Send 5G User Location Information to SMF+PGW-c

Feature Summary and Revision History

Summary Data

Applicable Product(s) or Functional Area

ePDG

Applicable Platform(s)

  • ASR 5500-DPC2

  • VPC-DI

Feature Default

Disabled

Related Changes in This Release

Not applicable

Related Documentation

  • Command Line Interface Reference

  • ePDG Administration Guide

Revision History

Revision Details

Release

First introduced.

21.28.m10

Feature Description

ePDG supports the 5G Cell ID feature to:

  • Decode Geographic Location Types such as 135, 136 and 137 (NCGI, 5GS TAI, 5GS TAI and NCGI respectively), which are received in the 3GPP-User-Location-Info AVP of the Diameter EAP Answer (DEA) on the SWm interface from the AAA server.

  • Upon receiving the Geographic Location Types 135,136 or 137, ePDG constructs the 5G ULI from the 3GPP-user-Location-Info AVP and sends the 5G ULI in the ULI IE of CreateSessionRequest, when the configuration to send the 5G ULI is enabled and the call is decided to be latched on to SMF+PGW-c.

Assumption

SMF+PGW-c can either decode the customized User Location Information IE received in the Create Session Request on the S2b interface or ignore the custom 5G ULI and proceed with the call.

How it Works

This section provides a call flow and procedure that explains the scenario of sending 5G ULI to SMF+PGW-c.

Call Flow

Figure 1. ePDG Setup Procedure Call Flow
Table 1. ePDG Setup Procedure Call Flow Description

Step

Description

2.

The UE sends the IKE_SA_INIT message.

3.

The ePDG responds with the IKE_SA_INIT_RSP message.

4.

The UE sends the user identity (in the IDI payload) and the APN information (in the IDr payload) in the first message of the IKE_AUTH phase, and begins negotiation of child security associations. The UE omits the AUTH parameter to indicate to the ePDG that it wants to use EAP over IKEv2. The user identity is compliant with the Network Access Identifier (NAI) format as specified in 3GPP TS 23.003. The UE sends the configuration payload (CFG_REQUEST) within the IKE_AUTH request message to obtain an IPv4 home IP Address and/or a Home Agent Address. When the MAC ULI feature is enabled, the root NAI used is of the form "0<IMSI>AP_MAC_

ADDR:nai.epc.mnc<MNC>

.mcc<MCC>.3gppnetwork.org".

5GC NAS capable UE indicates its support of 5GC NAS in IKEv2. The UE allocates a PDU Session ID and also includes N1_MODE_CAPABILITY Notify payload.

5

The ePDG sends the Authentication and Authorization Request message to the 3GPP AAA Server, containing the user identity and APN.

6.

The 3GPP AAA Server fetches the user profile and authentication vectors from HSS/HLR (if these parameters are not available in the 3GPP AAA Server). The 3GPP AAA Server shall look up the IMSI of the authenticated user based on the received user identity (root NAI) and include the EAP-AKA as requested authentication method in the request sent to the HSS. The HSS shall then generate authentication vectors with AMF separation bit = 0 and send them back to the 3GPP AAA server. The 3GPP AAA Server checks in user's subscription if he/she is authorized for non-3GPP access. The counter of IKE SAs for that APN is stepped up. If the maximum number of IKE SAs for that APN is exceeded, the 3GPP AAA Server shall send an indication to the ePDG that established the oldest active IKE SA (it could be the same ePDG or a different one) to delete the oldest established IKE SA. The 3GPP AAA Server shall update accordingly the information of IKE SAs active for the APN.

The 3GPP AAA Server initiates the authentication challenge. The user identity is not requested again.

The AAA server sends the following two parameters if configured:

  • Core-Network-Restrictions

  • Interworking-5GS-Indicator

If the AAA server does not send these parameters, ePDG takes default values.

The ePDG uses these parameters and the 5G NAS capability from the UE to determine if SMF+PGW-c or P-GW must be selected.

7.

The ePDG responds with its identity, a certificate, and sends the AUTH parameter to protect the previous message sent to the UE (in the IKE_SA_INIT Exchange). It completes the negotiation of the child security associations if any. The EAP message received from the 3GPP AAA server (EAP-Request/AKA-Challenge) is included to start the EAP procedure over IKEv2.

8.

The UE checks the authentication parameters and responds to the authentication challenge. The only payload (apart from the header) in the IKEv2 message is the EAP message.

9.

The ePDG forwards the EAP-Response/AKA-Challenge message to the 3GPP AAA server.

10.

The AAA Server responds with DEA (Diameter EAP Answer). DEA contains 3GPP-User-Location-Information (ULI) for 5G if configured and available.

11.

The EAP Success or Failure message is forwarded to the UE over IKEv2.

12.

The UE takes its own copy of the PSK as input to generate the AUTH parameter to authenticate the first IKE_SA_INIT message. The AUTH parameter is sent to the ePDG.

13.

ePDG constructs 5G ULI and sends it in ULI IE of Create Session Request to the selected SMF+PGW-c upon the following conditions:

  • The 3GPP-User-Location-Information (ULI) for 5G is received.

  • The SMF+PGW-c is selected to latch on.

  • The epdg-s2b-gtpv2 send 5g-uli CLI for sending 5G ULI is enabled.

14 a through 16.

The P-GW allocates the requested IP address to the session and responds back to the ePDG with a Create Session Response (Cause, P-GW S2b Address C-plane, PAA, APN-AMBR, [Recovery], Bearer Contexts Created, [Additional Protocol Configuration Options (APCO)], Private IE (P-CSCF)) message.

If SMF+P-GW-C receives PDU Session ID, it adds S-NSSAI in the APCO field of Create Session Response.

17.

The ePDG sends the assigned Remote IP address in the configuration payload (CFG_REPLY). The AUTH parameter is sent to the UE together with the configuration payload, security associations and the rest of the IKEv2 parameters and the IKEv2 negotiation stops.

The S-NSSAI and the PLMN-ID) is sent to UE, in N1_MODE_INFORMATION Notify and N1_MODE_S_NSSAI_PLMN_ID Notify payload respectively.

The N1_MODE_INFORMATION Notify payload indicates the S-NSSAI for the PDU session associated with the IKEv2 security association established by the IKEv2 message.

The PLMN ID corresponding to SNSSAI is sent in N1_MODE_S_NSSAI_PLMN_ID.

Note

 
If the UE does not support 5GC NAS but has a 5GS subscription, SMF+PGW-c is selected, and if interaction with UDM, Policy Control Function (PCF), and UPF is required, then SMF+PGW-c assigns PDU Session ID. The SMF+PGW-c does not provide any 5GS related parameters to the ePDG.

18.

Router Advertisement is sent for IPv6 address assignments that is based on configuration.

Note

 
If the ePDG detects that an old IKE SA for that APN exists, it deletes the IKE SA and sends the UE an INFORMATIONAL Exchange with a Delete payload in order to delete the old IKE SA in UE.

If there is any IKEv2 Authentication Response message, the ePDG sends S-NSSAI to the UE.

Information Elements and AVP Support

This feature supports the following IE and AVPs based on TS 29.061, TS 29.274, and TS 38.413:

3GPP-User-Location-Information

With the existing 3GPP-User-Location-Information AVP 22, ePDG supports Geographic Location Type NCGI (135), 5GS TAI (136), and 5GS TAI & NCGI (137) as part of the 5G Cell ID feature.

5GS TAI and NCGI Formats on the SWm Interface

The Geographic Location Types 135, 136 and 137, 5GS TAI and NCGI are decoded as per subclause 9.3.3.11 in the 3GPP TS 38.413 and 9.3.1.7 in 3GPP TS 38.413. ePDG supports both lead and trail spare nibble padding formats for NCI through a CLI configurable option. By default ePDG considers NCI with lead spare nibble padding. If AAA server encodes with trail spare nibble padding, ePDG should be configured to support trail spare nibble padding for NCI. Refer the Configuring ePDG to Enable NCI trail Spare Nibble Padding section for more information.

Table 2. 5GS TAI format on the SWm interface
Octets 8 7 6 5 4 3 2 1
I MCC digit 2 MCC digit 1
i+1 MNC digit 1 MCC digit 3
i+2 MNC digit 3 MNC digit 2
i+3 to i+5 5G Tracking Area Code (TAC)
Table 3. NCGI format with lead spare nibble padding of NCI on the SWm Interface
Octets 8 7 6 5 4 3 2 1
H MCC digit 2 MCC digit 1
h+1 MNC digit 1 MCC digit 3
h+2 MNC digit 3 MNC digit 2
h+3 spare NCI (NR Cell Identifier)
h+4 to h+7 NCI (NR Cell Identifier)
Table 4. NCGI format with trail spare nibble padding of NCI on the SWm Interface
Octets 8 7 6 5 4 3 2 1
h MCC digit 2 MCC digit 1
h+1 MNC digit 1 MCC digit 3
h+2 MNC digit 3 MNC digit 2
h+3 to h+6 NCI (NR Cell Identifier)
h+7 NCI (NR Cell Identifier) Spare
Table 5. PLMN format with 3 digit MNC for 5GS TAI and NCGI on the SWm interface
Octets 8 7 6 5 4 3 2 1
5 MCC digit 2 MCC digit 1
6 MNC digit 1 MCC digit 3
7 MNC digit 3 MNC digit 2
Table 6. PLMN format with 2 digit MNC for 5GS TAI and NCGI on the SWm interface
Octets 8 7 6 5 4 3 2 1
5 MCC digit 2 MCC digit 1
6 1111 MCC digit 3
7 MNC digit 2 MNC digit 1

Custom 5G User Location Information in ULI IE on the s2b Interface

The following formats describe the custom User Location Information IE sent in the Create Session Request on the S2b interface.

Figure 2. User Location Information IE in Create Session Request
Figure 3. NCGI & 5GS TAI formats on the S2b Interface

Configuring ePDG to Enable 5G Cell ID

Use the following configuration to enable or disable sending 5G ULI on the s2b interface:


configure 
     call-control-profile profile_name 
         [ remove ]  epdg-s2b-gtpv2 send 5g-uli  
     end

NOTES:

  • epdg-s2b-gtpv2 send 5g-uli : Enables sending of 5G ULI on the s2b interface.


    Note
    ULI for 5G is sent only when ePDG decides to latch the call on SMF+PGW-C. Selection of PGW/SMF+PGW-C is enabled through the 5GIWK feature, which is a licensed feature.

  • remove epdg-s2b-gtpv2 send 5g-uli : Disables sending of 5G ULI on the s2b interface.


    Note
    If the ePDG receives a 4G TAI and/or ECGI, and if the epdg-s2b-gtpv2 send uli has been configured, the ePDG will include the ULI values in the CSReq message, irrespective of whether P-GW or SMF+PGW-C is chosen.

Configuring ePDG to Enable NCI trail Spare Nibble Padding

Use this command to enable or disable trail spare nibble format for NCI that is received in the 3GPP-User-Location-Info AVP of DEA (Diameter EAP Answer) on the SWm interface. By default, the leading spare nibble padding format is used for decoding. 


configure 
     call-control-profile profile_name 
        [ remove ] epdg-swm receive nci-spare-nibble-trail 
     end

NOTES:

  • receive : Configures the AVP or message options in the receive direction.

  • nci-spare-nibble-trail : Allows trailing spare nibble format of NCI. By default, the NCI is with the leading spare nibble.

  • remove : Reverts the configuration for trailing spare nibble format of NCI to default.

Monitoring and Troubleshooting

This section provides information to monitor and troubleshoot this feature using show commands.

Show Commands and Outputs

This section provides information about the show commands and outputs for the ePDG 5G Cell ID feature.

show configuration

The following show configuration command displays the configuration of sending 5g ULI and enabling trail spare nibble padding for NCI: 

[pdif]asr5500# show configuration
:
:
  call-control-profile ccp1
    authenticate context pdif aaa-group swmgroup 
    accounting mode gtpp
    epdg-s2b-gtpv2 send uli
    epdg-s2b-gtpv2 send 5g-uli
    epdg-s2b-gtpv2 send serving-network value uli
    epdg-s2b-gtpv2 send aaa-server-id
	   epdg-swm receive nci-spare-nibble-trail
    vplmn-address allowed
    associate accounting-policy ap1
  #exit

show subscribers full epdg-service < service_name >

The show subscribers full epdg-service < service_name > displays the received 5G TAI and NCGI information. 

ePDG# show subscribers full epdg-service epdg1 
Monday November 14 18:46:23 IST 2022

Username: 0100000000000001@syfer.com     Status: Online/Active
  Access Type: epdg                      Network Type: IP
  Access Tech: Wireless LAN              Access Network Peer ID: n/a
  callid: 00004e22                       msid: 100000000000001
  Card/Cpu: 2/1                          Sessmgr Instance: 1
  state: Connected                       Peer address: 1.1.1.1 
 :
 :
 :
  Downlink traffic-policing: Disabled
  Uplink traffic-policing: Disabled
  Downlink traffic-shaping: Disabled
  Uplink traffic-shaping: Disabled
  Radius Accounting Mode: access-flow-based auxiliary-flows
  Collapsed cscf subscribers: none

  3GPP User location Info: 
     TAI     : MCC = 000        MNC = 000       TAC = 0x0
     ECGI    : MCC = 000        MNC = 000       ECI = 0x00000000
     5GS TAI : MCC = 789     MNC = 12        TAC = 0xabc00f
     NCGI    : MCC = 987        MNC = 123       NCI = 0x0edcb00876
  input pkts: 0                                   output pkts: 0           
  input bytes: 0                                  output bytes: 0           
  input bytes dropped: 0                          output bytes dropped: 0         
  input pkts dropped: 0                           output pkts dropped: 0         
  input pkts dropped due to lorc    : 0           output pkts dropped due to lorc    : 0         
  input bytes dropped due to lorc   : 0           
  in packet dropped suspended state: 0            out packet dropped suspended state: 0

show call-control-profile full name < call_control_profile >

The show call-control-profile full name call_control_profile command displays:

  • Whether the configuration for sending 5G ULI is enabled or disabled

  • NCI is received with lead or trail padding from AAA server

Sample Configuration: 

ePDG# show call-control-profile full name ccp1
Monday November 14 18:44:54 IST 2022
Call Control Profile Name = ccp1
Authentication Context Name         : pdif
Authentication AAA Group Name       : swmgroup
Authentication Type                 : DIAMETER
:
:
:
ePDG S2b GTPv2 IE Options:
 Sending UE Local IP and UDP Port        : Disabled
 Sending AAA Server Id                   : Enabled
 Sending WLAN Location Information/TimeStamp  : Disabled
 Sending ULI                                  : Disabled
 Sending custom 5G ULI                   : Enabled
 Sending RAN NAS CAUSE                        : Disabled
 Sending RAN NAS CAUSE Internal Failures      : Disabled
 Sending ServingNetwork[Value ULI]            : Disabled
ePDG S2b GTPv2 Message Options:
ePDG SWm AVP Options:
       NCI with trail padding            : Enabled
ePDG Swm Message Options:
  Authorization and Authenticate Request      : Disabled:
      Triggers:
        Location Retrieval                    : Disabled

WLAN Access:
 P-CSCF Restoration                           : Enabled 
 Piggybacking                                 : Disabled 
Accounting Mode (SGW/SaMOG)                   : Gtpp