C.1 Support for media traversal of NATs using ICE

29.2133GPPPolicy and charging control signalling flows and Quality of Service (QoS) parameter mappingRelease 17TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

The IMS calls out procedures for NAT traversal for media and signalling within IMS. One of the methods supported by IMS for media traversal of NATs is a UE controlled NAT traversal solution based on the IETF Interactive Connectivity Establishment (ICE) protocol, IETF RFC 8445 [67]. When a UE uses the ICE protocol for media traversal of NATs, additional enhancements to the existing PCC procedures are necessary to allow for proper ICE operation.

This annex presents a set of rules that PCC network elements use to build flow descriptors, identify the proper UE IP addresses used by the PCRF for session and bearer binding, and gating control when the ICE procedures are invoked by the UE.

In order for the ICE procedures to work a static, preconfigured PCC rule needs to be in place at the PCEF which allows the UE to perform STUN binding requests prior to offering or answering an SDP.

NOTE 1: Predefined PCC rules can be created to allow the UE to communicate with the STUN relay much in the same way the UE is allowed to communicate with the IMS network for session management.

NOTE 2: Given that a STUN relay is a forwarding server under the direction of the UE, necessary precaution needs to be taken by the operator in how it chooses to craft these rules. It is recommended that such predefined rules only guarantee the minimal amount of bandwidth necessary to accomplish the necessary UE to STUN relay communication. Such an approach helps reduce the resources required to support NAT traversal mechanisms. Finally, such an approach allows the preconfigured rule to be over-ridden by dynamic rules which allow for the necessary bandwidth needed by the session.

NOTE 3: The dynamic PCC rule will need to differentiate between different media traffic between UE and STUN relay (e.g. voice vs. video), which can be identified by the different ports assigned by the residential NAT. Session bindings need to take into account that the relevant terminal IP address may be contained within the ICE candidates contained in the session description, rather than in the normal media description.

NOTE 4: It is assumed that the NAT device is located between the UE and the PCEF. NAT traversal outside of IMS in FBI services is considered FFS in the current 3GPP stage 2 specifications.

NOTE 5: When a NAT device is located between the UE and the PCEF, it is assumed that the IP CAN session signalling will contain the IP address assigned by the residential NAT, rather than the UE IP address.

NOTE 6: It is assumed that NAT devices that assign multiple IP addresses for the UE are outside the scope of release 7.

NOTE 7: In this release, only one IP address per subscription is supported by session binding at the PCRF. Multiple Ues behind a NAT will use the same IP CAN session and IP address.