LTE/SAE Engineering Overview
ii © Wray Castle Limited LT3600/v1.1
Evolved Packet Core
LT3600/v1.1 © Wray Castle Limited iii
Contents
EPS Network Functions ...5.1 Network Logical Structure...5.2 MME (Mobility Management Entity) ...5.3 S-GW (Serving Gateway)...5.4 PDN-GW (Packet Data Network Gateway)...5.5 PCRF (Policy and Charging Rules Function)...5.6 Combined Functionality...5.7 Resilience Through Pooling ...5.8 Interface Naming Convention ...5.9 S1 to E-UTRAN Interface...5.10 S1-U Interface ...5.11 S1 Interfaces for Home eNBs ...5.12 GTPv1-U Traffic Interfaces ...5.13 GTPv2-C C-plane Interfaces...5.14 Diameter-based Interfaces...5.15 PCRF Diameter Interfaces...5.16 Interface to CS Networks ...5.17 EPS Area Identities ...5.18 Node Identifiers ...5.19 Subscriber Identities...5.20 Connection Identifiers ...5.21 Transport Identities ...5.22
LTE/SAE Engineering Overview
iv © Wray Castle Limited LT3600/v1.1
Default and Dedicated EPS Bearers...5.23 EPS Quality of Service...5.24 QoS Levels...5.25 Providing CS Services via LTE/EPS...5.26 CS Fallback...5.27 CS Service Provision via a GANC ...5.28 VCC (Voice Call Continuity) ...5.29 EPC Security Functions ...5.30 AKA (Authentication and Key Agreement)...5.31 User Confidentiality ...5.32
Evolved Packet Core
LT3600/v1.1 © Wray Castle Limited v
Objectives
At the end of this section you will be able to:
outline the functions performed by EPC elements
discuss options for interworking the EPC with legacy packet core networks
describe the main points of interest related to EPC topics such as pooling
list the set of S interfaces described for the EPC and outline their basic functions and protocols
discuss options for User Plane connectivity between a UE and a PDN-GW
outline how combinations of redundant S interfaces can provide for EPC resilience
list the basic set of identifiers used to describe EPC areas
outline the set of node identifiers that have been defined for the EPC
discuss the impact of the evolved device/subscriber identifiers employed by the EPC
outline the fundamental properties of an EPS Bearer and describe the structure of an EPS Bearer ID
describe the relationship that exists between an EPS Bearer and an E-RAB (E-UTRAN Radio Access Bearer)
outline the role of the APN (Access Point Name) in the handling of a PCS (PDN Connectivity Service)
describe the interaction between the EPC and the GTP
outline the interaction between the EPC, GTP and IP
discuss the concept of the PCS and its relevance within the EPC
outline the functions of the default EPS Bearer
describe the differences between the default and dedicated bearer types and outline their relationship with the Service Data Flow
describe the EPC connection hierarchy and list the set of parameter types that define them
outline the QoS concepts employed by the EPC and define the roles of the QCI and the ARP
outline the methods that are available for providing CS services to EPS attached UEs, including Generic Access Network functions, CS Fallback and Voice Call Continuity
outline the security functions employed by the EPC
LTE/SAE Engineering Overview
vi © Wray Castle Limited LT3600/v1.1
Evolved Packet Core
LT3600/v1.1 © Wray Castle Limited 5.1
Network
EPS Network Functions
Network Access functions include providing information to assist terminals with network selection and performing admission control, authentication and authorization, charging and policy control.
EPC gateway nodes are essentially IP routers with an extended capability set, and as such are primarily dedicated to performing IP packet routing functions for user traffic, signalling and network management data flows. The EPC (via the PDN-GW) is also responsible for allocating valid IP addresses to each new EPS Bearer.
Regarding mobility management, the EPC has responsibility for idle mode mobility management of attached UEs and for managing the relocation of user traffic connections when a UE roams from one network area to another or to another network.
The EPC is responsible for selecting the PDN-GW node that will anchor each user traffic connection (or EPS Bearer); this is achieved by selecting the appropriate PDN-GW access point for the type of service being requested by a UE.
Basic network management functions performed by the EPC include load balancing and rebalancing between MMEs. The objective of these balancing functions is to prevent an MME or pool of MMEs from becoming overloaded.
Further Reading: 3GPP TS 23.401:4.3
LTE/SAE Engineering Overview
5.2 © Wray Castle Limited LT3600/v1.1
Non-Access Stratum (NAS) Access Stratum
(AS)
Non-Access Stratum (NAS) Access Stratum
(AS)
Uu S1
User Equipment eNode B Evolved Packet Core
Network Logical Structure
Network Logical Structure
As with UMTS R99, the services provided to UEs by the EPS are divided into those handled by the AS and those provided by the NAS.
The AS comprises all of the functions performed by the E-UTRAN.
The NAS consists of the Bearers and bearer control signalling functions that support them.
S1AP includes provision for the direct transfer of NAS signalling between UE and MME via the eNB.
Compared to the core network architecture of previous generations of mobile system such as GSM or R99 UMTS, the EPC has been provided with a much ‘flatter’ network design, which limits the number of node types deployed.
Further Reading: 3GPP TS 36.300
Evolved Packet Core
LT3600/v1.1 © Wray Castle Limited 5.3
Mobility Management Entity
(MME)
NAS signalling and signalling security
Inter CN node signalling for mobility between 3GPP access networks
UE reachability in idle mode
Tracking Area list management
PDN GW and serving GW selection
MME selection for handovers with MME change
SGSN selection
Roaming connection towards home HSS
Authentication
Bearer management and establishment
MME (Mobility Management Entity)
MME (Mobility Management Entity)
The MME assumes many of the functions that would previously have been performed by the VLR or SGSN and which in the evolved network are termed EMM (EPS Mobility Management) functions.
The MME’s main responsibility is to terminate the Control Plane NAS signalling flows from individual UEs and to manage the authentication and security functions for each attached UE. Unlike the legacy VLR, however, the MME is also responsible for bearer establishment. It receives Service Requests from UEs and issues appropriate instructions to the S-GW that will handle each user plane
connection.
The EMM functions also include responsibility tracking UEs that are in idle mode and the MME ensures ‘UE Reachability’ by receiving TAU messages, maintaining the tracking area lists and performing paging of individual UEs when required.
To assist with service resilience, MMEs can be grouped into ‘pools’. eNBs are able to contact any MME within the pool(s) with which they are associated when passing on UE Attach requests. The MME then has flexibility as to the S-GW chosen to establish the user plane connection for each UE.
The MME is also in charge of roaming and handover functions to 2G/3G SGSNs.
Further Reading: 3GPP TS 23.401:4.4.2
LTE/SAE Engineering Overview
5.4 © Wray Castle Limited LT3600/v1.1
Serving Gateway (S-GW)
Local mobility anchor point for inter-eNB handover
Mobility anchoring for inter-3GPP mobility
Idle mode downlink packet buffering
Lawful interception
Packet routing and forwarding
Transport level DiffServ packet marking
Charging
S-GW (Serving Gateway)
S-GW (Serving Gateway)
The S-GW handles user plane connectivity between UEs and the EPC and acts as the EPC mobility anchor for UEs roaming within part of a PLMN. This entails performing IP packet routing and buffering functions and also managing QoS by inserting DSCP (DiffServ Code Point) data into IP packet headers.
The S-GW also provides mobility anchoring for connections that roam onto legacy 3GPP GERAN (GPRS/EDGE Radio Access Network) (2G) and UTRAN (UMTS Terrestrial Radio Access Network) (3G) access networks. As all EPS user traffic must pass through an S-GW it is a logical node within which, in concert with the PDN-GW, to base the EPS Lawful Interception interface and also the charging functions.
The standard S5 and S8 interfaces that link the S-GW and PDN-GW are based on the 3GPP GTP;
many non-3GPP systems obtain similar IP mobility functionality by employing the MIPv4 (Mobile IPv4) or PMIPv6 (Proxy Mobile IPv6) protocols developed by the IETF (Internet Engineering Task Force).
Adapted versions of the S5 and S8 interfaces are available that support the PMIP protocol for IP mobility. In such cases, the S-GW will also act as the FA (Foreign Agent) to anchor mobile IP tunnels.
To provide some legacy perspective, taken together the MME and S-GW provide the EPC with functionality similar to that previously provided by the SGSN, with the MME handling the signalling and session control aspects and the S-GW dealing with the user traffic.
Further Reading: 3GPP TS 23.401:4.4.3.2
Evolved Packet Core
LT3600/v1.1 © Wray Castle Limited 5.5
PDN Gateway (PDN-GW)
Per-user-based packet filtering
Lawful interception
UE IP address allocation
DiffServ packet marking
SDF level charging
SDF gating control and data rate enforcement
Contains APN (Access Point Name)
DHCPv4 (server and client) and DHCPv6 (client, relay and server) functions
PDN-GW (Packet Data Network Gateway)
PDN-GW (Packet Data Network Gateway)
If the functionality of the MME/S-GW can be thought of as analogous to that of the legacy SGSN, then the PDN-GW can be thought of as similar in function to the legacy GGSN. The PDN-GW (also known in some versions of the specifications as the P-GW) routes traffic between EPS Bearers and the SGi interface, which leads to external data networks such as the IMS and the Internet.
As all inbound and outbound EPS traffic must pass through a PDN-GW it is the logical node in which the network’s packet filtering and classification functions are based. These include the ‘deep packet inspection’ techniques that are used to classify packets into particular SDFs (Service Data Flows) before routing them over an EPS Bearer or the SGi interface, which in turn allows the PDN-GW to act as the network’s PCEF (Policy and Charging Enforcement Function) Under direction from the PCRF (Policy and Charging Rules Function) the PDN-GW will apply ‘per SDF’ charging, service level and rate enforcement and QoS-related traffic shaping functions that control the ‘gating’ of user traffic flows.
Each PDN-GW contains a number of logical access points (each identified by an Access Point Name or APN) which act as the GTP tunnel endpoints and mobility anchors of the EPS Bearers that extend service out to mobile UEs. As in the legacy GGSN, the APNs are responsible for the allocation of IP addresses to UEs during the establishment of each EPS Bearer and for routing traffic between the Bearers and particular external networks.
Further Reading: 3GPP TS 23.401:4.4.3.3
LTE/SAE Engineering Overview
5.6 © Wray Castle Limited LT3600/v1.1
Policy and Charging Rules Function (PCRF)
Decides whether and when to create additional EPS bearers
Provides PCC data such as service data flow detection, gating, QoS, ARP and flow-based charging information to traffic handling entities
Terminates the S7/Gx and Rx interfaces for home network service and the S9 interface point for roaming with local breakout
PCRF (Policy and Charging Rules Function)
PCRF (Policy and Charging Rules Function)
The PCRF is responsible for propagating the network’s connection policies and charging rules to the PDN-GW via the S7/Gx interface and to traffic gateway elements within the IMS via the Rx interface.
It is the element that decides if new connections are to be allowed and, if so, whether they will be carried by an existing EPS Bearer or whether a new one is required.
The PCRF is responsible for providing service data flow detection, gating, QoS and flow-based charging information to traffic handling entities within the network. This includes rules that allow the PDN-GW to provide the correct level of service to user data flows once the type of traffic being carried has been determined. For example, if the PDN-GW determines that the SDF to a user is carrying real-time traffic it may ‘gate’ up to the data rate and QoS level indicated by the PCRF and the user’s subscription profile.
The PCRF’s charging rules allow the operator to apply the appropriate rating to CDRs (Call Data Records) generated for each SDF so that, for instance, real-time connections can be differentiated from an Internet browsing session.
In the case of EPS roaming, when users use their terminals abroad, 3GPP has developed an extended PCRF architecture, based on the S9 interface, that defines Home (H-PCRF) and Visited (V-PCRF) logical functions.
Further Reading: 3GPP TS 23.401:4.4.7
Evolved Packet Core
LT3600/v1.1 © Wray Castle Limited 5.7
Mobility Management Entity
(MME)
Functions could be combined within
same device S11
S5 Serving Gateway
(S-GW)
PDN Gateway (PDN-GW)
Combined Functionality
Combined Functionality
3GPP has deliberately designed the EPC network elements and interfaces to give vendors the greatest possible flexibility when developing their solutions.
Although the MMW, S-GW, PDN-GW and PCRF all have a set of rigidly defined functions and open interfaces, the specifications make it explicit that equipment vendors are free to deploy these logical functions to physical devices in whatever way suits them best.
For example, the MME and SGW functions can both be located in one device, such as an upgrade to an existing 3G SGSN platform. The S11 interface would then be internal to that combined device.
In the same way it is conceivable that a vendor may decide to combine the functions of the S-GW and PDN-GW into one combined EPS gateway, rendering the S5 an internal interface.
Further Reading: 3GPP TS 23.401:4.4
LTE/SAE Engineering Overview
5.8 © Wray Castle Limited LT3600/v1.1
PDN-GW
Co-ordinated MME Pool and S-GW Service Area
E-UTRAN Tracking Areas served by Pools and Areas
Resilience Through Pooling
Resilience Through Pooling
In common with ongoing developments within many existing 3G core networks, the EPC is designed to take advantage of the concept of ‘pooling’, specifically of MME and S-GW nodes.
The ‘S1-flex’ facility that allows each eNB in the E-UTRAN to be associated with multiple MMEs in the EPC allows those MMEs to be grouped into ‘pools’. Each pool will be responsible for the eNBs in one or more complete tracking areas.
This means that when an eNB selects the MME that will handle the Attach process for a UE, that MME can continue to serve that UE as long as it remains within the tracking areas associated with the MME’s pool. This reduces the requirement for MME relocation and consequently reduces the
network’s signalling load. Pooling also provides a measure of resilience for network services to the extent that, if one MME falls over, eNBs have a number of alternative devices to select. As with current implementations of the pooling concept, however, MME pooling does not protect the connections to UEs being served by a failed MME – when the MME fails all ongoing services supported by it fail too.
In the same way as an MME pool area comprises a set of cells within which a UE does not need to change the serving MME, an S-GW service area is a set of cells within which a UE does not need to change S-GW.
MME pools may overlap, and each MME pool area is identified by an MMEGI (MME Group Identifier).
S-GW Areas are also permitted to overlap.
Further Reading: 3GPP TS 23.401:3.1
Evolved Packet Core
LT3600/v1.1 © Wray Castle Limited 5.9
S8
Interface Naming Convention
There are numerous interfaces defined for the EPC, most of which share the reference letter ‘S’.
They are functionally separated into those that carry control (C-plane) and those that carry user (U-plane) traffic. Support of most S interfaces in the EPC is mandatory, although some are optional.
An overview of the interfaces is given in the diagram.
Further Reading: 3GPP TS 23.401:4.2
LTE/SAE Engineering Overview
5.10 © Wray Castle Limited LT3600/v1.1
SCTP IP L2 L1 S1-AP
GTPv1-U SCTP
IP L2 L1 User PDU
S-GW S1-MME
S1-U
MME
eNB
S1 to E-UTRAN Interface
S1 to E-UTRAN Interface
The S1 interface can be seen as the evolved equivalent of the 3G Iu interfaces and interconnects the E-UTRAN with the EPC. Individual S1 interfaces run logically between each eNB and the set of MMEs and S-GWs to which it is associated.
Messages and other control plane traffic and S1-U flows carry user plane and call control traffic.
Message structures for the S1-MME interface, which operates between the eNB and the MME, are defined by the S1AP. S1AP performs duties that combine those performed by the legacy RANAP and GTP-C protocols with additional elements to support traffic flows in an all-IP environment.
Data flow over the S1-MME is protected from loss and network failure by the use of SCTP at the transport layer (layer 4). SCTP was specifically designed by the IETF to handle the flow of signalling and control traffic over an IP network. Retransmission of failed or missing data packets, and therefore guaranteed delivery of signalling data, is one of the facilities provided by SCTP.
Further Reading: 3GPP TS 23.401:5.1, 36.413 (S1AP)
Evolved Packet Core
LT3600/v1.1 © Wray Castle Limited 5.11
SCTP IP L2 L1 S1-AP
GTPv1-U SCTP
IP L2 L1 User PDU
S-GW S1-MME
S1-U
MME
eNB
S1-U Interface
S1-U Interface
The S1-U interface employs GTP-U to create and manage tunnels carrying user-plane data contexts between the eNB and the S-GW.
3GPP has developed a new version of GTP (GTPv2) for use within the EPS. GTPv2 only changes the C-plane aspects of GTP, however, and is referred to as GTPv2-C.
U-plane traffic continues to be carried by GTPv1. Current versions of the relevant 3GPP specifications refer to this version of GTP and GTPv1-U.
The S1-U user plane carries all traffic destined to travel over the air interface to the UE, which includes all user data plus application control data such as SIP and RTP messages. It also handles the delivery of NAS signalling messages carried between the UE and the MME using the DTAP (Direct Transfer Application Part) facility.
The S1-U interface employs UDP at layer 4 and therefore has no data retransmission capabilities available at the transport layer.
Although the S1-Flex functionality allows each eNB to connect to multiple MMEs and S-GWs, an individual UE will, unless a relocation is taking place, only ever be served by one MME and one S-GW at any one time. All signalling and traffic connections for a UE will therefore be concentrated through one pair of devices.
Further Reading: 3GPP TS 23.401:5.1, 29.274 (GTPv2-C), 23.281 (GTPv1-U)
LTE/SAE Engineering Overview
5.12 © Wray Castle Limited LT3600/v1.1
SCTP IP L2 L1 S1-AP
GTPv1-U SCTP
IP L2 L1 User PDU
Broadband S1-MME
S1-U
MME
S-GW Home eNB
(HeNB)
Home eNB Gateway (HeNB GW)
S1 Interfaces for Home eNBs
S1 Interfaces for Home eNBs
The HeNB (Home eNode B) concept provides a standardized method for creating and connecting LTE ‘femtocells’. Similar methods have been developed for the 3G HNB (Home Node B).
A femtocell provides limited-area radio coverage to residential or business premises; connections are passed back to the operator’s core network via a broadband Internet connection. Indeed, femtocell devices are often incorporated into broadband routers along with the broadband modem and Wi-Fi access point.
The HeNB provides the same set of services as a ‘full’ eNB and is logically connected to the EPC via the same S1-MME and S1-U interfaces.
Operators may optionally deploy an HeNB GW (Home eNB Gateway) to concentrate S1-MME traffic towards the MMEs, although the HeNBs will work even without a Gateway.
The HeNB presents itself to the HeNB GW as an eNB; the Gateway presents itself to the HeNB as an MME. The HeNB GW presents itself to the MME as an eNB.
An X2 interface between neighbouring HeNBs is not supported, although mobility between HeNB cells and other cells via the MME/S-GW is possible.
Further Reading: 3GPP TS 36.300:4.6, TR 25.820
Evolved Packet Core
LT3600/v1.1 © Wray Castle Limited 5.13
UDP IP L2 L1 GTPv1-U
S-GW SGSN RNC
S12
S4
PDN-GW S5
S8 SGSN
S16
GTPv1-U Traffic Interfaces
PDN-GW S8
Roaming EPS
GTPv1-U Traffic Interfaces
Most EPC interfaces are based on a combination of GTPv1-U and GTPv2-C.
The S4 interface carries U-plane traffic between an S-GW and an SGSN for EPC-attached UEs that have roamed onto GERAN/UTRAN access. SGSNs that support the S4 can also be upgraded to use
The S4 interface carries U-plane traffic between an S-GW and an SGSN for EPC-attached UEs that have roamed onto GERAN/UTRAN access. SGSNs that support the S4 can also be upgraded to use