Académique Documents
Professionnel Documents
Culture Documents
Huawei Technologies
https://www.linkedin.com/in/sridharbhaskaran/
http://cellularinsights.blogspot.in/
Typical Point to Point Core Network Architecture
until 4G
Agenda Release 15
● Protocol Layering
● Benefits of HTTP/2 + JSON
● API Design Principles
● Network Slicing
● Security
● Challenges
Future
2
From 4G P2P Architecture to 5G Service
Based Architecture LTE - Evolved Packet Core (EPC)
- Release 13 Architecture
LTE - Evolved Packet Core (EPC) SMS- MTC-
SC IWF
- Release 8/9 Architecture
SCEF HSS
HSS
RCAF
SGW PGW
SGW PGW TWAP/
ePDG TWAG
ePDG
Untrusted non 3GPP
Untrusted non 3GPP Access (e.g Public WiFI)
Access (e.g Public WiFI)
● Diameter interfaces support both stateful (via session ID) and stateless interactions.
● Stateless cloud scale deployment of GTP / DIAMETER require custom front end load balancers
● New feature development and deployment require telco vendors to support new GTP / Diameter
messages, interop testing ⇒ Long cycles. No large scale open market availability of developers that are
well versed with GTP / Diameter, leading to vendor lock-ins.
4
Need for Change - Use
Cases
5
5G Requirements (from NGMN)
6
5G Use Case Category Definition (NGMN)
7
Use Cases Driving New 5G CN
● Diverse use cases - one network cant fit all ⇒ Network Slicing.
○ Ability to own and manage a slice from a different administrative domain (e.g 3rd party
enterprise)
○ Multi persona UE. One UE connects to multiple/different end to end networks (e.g private
browsing, office VPN; car connecting to car infotainment network as well as car factory for real-
time diagnostics and control)
● Plug and play deployment of new features ⇒ Network Interactions via APIs ⇒ Service Based
Architecture.
● Control Plane - User Plane separation from day 1 ⇒ Enabling SDN - centralized CP/distributed UP.
8
Use Cases Driving New 5G CN
● Application influence on traffic steering.
● Support for Ethernet and Unstructured PDU types allowing deployment of LAN services over 3GPP
radio.
● Support for Edge Computing ⇒ Local Area Data Network (LADN), Uplink Classifiers and Branching
Points with Multihomed IPv6.
● Reduced signalling between UE and Core Network for IDLE-ACTIVE state transition + Energy efficient
state handling at UE ⇒ RRC Inactive.
● Common authentication framework for any access (3GPP, WLAN, Wireline). Common core for any
access (3GPP, WLAN, Wireline) ⇒ True fixed-mobile convergence.
● Architectural Enablers for Virtualized / Cloud based Deployments ⇒ Support for stateless NFs.
9
Architectural Enablers for Cloud Deployment
● Storage of Network Function and session state in an unstructured data storage function (UDSF).
○ Allows session state to be separated from signalling thus enabling stateless NFs
● From protocol based signalling ⇒ API based core network signaling interaction.
● Ability to change the TNL (Transport Network Layer) address to UE session state binding anytime.
10
R15 Service Based
Architecture
11
5G Core Network Architecture
Courtesy: http://www.3gpp.org/news-events/3gpp-news/1930-sys_architecture
5G Control Plane Protocol Stack
Nsmf, Nsmsf, Namf, Nother all carry upper part of NAS over HTTP/2 multipart message
5G Service Based Architecture - Protocol
Stack
14
How does it all work?
15
Benefits of Service Based Architecture
● APIs discovered and used by any authorized consumer - opens out network for 3rd party application
integration.
● Authorization based on OAuth 2.0 - NRF acts as authorization server issuing access tokens.
● APIs based on formal spec (OpenAPI 3.0) allowing automatic code generation.
● Faster develop - test - deploy cycles - DevOps model - due to ready availability of tools and
infrastructure for HTTP / REST APIs.
16
Benefits of HTTP/2 - JSON
● Ready availability of off
the shelf HTTP/2
servers and client
libraries
● Scaling backend
instances by
terminating API
endpoints at a reverse
proxy
○ Eg. {apiRoot}/n<nf>-<service-name>/v1
○ MAJOR.MINOR.PATCH pattern
18
Security
Visited
HPLMN
https:// URI PLMN
TLS SEPP
SEPP
OAuth2.0
Authorization NF
NF
Service
Service TLS Consume 3. Decapsulate original
Producer
r HTTP/2 message and
call API end point
NF
NF
Service
Service
TLS Recommended Consume 1. HTTPS API,
OAuth2.0 Auth token Producer
r
NDS (IPSec) may be used if TLS is not for URI of NF service
producer
used 19
Security - Challenges
● HTTP requests are end to end - “:authority” pseudo header refers to API endpoint host
● How can SEPP intercept TLS if HTTP client tries to setup end to end TLS with HTTP server in another
PLMN?
● It's not just SEPP acting as proxy. IPX providers between PLMNs want visibility into inter PLMN
messages as well.
● IPX providers want to modify the messages based on inter PLMN policies.
● See detailed liaison exchanges between 3GPP SA3 and GSMA in S3-173407 and S3-180338
20
Allowing IPX to Modify HTTP/2 Messages
2. HTTP/2 Request: “:authority” = FQDN/port of NF
service producer; “:path” = API URI path of NF service
producer
1. HTTP/2 “:method=GET/PUT/POST…” 4. IPX-es insert their modifications as JSON 5. SEPP decapsulates the original
“:authority = FQDN/port of NF service producer” patch instructions into a separate block in payload, verifies JWS signature and then
Transport is TLS with SEPP (Open: SEPP to do bump the outer HTTP POST request. IPX 21
reconstructs / forwards original HTTP/2
in TLS?) insertions are digitally signed with JWS. request to NF service producer
3GPP Release 16 and
Beyond
22
3GPP Release 16 and Beyond
● Support for massive IoT - core network enhancements to support cellular IoT features in 5G
● Support for Ultra Reliable and Low Latency Communication (URLLC) - new QoS characteristics,
enhanced UPF placement logic, Enablers for ultra reliability
● 5G LAN
23
R16 - Enhanced Service Based Architecture
TR 23.742
Service Framework
API
NRF Routing
● Register the NF services ● HTTP Request to NF Service
along with NF service Producer
parameters ● Based on HTTP headers, JSON
● Parameters include: attributes, the service framework
Service Type of Producer, discovers the NF producer to
S-NSSAI, Service Area route to
Information, Service Zone ● API Routing towards discovered
ID, Service Set ID etc NF service producer
NF Service NF Service
Producer Consumer
● 5G Security - TS 33.501
● http://www.3gpp.org/ftp/Specs/archive/23_series/
● http://www.3gpp.org/ftp/Specs/archive/22_series/
25
3GPP 5G Core Network Stage 3 Specifications
Sl.No Spec Number Title
6 TS 29.505 5G System; Usage of the Unified Data Repository services for Subscription Data; Stage 3
13 TS 29.513 5G System; Policy and Charging Control signalling flows and QoS parameter mapping; Stage 3
16 TS 29.519 5G System; Usage of the Unified Data Repository Service for Policy Data, Application Data and
Structured Data for Exposure; Stage 3
28
5G Core Network Features - Network Slicing
LTE - Evolved Packet Core (EPC) 5G Core Network (5GC) SMF1
PGW
(APN1)
PGW
(APN3) SMF3
● 1 UE - connect to one Dedicated Core Network (DCN)
● 1 DCN can support multiple applications (APN)
● Same application support in multiple DCNs require repeated
configurations for same APN but different DCN in DNS
UPF1 DN-1
● 1 UE - can connect to multiple core network slices
● Each slice identified by an S-NSSAI
● AMF is common to all slices UE uses UPF2 DN-2
● SMFs specific to each slice
● SMFs selected via NRF specific to the slice (S-NSSAI)
● NRFs + SMFs can be in different administrative domain from AMF UPF3 DN-3
● SMFs select UPF
● Traffic routing of each slice is independent and isolated
● RAN supports slicing at the radio
● Network Slice Selection Policies provided to UE to
select a slice for a given application 29
Use Cases Enabled by 5G Slicing
1 UE - common AMF - but multiple slices with slice specific SMF, UPF and PCF
Courtesy: http://www.3gpp.org/news-events/3gpp-news/1930-sys_architecture
Other Use Cases Enabled by 5G Slicing
● For vertical applications - operators can spawn SMF, UPF, PCF in separate slice
instance(s) for that vertical market and route UE traffic for those vertical applications.
● Testing of new features in the network by deploying a specific slice and configuring a
specific set of UEs to use that slice (through UE Configuration Update NAS
procedures).
1. 5G Core Network is a Paradigm
Shift
32
Thank You