7.2.4 Initial Attach with GTP on S2b

23.4023GPPArchitecture enhancements for non-3GPP accessesRelease 18TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

This clause is related to the case when the UE powers-on in an untrusted non-3GPP IP access network via the GTP based S2b interface.

GTPv2 (see TS 29.274 [57]) is used to setup GTP tunnel(s) between the ePDG and the PDN GW. The IPsec tunnel between the UE and the ePDG provides a virtual point-to-point link between the UE and the ePDG.

Figure 7.2.4-1: Initial attachment over GTP based S2b for roaming, non-roaming and LBO

The home routed roaming (Figure 4.2.3-1), LBO (Figure 4.2.3-4) and non-roaming (Figure 4.2.2-1) scenarios are depicted in the figure.

– In the LBO case, the 3GPP AAA Proxy acts as an intermediary, forwarding messages from the 3GPP AAA Server in the HPLMN to the PDN GW in the VPLMN and visa versa. Messages between the PDN GW in the VPLMN and the hPCRF in the HPLMN are forwarded by the vPCRF in the VPLMN.

– In the home routed roaming and non-roaming case, the vPCRF and the 3GPP AAA Proxy are not involved.

This procedure is also used to establish the first PDN connection over an untrusted non-3GPP access with GTP on S2b when the UE already has active PDN connections only over a 3GPP access and wishes to establish simultaneous PDN connections to different APNs over multiple accesses.

The UE may be authenticated and authorised to access the Untrusted Non-3GPP Access network with an access network specific procedure. These procedures are outside the scope of 3GPP.

A.1) Step A.1 is the same as Step A of clause 7.2.1, with the following addition:

– upon a successful authorization, the 3GPP AAA server returns the following additional information, regardless of which protocol variant the ePDG will select on S2b : APN-AMBR, static QoS Profile and Trace Information (Trace Reference, Trace Type, Trigger Id, OMC Identity) if applicable. When the 3GPP AAA server has WLAN Location Information about the UE, it provides it over SWm to the ePDG together with the Age of this information. The WLAN Location information is provided to the ePDG only when the 3GPP AAA server considers that location information coming from the WLAN AN used by the UE is trustable.

In addition to the above, the UE shall indicate at Initial Attach its capabilities, and whether it supports multiple IPsec SAs, so the ePDG can apply the necessary applicable procedures in this case.

NOTE 1: Sending the static QoS profile to the ePDG enables the ePDG to enforce QoS policies based on information received via AAA infrastructure as specified in clause 4.3.4. When GTP is used over S2b, this also allows the PGW to receive the QoS parameters possibly modified by the 3GPP AAA Proxy (when the ePDG is located in the VPLMN) to enforce QoS limitations according to the local policies and the roaming agreement with the home operator. The ePDG does not perform rate enforcement based on APN-AMBR.

NOTE 2: This also allows to align the GTP operations on S5/S8/S2b, i.e. the PGW receives those parameters within GTP signalling on all GTP interfaces.

– If it supports emergency services, the ePDG shall provide the UE with the corresponding indication as part of the IKEv2 tunnel establishment procedure.

B.1) The ePDG sends a Create Session Request (IMSI, APN, RAT type, ePDG TEID for control plane, PDN Type, PDN Address, EPS Bearer Identity, Default EPS Bearer QoS, ePDG Address for the user plane, ePDG TEID of the user plane, APN-AMBR, Selection Mode, Dual Address Bearer Flag, Trace Information, Charging Characteristics, Additional Parameters, IMEI(SV), User Location Information) message to the PGW. The RAT type indicates the non-3GPP IP access technology type. The PDN Type shall be set based on the CFG_Request in step 1 and subscription profile in the same way as the PDN type is selected during the E‑UTRAN Initial Attach in TS 23.401 [4]. The ePDG shall set the Dual Address Bearer Flag when the PDN type is set to IPv4v6 and all SGSNs which the UE may be handed over to are Release 8 or above supporting dual addressing, which is determined based on node pre-configuration by the operator. The ePDG shall include Trace Information if PDN GW trace is activated. The Additional Parameters include the authentication credentials for an additional authentication and authorization with an external AAA server if it was provided by the UE before this step. The ePDG shall provide the IMEI(SV) if available; The PDN GW performs the authentication and authorization with the external AAA server if it is required to get access for the given APN. The User Location Information shall include UE local IP address and optionally UDP or TCP source port number (if NAT is detected). It may also include WLAN Location Information (and its Age) the ePDG may have received from the 3GPP AAA server about the UE.

NOTE 3: The UE local IP address is the source address on the outer header of the IPsec tunnel to the ePDG.

The PGW creates a new entry in its bearer context table and generates a Charging Id. The new entry allows the PGW to route user plane PDUs between the ePDG and the packet data network and to start charging.

NOTE 4: The EPS Bearer Identity and Default EPS Bearer QoS parameters convey the S2b bearer identity and the default S2b bearer QoS.

C.1) Step C.1 is the same as Step C of clause 7.2.1, with the following addition:

– when informing the 3GPP AAA Server of the PDN GW identity, the selected PDN GW also indicates the selected S2b protocol variant (here GTP); this allows the option for the 3GPP AAA Server or 3GPP AAA Proxy not to return to the PDN GW PMIP specific parameters (e.g. static QoS Profile, Trace Information, APN-AMBR) if GTP is used over S2b; the PDN GW shall ignore those parameters if received from the 3GPP AAA Server or 3GPP AAA Proxy.

– The PDN GW forwards to the PCRF in the IP-CAN Session Establishment procedure following information extracted from User Location Information it may have received from the ePDG:

– The UE local IP address and optionally UDP or TCP source port number (if NAT is detected).

– WLAN location information in conjunction with the Age of this information.

D.1) The PDN GW returns a Create Session Response (PDN GW Address for the user plane, PDN GW TEID of the user plane, PDN GW TEID of the control plane, PDN Type, PDN Address, EPS Bearer Identity, EPS Bearer QoS, APN-AMBR, Charging ID, Cause) message to the ePDG, including the IP address(es) allocated for the UE. The PDN GW selects the PDN type to be used in the same way as done during the E-UTRAN Initial Attach in TS 23.401 [4].

The PGW may initiate the creation of dedicated bearers on GTP based S2b (like it may do it on GTP based S5/S8 for an Attach on 3GPP access).

NOTE 5: If the UE requests for both IPv4 address and IPv6 prefix, both are allocated. If the PDN GW operator dictates the use of IPv4 address only or IPv6 prefix only for this APN, the PDN GW shall allocate the only IPv4 address or only IPv6 prefix to the UE. If the UE requests for only IPv4 address or IPv6 prefix only one address/prefix is allocated accordingly.

E.1) Step E.1 is the same as Step E of clause 7.2.1, but with GTP tunnel(s).