18 Interworking with DN (L2TP tunnel)

29.5613GPP5G SystemInterworking between 5G Network and external Data NetworksRelease 17Stage 3TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

18.1 Support L2TP for CUPS across N6

L2TP (described in IETF RFC 2661 [57]) is a standard method for tunneling encapsulated Point-to-Point Protocol (PPP) frames over an IP network. L2TP operates between two L2TP endpoints (LAC and LNS), and tunnels PPP-encapsulated IP traffic between these endpoints. L2TP runs over UDP/IP and was originally defined for systems where PPP is used by an end-device to connect to a network (e.g. via DSL connections, or 2G/3G PPP PDP context). In these cases, a LAC could be deployed in the network (e.g. in a BNG or GGSN/PGW) to tunnel the PPP traffic to a server (LNS) over an IP network.

For 5GC with the UE using IP PDU Session, the PPP functionality that is required to use L2TP is instead supported by the UPF or UPF+PGW-U, as illustrated in below figure. Upon receiving a PDU Session/PDN Connection establishment request from the UE via AMF or MME, SMF or SMF+PGW-C may depend on local L2TP configuration per DNN or the received L2TP information from a DN AAA server in Access-Accept message, request the UPF or UPF+PGW-U to setup L2TP tunnel towards an L2TP network server (LNS) in the external DN and tunnel the PDU Session user plane traffic in this L2TP tunnel. In this case the UPF or UPF+PGW-U acts as a L2TP access concentrator (LAC).

To enable this, the SMF or SMF+PGW-C may provide L2TP information to the UPF or UPF+PGW-U as LAC, such as LNS IP address or FQDN, as described in 3GPP TS 29.244 [58]. This L2TP information may be configured on the SMF or SMF+PGW-C as part of the DNN configuration or received from the DN-AAA server. Alternatively, the L2TP tunnel parameters may be configured in the UPF or UPF+PGW-U. The L2TP tunnel parameters include necessary parameters for setting up L2TP tunnel towards the LNS (e.g. LNS address, tunnel password).

In addition, the SMF or SMF+PGW-C may provide PAP/CHAP authentication information to the UPF or UPF+PGW-U, for use in L2TP session establishment, in case it was received from the UE in the ePCO IE of the PDU Session Establishment Request.

When L2TP is to be used for a PDU Session, the SMF or SMF+PGW-C may select a UPF or UPF+PGW-U and requests the UE IP address to be allocated by LNS according to 3GPP TS 29.244 [58], the UPF (LAC) may retrieve this IP address from the LNS.

Figure 18.1-1: L2TP Tunnel between 5GC and external DN

Below figure describes the L2TP connection procedures between 5GC and external DN, upon the UE is accessed in 5GC and the SMF or SMF+PGW-C and UPF or UPF+PGW-U has been negotiated supporting L2TP feature.

Figure 18.1-2: L2TP connection procedures between 5GC and external DN

0. The SMF or SMF+PGW-C and the UPF or UPF+PGW-U negotiated supporting L2TP feature as specified in 3GPP TS 29.244 [114].

1. The SMF or SMF+PGW-C receives a PDU Session or PDN Connection establishment request from the UE via AMF or MME and SGW.

The UE may include the authentication information for PAP and/or CHAP in ePCO IE. The SMF or SMF+PGW-C may locally configure the UE authentication information for a given DNN.

The SMF or SMF+PGW-C may determine that an L2TP session is required for the PDU Session based on local configured L2TP parameters per DNN.

2. The SMF or SMF+PGW-C may receive the L2TP Tunnel parameters (e.g. LNS IP address or FQDN, tunnel password) from the DN-AAA server in Access-Accept message or Diameter AAA message, or local configured.

NOTE: If EAP based secondary authentication is used (e.g. DER/DEA), L2TP Proxy Authenticate Extensions for EAP is not supported in this release of the specification.

3. If L2TP protocol is determined to support the PDU Session, the SMF or SMF+PGW-C selects a UPF or UPF+PGW-U supporting L2TP and be configured with the LAC name/addresses and then requests the UPF or UPF+PGW-U to setup an L2TP tunnel if needed and/or L2TP session towards the L2TP network server (LNS).

The SMF or SMF+PGW-C sends PFCP Session Establishment Request to the UPF or UPF+PGW-U, which may include L2TP Tunnel Information for setting up a L2TP tunnel and L2TP session information to setup a L2TP session, together with the information for authentication used during L2TP Tunnel setup, as well as for L2TP session.

The L2TP Tunnel Information includes LNS IPv4 address or IPv6 address of LNS, Tunnel Password.

The L2TP Session Information includes specific information related to the PDU Session, e.g. a Calling Number which may be set to UE’s GPSI, an indication to instruct that the UPF or UPF+PGW-U shall request the LNS to allocate an IP address for the PDU Session, indications to instruct that the UPF or UPF+PGW-U shall request the LNS to provide DNS server addresses or NBNS server addresses etc. as specified in 3GPP TS 29.244 [114].

4. The UPF or UPF+PGW-U checks if any existing L2TP tunnel can be used to serve the PDU Session according to the information provided in the L2TP Tunnel Information.

If the UPF or UPF+PGW-U decides to setup a new L2TP tunnel, it initiates L2TP Tunnel establishment by sending an SCCRQ (Start-Control-Connection-Request) message towards the LNS, the UPF or UPF+PGW-U will allocate a Tunnel ID, and it may include a CHAP Challenge to authenticate the LNS. The Challenge and Challenge Response (to be included in SCCCN) is produced by the UPF or UPF+PGW-U using the Tunnel Password received from the SMF or SMF+PGW-C.

The LNS responds with an SCCRP (Start-Control-Connection-Reply) message, containing its allocated Tunnel ID and a CHAP Challenge Response to the Challenge in SCCRQ.

The UPF or UPF+PGW-U then responds with a Challenge response for tunnel authentication in the SCCCN (Start-Control-Connection-Connected) message. An L2TP tunnel is established after the tunnel authentication is successful, with the reception of the SCCCN message sent by the LAC to the LNS.

If the UPF or UPF+PGW-U decides to use an already existing L2TP tunnel for the requested PDU Session from the UPF or UPF+PGW-C, it proceeds with step 5 below directly without current step.

5. Once the L2TP Tunnel is established (or already present) between the LAC and the LNS for the PDU Session/PDN Connection requested by the UE, the UPF or UPF+PGW-U proceeds with L2TP session setup towards the LNS.

The UPF or UPF+PGW-U sends an ICRQ (Incoming-Call-Request) message towards the LNS, which contains the Tunnel ID assigned by the LNS, its assigned Session ID, and optionally, the Calling Number and Called Number. The LNS responds with an ICRP (Incoming-Call-Reply) message and provides the Session ID assigned by it to the LAC.

The LAC then sends an ICCN (Incoming-Call-Connected) message. If proxy LCP and authentication are employed, the ICCN message includes link control parameters (e.g. MRU) and the UE authentication information sent from the SMF or SMF+PGW-C which was received via ePCO IE in step 1. In addition, the UPF or UPF+PGW-U (LAC) will act as a PPP endpoint to use IPCP to request UE IP Address, DNS server address and/or NBNS server address(es).

The LCP renegotiation may by triggered by the LNS after receiving the ICCN message. If so, the LAC and LNS will use PPP LCP to communicate link specific control parameter, and indicate authentication type, then either PPP PAP/CHAP takes place. The PPP IPCP transactions takes places to retrieve UE IP Address, DNS server address and/or NBNS server address.

6. The status of the L2TP session setup is sent by the UPF or UPF+PGW-U to the SMF or SMF+PGW-C in a PFCP Session Establishment Response.

7. The SMF or SMF+PGW-C sends a PDU Session Establishment Response to the UE and the user data session is initiated, which may contain the DNS and NBNS Server information.