7.11 IPSec tunnel modified

23.1393GPP3GPP system - fixed broadband access network interworkingRelease 17Stage 2TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

This clause is related to the case where the IPSec tunnel between the UE and the ePDG has been modified due to the UE initiated IPSec tunnel update procedure, or the UE local IP address updating. The IPSec tunnel modification procedure is assumed that GTP based or PMIPv6 based S2b is used. This procedure is only applicable if MOBIKE is supported by the UE.

Figure 7.11-1: IPSec tunnel modified

If dynamic policy provisioning over S9a is not deployed, the optional step A2 and B4 do not occur. Instead, the Fixed Broadband Access network may employ Fixed Broadband Access local policies.

1. UE attaches to EPC from BBF access network via ePDG, as described in figure 7.2-1. The IPSec tunnel is established between ePDG and UE; the PMIPv6 or GTP tunnel is established between the PDN GW and ePDG

2. The BBF Access Network may assign a new local IP address to the UE.

3. UE initiated IPSec tunnel update procedure, which may be as a result of UE IP address for IPSec tunnel expired or released. MOBIKE update address message exchanges. And optionally, MOBIKE address verification, initiated by ePDG, is send to UE as described in MOBIKE [18].

A. These steps are only applicable when S2b PMIPv6 is used.

A.1. The ePDG initiates Gxb* session modification with the PCRF. The ePDG includes the UE local IP address and optionally the UDP source port number (if NAT is detected) in the message to the PCRF.

A2. Triggered by step A2, the PCRF (for non-roaming case) and the V-PCRF (for home routed and visited access roaming case) initiates the Gateway Control and QoS Rules Provision Procedure with the BPCF over S9a as specified in TS 23.203 [4].

B. These steps are only applicable when S2b GTP is used.

B1. The ePDG sends Modify bearer request message with the UE local IP address and optionally the UDP source port number (if NAT is detected) to P-GW.

B2. The PCEF initiated IP-CAN session modification procedure is triggered.

B3. The P-GW responses with Modify Bearer Response message to the ePDG.

B4. Triggered by the PCC Rule provisioning to the PCEF, the PCRF (for non-roaming case) and the V-PCRF (for the home routed and visited access roaming case) initiates the Gateway Control and QoS Rules Provision Procedure with the BPCF over S9a as specified in TS 23.203 [4]. In roaming scenario, the H-PCRF will initiate the procedure over S9 towards the V-PCRF and the V-PCRF in turns initiates the procedure over S9a towards the BPCF.