT device workflows and common management infrastructures. The usage, setup of the data service and common application cases are shown in the corresponding guides.
1NCE offers data service connectivity via the commonly available mobile network Radio Access Types (RAT), to be specific 2G, 3G, 4G, NB-IoT and LTE Cat-M. To explore the coverage of the different RAT in different countries, please refer to the coverage map on the 1NCE Website.
While some IoT applications might only have low bandwidth and not very strict latency requirements, other use cases might require high bandwidth with low latency. The 1NCE Data Service offers a maximum guaranteed data throughput of one megabit per second. Please note that the achievable throughput and latency are dependent on the RAT, device specifications, and environmental factors (e.g., location, signal reception, etc.).
Each 1NCE customer gets personal, private Internet Protocol (IP) ranges assigned for the 1NCE SIM cards in their account. 1NCE uses addresses from the private IP space (RFC 1597) which are not allocated in the public internet and can be used freely in private networks. All SIM cards assigned to an organization will have an IP address of one or more dedicated IP address spaces depending on the amount of SIM cards. Usually, /24 address spaces will be used where in total 254 SIM cards can be fitted into. If the number of SIM cards is > 254 additional IP address space(s) will be assigned.
The IP address spaces assigned to your account can be verified in the Connectivity Management Platform.
The infrastructure of the 1NCE Data Service network uses Network Address Translation (NAT) to route traffic from the devices to the public internet. For providing a private, more secure connectivity, the devices are not directly exposed to the public internet. This also implies that a connection establishment from an application on the internet towards a device is not directly possible without VPN usage (see Figure below, red example). On the other hand, target locations in the public internet space can be reached from a device with a 1NCE SIM. The traffic from each device is routed via the "Internet Breakout" (see Figure below, green example).
To be able to do a mutual communication between a device with a 1NCE SIM and the application servers, the 1NCE VPN Service needs to be used. Please note that correct traffic routing on the customer's server-side must be ensured to reach the correct server application. The abstract concept of the 1NCE VPN Service is shown in the Figure below. More details can be found in the VPN Service guide.
The concept of the Open Systems Interconnection model applies to the 1NCE Data Service structure. The GPRS Tunneling Protocol (GTP) is used on layer 3 to transfer user application data between the device with a 1NCE SIM and the internet or application server and vice versa. All the data traffic is wrapped in the GTP, on top of this protocol (layer 4+) the customer is free to use any user transport protocol (e.g., TCP, UDP, MQTT, CoAP, etc.).
The Domain Name System (DNS) is used to resolve Uniform Resource Locators (URL) to an addressable IP. For the 1NCE Internet Breakout the public IP
188.8.131.52 is served as primary and
184.108.40.206 as secondary default Domain Name Server. A manual configuration of a DNS on the device is typically not needed.
As the connectivity offered by 1NCE focuses on IoT devices and the specific needs in these applications, certain limitations apply to the Data Service.
A Maximum Transmission Unit (MTU) is the size of the largest IP packet (layer 4) possible which can be transferred in a frame on layer 3 without the need for fragmentation in a packed based core network. If a send packet is larger than the specified MTU, the packet needs to be fragmented, thus creating more overhead and delays. Theoretically, a size of 1500 bytes is possible with the 1NCE Data Service. Based on prior experience with IoT devices and the mobile network, it is recommended to keep the MTU size lower than about 1200 bytes.
Based on the tariff of the 1NCE SIM, a certain data volume in megabytes is included. Details about the available volume and overall usage can be inquired in the Connectivity Management Platform or through the 1NCE API. The data volume can be used freely. If the volume runs out or a self-set limit is reached, the SIM card is blocked to create new data sessions (PDP Context). The device can still attach to the mobile network and use the other services but is not able to re-create a new PDP Context. Moreover, any existing data session is terminated if the volume limit is reached. If a SIM runs out of volume, the device should restrict the attempts to create new (failed) sessions as the reject response can lead to the device spamming the network with a high number of create data session requests. Please note that the customer is responsible for implementing a back off timer for this edge case behavior. If the restricted SIM is topped up with new data volume, the blocking will be reset and new data sessions can be established.
This does only apply to connections made through the 1NCE Internet Breakout!
As the devices with 1NCE connectivity are placed behind a NAT gateway, the public IP traffic is routed through the NAT Gateway/Internet Breakout. After 350 seconds of no packets being transmitted, the established connection via the Internet Breakout will be closed automatically. To keep the connection alive within 350 seconds a device must send a keep-alive packet at least once in the 350-second timeframe. Otherwise, the device must re-establish the connection after 350 seconds.
The 1NCE SIM cards and connectivity services can be used with a wide variety of protocols to transmit data. Please take note that 1NCE connectivity does not support any voice services. This encompasses regular calls via Circuit Switched (CS), Packet Switched (PS), and Emergency Call functionality.
Network Identity and Time Zone (NITZ) is a mechanism to provide local time, local network identity, and information to the mobile device. This technology is supported by only a few local networks. 1NCE relies on local operators to support this technology. The availability should be checked and verified via the local mobile network operators. For time synchronization purposes we recommend using Network Time Protocol (NTP) in cases where NITZ is not available.
The traffic from all 1NCE SIMs towards the public internet is routed through a NAT with a couple of public-facing IP addresses. These public IP addresses are listed in the Connectivity Management Platform. Due to the 1NCE network structure, all requests towards public services appear to come from only these few IPs. Many public services and APIs apply a request limit and smart filtering to detect and filter out DDoS and similar attacks. Very frequent queries (e.g., every second) from multiple SIM devices towards one service could trigger these filtering mechanisms. This will result in the public service blocking requests from 1NCE SIM devices, rendering the service unusable. The public services cannot differentiate between the SIMs due to the 1NCE NAT network structure. It is strongly recommended to program devices with 1NCE SIMs in a way that they do not aggressively query such shared resources.
Updated 3 months ago