5.29 Support for 5G LAN-type service

23.5013GPPRelease 18System architecture for the 5G System (5GS)TS

5.29.1 General

The service requirements for 5G LAN-type service are specified in TS 22.261 [2].

A 5G Virtual Network (VN) group consists of a set of UEs using private communication for 5G LAN-type services.

5.29.2 5G VN group management

5G System supports management of 5G VN Group identification and membership (i.e. definition of 5G VN group identifiers and membership) and 5G VN Group data (i.e. definition of 5G VN group data). The 5G VN Group management can be configured by a network administrator or can be managed dynamically by AF.

A 5G VN group is characterized by the following:

– 5G VN group identities: External Group ID and Internal Group ID are used to identify the 5G VN group.

– 5G VN group membership: The 5G VN group members are uniquely identified by GPSI. The group as described in clause 5.2.3.3.1 of TS 23.502 [3] is applicable to 5G LAN-type services.

– 5G VN group data. The 5G VN group data may include the following parameters: PDU session type, DNN, S-NSSAI and Application descriptor, Information related with secondary authentication / authorization (e.g. to enable IP address assignment by the DN-AAA).

The Information related with secondary authentication / authorization corresponds to the procedures described in clause 5.6.6; it allows e.g. the AF to provide DN-AAA server addressing information and possibly to request the SMF to get the UE IP address from the DN-AAA server.

In order to support dynamic management of 5G VN Group identification and membership, the NEF exposes a set of services to manage (e.g. add/delete/modify) 5G VN groups and 5G VN members. The NEF also exposes services to dynamically manage 5G VN group data.

A 5G VN group is identified by the AF using External Group ID. The NEF provides the External Group ID to UDM. The UDM maps the External Group ID to Internal Group ID. For a newly created 5G VN Group, an Internal Group ID is allocated by the UDM.

The NEF can retrieve the Internal Group ID from UDM via Nudm_SDM_Get service operation (External Group ID, Group Identifier translation).

An External Group ID for a 5G VN group corresponds to a unique set of 5G VN group data parameters.

The 5G VN group configuration is either provided by OA&M or provided by an AF to the NEF.

When configuration is provided by an AF, the procedures described in clause 4.15.6.2 of TS 23.502 [3] apply for storing the 5G VN group identifiers, group membership information and group data in the UDR, as follows:

– The NEF provides the External Group ID, 5G VN group membership information and 5G VN group data to the UDM.

– The UDM updates the Internal Group ID-list of the corresponding UE’s subscription data in UDR, if needed.

– The UDM updates the Group Identifier translation in the Group Subscription data with the Internal Group ID, External Group ID and list of group members, if needed.

– The UDM stores/updates the 5G VN group data (PDU session type, DNN and S-NSSAI, Application descriptor, Information related with secondary authentication / authorization) in UDR.

NOTE 1: It is assumed that all members of a 5G VN group belong to the same UDM Group ID. The NEF can select a UDM instance supporting the UDM Group ID of any of the member GPSIs of the 5G VN group.

NOTE 2: Shared data mechanisms as defined in TS 29.503 [122] can be used to support large 5G VN groups.

If a UE is member of a 5G VN Group, UDM retrieves UE subscription data and corresponding 5G VN group data from UDR, and provides the AMF and SMF with UE subscription data with 5G VN group data included.

The PCF generates URSP rules based on 5G VN group data. The PCF retrieves 5G VN group data from UDR. The PCF(s) that have subscribed to modifications of 5G VN group data receive(s) a Nudr_DM_Notify notification of 5G VN group data change from the UDR as defined in TS 29.505 [145]. The PCF receives from the AMF at the UE Policy association establishment the Internal Group ID(s) corresponding to a UE, so that PCF identifies the 5G VN group data that needs to be used to generate URSP rules to the UE. If the PCF is made aware of a change of UE Internal Group Identifier(s) as defined in TS 29.525 [144] or change of 5G VN group membership as defined in TS 29.505 [145], or both, the PCF then may update the URSP rules for the impacted 5G VN group members.

NOTE 3: The proper way to obtain the 5G VN group membership changes of a specific UE, e.g. if the UE is added to a new 5G VN group, is via the notification of change of UE Internal Group Identifier(s) from the AMF as specified in TS 29.525 [144]. The subscription in the UDR is for being notified about changes in the 5G VN group data and in the 5G VN group membership of a specific 5G VN group.

An AF may update the UE Identities of the 5G VN group at any time after the initial provisioning.

An AF may subscribe to notification of the group status changes for the 5G VN group as described in clause 5.20.

The PDU session type, DNN, S-NSSAI provided within 5G VN group data cannot be modified after the initial provisioning.

In this Release of the specification, the home network of the 5G VN group members is same.

In this Release of the specification, only a 1:1 mapping between (DNN, S-NSSAI) combination and 5G VN group is supported.

The PCF delivers 5G VN group configuration information (DNN, S-NSSAI, PDU session type) to the UE for each GPSI that belongs to a 5G VN group. The 5G VN group configuration information is delivered in the URSP from the PCF to the UE using the UE Configuration Update procedure for transparent UE Policy delivery as described in clause 4.2.4.3 of TS 23.502 [3] and clause 6.1.2.2 of TS 23.503 [45].

5.29.3 PDU Session management

Session management as defined for 5GS in clause 5.6 is applicable to 5G-VN-type services with the following clarification and enhancement:

– A UE gets access to 5G LAN-type services via a PDU Session of IP PDU Session type or Ethernet PDU Session type.

– A PDU Session provides access to one and only one 5G VN group. The PDU Sessions accessing to a certain 5G VN group should all anchor at the same network, i.e. the common home network of 5G VN group members.

– A dedicated SMF is responsible for all the PDU Sessions for communication of a certain 5G VN group. SMF selection is described in clause 6.3.2.

NOTE 1: The network is configured so that the same SMF is always selected for a certain 5G VN group, e.g. only one SMF registers on the NRF with the DNN/S-NSSAI used for a given 5G VN group.

NOTE 2: Having a dedicated SMF serving a 5G VN does not contradict that redundancy solutions can be used to achieve high availability.

– A DNN and S-NSSAI is associated with a 5G VN group.

– The UE provides the DNN and S-NSSAI associated with the 5G VN group to access the 5G LAN-type services for that 5G VN, using the PDU Session Establishment procedure described in clause 4.3.2 of TS 23.502 [3].

– During establishment of the PDU Session, secondary authentication as described in clause 5.6.6 and in clause 4.3.2.3 of TS 23.502 [3], may be performed in order to authenticate and authorize the UE for accessing the DNN and S-NSSAI associated with the 5G VN group. Authentication and authorization for a DNN and S-NSSAI using secondary authentication implies authentication and authorization for the associated 5G VN group. There is no 5G VN group specific authentication or authorization defined.

– The SM level subscription data for a DNN and S-NSSAI available in UDM, as described in clause 5.6.1, applies to the DNN and S-NSSAI associated to a 5G VN group.

– Session management related policy control for a DNN and S-NSSAI as described in TS 23.502 [3], is applicable to the DNN and S-NSSAI associated to a 5G VN group. This includes also usage of URSP, for the UE to determine how to route outgoing traffic to a PDU Session for the DNN and S-NSSAI associated to a 5G VN group.

– Session and service continuity SSC mode 1, SSC mode 2, and SSC mode 3 as described in clause 5.6.9 are applicable to N6-based traffic forwarding of 5G VN communication within the associated 5G VN group.

– A PDU Session provides unicast, broadcast and multicast communication for the DNN and S-NSSAI associated to a 5G VN group. The PSA UPF determines whether the communication is for unicast, broadcast or multicast based on the destination address of the received data, and performs unicast, broadcast or multicast communication handling.

– During the PDU Session Establishment procedure, the SMF retrieves SM subscription data related to 5G-VN type service from the UDM as part of the UE subscription data for the DNN and S-NSSAI.

– In order to realize N19 traffic routing, the SMF correlates PDU sessions established to the same 5G VN group and uses this to configure the UPF with the group level N4-session including packet detection and forwarding rules for N19 tunnelling forwarding.

5.29.4 User Plane handling

User Plane management as defined for 5GS in clause 5.8 is applicable to 5G LAN-type services with the following clarifications:

– There are three types of traffic forwarding methods allowed for 5G VN communication:

– N6-based, where the UL/DL traffic for the 5G VN communication is forwarded to/from the DN;

NOTE 1: Optionally a L2TP tunnel can be established over N6 as described in clause 5.8.2.16.

– N19-based, where the UL/DL traffic for the 5G VN group communication is forwarded between PSA UPFs of different PDU sessions via N19. N19 is based on a shared User Plane tunnel connecting PSA UPFs of a single 5G VN group.

– Local switch, where traffic is locally forwarded by a single UPF if this UPF is the common PSA UPF of different PDU Sessions for the same 5G VN group.

– The SMF handles the user plane paths of the 5G VN group, including:

– The SMF may prefer to select a single PSA UPF for as many PDU sessions (targeting the same 5G VN group) as possible, in order to implement local switch on the UPF.

– (if needed) Establishing N19 tunnels between PSA UPFs to support N19-based traffic forwarding.

– For Ethernet PDU Session, the SMF may instruct the UPF(s) to classify frames based on VLAN tags, and to add and remove VLAN tags, on frames received and sent on N6 or N19 or internal interface ("5G VN internal"), as described in clause 5.6.10.2.

NOTE 2: For handling VLAN tags for traffic on N6, TSP ID could also be used as described in clause 6.2.2.6 of TS 23.503 [45].

Further description on User Plane management for 5G VN groups is available in clause 5.8.2.13.

When N6-based traffic forwarding is expected, after creation of a 5G VN group the AF can influence the traffic routing for all the members of the 5G VN group, by providing information identifying the traffic, DNAI(s) suitable for selection and an optional indication of traffic correlation together with a 5G VN External Group ID identifying the 5G VN group in an AF request sent to the PCF, as described in clause 5.6.7. If the optional indication of traffic correlation is provided, it means the PDU sessions of the 5G VN group member UEs should be correlated by a common DNAI in the user plane for the traffic. The PCF transforms the AF request into policies that apply to PDU Sessions of the 5G VN group and sends the policies to the SMF. According to the policies, the SMF (re)selects DNAI(s) for the PDU Sessions and configures their UP paths to route the traffic to the selected DNAI(s). If the policies include the traffic correlation indication, the SMF (re)selects a common DNAI for the PDU Sessions so that the traffic of the 5G VN group is routed to the common DNAI.

NOTE 3: When receiving a new PDU session establishment request for a 5G VN group, to avoid unnecessary N19 tunnels between UPFs, SMF can check previously selected UPFs for the same 5G VN group, and decide whether a previously selected UPF could serve the requested PDU session.

NOTE 4: N19 tunnel(s) can be established between a new UPF and other UPF(s) that belongs to a 5G VN group when the new UPF is selected for the 5G VN group during PDU session establishment. The N19 tunnel(s) to a UPF can be released during or after PDU session release when there is no more PDU sessions for a 5G VN group in that UPF. Establishment or release of the N19 tunnels at the UPF is performed within a group-level N4 Session.