22A.3 LTE/WLAN Radio Level Integration with IPsec Tunnel

36.3003GPPEvolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN)Overall descriptionRelease 17Stage 2TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

22A.3.0 General

LTE/WLAN Radio Level Integration with IPsec Tunnel (LWIP) feature allows a UE in RRC_CONNECTED to be configured by the eNB to utilize WLAN radio resources via IPsec tunnelling.

The overall architecture for LWIP is illustrated in Figure 22A.3-1. Connectivity between eNB and LWIP-SeGW is provided by the Xw interface .

Figure 22A.3-1: LWIP Overall Architecture

The protocol architecture for LWIP is illustrated in Figure 22A.3-2.

The IP Packets transferred between the UE and LWIP-SeGW are encapsulated using IPsec, as specified in TS 33.401 [22], in order to provide security to the packets that traverse WLAN.The IP packets are then transported between the LWIP-SeGW and eNB via the Xw interface. The end to end path between the UE and eNB via the WLAN network is referred to as the LWIP tunnel.

Figure 22A.3-2: LWIP Protocol Architecture

The end to end protocol stack for the bearer transported over the LWIP tunnel is illustrated in figure 22A.3-3.

Figure 22A.3-3: Bearer over LWIP Tunnel – Protocol Stack

The RRCConnectionReconfiguration message provides the necessary parameters for the UE to initiate the establishment of the IPSec tunnel for the DRB. When the IPsec tunnel is established a data bearer can be configured to use LWIP resources. The DRB configuration on the LTE access corresponding to the data bearer using IPsec resources shall not be released. The data bearer refers to the EPS bearer mapped to the data radio bearer (DRB) which is maintained on the LTE side.

The IPsec tunnel is established following the exchange of security information between the eNB and LWIP-SeGW using the XwAP LWIP Addition Preparation procedure.

A single IPSec tunnel is used per UE for all the data bearers that are configured to send and/ or receive data over WLAN. The data corresponding to each IPSec Tunnel is transported over the Xw interface on a single GTP-U tunnel. Each data bearer may be configured so that traffic for that bearer can be routed over the IPsec tunnel in only downlink, only uplink, or both uplink and downlink over WLAN. SRBs are carried over LTE only. eNB configures specific bearer(s) to use the IPsec tunnel.

NOTE: If the IPsec tunnel is established then it is expected that eNB routes packets belonging to the data bearer via the LTE access or via the IPSec tunnel. If eNB implementation routes packets to both LTE Access and the IPSec tunnel simultaneously, then delivery of packets to upper layers at the UE may occur out of order.

For the DL of a data bearer, the packets received from the IPsec tunnel are forwarded directly to upper layers.

For the UL, the eNB configures the UE to route the uplink data either via LTE or via WLAN using RRC signalling. If routed via WLAN then all UL traffic of the data bearer is offloaded to the WLAN.

UL bearer packets sent over the LWIP tunnel are encapsulated using LWIPEP as specified in TS 36.361 [68] with the ‘Key’ field in the LWIPEP header populated with the DRB Identity associated with offloaded UL bearer.

If aggregation over LWIP is enabled in UL or DL, the corresponding (UL or DL) packets sent over the LWIP tunnel and LTE are encapsulated using LWIPEP as specified in TS 36.361 [68]. The LWIPEP layer assigns sequence numbers to all packets and uses this sequence numbers to populate the ‘Sequence Number’ field in the LWIPEP header. The ‘Key’ field in the LWIPEP header is populated with the DRB Identity of the associated DRB.

The release of the IPsec tunnel is initiated by the eNB. Upon receiving the Handover Command or on transition to RRC_IDLE state, the UE shall autonomously release IPsec tunnel configuration and the use of it by the data bearers.

A UE supporting LWIP may be configured for WLAN measurements as per clause 22A.1.5.

The same mobility concept as specified in 22A.1.4 for LWA is also used for LWIP. Since, WT node does not exist in LWIP operation, WT related description and procedures does not apply to LWIP. Mobility Set should be considered as the set of WLAN APs across which UE can perform mobility without informing the eNB, when applying the concept for LWIP operation.

E-UTRAN does not configure LWIP with DC, LWA or RCLWI simultaneously for the same UE.

If LWIP and RAN assisted WLAN interworking are simultaneously configured for the same UE, in RRC_CONNECTED, the UE only applies LWIP.

22A.3.1 LWIP Operation

22A.3.1.1 LWIP Tunnel Setup and Data Bearer Configuration

Figure 22A.3.1.1-1 shows the procedure of configuring a data bearer to be transported over the LWIP tunnel.

Figure 22A.3.1.1-1: LWIP Tunnel for data bearer setup procedure

1. The eNB configures the UE to perform WLAN measurements for LWIP operation.

2. The UE applies the new configuration and replies with RRCConnectionReconfigurationComplete message.

3. UE sends WLAN measurements to the eNB.

3a. The eNB sends the LWIP Addition Request message to request the LWIP-SeGW to allocate resources for a specific UE, including security material.

3b. If the LWIP-SeGW is able to admit the tunnel request, it responds with the LWIP Addition Request Acknowledge message.

4. The eNB sends the RRCConnectionReconfiguration message to the UE including the WLAN mobility set.

5. The UE applies the new configuration and replies with RRCConnectionReconfigurationComplete message.

6. UE associates with WLAN in consideration of the mobility set, if not already associated.

7. UE sends confirmation of the WLAN association to the eNB.

8. The eNB sends the RRCConnectionReconfiguration message to the UE including the necessary parameters to establish IPSec tunnel over WLAN and may, configure data bearers to utilise the IPsec tunnel.

9. The UE applies the new configuration and replies with RRCConnectionReconfigurationComplete message.

The UE uses the parameters in the new radio resource configuration to setup the IPsec tunnel with the LWIP-SeGW to complete the establishment of the LWIP tunnel with the eNB over the WLAN access. eNB may add or remove data bearers to utilise the LWIP tunnel at any time after the establishment of the LWIP tunnel by sending the RRCConnectionReconfiguration message to the UE.

22A.3.1.2 Reconfiguration to Remove WLAN Resources from Data Bearer

Figure 22A.3.1.2-1 shows the procedure of re-configuring to remove the WLAN radio resources from the data bearer.

Figure 22A.3.1.2-1: Reconfiguration procedure to remove WLAN resources from a Data Bearer

UE and eNB have the LWIP tunnel setup via WLAN.

1. The UE is configured to receive data from a data bearer over the LWIP tunnel.

2. The eNB determines that it needs to remove the WLAN resources for the data bearer.

3. The eNB sends the RRCConnectionReconfiguration message to the UE including the necessary parameters to remove WLAN resources for the data bearer.

4. The UE applies the new configuration and replies with RRCConnectionReconfigurationComplete message.

5. UE stops receiving data for the data bearer over the LWIP tunnel.

22A.3.1.3 LWIP Tunnel Release

Figure 22A.3.1.3-1 shows the procedure of eNB initiated LWIP tunnel release.

Figure 22A.3.1.3-1: LWIP tunnel release procedure

UE and eNB have the LWIP tunnel setup via WLAN.

1. The eNB determines that it needs to release the LWIP tunnel and initiates the release of the IPsec tunnel between the UE and LWIP-SeGW.

2. The eNB sends the RRCConnectionReconfiguration message to the UE including the indication to release the LWIP tunnel.

3. The UE applies the new configuration and replies with the RRCConnectionReconfigurationComplete message.

4. The UE releases the IPsec tunnel and associated data bearer configuration, and terminates the LWIP tunnel.

5. The eNB sends the LWIP-SeGW Tunnel Release Request message to release remaining resources at the LWIP-SeGW.

22A.3.2 Network Interfaces

22A.3.2.1 General

The eNB is connected to one or more LWIP-SeGWs via an Xw interface. In addition to the functionality described in this clause and in TS 33.401 [22], LWIP-SeGW supports the subset of WT functionality and additional functionality required to support LWIP.

22A.3.2.2 User Plane

The Xw user plane interface (Xw-U) is used between eNB and LWIP-SeGW. The Xw-U interface is used to deliver LWIPEP PDUs between eNB and LWIP-SeGW using a single tunnel for all bearers configured for LWIP. The Xw-U interface supports flow control based on feedback from LWIP-SeGW.

22A.3.2.3 Control Plane

The Xw control plane interface (Xw-C) is used between eNB and LWIP-SeGW.

The LWIP-SeGW supports the following functions:

– Transfer of WLAN metrics (e.g. bss load) from LWIP-SeGW to eNB;

– Support of LWIP for UE in ECM-CONNECTED:

– Establishment, Modification and Release of a IPSec tunnel between the UE and the LWIP-SeGW;

– General Xw management and error handling functions:

– Error indication;

– Setting up the Xw;

– Resetting the Xw;

– Updating the configuration data.