Steering of Roaming, Roaming Restrictions, and Operator Policy Support

Feature Summary and Revision History

Revision History

Table 2. Revision History

Revision Details

Release

Added the support for service area restriction.

2023.04.0

First introduced.

2022.02.0

Feature Description

The AMF supports the following functionalities:

Relationships

The following attributes are associated with this feature:

  • Initial, mobility registration, and periodic registration

  • PDU establishment

  • N26

  • N2HO with or without AMF change

  • Service request


Note

By default, the RAT type is NR and the core network type is 5GC, for an AMF subscriber.

Feature Configuration

Configuring this feature involves the following subfeatures and steps:

  • Local Cause Code to Restricted Area Restrictions—This configuration supports the mapping of local-defined cause code to Restricted area restrictions. For more information, see Configuring the Core Network Type Restriction.

  • Inter-PLMN Roaming—This configuration supports the commands to configure inter-PLMN restrictions to restrict the roamer subscriber. For more information, see Configuring the 5GC Inter-PLMN Roaming.

  • RAT Restriction—This configuration supports the commands to configure restrictions for RAT types such as EUTRA, NR, Virtual, and WLAN, while accessing the network. For more information, see Configuring the RAT Restriction.

  • Local Cause Code to RAT Type Restrictions—This configuration supports the mapping of local-defined cause code to RAT restrictions. For more information, see Configuring the RAT Type Restriction.

  • Operator Policy—This configuration supports the commands to configure operator-defined policies. For more information, see Feature Configuration.

Steering of Roaming

Steering of Roaming (SOR) is a technique where an HPLMN indicates a roaming UE to roam to a preferred roamed-to-network.

How it Works

This section describes how this feature works.

The SOR consists of the following HPLMN protected information:

  • An indication of whether the UDM requests an acknowledgment from the UE for a successful SOR reception.

  • It supports one of the following:

    • Indication of the included list of preferred PLMN or access technology combinations.

    • A secured packet with an indication, whether it is included or not.

    • The HPLMN indication, when there are no changes in the operator-controlled PLMN selector, with access technology from the stored list in the needed UE.

As a result, no list of the preferred combinations for the PLMN or the access technology is provided.


Note

The secured packet contains the list of preferred PLMN and access technology combinations. These combinations are encapsulated within a security mechanism as described in 3GPP TS 31.115 [67].

For more on SOR protected information, see 3GPP TS 33.501 [66].

Call Flows

This section describes the key call flows for this feature.

SOR During the UE Registration Call Flow

This section describes the SOR during the UE Registration call flow.

Figure 1. SOR During the UE Registration Call Flow
Table 3. SOR During the UE Registration Call Flow Description

Step

Description

1

UE sends the Registration Request to the VPLMN AMF.

2

The VPLMN AMF executes the registration procedure as defined in subclause 3GPP TS 23.502 [63], section 4.2.2.2.2.

As part of the registration procedure, the VPLMN AMF invokes the Nudm_SDM_Get service operation message to the HPLMN UDM.

This service operation helps in getting the Access and Mobility Subscription data for the UE.

3

The following are the responses from the HPLMN UDM, reciprocating to the Nudm_SDM_Get service operation message:

  • Sending SOR

  • Requesting ACK from the UE

4

When the HPLMN UDM sends the response using the Nudm_SDM_Get service operation to the VPLMN AMF, the following are the next substeps:

  • This response includes the SOR information in the Access and Mobility Subscription data.

    Note

     

    The Access and Mobility Subscription data type defined as in 3GPP TS 23.502, section 5.2.3.3.1.

  • The HPLMN requests the UE to ACK the successful security check of the received SOR information.

  • The HPLMN requests this ACK with an indication in the Nudm_SDM_Get service operation of SOR information.

5

As part of the registration procedure, the VPLMN AMF invokes the Nudm_SDM_Subscribe service operation to the HPLMN UDM:

  • To subscribe to the subscription data notification changes received in Step 4.

  • To include the notification of SOR updates in the Access and Mobility Subscription data.

6

The VPLMN AMF sends the received SOR information to the UE in Registration Accept.

7

The SOR security check procedure takes place at UE.

8

The UE performs the PLMN selection procedure and ends the procedure, when:

  • The information check fails.

  • Although the UE is configured to receive the SOR information, but it does not receive.

9

UE sends Registration Complete to the serving AMF with an SOR transparent container including the UE ACK:

  • When the UDM requested an ACK from the UE.

  • When the UE verifies the HPLMN SOR information from Step 7.

10

 AMF uses the Nudm_SDM_Info service operation to provide the received SOR transparent container to the UDM in Registration Complete:

  • If the HPLMN decides that the UE must ACK with the successful security check for the received SOR information from Step 4, then the verification process begins.

  • If the UDM verifies the ACK provided by UE specified in 3GPP TS 33.501.

11

UE performs the PLMN selection when a high priority PLMN is available.
SOR After the UE Registration Call Flow

This section describes the SOR after the UE Registration call flow.

Figure 2. SOR After the UE Registration Call Flow
Table 4. SOR After the UE Registration Call Flow Description

Step

Description

1

UDM notifies the changes of the user profile using Nudm_SDM_Notification service operation to the affected AMF. The following are the substeps:

  • The Nudm_SDM_Notification service operation contains the SOR which must be delivered to the UE over NAS in the Access and Mobility Subscription data.

  • When the HPLMN decides the following:

    • The UE must ACK the successful security check of the received SOR, including the Nudm_SDM_Notification service operation.

    • It contains an indication which represents UDM requests as an ACK from the UE as part of the SOR.

2

The AMF sends DL NAS TRANSPORT to the served UE.

The AMF includes the SOR information as received from the UDM in DL NAS TRANSPORT.

3

The SOR security check procedure takes place at UE.

4

UE sends UL NAS TRANSPORT to the serving AMF with an SOR:

  • When the UDM requested an ACK from the UE in the DL NAS TRANSPORT message.

  • When the security check-in at Step 2 is successful.

5

If UL NAS TRANSPORT with an SOR transparent container is received, the AMF uses the Nudm_SDM_Info service operation to forward the received SOR to the UDM.

If the HPLMN decides the following:

  • The UE must ACK the successful security check for the received list of preferred PLMN or access technology combinations from Step 1.

  • The UDM verifies the ACK provided by UE.

Standards Compliance

This feature complies with the following standards specifications:

  • TS 23.501, "System Architecture for the 5G System (5GS)"

  • TS 23.502, "Procedures for the 5G System (5GS)"

  • TS 29.274, " 3GPP Evolved Packet System (EPS); Evolved General Packet Radio Service (GPRS) Tunneling Protocol for Control Plane (GTPv2-C); Stage 3"

  • TS 29.503, "5G System; Unified Data Management Services; Stage 3"

  • TS 29.518, "5G System; Access and Mobility Management Services; Stage 3"

  • TS 38.413, "NG-RAN; NG Application Protocol (NGAP)"

Limitations

This feature has the following limitations in this release:

  • No support for non-3GPP specification or emergency registration SOR.

  • No support for multiple UDM data changes NotificationRequest at the time for SOR.

  • No support when the UDM sends data change notification for SMS, SOR, or RAT restriction all-together. In this scenario, the AMF ignores the SOR and the RAT restriction data changes and notifications.

  • No support when the service request is received with PDU sync request. In this scenario, the response paging request is ignored from the AMF, due to SOR UDM data changes and notifications.

  • No support when the AMF starts accepting the service with PDU sync up, and the UE context setup procedure. In this scenario, it later sends DL NAS Transport for SOR changes and notifications.

Feature Configuration

Configuring this feature involves the following steps:

Configuring the Core Network Type Restriction

When the UE requests access to a restricted area, the AMF configures the cause code to send to a UE. This restriction can be one of the following:

  • UDM service area restrictions

  • Local configuration-based area code restrictions

To configure this feature, use the following configuration:

config 
    amf-global 
        call-control-policy policy_name 
            core-network-type-restriction 5gc override-udm-restrictions 
            local-cause-code-map rat-type-restriction 5gmm-cause-code { 5GS-services-not-allowed | no-suitable-cells-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed | restricted-service-area } 
            end

NOTES:

  • call-control-policy policy_name —Specify the call control policy name to apply the RatType restriction at AMF.

  • core-network-type-restriction 5gc override-udm-restrictions —When the core network restriction is configured as 5GC, the AMF restricts the 5GC access to subscribers associated with the Call Control Policy. When 5GC is configured with override-udm-restrictions , the AMF ignores the UDM defined restrictions and considers the locally configured restrictions.

  • local-cause-code-map rat-type-restriction 5gmm-cause-code { 5GS-services-not-allowed | no-suitable-cells-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed | restricted-service-area } —Specify the 5GMM cause code.

Configuring the 5GC Inter-PLMN Roaming

To configure this feature, use the following configuration:

config 
    amf-global 
        call-control-policy policy_name 
        local-cause-code-map registration-restriction cause-code-5gmm plmn-not-found 
        end

NOTES:

  • call-control-policy policy_name —Specify the call control policy name.

  • local-cause-code-map registration-restriction cause-code-5gmm plmn-not-found —When the subscriber is a roamer and has registration restrictions, the AMF rejects the subscriber with the plmn-not-found cause setting.

Configuring the Idle Mode for Steering

To configure this feature, use the following configuration:

config 
    amf-global 
        paging-map paging_map_name_1 
            precedence precedence_name_1 
            trigger-type trigger_type_sor 
        paging-profile-name paging_profile_name_pp3 
        end

NOTES:

  • paging-map paging_map_name_1 —Specify the paging map and related values.

  • precedence precedence_name_1 —Specify the type or value of precedence.

  • trigger-type trigger_type_sor —Specify the type of trigger.

  • paging-profile-name paging_profile_name_pp3 —Specify the name of the paging profile to apply the idle mode for steering restriction at the AMF.

OAM Support

This section describes operations, administration, and maintenance support for this feature.

Statistics for Steering

The following are different types of statistics for steering and their associated examples:

num_sdm_info API Type 
n8_service_stats{app_name="AMF",cluster="clu1",
data_center="dc1",instance_id="0",
message_type="NudmSdmSorAckInfoReq",
reason="No-Content",service_name="amf-service",
status="success"}1
n8_service_stats{app_name="AMF",cluster="clu1",
data_center="dc1",instance_id="0",
message_type="NudmSdmSorAckInfoRsp",
reason="gateway-Timeout",service_name="amf-service",
slice_data="2-051615"status="failures"}5
n8_service_stats{app_name="AMF",cluster="clu1",
data_center="dc1",instance_id="0",
message_type="NudmSdmSorAckInfoRsp",
reason="No-Content",service_name="amf-service",
slice_data="2-051615"status="success"}1
Paging TriggerType SOR
amf_nas_message_total{app_name="AMF",cluster="clu1",
data_center="dc1",instance_id="0",message_direction="outbound"
message_type="Paging_TriggerType_sor",
service_name="amf-service"}31
Paging Statistics for SOR—When the Paging Trigger Type is Configured in the CLI
amf_nas_message_total{app_name="AMF",cluster="clu1",
data_center="dc1",instance_id="0",message_direction="outbound"
message_type="Paging_TriggerType_sor",
service_name="amf-service",slice_data="2-333333"} 21

amf_nas_message_total{app_name="AMF",cluster="clu1",
data_center="dc1",instance_id="0",message_direction="outbound"
message_type="Paging_Trigger_SOR_PAGING",
service_name="amf-service",slice_data="2-333333"}75
Paging Statistics for SOR—When the Paging Trigger Type is Not Defined in the CLI
amf_nas_message_total{app_name="AMF",cluster="clu1",
data_center="dc1",instance_id="0",message_direction="outbound"
message_type="Paging_TriggerType_default",
service_name="amf-service",slice_data="2-333333"} 21

amf_nas_message_total{app_name="AMF",cluster="clu1",
data_center="dc1",instance_id="0",message_direction="outbound"
message_type="Paging_Trigger_SOR_PAGING_default",
service_name="amf-service",slice_data="2-333333"}75

Roaming Restriction and Operator Support

The AMF provides the mobility restriction functionality handling, enforcement, and management. It provides mobility roaming restrictions along with operator support.

The mobility restriction consists of RAT restriction and core network type restriction.

The UDM provides RAT and core network type restriction in the subscription data that are provided as in am-data during and after the registration process.

How it Works

This section describes how this feature works.

Standards Compliance

This feature complies with the following standards specifications:

  • TS 23.501, "System Architecture for the 5G System (5GS)"

  • TS 23.502, "Procedures for the 5G System (5GS)"

  • TS 29.274, " 3GPP Evolved Packet System (EPS); Evolved General Packet Radio Service (GPRS) Tunneling Protocol for Control Plane (GTPv2-C); Stage 3"

  • TS 29.503, "5G System; Unified Data Management Services; Stage 3"

  • TS 29.518, "5G System; Access and Mobility Management Services; Stage 3"

  • TS 38.413, "NG-RAN; NG Application Protocol (NGAP)"

Limitations

This feature has the following limitations in this release:

  • No support for UE reachability notifications to NFs.

  • No support for forbidden area and service area restrictions.

  • No support when N26 consigns and hands over from 5G to 4G. In this scenario, the AMF only updates the mobility restriction IEs in MMContext toward the MME in Forward Relocation Request (for connected mode HO) or Context Response (for idle mode HO).

  • No support when N26 consigns and hands over from 4G to 5G. In this scenario, the AMF only enforces the mobility restriction IEs received in MMContext from the MME in Forward Relocation Request (for connected mode HO) or Context Response (for idle mode HO).

  • No support when N2 HO updates with any of the changes in AMF or inter-AMF UE Context Transfer. In this scenario, the AMF acts only as a target node. The AMF does not support and does not enforce the mobility restriction IEs received in ueContext from the source AMF.

  • No support for index-based ADD operation in UDM data changes NotificationRequest for a new core or RAT restriction type.

  • No support when the target AMF applies only for those applicable enforcement-based parameters on the restrictions. In this scenario, these parameters are based on the restrictions that are received from the UDM. They are only from the locally configured setup at the target AMF.

Relationships

The following subfeatures are associated with this feature:

UDM Subscription

The AMF validates the parameters for RAT Restrictions, Core Network Type Restrictions, and Local Cause Code Mapping. The AMF performs these activities, when it receives the subscription data as am-data. The AMF checks whether the UE is allowed or any enforcement is applicable.

The UDM provides RAT and Core Network Type restrictions in subscription data during and after registration.

When the requested data is modified, the UDM notifies the registered AMF subscribers. The AMF sends the modified mobility list to the UE. If the subscriber is already registered, the AMF continues to serve the UE or deregister based on the updated restrictions.

UDM subscription data configures the AMF with restrictions using RAT type restrictions or local configuration in the Call Control Policy. When the UDM provides the restrictions, the AMF uses and enforces them accordingly. When the UDM doesn't provide restrictions, the AMF uses and implements the available local policy configuration from the Call Control Policy based restriction.

On receiving the updated subscription data and am-data change notification from UDM, the AMF performs the following:

  • Processes the data change notifications

  • Saves the RAT and Core Network values in the UE context

  • Applies the enforcements, if applicable


Note

UE rejects the call at any time during a restriction. During an emergency registration, the AMF doesn't check the restrictions.

The following subfeatures are associated with this feature:

RAT Restrictions

In a restricted RAT, the UE can’t access the network for that PLMN.

The UDM subscription data configures restrictions for AMF using RatTypeRestrictions or local configuration in the Call Control Policy.

The AMF enforces the restriction or policy configuration in the following scenarios:

  • When the UDM provides RatTypeRestrictions, the AMF enforces the restrictions.

  • When the UDM doesn’t provide RatTypeRestrictions, the AMF uses the available local policy configuration from Call Control Policy.

  • When the UDM provides the available RatTypeRestrictions and local policy is configured, the AMF uses only the UDM-provided RatTypeRestrictions. You can also override the UDM-based RatTypeRestrictions with local configuration using the override-udm-restrictions command.

Core Network Type Restrictions

The AMF supports the Core Network Type restrictions to restrict the core network access to the subscriber.

The AMF enforces the restrictions in the following scenarios:

  • The UDM subscription data configures restrictions for the AMF using CoreNetworkTypeRestrictions or local configuration in the Call Control Policy.

  • The AMF utilizes the UDM-provided CoreNetworkTypeRestrictions. If UDM doesn't provide CoreNetworkTypeRestrictions, the AMF uses the restrictions based on the local policy configuration from the Call Control Policy.

  • The Call Control Policy is configured when the availability of CoreNetworkTypeRestrictions is defined.

  • The AMF uses only the UDM-provided CoreNetworkTypeRestrictions.

  • You can also override the UDM-based CoreNetworkTypeRestrictions with local configuration using the override-udm-restrictions command.

Local Cause Code Mapping

Local Cause Code Mapping provides the operator with the flexibility to configure a preferred GMM cause code, which must be sent to the UE in response to various failures.

The following subfeatures are associated with this feature:

Core Network Type Restriction

The local Cause Code Mapping enables the operator to configure a preferred 5GS Mobility Management Cause Code, by ignoring the default cause code values.

The local cause code mapping can be configured in the Call Control Policy configuration, which is associated with the Operator Policy configuration.

You can configure different cause codes for different types of area restrictions. The following are a few examples:

  • Reject cause code for the area which isn’t part of the Allowed list, can be configured using the type not-in-allowed.

  • Reject cause code for the area where the UE access is part of the Not Allowed or Restrict types, can be configured using the Not Allowed type.

The local cause code mapping configuration for the registration is rejected due to the Core Network Type restrictions configured in the AMF. The 5GMM cause code is used for both UDM-based or local configuration restrictions.

RAT Type Restriction

The local cause code mapping configuration for the registration is rejected due to the Core Network Type restrictions configured in the AMF. The 5GMM cause code is used for both UDM-based and local configuration restrictions.

Restrictions Enforcement at AMF

The 5GC AMF receives all connection and session-related information from the UE.

The following subfeatures are associated with this feature:

Enforcement during or after Registration

To authenticate the UE, control integrity protection, and encoding, you can use the 5GMM procedures. These procedures are used for tracing, following, and identifying the address, locality, and the vicinity of the UE.

The following procedures are used during this process:

  • When the subscriber interacts for the first time with the AMF and if restrictions are applicable, the AMF enforces the restrictions by sending Registration Reject with a cause code value towards the UE.

  • When the subscriber is already registered, a required change in RAT or Core Network Type restriction is triggered through the UDM data change notification. This data notification requires the AMF to apply fresh enforcements.

  • If these restrictions are applicable, the AMF deregisters the subscriber or else continues to allow the subscriber to be in the network.

  • The AMF saves the changed RAT and Core Network Type restrictions in the UE context.

  • The AMF sends the changed RAT and Core network restriction values in the next outgoing Handover Request or Initial Context Setup Request (ICSR).

Enforcement during Mobility

The following options are associated with this subfeature:

N2HO

When the N2HO option is selected, the AMF performs the following actions:

  • During N2HO, the AMF encodes and sends the Restricted RAT list and Restricted Core Network list in the UE context transfer request.

  • On receiving the UE context transfer request from the source AMF, the AMF decodes the Restricted RAT list and Restricted Core Network list.

  • The AMF saves the Restricted RAT list and Restricted Core Network list in the UE context am-data subscription.

  • The AMF checks whether the UE is 5GC restricted or not. If the UE is 5GC restricted, the AMF sends a failure note for the N2HO with and without change.

N26HO

When the N26HO option is selected, the AMF performs the following actions:

  • When the N26 connected mode handover is from the AMF to the MME, the AMF checks whether the UE is EPC restricted or not. If the UE is EPC restricted, the AMF sends a HANDOVER_REQUIRED_MSG failure to source gNB.

  • When the N26 connected mode handover is from the MME to the AMF, the AMF checks whether the UE is 5GC restricted or not. If the UE is 5GC restricted, the AMF rejects the UE.

Enforcement at AMF for Emergency PDU

During the triggering process of enforcement for a RAT or a core restriction type, the AMF performs the following actions:

  • The AMF starts the deregistration process toward the PCF or the UDM, when the UE has an emergency PDU established before.

  • The AMF initiates the release only for non-emergency PDU, whereas the emergency PDU remains active.

  • The AMF moves the UE as an option of emergency registered.

Enforcement at N26 Call Flow

The enforcement restriction at N26 call flow type is also known as a handover process from 5G to 4G. During this handover process, the following observations are noted:

  • Restriction enforcement received from the UDM subscription, responses to the am-data part.

  • This response is a specific core type restriction which is equivalent only to EPC.

  • The AMF rejects the EBI assignment request from the SMF with a restricted EBI cause.

Enforcement at Idle Mode Handling from UDM

During UE transaction in an idle mode, the AMF processes the following:

  • Receives the UDM data change notification from the UDM for restriction, which must be imposed.

  • Initiates the paging as per the configured paging profile.

  • Triggers the init dereg trigger type.

  • Starts the paging activities toward the UE.

Mobility Restriction IEs

Mobility Restrictions are included in the AMF when:

  • Restrictions are applicable to a UE and the registration type isn’t Emergency Registration.

  • Emergency Registration is sent in Downlink NAS Transport with the message type as Registration Accept.


Note

This procedure as specified in TS 23.502, "Procedures for the 5G System (5GS)."

The AMF encodes the following mobility restrictions IEs:

  • Downlink NAS Transport

  • Handover Request

  • Initial Context Setup Request (ICSR)


Note

The AMF supports only the serving PLMN.
Downlink NAS Transport

The AMF performs the following activities:

  • NG-RAN with a Mobility Restriction List having the last E-UTRAN PLMN Identity and the Return preferred indication.


    Note

    The Mobility Restriction List contains a list of PLMN IDs as specified in TS 23.501, "System architecture for the 5G System (5GS)."
Handover Request

The AMF performs the following activities:

  • The AMF sends a Handover Request with a Mobility Restriction List to the NG-RAN.

    The AMF provides the NG-RAN with a PLMN list in the Mobility Restriction List containing the serving PLMN and the last E-UTRAN PLMN Identity.


    Note

    The Mobility Restriction List contains the PLMN IDs as specified in TS 23.501, "System architecture for the 5G System (5GS)"

  • The AMF sends the Handover Request from the T-AMF (Target AMF) to the T-RAN (Target RAN) with the following parameters:

    • Source to Target transparent container

    • N2 MM Information

    • N2 SM Information list

    • Tracing Requirements

    If the target AMF has the Mobility Restriction List, the same list is sent in N2 MM Information.

  • The AMF sends N2 MM Information from AMF to RAN with the following parameters:

    • Security context

    • Mobility Restriction List

    • List of recommended cells

    • Tracing Area

    • NG-RAN node identifiers

Initial Context Setup Request (ICSR)

During Service Request and PDU establishment, the AMF sends the ICSR IE.

Feature Configuration

Configuring this feature involves the following steps:

Configuring the RAT Restriction

To configure this feature, use the following configuration:

config 
    amf-global 
        call-control-policy call_control_policy_name 
            rat-type-restrictions { EUTRA | NR | VIRTUAL | WLAN | override-udm-restrictions } 
            local-cause-code-map rat-type-restriction 5gmm-cause-code { 5GS-services-not-allowed | no-suitable-cells-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed | restricted-service-area } 
            end

NOTES:

  • call-control-policy call_control_policy_name —Specify the call control policy name to apply the restriction at AMF as RatType .

  • rat-type-restrictions { EUTRA | NR | VIRTUAL | WLAN | override-udm-restrictions } —Specify the RAT type. The default RAT type is NR. Configuring the RAT restriction is optional. The AMF restricts the NR access to the subscribers using or associating with the Call Control Policy.

    When the RAT type is configured as override-udm-restrictions , the AMF ignores the UDM defined restrictions and considers the locally configured restrictions.

  • local-cause-code-map rat-type-restriction 5gmm-cause-code { 5GS-services-not-allowed | no-suitable-cells-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed | restricted-service-area } —Specify the 5GMM cause code.

  • The default option for RAT type restrictions is plmn-not-allowed for the rat-type-restrictions command.

Configuring the RAT Type Restriction

To configure this feature, use the following configuration:

config 
    amf-global 
        call-control-policy policy_name 
            rat-type-restrictions { EUTRA | NR | VIRTUAL | WLAN | override-udm-restrictions } 
            local-cause-code-map restricted-zone-code cause-code-5gmm { 5GS-services-not-allowed | no-suitable-cells-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed | restricted-service-area } 
            end

NOTES:

  • rat-type-restrictions { EUTRA | NR | VIRTUAL | WLAN | override-udm-restrictions } —Specify the RAT type.

  • local-cause-code-map restricted-zone-code cause-code-5gmm { 5GS-services-not-allowed | no-suitable-cells-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed | restricted-service-area } —Specify the local cause code map restricted zone code cause-code-5gmm type.

OAM Support

This section describes operations, administration, and maintenance support for this feature.

Roaming Restriction Statistics

The following are examples of statistics for roaming restriction:

Disconnect Statistics Mobility/Service Reject: After Dereg Trigger Due to Restriction
amf_disconnect_stats{app_name="AMF",
cluster="clu1",data_center="dc1",instance_id="0",
reason="Dereg_RESTRICTED",service_name="amf-service"}1
** No UE Terminared Dereg
UDM Data Change Notification Trigger Disconnect and Dereg Statistics
amf_disconnect_stats{app_name="AMF",
cluster="clu1",data_center="dc1",instance_id="0",
reason="Dereg_UDM_RESTRICTED",
service_name="amf-service"}1
amf_nas_message_total{app_name="AMF",
cluster="clu1",data_center="dc1",instance_id="0",
message_direction="outbound",
message_type="N1DeRegReq_UeTerminatedDereg_UDM_RESTRICTED",
service_name="amf-service",slice_data="2-333333"} 1

Operator Policy

This section describes the operator policy and the various sets of subscribers mapping, in the AMF operator center.

Operator policy supports various configurations specific to the following features:

  • Operator Policy Infrastructure and Subscriber Map

  • Regional Area Code Restrictions

  • Local Cause Code Mapping

  • UE Access (Core Network type) Restrictions

The AMF operator center supports configurations for operator policies, under the Call Control Policy and the paging profile.

How it Works

Operator policy can be selected using one of the following methods:

Single Stage Selection

This selection type can be opted after the security mode command selects between IMSI or IMEI.

Multiple Stage Selection

This selection type consists of the following options:

  • After authentication (SUPI)

  • After security mode command (IMEI)

  • After MSIDN (known from UDM procedures)


Note

The newly selected operator policy comes into effect and it does not affect or revert to any of the existing configurations, due to the selection of the previous operator policy.

Call Flows

This section describes the key call flows for this feature.

Initial Registration Call Flow

This section describes the Initial Registration call flow.

Figure 3. Initial Registration Call Flow
Table 5. Initial Registration Call Flow Description

Step

Description

1

The UE sends Registration Request to the AMF.

2

The authentication procedure occurs between the UE and the AMF.

3

The AMF performs the equipment status check with the EIR using the GET command.

4

The AMF receives 200 OK from the EIR.

5

The AMF requests the Access and Mobility subscription from the UDM.

The UDM responds to the AMF request and the AMF stores the subscription information for RAT and core network type in UeContext.

6

The AMF receives 200 OK from the UDM.

7

The AMF requests the SMF selection subscription data from the UDM.

8

The AMF receives 200 OK from the UDM.

9

The AMF requests the UDM for the notifications when data is modified.

10

The UDM registers the AMF and responds to the AMF for subscription with 201.

11

The AMF selects the PCF based on PLMN, slice information, and performs Policy Association Establishment.

The PCF sends the policy data to the AMF with restrictions and other policies to be applied for the UE.

12

The PCF responds to the AMF request along with am-policy configurations for the subscriber.

13

The AMF sends Registration Accept to the UE in Initial Context Setup Downlink NAS TPT indicating that Registration Request is accepted.

The AMF fills in the Mobility Restriction List IE with RAT and core restrictions as per the UDM or local configuration settings.

Registration Accept contains the following:

  • Registration Area

  • Mobility restrictions

  • PDU Session status

  • Allowed NSSAI

  • Configured NSSAI for the serving PLMN

  • Periodic Registration Update timer

  • Emergency service support indicator

  • Accepted DRX parameters

14

The gNB sends Initial Context Setup Response to the AMF.

15

When a new 5G-GUTI is included in Registration Accept, the UE sends Registration Complete to the AMF in Uplink NAS TPT. This message acknowledges that a new 5G-GUTI is assigned.

16

If the UE doesn't include a follow-on indication in the request:

  • The AMF sends UE Context Release Command to the gNB.

  • AMF releases the UE.

17

The gNB responds with UE Context Release Complete to the AMF.

Relationships

The following subfeatures are associated with this feature:

Subscriber Maps

You can create and manage subscriber maps. These maps are created by using the AMF Subscriber Map configuration mode. These maps have the following usages:

  • Applying and associating operator policy configurations to individual subscribers and groups of subscribers.

  • UE identity information such as the PLMN of UE, SUPI, or PEI.

The system uses the first matching criteria precedence from the ordered list to associate an operator policy with the UE.

Operator Policy Selection

Based on the configuration, the AMF selects or reselects the operator policy on the subscriber-map using the available criteria (PLMN, SUPI, PEI, and so on) in the following procedures for an individual subscriber:

  • Initial Registration

  • Registration—GUTI, Mobility with AMF change

  • N2 Handover with AMF change

  • 4G to 5G handovers

Feature Configuration

Configuring this feature involves the following steps:

Configuring under AMF Services

To configure this feature, use the following configuration:

config 
    amf-services 
        amf-name amf_name 
            [ no ] operator-policy-name operator_policy_name 
            end

NOTES:

  • amf-name amf_name —Specify the name of AMF services.

  • operator-policy-name operator_policy_name —Specify the name of the operator policy.

  • The association of operator policy with the AMF service is a default global policy, which applies to all the subscribers under this service.

Configuring RAT Restrictions under Call Control Policy

To configure this feature, use the following configuration:

config 
    amf-global 
        amf-name amf_name 
            call-control-policy call_control_policy_name 
                rat-type-restriction rat_type_restriction_option { EUTRA | NR | VIRTUAL | WLAN | override-udm-restrictions } 
                    paging-profile paging_profile_name 
                    end

NOTES:

  • amf-name amf_name —Specify the name of AMF global services.

  • call-control-policy call_control_policy_name —Specify the name of the call control policy.

  • rat-type-restriction rat_type_restriction_option { EUTRA | NR | VIRTUAL | WLAN | override-udm-restrictions } —Specify the options for RAT network type restriction in the call control policy. Select the RAT type as override-udm-restrictions as the option.

  • paging-profile paging_profile_name —Specify the name of the paging profile.

  • The association of operator policy with the AMF service is a default global policy, which applies to all the subscribers under this service.

Configuring Core Network Restrictions under Call Control Policy

To configure this feature, use the following configuration:

config 
    amf-global 
        amf-name amf_name 
            call-control-policy call_control_policy_name 
                core-network-type-restriction { 5gc | override-udm-restrictions } 
                end

NOTES:

  • amf-name amf_name —Specify the name of AMF global services.

  • call-control-policy call_control_policy_name —Specify the name of the call control policy.

  • core-network-type-restriction { 5gc | override-udm-restrictions } —Specify the options for core network type restriction in the call control policy.

  • The association of operator policy with the AMF service is a default global policy, which applies to all the subscribers under this service.