ePDG Interworking with SMF+P-GW-IWK Support
Feature Summary and Revision History
Feature Description
License Requirements
Standards Compliance
How it Works
Configuring ePDG to Enable 5G Interworking
Configuring ePDG for SMF+PGW-IWK or P-GW
Monitoring and Troubleshooting
- Show Commands and Outputs
- Bulk Statistics
  - show bulkstats variables epdg-interworking-5g

ePDG Interworking with SMF+P-GW-IWK Support

Feature Summary and Revision History

Summary Data


Applicable Product(s) or Functional Area	ePDG
Applicable Platform(s)	ASR 5500 VPC-DI
Feature Default	Disabled - License Required
Related Changes in This Release	Not applicable
Related Documentation	Command Line Interface Reference ePDG Administration Guide Statistics and Counters Reference

Revision History


Revision Details	Release
ePDG is enhanced to configure ePDG to select P-GW ignoring the SMF based on the selection criteria.	21.27
First introduced.	21.26

Feature Description

Important

The 5G interworking feature requires the purchase of an extra license to implement the functionality with the ePDG service.

The ePDG supports a 3GPP feature for 4G (P-GW) vs 5G Session Management Function (SMF) node selection and traffic steering.

To enable 5G mobility from Voice over Wi-Fi (VoWiFi), few parameters get exchanged between UE and SMF (5G) +PGW-IWK. The User Equipment (UE) stores and uses these values during mobility over 5G. The ePDG supports the following functionalities for interworking with SMF+PGW-IWK or P-GW:

ePDG selects either SMF+PGW-IWK or P-GW based on three parameters N1_MODE_CAPABILITY (UE parameter), Core-Network-Restrictions (AAA parameter), and Interworking-5GS-Indicator (AAA parameters) AVPs:
- If the UE supports N1 mode, UE includes the N1_MODE_CAPABILITY Notify payload in the IKE_AUTH Request message.
- The UE sets the PDU Session ID Value field of the N1_MODE_CAPABILITY Notify payload to a PDU session ID value, which is allocated to the PDU session associated with the IKEv2 security association.
ePDG sets 5GSIWK Indication flag to TRUE, in the Create Session Request if:
- UE is N1 mode capable.
- Core-Network-Restrictions - 5G core access is not restricted and.
- Interworking-5GS-Indicator is subscribed
If SMF+PGW-IWK is selected and the 5GSIWK flag is TRUE, the ePDG sends PDU Session ID, in the Additional Protocol Configuration Options (APCO) field of Create Session Request, to SMF+PGW-IWK.
ePDG sends the 5GCNRS and 5GCNRI indication flags to P-GW or SMF+PGW-C in Create Session Request.
SMF+PGW-IWK sends Single – Network Slice Selection Assistance Information (S-NSSAI) to ePDG in the APCO field of Create Session Response.
ePDG sends the S-NSSAI to UE in the N1_MODE_INFORMATION Notify payload and PLMN ID in N1_MODE_S_NSSAI_PLMN_ID notify payload of the IKE Auth Response message.

License Requirements

ePDG 5G session count license is required to enable the 5G interworking through the primary CLI, interworking-5g, under epdg-service mode. If the CLI is not enabled, all the calls are treated as 4G, ignoring the decision matrix algorithm. For more information on the decision matrix algorithm, refer to the Selecting P-GW or SMF+PGW-IWK Decision Matrix section.

Once you update the license, reload the ePDG device for the license to become effective. Without reload, the behavior is undefined.

To configure the license specific CLIs, refer to the Configuring ePDG to Enable 5G Interworking and Configuring ePDG for SMF+PGW-IWK or P-GW.

Standards Compliance

This feature complies with the following standard procedures for the 5G System (5GS):

3GPP References

3GPP TS 24.302: 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Access to the 3GPP Evolved Packet Core (EPC) via non-3GPP access networks; Stage 3”
3GPP TS 29.274: 3GPP Evolved Packet System (EPS); Evolved General Packet Radio Service (GPRS) Tunnelling Protocol for Control plane (GTPv2-C); Stage 3
3GPP TS 23.502: System architecture for the 5G System (5GS)

How it Works

This section provides a call flow and procedure that explains the basic functionality of the ePDG and SMF+P-GW Interworking.

This callflow is followed only when 5G Interworking feature is enabled.

Call Flow

Table 1. ePDG Setup Procedure Call Flow Description

Step

Description

The UE sends the IKE_SA_INIT message.

The ePDG responds with the IKE_SA_INIT_RSP message.

The UE sends the user identity (in the IDI payload) and the APN information (in the IDr payload) in the first message of the IKE_AUTH phase, and begins negotiation of child security associations. The UE omits the AUTH parameter to indicate to the ePDG that it wants to use EAP over IKEv2. The user identity is compliant with the Network Access Identifier (NAI) format as specified in 3GPP TS 23.003. The UE sends the configuration payload (CFG_REQUEST) within the IKE_AUTH request message to obtain an IPv4 home IP Address and/or a Home Agent Address. When the MAC ULI feature is enabled, the root NAI used is of the form "0<IMSI>AP_MAC_

ADDR:nai.epc.mnc<MNC>

.mcc<MCC>.3gppnetwork.org".

5GC NAS capable UE indicates its support of 5GC NAS in IKEv2. The UE allocates a PDU Session ID and also includes N1_MODE_CAPABILITY Notify payload.

The ePDG sends the Authentication and Authorization Request message to the 3GPP AAA Server, containing the user identity and APN.

The 3GPP AAA Server fetches the user profile and authentication vectors from HSS/HLR (if these parameters are not available in the 3GPP AAA Server). The 3GPP AAA Server shall look up the IMSI of the authenticated user based on the received user identity (root NAI) and include the EAP-AKA as requested authentication method in the request sent to the HSS. The HSS shall then generate authentication vectors with AMF separation bit = 0 and send them back to the 3GPP AAA server. The 3GPP AAA Server checks in user's subscription if he/she is authorized for non-3GPP access. The counter of IKE SAs for that APN is stepped up. If the maximum number of IKE SAs for that APN is exceeded, the 3GPP AAA Server shall send an indication to the ePDG that established the oldest active IKE SA (it could be the same ePDG or a different one) to delete the oldest established IKE SA. The 3GPP AAA Server shall update accordingly the information of IKE SAs active for the APN.

The 3GPP AAA Server initiates the authentication challenge. The user identity is not requested again.

The AAA server sends the following two parameters if configured:

Core-Network-Restrictions
Interworking-5GS-Indicator

If the AAA server does not send these parameters, ePDG takes default values. For more information on default values, see Information Element and AVP Support

The ePDG uses these parameters and the 5G NAS capability from the UE to determine if SMF+PGW-IWK or P-GW must be selected.

The ePDG responds with its identity, a certificate, and sends the AUTH parameter to protect the previous message sent to the UE (in the IKE_SA_INIT Exchange). It completes the negotiation of the child security associations if any. The EAP message received from the 3GPP AAA server (EAP-Request/AKA-Challenge) is included to start the EAP procedure over IKEv2.

The UE checks the authentication parameters and responds to the authentication challenge. The only payload (apart from the header) in the IKEv2 message is the EAP message.

The ePDG forwards the EAP-Response/AKA-Challenge message to the 3GPP AAA server.

8a.

The AAA server checks if the authentication response is correct.

When all checks are successful, the 3GPP AAA server sends the final Authentication and Authorization Answer (with a result code indicating success) including the relevant service authorization information, an EAP Success, and the key material to the ePDG. This key material consists of the Primary Session Key (PSK) generated during the authentication process. When the SWm and SWd interfaces between ePDG and 3GPP AAA server are implemented using Diameter, the PSK is encapsulated in the EAP-Primary-Session-Key-AVP, as defined in RFC 4072.

10.

The Primary Session Key (PSK) is used by the ePDG to generate the AUTH parameters to authenticate the IKE_SA_INIT phase messages, as specified for IKEv2 in RFC 4306. These two first messages were not authenticated before as there was no key material available. According to RFC 4306 [3], the shared secret generated in an EAP Exchange (PSK), when used over IKEv2, is used to generate the AUTH parameters.

11.

The EAP Success or Failure message is forwarded to the UE over IKEv2.

12.

The UE takes its own copy of the PSK as input to generate the AUTH parameter to authenticate the first IKE_SA_INIT message. The AUTH parameter is sent to the ePDG.

12a.

The ePDG checks the correctness of the AUTH received from the UE. At this point, the UE is authenticated.

13.

On successful authentication, the ePDG selects the P-GW or SMF+P-GW-IWK based on Node Selection options. The ePDG sends Create Session Request (IMSI, [MSISDN], Serving Network, RAT Type (WLAN), Indication Flags, Sender F-TEID for C-plane, APN, Selection Mode, PAA, APN-AMBR, Bearer Contexts, [Recovery], [Charging characteristics], [Additional Protocol Configuration Options (APCO)]), Private IE (P-CSCF, AP MAC address). Indication Flags shall have Dual Address Bearer Flag set if PDN Type is IPv4v6. Handover flag is set to Initial or Handover based on the presence of IP addresses in the IPv4/IPv6_Address configuration requests. Selection Mode shall be set to "MS or network provided APN, subscribed verified". The MSISDN, Charging characteristics, APN-AMBR, and bearer QoS shall be provided on S2b interface by ePDG when these are received from AAA on SWm interface. The control plane TEID shall be per PDN connection and the user plane TEID shall be per bearer created.

If the UE supports N! mode, is not restricted to interworking with 5GS by user subscription, and access to 5GC is allowed, the ePDG sends the 5GS Interworking Indication flag and PDU Session ID to SMF+PGW-IWK in the Create Session Request.

If SMF+PGW-IWK supports more than one S-NSSAI and the APN is valid for more than one S-NSSAI, SMF+PGW-IWK selects one S-NSSAI.

Note

If the UE does not support 5GC NAS but has a 5GS subscription, SMF+PGW-IWK is selected, and if interaction with UDM, Policy Control Function (PCF), and UPF is required, then SMF+PGW-IWK assigns PDU Session ID.

14.

The P-GW allocates the requested IP address to the session and responds back to the ePDG with a Create Session Response (Cause, P-GW S2b Address C-plane, PAA, APN-AMBR, [Recovery], Bearer Contexts Created, [Additional Protocol Configuration Options (APCO)], Private IE (P-CSCF)) message.

If SMF+P-GW-IWK receives PDU Session ID, it adds S-NSSAI in the APCO field of Create Session Response.

15.

The ePDG calculates the AUTH parameter which authenticates the second IKE_SA_INIT message.

16.

The ePDG sends the assigned Remote IP address in the configuration payload (CFG_REPLY). The AUTH parameter is sent to the UE together with the configuration payload, security associations and the rest of the IKEv2 parameters and the IKEv2 negotiation stops.

The S-NSSAI and the PLMN-ID) is sent to UE, in N1_MODE_INFORMATION Notify and N1_MODE_S_NSSAI_PLMN_ID Notify payload respectively.

The N1_MODE_INFORMATION Notify payload indicates to the S-NSSAI for the PDU session associated with the IKEv2 security association established by the IKEv2 message.

The PLMN ID corresponding to SNSSAI is sent in N1_MODE_S_NSSAI_PLMN_ID. The N1_MODE_S_NSSAI_PLMN_ID Notify payload indicates to the PLMN ID that the S-NSSAI relates to the PDU session associated with the IKEv2 security association established by the IKEv2 message is carrying the N1_MODE_S_NSSAI_PLMN_ID Notify payload.

Note

17.

Router Advertisement is sent for IPv6 address assignments that is based on configuration.

Note

If the ePDG detects that an old IKE SA for that APN exists, it deletes the IKE SA and sends the UE an INFORMATIONAL Exchange with a Delete payload in order to delete the old IKE SA in UE.

If there is any IKEv2 Authentication Response message, the ePDG sends S-NSSAI to the UE.

Information Element and AVP Support

This feature supports the following IE and AVPs:

PDU Session ID
S-NSSAI
Core-Network-Restrictions AVP

Interworking-5GS-Indicator AVP
5GSIWKI (5GS Interworking Indication) Indicator Flag
5GCNRS (5GC Not Restricted Support)
5GCNRI (5GC Not Restricted Indication)

PDU Session ID

If the UE supports N1 mode, the UE includes the N1_MODE_CAPABILITY Notify payload in the IKE_AUTH Request message. Then, the UE sets the PDU Session ID Value field of the N1_MODE_CAPABILITY Notify payload to a PDU session ID value. The PDU Session ID value is allocated to the PDU session associated with the IKEv2 security association. The ePDG uses N1_MODE_CAPABILITY as one of the parameters to select the P-GW or SMF+PGW-IWK.

S-NSSAI

SMF+PGW-IWK sends the Single – Network Slice Selection Assistance Information (S-NSSAI) to ePDG in the APCO field of Create Session Response. The UE receives this value in N1_MODE_INFORMATION Notify payload.

ePDG sends S-NSSAI to UE in N1_MODE_INFORMATION Notify payload of IKEv2 Authentication Response message.

SMF+PGW-IWK sends S-NSSAI in the APCO field of the Create Session Response message, with Container ID value of 0x001B. This value is parsed, encoded, and sent to UE, in the N1_MODE_INFORMATION Notify payload.

Core-Network-Restrictions

The Core-Network-Restrictions AVP is of type Unsigned32 and contains a bitmask indicating the types of Core Network, which are not allowed for a user.

The following table explains the bits:

Table 2. Meaning of Bits
Bits	Name	Description
0	EPC	Access to EPC not allowed.
1	5GC	Access to 5GC not allowed.
NOTE: Bits not defined in this table will be cleared by the HSS and discarded by the MME.

Interworking-5GS-Indicator

The Interworking-5GS-Indicator AVP indicates whether the interworking between 5GS and EPS is subscribed or not subscribed for the APN.

The following values are defined in the Interworking-5GS-Indicator AVP:

NOT-SUBSCRIBED (0)
SUBSCRIBED (1)

The default value is NOT-SUBSCRIBED (0) when this AVP is not present.

The AAA server sends the Core-Network-Restrictions and Interworking-5GS-Indicator AVPs in the DEA (Diameter EAP Answer) Response message.

5GSIWKI Indicator Flag

The 5GSIWKI flag is set to 1 for UEs supporting N1 mode and not restricted from interworking with 5GS by user subscription and access to 5GS is allowed for the PDN connection.

The 5GSIWKI Indicator flag is sent to SMF+PGW-IWK in the Create Session Request message.

5GCNRS Flag

When 5GCNRS bit is set to 1, it indicates to the PGW-C+SMF+PGW-IWK that the MME or ePDG node supports 5GCNRI flag settings.

Note

This flag is always set to 1 from the 3GPP TS29.274 Rel 16 support.

5GCNRI Flag

When the 5GCNRI flag is set to 1, it indicates to the PGW-C+SMF+PGW-IWK that access to the 5GC is open for the PDN connection without any restriction.

However, when the 5GCNRS flag is set to 1 and the 5GCNRI flag is set to 0, access to the 5GC is restricted for the PDN connection. PGW-C+SMF+PGW-IWK does not consider the 5GCNRI flag if the 5GSIWKI flag is set to 1. It happens when the 5GS Interworking is supported for PDN connection.

Note

This flag is set to 1, when the Core-Network-Restrictions is allowed for 5G and Interworking-5GS-Indicator is Subscribed.

Selecting P-GW or SMF+PGW-IWK Decision Matrix

The ePDG uses the following decision matrix for selecting the SMF+PGW-IWK or P-GW, to establish the PDN connectivity.

If the ePDG 5G license is not present or interworking-5g under epdg-service is not enabled, the ePDG ignores the following decision matrix algorithm. All calls are treated as 4G calls regardless of any parameter mentioned in the following table.

Figure 2. P-GW or SMF+PGW-IWK Decision Matrix Table

NOTE 0: For P-GW, replace "-s2bc" by "-s2b", so that "x-s2bc-gtp" becomes "x-s2b-gtp".

NOTE 1:

Default Behavior: SMF+PGW-IWK supports Rel-16 functionality to support 4G-only UEs, that is, the SMF+P-GW-IWK is able to generate PDU Session ID for 4G-only UEs.
Custom Behavior: To handle the case where SMF+P-GW-IWK is Rel-15 and cannot support 4G only UEs.

NOTE 2:

Default Behavior: When Interworking-5GS APN-Configuration is set to disallow the APN configuration in UDR, but handover to 5G SA is not allowed.
Custom Behavior: When Interworking-5GS APN-Configuration is set to disallow the APN configuration in SPR and not in UDR, then P-GW is selected.

NOTE 3:

The pgw smf-not-configured CLI allows you to configure whenever the SMF IPs are not updated in DNS or local ePDG configuration, so that ePDG ignores the SMF selection and always selects the P-GW based on selection criteria.

In the P-GW or SMF+PGW-IWK Decision Matrix table:

For scenarios 1 and 2, the operator has not updated the subscription. Hence, HSS doesn’t include the 'Core-Network-Restrictions' flag or 'Interworking-5GS-Indicator' in the subscription. In such scenarios, the operator selects the P-GW. However, in scenarios 3-18, the existing 4G subscriptions are modified. The operator selects either the 5GC restriction flag or the 5G interworking indication flag in the subscription.
For scenarios 3 and 13, the operator has subscribed to the interworking with 5GS. Since the UE is 4G-only, the operator may select SMF+PGW-IWK.
In scenarios 5-6 and 15-18, 5GC is allowed. However, the interworking with 5GS is not supported for the PDN connection. Ideally, the operator may select SMF+PGW-IWK for these scenarios since a 5G subscription exists. However, some operators can also anchor the PDN connection on P-GW.
In scenarios 7-12, the subscriber must not use the 5GC. Hence, the operator should not select SMF+PGW-IWK irrespective of the values of other parameters.
In scenarios 4 and 14, the UE supports 5G. The 5GC is allowed. The PDN connection is handed over to 5G Stand Alone (SA). Hence, the operator can select SMF+PGW-IWK.

From the previous matrix, if SMF+PGW-IWK is selected, the e-PDG uses the S-NAPTR procedure with the service parameters of x-s2b-gtp+nc-smf in the following scenarios:

AAA provided FQDN-based P-GW selection
APN-FQDN based P-GW selection
Local FQDN-based P-GW selection

Fallback Mechanism for Selecting Combined SMF+PGW-IWK

The following table describes the fallback mechanism for selecting combined SMF+PGW-IWK or P-GW.

Table 3. Fallback Mechanism
SMF+PGW-IWK or P-GW	Service Parameter	Selection Order
SMF+PGW-IWK	x-s2b-gtp+nc-smf	If ePDG selects SMF from the decision matrix, using the x-s2b-gtp+nc-smf service parameter, the following are the possible scenarios from the DNS server: If DNS response has records for SMFs and if the selected SMFs are not reachable, the fallback to static SMF selection works based on the local configuration. If DNS response has no SMF records but has P-GW records, then ePDG ignores the P-GW list and fallback to static SMF selection. If the DNS query fails, there are no SMF records, or DNS is not reachable then, ePDG fallback to static SMF selection based on the local configuration. The appropriate DNS-related failures get incremented. In case of Local Static selection: If SMFs are configured, that will be considered: If weight is defined, then, the Weight algorithm similar to the existing P-GW selection is applied to SMF+P-GW-IWK. If no weight is configured, SMF+PGW-IWK is selected in a round robin manner. If no SMF+PGW-IWK is configured and only has P-GW, then ePDG ignores the P-GW lists and SMF+PGW-IWK selection fails, a call gets terminated with appropriate disconnect reasons. If initial selection preference is local static, instead of DNS, then same fallback mechanism is followed vice-versa with local SMF->DNS SMF selection. The fallback mechanism, priority, and preference order of selection based on various criteria between AAA provided IP, DNS, and Static remains the same as legacy P-GW selection, and applicable to SMF+PGW-IWK.
P-GW	x-s2b-gtp	If ePDG selects only P-GW, the output is generated from the DNS response using the x-s2b-gtp service parameter. The following are the possible scenarios from the DNS server: If DNS response has records for P-GW and if the selected P-GW are not reachable, Fallback to static P-GW selection occurs based on local configuration. If DNS response has no P-GW records but has SMF records, then ePDG ignores the SMF and fallback to static P-GW selection. If DNS query fails or no P-GW records are found, or DNS is not reachable, then fallback to static P-GW selection occurs based on the local configuration. In case of Local Static selection: If P-GWs are configured, it will be considered. If weight is defined, then, the Weight algorithm similar to the existing P-GW selection is applied. If no weight is configured, P-GW is selected in a round robin manner. If no P-GW is configured and only has SMF, then ePDG ignores the SMF lists and SMF+PGW-IWK selection fails, a call gets terminated with appropriate disconnect reasons. If no local static entries are defined for P-GW: P-GW selection fails and the call gets terminated with the appropriate disconnect reasons. If initial selection preference is local static instead of DNS, then, ePDG performs a fallback and the opposite way with the local SMF->DNS SMF selection.

In handover scenarios, ePDG considers the AAA provided P-GW-ID (IP address or FQDN) for P-GW or SMF+PGW-IWK selection.

Limitations

This feature has the following limitations:

The ePDG support is applicable only for the 4G or 5G NAS capable devices attached to ePDG through the legacy 4G message. ePDG does not support 5G NAS request directly sent to ePDG.
SMF+PGW-IWK support is limited to the GTPv2 based S2b interface.
The emergency attach flow is not supported because for 5G NAS capable devices, the emergency VoWIFI call is not supported through ePDG.

Configuring ePDG to Enable 5G Interworking

The 5G Interworking feature is enabled only if the ePDG 5G license is configured. If the ePDG license is not present or the 5G interworking feature is not enabled, by default the ePDG selects the P-GW as per the legacy behavior.

When the interworking feature is enabled, Capability of UE, AAA 5G attributes, and other 5G custom behavior CLIs influence the P-GW or SMF+PGW-IWK selection. 5G Interworking CLIs to customize P-GW or SMF+PGW-IWK selection are available only when 5G interworking feature is enabled.

Use the following configuration to enable or disable the 5G interworking on ePDG:


configure 
     context context_name 
        epdg-service service_name 
            [ no ]  interworking-5g 
            end

NOTES:

interworking-5g : Enables the 5G interworking for the ePDG service.
[ no ] interworking-5g : If disabled, all calls are treated as 4G.

Configuring ePDG for SMF+PGW-IWK or P-GW

The ePDG selects SMF+PGW-IWK as per the default behavior. This default behavior is customized using the configuration command under ePDG-service mode to choose P-GW.

Configuring ePDG to Select P-GW for 4G-Only UE

For 4G-only UEs, operator network configuration can latch on SMF+PGW-IWK. If operator does not have support for SMF+PGW-IWK, the operator has the choice to configure to select P-GW for 4G-only UEs.

Use the following configuration to enable or disable P-GW selection for 4G-only UE:


configure 
     context context_name 
        epdg-service service_name 
            [ no ] pgw-selection select pgw 4gonly-ue 
            end

NOTES:

pgw-selection select pgw 4gonly-ue : If enabled for 4G only UE, ePDG selects the P-GW by overriding the default SMF selection.
no pgw-selectionselect pgw 4gonly-ue : If disabled for 4G only UE, then P-GW selection is reverted to default selection of SMF+P-GW-IWK.

This command is configurable only when interworking-5g is enabled.

Configuring ePDG to Consider Interworking-5GS-Indicator

As per the default behavior, the ePDG may select SMF+PGW-IWK, if the 5GS interworking is not subscribed. If the operator network configuration does not support SMF+PGW-IWK, use the following configuration to override this default behavior and select P-GW as a preferred node:


configure 
     context context_name 
        epdg-service service_name 
           [ no ] pgw-selection select pgw  no-5gs-interworking  
           end

NOTES:

pgw-selection select pgw no-5gs-interworking : If enabled for 5Gs interworking not subscribed cases, P-GW will be selected by overriding the default SMF+PGW-IWK selection.
no pgw-selection select pgw no-5gs-interworking : If disabled, P-GW selection gets reverted to default selection of SMF+P-GW-IWK for 5GS interworking not subscribed cases.

This command is configurable only when interworking-5g is enabled.

Configuring ePDG to Select P-GW to Ignore the SMF Selection

When an operator has not updated the SMF IP or fully qualified domain name (FQDN) in DNS server or in local ePDG configuration, use the following command to ignore SMF+PG-IWK selection and always select P-GW:

Enabling the pgw smf-not-configured option overrides the 4gonly-ue and no-5gs-interworking options.


configure 
     context context_name 
        epdg-service  service_name  
            [ no ] pgw-selection select pgw smf-not-configured 
            end

NOTES:

pgw-selectionselect pgw smf-not-configured : Once enabled, ePDG ignores the SMF selection and always choose P-GW by overriding 4gonly-ue and no-5gs-interworking options.
no : Disables pgw-selection related parameters for the ePDG service.

This command is configurable only when interworking-5g is enabled.

Configuring ePDG in the Local SMF+PGW-IWK Node

Use the following configuration command to configure SMF+PGW-IWK:


configure 
     apn-profile apn_name 
        pgw-address ip_address smf-combined  
        end

NOTES:

pgw-address ip_address smf-combined : Configures SMF+PGW-IWK for the specified IPv4 or IPv6 address.

Configuring ePDG 5G Interworking Bulk Statistics

Use the following configuration to configure the epdg-interworking-5g bulkstats schema. This configuration is only available upon license and 5G interworking is enabled.


configure 
     bulkstat mode  
          [ no ] epdg-interworking-5g schema schema_name 
          end

NOTES:

epdg-interworking-5g schema schema_name format : Allows ePDG to capture 5G interworking related bulk statistics.

Monitoring and Troubleshooting

This section provides information to monitor and troubleshoot this feature using show commands.

Show Commands and Outputs

This section provides information about the show commands and outputs for the ePDG 5G interworking feature.

show epdg-service statistics interworking-5g

The show epdg-service statistics interworking-5g command displays output of Interworking 5G statistics at system-level. The show epdg-service name epdg-service-name statistics interworking-5g command displays output of Interworking 5G statistics for a particular ePDG-service. The interworking-5g option is available only with ePDG 5G license.

Table 4. show epdg-service statistics interworking-5g Command Output Descriptions
Field	Description
5G Sessions – Counter for sessions from N1 mode capable UEs
Attempts	The number of times that ePDG receives a call with N1_mode_capable (PDUSession) from UE.
Setup	The number of times that ePDG receives a call with N1_mode_capable (PDUSession) from UE and that call succeeds.
Failures	The number of times that ePDG receives a call with N1_mode_capable (PDUSession) from UE and that call fails due to some failure reason.
P-GW/SMF selection type – Based on the 5G capability flags and related CLI, the PDN request is forwarded to P-GW or SMF+PGW-IWK
SMF preferred	The number of times that SMF is chosen for this call, but IWK flag is not set.
SMF only	The number of times that ePDG selects SMF for this call, IWK flag is set, and PDU Session ID is forwarded to SMF.
DNS provided SMF	The number of times that SMF is selected from DNS responses.
Locally configured SMF	The number of times that SMF is selected from the local ePDG configuration.
AAA provided SMF IP	The number of times that ePDG selects SMF from the AAA server provided IP attribute.
P-GW only	The number of times P-GW is selected.
DNS provided P-GW	The number of times that P-GW is selected from DNS responses.
Locally configured P-GW	The number of times that P-GW is selected from the local ePDG configuration.
AAA provided P-GW IP	The number of times that P-GW is selected from the AAA server provided IP attribute.
P-GW or SMF not available reasons - Provide counters on how many times the SMF or P-GW selection is failed due to P-GW or SMF is not locally configured.
No P-GW configured locally	The number of times that P-GW selection failed due to missing configuration.
No SMF configured locally	The number of times that SMF+PGW-IWK selection failed due to missing configuration.
SMF Fallback Support Statistics for GTP nodes – Fallback-related counters for SMF provided by AAA, DNS, and local configuration. In general, an attempt for second SMF or P-GW after the first SMF or P-GW is failed is considered as fallback.
SMF Fallback Attempted	The number of times that fallback is attempted when SMF is preferred. Increments after it fails to connect to the first SMF and attempts the second SMF. This includes SMFs provided by AAA, DNS, and the local configuration.
SMF Fallback Success	The number of times that a session connected to SMF is selected through the fallback algorithm.
SMF Fallback Failure	The number of times that a session, which is unable to connect to SMF is selected through a fallback algorithm.
Alternate SMF not found	The number of failed attempts to SMF and there is no alternate SMF available to attempt and connect to a session.
Local SMF resolution	Fallback related counters for SMF by local configuration. These counters are not incremented if the first SMF is selected from the local configuration despite trying to connect to the DNS/AAA provided SMF.
SMF Fallback Attempted	The number of times that fallback is attempted when SMF is preferred. Increments after it fails to connect to the first SMF and attempts the second SMF. This includes SMFs provided by AAA, DNS, and local configuration.
SMF Fallback Success	The number of times that a session connected to SMF is selected through the fallback algorithm.
SMF Fallback Failure	The number of times that a session, which is unable to connect to SMF is selected through the fallback algorithm.
Alternate SMF not found	The number of times that attempts to SMF fail and there is no alternate SMF available for a session to connect.
P-GW Fallback Support Stats for GTP nodes - Fallback related counters for P-GW provided by AAA, DNS, and local configuration. In general, an attempt considers as fallback, after failed to connect to the first SMF/P-GW.
P-GW Fallback Attempted	The number of times that fallback is attempted when P-GW is preferred. Increments after it fails to connect to the first P-GW and attempts for the second P-GW. This includes P-GW provided by AAA, DNS, and local configuration.
P-GW Fallback Success	The number of times that a session connected to P-GW is selected through the fallback algorithm.
P-GW Fallback Failure	The number of times that a session, which is unable to connect to P-GW is selected through the fallback algorithm.
Alternate P-GW not found	The number of failed attempts to all P-GW, and there is no alternate P-GW available to attempt for a session to connect.
Local P-GW resolution	Fallback related counters for P-GW provided by local configuration. These counters do not get incremented if the first SMF selected from the local configuration gets connected, even after attempting the DNS/AAA provided SMF.
P-GW Fallback Attempted	The number of times that fallback is attempted when P-GW is preferred. Increments after it fails to connect to the first P-GW and attempts for the second P-GW. This includes P-GW provided by AAA, DNS, and local configuration.
P-GW Fallback Success	The number of times that a session connected to P-GW is selected through the fallback algorithm.
P-GW Fallback Failure	The number of times that a session fails to connect to P-GW and selected through the fallback algorithm.
Alternate P-GW not found	The number of failed attempts to all P-GW, and there is no alternate P-GW available to attempt for a session to connect.
DNS-related Failures
DNS server not reachable	The number of times when no response from DNS.
No resource records	The number of times that the DNS server responded with no resource records.
No matching P-GW service params	The number of times that the DNS server responded with no P-GW in the resource records, when P-GW is the preferred gateway for the session.
No matching SMF service params	The number of times that the DNS server responded with no SMFs in the resource records, when SMF is the preferred gateway for the session.
DNS P-GW list exhausted	The number of failed attempts to connect to all the P-GW provided by DNS response, when P-GW is the preferred gateway for the session.
DNS SMF list exhausted	The number of failed attempts to connect to all the SMF provided by DNS response, when SMF is the preferred gateway for the session.

show configuration

If the following commands are configured, the output of this CLI command displays the following parameters under ePDG-service:

Service name:
- interworking-5g: Displays the enabled 5G interworking for the ePDG service.
- pgw-selection select pgw 4g-only-ue: Displays the enabled P-GW for 4G-only-UE.
- pgw-selection select pgw no-5gs-interworking: Displays the enabled P-GW selection for 5Gs interworking.
- pgw-selection select pgw smf-not-configured: Displays the enabled P-GW selection. ePDG ignores SMF, even if the SMF IP/FQDN is configured in DNS/local ePDG config.

The following is a sample output:

config
cli hidden
tech-support test-commands encrypted password ***
....
.....
epdg-service epdg1
plmn id mcc 242 mnc 002
associate egtp-service egtp-epdg-egress-v4
ebi range start 10 end 13
pgw-selection agent-info error-terminate
dns-pgw selection topology weight
associate qci-qos-mapping epdg_mapping
associate subscriber-map map1
associate lte-emergency-profile emergency
username check-mac-address failure-handling continue
reporting-action event-record
max-sessions 100000
bind address 111.111.11.2 crypto-template boston
interworking-5g
pgw-selection select pgw 4gonly-ue
pgw-selection select pgw no-5gs-interworking
pgw-selection select pgw smf-not-configured
#exit

show epdg-service name

If the following commands are configured, the output of show epdg-service name service name CLI command displays the following parameters under ePDG-service:

Service name:
- interworking-5g: Displays enabled 5G interworking for the ePDG service.
- pgw-selection select pgw: Displays the enabled P-GW for 4G-only-UE and 5GS indicator.
- pgw-selection select pgw no-5gs-interworking: Displays the enabled P-GW selection for 5Gs interworking.
- pgw-selection select pgw smf-not-configured: Displays the enabled P-GW selection. ePDG ignores SMF, even if the SMF IP/FQDN is configured in DNS/local ePDG config.

The following is a sample output:

Service name: epdg1
Context: pdif
Bind: Done
Max Sessions : 100000
IP address: 111.111.11.2 UDP Port : 500
Crypto-template: boston
Reporting Action:
Event Record: Enabled
Service State: Started Service Id: 6
EGTP service : egtp-epdg-egress-v4
MAG service : n/a
MAG context : n/a
PLMN Id: MCC:242 , MNC:002
Setup Timeout (sec) : 60
dns-pgw context: pdif
dns-pgw selection : weight,topology
fqdn: n/a
pgw-selection agent-info error-handling: terminate
pgw-selection select PGW: 4G Only UE, No 5GS Interworking, SMF Not Configured
Custom SWm-SWu Error Mapping: Disabled
Custom S2b-SWu Error Mapping: Disabled
3GPP SWu Private Notify Error Types: Disabled
Preferred PGW selection mechanism: AAA/DNS
vendor-specific-attr dns-server-req: APCO
vendor-specific-attr pcscf-server-req: Private Extension
Username MAC Address Stripping : Disabled
QCI QOS Mapping Table : epdg_mapping
Username MAC Address Validate : Enabled Failure-handling : Continue
Newcall Policy : None
Duplicate precedence in TFT - Allowed
IP Fragment-Chain Timeout : 5 sec and Max OOO Fragment : 45
EBI :
Allowed Range 10 to 13
Username MAC Address Delimiter - colon-or-NAI-Label
Subscriber Map : map1
AAA Send Framed-MTU Size : Disabled
Data Buffering : Enabled
PDN-type IPv6 Path-MTU : Enabled
GTPC Overload Control Profile : None
GTPC Load Control Profile: None
LTE Emergency Profile: emergency
Timeout Idle : Disabled
Suppress International Roamer Handover : Disabled
5G Interworking : Enabled

Bulk Statistics

This section provides information on the bulk statistics variables for the epdg-interworking-5g schema. This schema is available upon installing 5G license.

show bulkstats variables epdg-interworking-5g

Use this command to display the list of bulk statistics variables supported by epdg-interworking-5g schema.


Bulk Statistics Variables	Description
5G Sessions:
iwk5g-5gsessions-attempted	The number of times that ePDG receives a call with N1_mode_capable (PDUSession) from UE.
iwk5g-5gsessions-setup	The number of times that ePDG receives a call with N1_mode_capable (PDUSession) from UE and that call succeeds.
iwk5g-5gsessions-failure	The number of times that ePDG receives a call with N1_mode_capable (PDUSession) from UE and that call fails due to some failure reason.
P-GW/SMF selection type:
iwk5g-smf-preferred	The number of times that SMF is selected as the first preference. Increments when SMF is chosen for this call, but the IWK flag is not set.
iwk5g-smf-preferred-dns	The number of times that SMF is selected from DNS responses.
iwk5g-smf-preferred-local	The number of times that SMF is selected in the local ePDG configuration.
iwk5g-smf-preferred-aaa	The number of times that ePDG selects the SMF in the AAA server provided IP attribute.
iwk5g-smf-only	The number of times when ePDG selects SMF for this call, IWK flag is set, and PDU Session ID is forwarded to SMF.
iwk5g-smf-only-dns	The number of times that SMF is selected from DNS responses.
iwk5g-smf-only-local	The number of times that SMF is selected in the local ePDG configuration.
iwk5g-smf-only-aaa	The number of times that ePDG selects the SMF from the AAA server provided IP attribute.
iwk5g-pgw-only	The number of times that P-GW is selected.
iwk5g-pgw-only-dns	The number of times that P-GW is selected from DNS responses.
iwk5g-pgw-only-local	The number of times that P-GW is selected in the local ePDG configuration.
iwk5g-pgw-only-aaa	The number of times that P-GW is selected in the AAA server provided IP attribute.
iwk5g-no-local-pgw	The number of times that P-GW is unable to select due to missing local configuration.
iwk5g-no-local-smf	The number of times that P-GW is unable to select SMF+PGW-IWK due to missing configuration.
SMF Fallback Support Stats for GTP nodes:
iwk5g-smf-fallback-attempted	The number of times that fallback is attempted when SMF is preferred. Increments after it fails to connect to the first SMF and attempts the second SMF. This includes SMFs provided by AAA, DNS, and local configuration.
iwk5g-smf-fallback-success	The number of times that a session connected to SMF is selected through the fallback algorithm.
iwk5g-smf-fallback-failed	The number of times that a session unable to connect to SMF is selected through the fallback algorithm.
iwk5g-smf-fallback-noalt-smf	The number of failed attempts to all SMF, and there is no alternate SMF available to attempt and connect to a session
Local SMF resolution:
iwk5g-local-smf-fallback-attempted	The number of times that fallback is attempted when SMF is preferred. Increments after it fails to connect to the first SMF and attempts the second SMF. This includes SMFs provided by AAA, DNS, and local configuration.
iwk5g-local-smf-fallback-success	The number of times that a session connected to SMF is selected through the fallback algorithm.
iwk5g-local-smf-fallback-failed	The number of times that a session unable to connect to SMF is selected through the fallback algorithm.
iwk5g-local-smf-fallback-noalt-smf	The number of failed attempts to all SMF, and there is no alternate SMF available to attempt and connect to a session.
P-GW Fallback Support Stats for GTP nodes:
iwk5g-pgw-fallback-attempted	The number of times that fallback is attempted when P-GW is preferred. Increments after it fails to connect to the first P-GW and attempts for the second P-GW. This includes P-GW provided by AAA, DNS, and local configuration.
iwk5g-pgw-fallback-success	The number of times that a session connected to P-GW is selected through the fallback algorithm.
iwk5g-pgw-fallback-failed	The number of times that a session unable to connect to P-GW is selected through the fallback algorithm.
iwk5g-pgw-fallback-noalt-pgw	The number of failed attempts all P-GW, and there is no alternate P-GW available to attempt and connect to a session.
Local P-GW resolution:
iwk5g-local-pgw-fallback-attempted	The number of times that fallback is attempted when P-GW is preferred. Increments after it fails to connect to the first P-GW and attempts for the second P-GW. This includes P-GW provided by AAA, DNS, and local configuration.
iwk5g-local-pgw-fallback-success	The number of times that a session connected to P-GW is selected through the fallback algorithm.
iwk5g-local-pgw-fallback-failed	The number of times that a session fails to connect to P-GW is selected through the fallback algorithm.
iwk5g-local-pgw-fallback-noalt-pgw	The number failed attempts to all P-GW, and there is no alternate P-GW available to attempt and connect to a session.
DNS-related Failures:
iwk5g-dns-server-notreachable	The number of times that there is no response from DNS.
iwk5g-dns-no-resourcerecords	The number of times that the DNS server responded with no resource records.
iwk5g-dns-no-matching-pgw-service	The number of times that the DNS server responded with no P-GW in the resource records, when P-GW is the preferred gateway for the session.
iwk5g-dns-no-matching-smf-service	The number of times that the DNS server responded with no SMFs in the resource records, when SMF is the preferred gateway for the session.
iwk5g-dns-pgw-list-exhausted	The number of times that P-GW provided by DNS response failed to connect, when P-GW is the preferred gateway for the session.
iwk5g-dns-smf-list-exhausted	The number of times that SMF provided by DNS response failed to connect, when SMF is the preferred gateway for the session.

Release Change Reference, StarOS Release 21.27

Bias-Free Language

Book Title

Release Change Reference, StarOS Release 21.27

Chapter Title