GUTI Re-allocation

Feature Description

Overview

The Globally Unique Temporary Identity (GUTI) is assigned to the UE by the MME the GUTI is used to support subscriber identity confidentiality. The GUTI has two parts, the Globally Unique Mobility Management Entity Identifier (GUMMEI), which identifies the network, and the M-TMSI, which identifies the device. This feature enables GUTI Re-allocation for an UE based on time and frequency of access attempts per UE.

How It Works

The MME currently performs GUTI allocation during UE attaches. The GUTI once allocated is retained until the DB associated with the UE is purged. This feature introduces MME support to perform GUTI Reallocation for securing the TMSI allocated to UE. GUTI Reallocation is triggered based on configured frequency of access attempts or periodicity.

A configured frequency of "n" requests triggers GUTI Reallocation for every "nth" ATTACH / TAU / SERVICE REQUEST received from the UE. Here 'n' is the sum of the received ATTACH / TAU/ SERVICE Request. A configured periodicity of "t" minutes triggers GUTI Reallocation at every "t" minutes for a UE.

The frequency-based GUTI reallocation is independent of the configured periodicity. However, periodicity-based GUTI reallocation attempts are relative to the last attempted UE GUTI Reallocation time. The last attempted GUTI Reallocation time for a UE is updated whenever a GUTI Reallocation for a UE is attempted irrespective of the trigger (frequency/periodicity).

The MME initiates GUTI Reallocation only if the NAS signaling connection with the UE is present. If the NAS signaling connection is not present the UE shall not be paged. If the NAS signaling connection with the UE is absent, GUTI reallocation is performed whenever the NAS signaling connection with the UE is established.


Note

GUTI Reallocation is not triggered when UE is always in connected mode as, GUTI Reallocation based on periodicity is performed only when the either Attach, periodic TAU, Service request is received by MME and the configured periodicity time has been reached. For a UE that is always in connected mode neither of these events occur. The session are not disturbed during GUTI Reallocation, idle-active transitions are a frequent occurrence in the network, therefore GUTI Reallocation should happen for most UE's at the configured periodicity/frequency during service request procedure.

The Reallocated GUTI is sent in the NAS Attach Accept, NAS TAU Accept and NAS GUTI Relocation Command messages.

Limitations

The MME does not perform GUTI Reallocation if the subscriber is marked for offload or if the subscriber is executing an outbound handover procedure.

The GUTI reallocation retries for UE's which do not adhere to specifications is limited by the MME. MME detaches such UEs after "10" consecutive failure attempts of GUTI Reallocation. This behavior and number of consecutive failures to trigger detach is not configurable.

The frequency and periodicity configured to trigger authentication/GUTI reallocation requires the new session setup message (NAS Attach/TAU) to be processed by the Session Manager instance which has the corresponding MME DB for the subscriber. If the MME DB is not available the frequency and periodicity triggers will not work. For example, if the mobile identifier in the NAS Attach/TAU message is a foreign GUTI and additional GUTI is not present, the MME does not trigger authentication/GUTI reallocation for the subscriber based on frequency/periodicity.

Reallocated GUTI is not sent in TAU accept for TAU with type TA Update. In this scenario, once the frequency criteria for TAU is met, GUTI reallocation is performed on receiving the next periodic TAU or Service request. This to prevent the case where, TAU complete for an TAU accept with Reallocated GUTI is not received by MME. Wherein upon receiving a paging trigger, MME needs to page the UE in both the TAI lists (before and after TAU) with both the GUTI (previous and reallocated). In the case of SGSN , paging message is sent to the RNC with acknowledged PTMSI and unacknowledged (reallocated) PTMSI. However paging is sent only for the current RAI. Similarly in the case of MME, MME has to send paging message to the eNodeB's with acknowledged GUTI and unacknowledged GUTI (reallocated). But paging needs to be sent in both current TAI list and previous TAI list.

Flows

The following diagram illustrates the messages exchanged during network-initiated GUTI re-allocation:

Figure 1. GUTI Re-allocation
  1. The MME sends GUTI REALLOCATION COMMAND message to the UE. The time duration for the T3450 timer starts. This timer starts when the MME initiates a Globally Unique Temporary Identifier (GUTI) reallocation procedure by sending a GUTI REALLOCATION COMMAND message to the UE and stops upon receipt of the GUTI REALLOCATION COMPLETE message.
  2. The UE sends a GUTI REALLOCATION COMPLETE message to the MME on completion of the GUTI Re-allocation procedure. The T3450 timer stops once the MME receives the GUTI REALLOCATION COMPLETE message.

Configuring GUTI Re-allocation

The following configuration command is used to configure the periodicity (time interval) / frequency of GUTI Reallocation for a UE: 

config 
   call-control-profile <profile_name> 
      [ remove ] guti reallocation [ frequency <frequency> | periodicity  <duration> ] 
      end

Notes:

  • The keyword guti identifies the Globally Unique Temporary UE Identity (GUTI).
  • The keyword reallocation specifies reallocation of GUTI.
  • The frequency configured specifies the GUTI reallocation frequency. The frequency is an integer with a range "1" up to "65535" requests.
  • The periodicity configured specifies GUTI reallocation periodicity. The periodicity is an integer with a range "1" up to "65535" minutes.
  • GUTI reallocation is disabled by default. The remove keyword is used to remove the configured GUTI reallocation frequency and periodicity specified in the call control profile configuration.

Monitoring and Troubleshooting GUTI Re-allocation

This section provides information regarding show commands and/or their outputs in support of the GUTI reallocation feature in MME.

GUTI Re-allocation Show Command(s) and/or Outputs

show call-control-profile full all

The following new fields are added to the show output to display the configured GUTI Reallocation parameters:

  • GUTI Reallocation
  • GUTI Reallocation Frequency
  • GUTI Reallocation Periodicity

show session disconnect-reasons verbose

The following new disconnect reason is added for GUTI Reallocation:

  • mme-guti_realloc_failed-detach

show mme-service statistics

The following new fields are added to the show output to display the configured GUTI Reallocation parameters:

  • GUTI Reallocation
  • Attempted
  • Failures
  • Success
  • GUTI Reallocation
  • Attach Accept
  • Retransmission
  • TAU Accept
  • Retransmission
  • GUTI Reallocation cmd
  • Retransmission

Below is an example displaying the EMM Statistics listed above: 

EMM  Statistics: 
  .  .  . 
GUTI Reallocation: 
Attempted                : 176807 
Success                  : 176691 
Failures                 : 116

Below is an example displaying the Total EMM Control Messages listed above: 

Total EMM Control Messages:: 
  .  .  . 
GUTI Reallocation: 
Attach Accept:   180094                Retransmissions: 0 
TAU Accept:      892098                Retransmissions: 0 
GUTI Reallocation Cmd:   389986        Retransmissions: 0

show mme-service db record all

The following new field is added to the show output to display the configured GUTI Reallocation parameters:

  • REALLOCATED GUTI

show mme-service db record imsi

The following new fields are added to the show output to display the configured GUTI Reallocation parameters:

  • REALLOCATED GUTI
  • PLMN
  • MME Group ID
  • MME Code
  • M-TMSI
  • GUTI Allocated time

Below is an example displaying the statistics listed above: 

 show mme-service db record imsi 123456710100158 
Friday September 18 09:25:19 EDT 2015 
DB RECORD 
========= 
Sessmgr Instance                                                                    : 1 
Imsimgr Instance                                                                   : 1 
MME Service                                                                             : mmesvc 
Lookup Keys 
----------- 
IMSI                                                       : 123456710100158 
Service-id                                          : 7 
 GUTI 
   PLMN                                                                       : 123456 
   MME Group ID                                                              : 32777 
   MME Code                                                                      : 2 
   M-TMSI                                                                         : 3221491713 
REALLOCATED GUTI  
   PLMN                                                                       : 123456 
   MME Group ID                                                              : 32777 
   MME Code                                                                      : 2 
   M-TMSI                                                                          : 3221491713 
Call-ID                                                                        : 00004e62 
GUTI Allocated time                                                : Fri Sep 18 08:29:16 2015

GUTI Re-allocation Bulk Statistics

The following bulk statistics are included in the MME Schema in support of this feature:

The following bulk statistics are included in the MME Schema in support of this feature:

  • emm-msgtx-guti-reallocation
  • emm-msgtx-guti-reallocation-retx
  • emm-msgtx-guti-realloc-attach-accept
  • emm-msgtx-guti-realloc-attach-accept-retx
  • emm-msgtx-guti-realloc-tau-accept
  • emm-msgtx-guti-realloc-tau-accept-retx
  • guti-reallocation-attempted
  • guti-reallocation-success
  • guti-reallocation-failure

For descriptions of these variables, see "MME Schema Statistics" in the Statistics and Counters Reference.