3GPP TS 24.302 V9.4.0 (2010-09)

3GPP TS 24.302 V9.4.0 (2010-09)
Technical Specification
3rd Generation Partnership Project;
Technical Specification Group Core Network and Terminals;
Access to the 3GPP Evolved Packet Core (EPC)
via non-3GPP access networks;
Stage 3
(Release 9)
The present document has been developed within the 3rd Generation Partnership Project (3GPP TM) and may be further elaborated for the purposes of 3GPP.
The present document has not been subject to any approval process by the 3GPP Organizational Partners and shall not be implemented.
This Specification is provided for future development work within 3GPP only. The Organizational Partners accept no liability for any use of this Specification.
Specifications and reports for implementation of the 3GPP TM system should be obtained via the 3GPP Organizational Partners' Publications Offices.
Release 9
2
3GPP TS 24.302 V9.4.0 (2010-09)
Keywords
access, packet mode, UMTS, LTE
3GPP
Postal address
3GPP support office address
650 Route des Lucioles - Sophia Antipolis
Valbonne - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Internet
http://www.3gpp.org
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.
© 2010, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TTA, TTC).
All rights reserved.
UMTS™ is a Trade Mark of ETSI registered for the benefit of its members
3GPP™ is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners
LTE™ is a Trade Mark of ETSI currently being registered for the benefit of its Members and of the 3GPP Organizational Partners
GSM® and the GSM logo are registered and owned by the GSM Association
3GPP
Release 9
3
3GPP TS 24.302 V9.4.0 (2010-09)
Contents
Foreword ...................................................................................................................................................... 7
1
Scope .................................................................................................................................................. 8
2
References .......................................................................................................................................... 8
3
Definitions, symbols and abbreviations ............................................................................................. 10
3.1
3.2
4
4.1
4.2
4.3
4.4
4.4.1
4.4.2
4.4.3
4.4.4
5
Definitions ................................................................................................................................................. 10
Abbreviations............................................................................................................................................. 11
General ............................................................................................................................................. 12
Trusted and untrusted accesses ................................................................................................................... 12
cdma2000® HRPD Access System.............................................................................................................. 12
WiMAX Access System ............................................................................................................................. 12
Identities .................................................................................................................................................... 12
User identities....................................................................................................................................... 12
Identification of IP Services/PDN connections ...................................................................................... 13
FQDN for ePDG Selection .................................................................................................................... 13
Access Network Identity ....................................................................................................................... 13
Network Discovery and Selection ..................................................................................................... 13
5.1
Access network discovery and selection procedures .................................................................................... 13
5.1.1
General................................................................................................................................................. 13
5.1.2
Access network discovery procedure ..................................................................................................... 13
5.1.2.1
Triggering the discovery of operator preferred access networks with the ANDSF ............................. 13
5.1.2.2
Discovering availability of access networks ..................................................................................... 14
5.1.3
Access network selection procedure ...................................................................................................... 14
5.1.3.1
General ........................................................................................................................................... 14
5.1.3.2
Specific intra-technology access network selection .......................................................................... 14
5.1.3.2.1
cdma2000® HRPD access network selection ............................................................................... 14
5.1.3.2.2
WiMAX NAP selection.............................................................................................................. 14
5.2
EPC network selection ............................................................................................................................... 14
5.2.1
General................................................................................................................................................. 14
5.2.2
Generic EPC network selection procedure ............................................................................................. 15
5.2.2.1
Identification of the EPC ................................................................................................................. 15
5.2.2.2
Selection at switch-on or recovery from lack of coverage ................................................................. 15
5.2.2.2.1
UE selection modes.................................................................................................................... 15
5.2.2.2.2
Manual EPC network selection ................................................................................................... 15
5.2.2.2.3
Automatic EPC network selection .............................................................................................. 15
5.2.3
Access technology specific EPC network selection procedures .............................................................. 15
5.2.3.1
EPC network selection procedures for WiMAX ............................................................................... 15
5.2.3.1.1
Identification of the EPC by the WiMAX access network ........................................................... 15
5.2.3.1.2
Selection at switch-on or recovery from lack of coverage............................................................ 15
5.3
Access Network reselection ........................................................................................................................ 16
5.3.1
General................................................................................................................................................. 16
5.3.2
UE procedures ...................................................................................................................................... 16
5.3.3
EPC procedures .................................................................................................................................... 16
5.3.4
Periodic EPC network reselection attempts............................................................................................ 16
6
6.1
6.2
6.2.1
6.2.2
6.2.3
6.2.4
6.3
6.3.1
6.3.2
UE – EPC Network protocols ............................................................................................................ 17
General ...................................................................................................................................................... 17
Trusted and Untrusted Accesses ................................................................................................................. 17
General................................................................................................................................................. 17
Pre-configured policies in the UE .......................................................................................................... 17
Dynamic Indication .............................................................................................................................. 17
No trust relationship information........................................................................................................... 17
IP Mobility Mode Selection........................................................................................................................ 18
General................................................................................................................................................. 18
Static configuration of inter-access mobility mechanism ........................................................................ 18
3GPP
Release 9
6.3.3
6.3.3.0
6.3.3.1
6.3.3.1.1
6.3.3.1.2
6.4
6.4.1
6.4.2
6.4.2.1
6.4.2.2
6.4.2.3
6.4.2.4
6.4.2.4.1
6.4.2.4.2
6.4.2.4.3
6.4.2.4.4
6.4.2.4.5
6.4.2.4.6
6.4.3
6.4.3.1
6.4.3.2
6.4.3.3
6.4.4
6.5
6.5.1
6.5.2
6.5.2.1
6.5.2.2
6.5.2.3
6.5.3
6.6
6.6.1
6.6.2
6.6.2.1
6.6.2.2
6.6.2.3
6.6.2.4
6.6.2.5
6.6.2.6
6.6.2.7
6.6.3
6.6.3.1
6.6.3.2
6.6.3.3
6.7
6.7.1
6.7.2
6.7.2.1
6.7.2.2
6.7.2.3
6.7.2.4
6.7.2.5
6.7.2.6
6.7.2.7
6.7.3
6.8
6.8.1
6.8.2
6.8.2.1
6.8.2.2
6.8.2.2.1
4
3GPP TS 24.302 V9.4.0 (2010-09)
Dynamic configuration of inter-access mobility mechanism .................................................................. 18
General ........................................................................................................................................... 18
IPMS indication .............................................................................................................................. 18
IPMS indication from UE to 3GPP AAA server.......................................................................... 18
IPMS indication from 3GPP AAA server to UE .......................................................................... 19
Authentication and authorization for accessing EPC via a trusted non-3GPP access network ....................... 19
General................................................................................................................................................. 19
UE procedures ...................................................................................................................................... 20
Identity Management ....................................................................................................................... 20
EAP-AKA and EAP-AKA' based Authentication ............................................................................. 20
Full Authentication and Fast Re-authentication ................................................................................ 20
Handling of the Access Network Identity ......................................................................................... 21
General ...................................................................................................................................... 21
ANID indication from 3GPP AAA server to UE ......................................................................... 21
UE check of ANID for HRPD CDMA 2000® access networks ................................................... 21
UE check of ANID for WiMAX access networks ....................................................................... 21
UE check of ANID for WLAN access networks ......................................................................... 21
UE check of ANID for ETHERNET access networks ................................................................. 22
3GPP AAA server procedures ............................................................................................................... 22
Identity Management ....................................................................................................................... 22
EAP-AKA and EAP-AKA' based Authentication ............................................................................. 22
Full authentication and Fast Re-authentication ................................................................................. 22
Multiple PDN support for trusted non-3GPP access ............................................................................... 22
Authentication and authorization for accessing EPC via an untrusted non-3GPP access network.................. 23
General................................................................................................................................................. 23
Full authentication and authorization ..................................................................................................... 23
General ........................................................................................................................................... 23
UE procedures................................................................................................................................. 24
3GPP AAA server procedures.......................................................................................................... 24
Multiple PDN support for untrusted non-3GPP access network.............................................................. 24
UE - 3GPP EPC (cdma2000® HRPD Access) ............................................................................................. 25
General................................................................................................................................................. 25
Non-emergency case ............................................................................................................................. 25
General ........................................................................................................................................... 25
UE identities ................................................................................................................................... 25
cdma2000® HRPD access network identity ...................................................................................... 25
PLMN system selection ................................................................................................................... 25
Trusted and untrusted accesses ........................................................................................................ 25
IP mobility mode selection .............................................................................................................. 26
Authentication and authorization for accessing EPC......................................................................... 26
Emergency case .................................................................................................................................... 26
General ........................................................................................................................................... 26
UE identities ................................................................................................................................... 26
Authentication and authorization for accessing EPC......................................................................... 26
UE - 3GPP EPC (WiMAX Access) ............................................................................................................ 26
General................................................................................................................................................. 26
Non-emergency case ............................................................................................................................. 27
General ........................................................................................................................................... 27
UE identities ................................................................................................................................... 27
WiMAX access network identity ..................................................................................................... 27
Selection of the Network Service Provider ....................................................................................... 27
Trusted and untrusted accesses ........................................................................................................ 27
IP mobility mode selection .............................................................................................................. 27
Authentication and authorization for accessing EPC......................................................................... 27
Emergency case .................................................................................................................................... 27
Communication over the S14...................................................................................................................... 27
General................................................................................................................................................. 27
Interaction with the Access Network Discovery and Selection Function ................................................. 28
General ........................................................................................................................................... 28
UE procedures................................................................................................................................. 28
UE discovering the ANDSF ....................................................................................................... 28
3GPP
Release 9
5
3GPP TS 24.302 V9.4.0 (2010-09)
6.8.2.2.1A
ANDSF communication security ................................................................................................ 29
6.8.2.2.2
Role of UE for Push model......................................................................................................... 29
6.8.2.2.3
Role of UE for Pull model .......................................................................................................... 30
6.8.2.2.4
UE using information provided by ANDSF ................................................................................ 30
6.8.2.2.4.1
General ................................................................................................................................ 30
6.8.2.2.4.2
Use of Inter-system Mobility Policy ...................................................................................... 30
6.8.2.2.4.3
Use of Access Network Discovery Information ..................................................................... 30
6.8.2.3
ANDSF procedures ......................................................................................................................... 31
6.8.2.3.1
General ...................................................................................................................................... 31
6.8.2.3.2
Role of ANDSF for Push model ................................................................................................. 31
6.8.2.3.3
Role of ANDSF for Pull model .................................................................................................. 31
6.9
Handling of Protocol Configuration Options information ............................................................................ 31
7
7.1
7.2
7.2.1
7.2.2
7.2.3
7.2.4
7.2.4.1
7.2.4.2
7.3
7.4
7.4.1
7.4.2
7.4.3
7.4.3.1
7.4.3.2
8
8.1
8.1.1
8.1.1.1
8.1.1.2
8.2
8.2.1
8.2.1.1
8.2.1.2
8.2.2
8.2.2.1
8.2.3
8.2.3.1
8.2.4
8.2.4.1
Tunnel management procedures ........................................................................................................ 32
General ...................................................................................................................................................... 32
UE procedures ........................................................................................................................................... 32
Selection of the ePDG........................................................................................................................... 32
Tunnel establishment ............................................................................................................................ 32
Tunnel modification.............................................................................................................................. 34
Tunnel disconnection ............................................................................................................................ 34
UE initiated disconnection ............................................................................................................... 34
UE behaviour towards ePDG initiated disconnection........................................................................ 34
3GPP AAA server procedures .................................................................................................................... 34
ePDG procedures ....................................................................................................................................... 35
Tunnel establishment ............................................................................................................................ 35
Tunnel modification.............................................................................................................................. 36
Tunnel disconnection ............................................................................................................................ 36
ePDG initiated disconnection........................................................................................................... 36
ePDG behaviour towards UE initiated disconnection........................................................................ 36
PDUs and parameters specific to the present document ..................................................................... 37
3GPP specific coding information defined within present document............................................................ 37
Access Network Identity format and coding .......................................................................................... 37
Generic format of the Access Network Identity ................................................................................ 37
Definition of Access Network Identities for Specific Access Networks............................................. 37
IETF RFC coding information defined within present document ................................................................. 38
IPMS attributes ..................................................................................................................................... 38
AT_IPMS_IND attribute ................................................................................................................. 38
AT_IPMS_RES attribute ................................................................................................................. 39
Access Network Identity indication attribute ......................................................................................... 40
Access Network Identity in the AT_KDF_INPUT attribute .............................................................. 40
Trust relationship indication attribute .................................................................................................... 40
AT_TRUST_IND attribute .............................................................................................................. 40
IKEv2 Configuration Payloads attributes............................................................................................... 40
HOME_AGENT_ADDRESS attribute............................................................................................. 40
3GPP
Release 9
Annex A (informative):
6
3GPP TS 24.302 V9.4.0 (2010-09)
Example signalling flows for inter-system change between 3GPP and
non-3GPP systems using ANDSF .............................................................. 42
A.1
Scope of signalling flows .................................................................................................................. 42
A.2
Signalling flow for inter-system change between 3GPP access network and non-3GPP access
network............................................................................................................................................. 42
Annex B (informative):
B.1
Assignment of Access Network Identities in 3GPP ................................... 45
Access Network Identities ................................................................................................................. 45
Annex C (informative):
Example usage of ANDSF .......................................................................... 46
C.1
Scope of ANDSF Example................................................................................................................ 46
C.2
Organization of ANDSF Coverage Map for WiMAX Network discovery .......................................... 46
C.3
Parameters in Pull mode.................................................................................................................... 46
Annex D (informative):
Mismatch of static configuration of mobility mechanism in the UE
and in the network ..................................................................................... 47
Annex E (informative):
UE procedures based on preconfigured and received information .......... 49
Annex F (informative):
Change history ........................................................................................... 52
3GPP
Release 9
7
3GPP TS 24.302 V9.4.0 (2010-09)
Foreword
This Technical Specification has been produced by the 3rd Generation Partnership Project (3GPP).
The contents of the present document are subject to continuing work within the TSG and may change following formal
TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an
identifying change of release date and an increase in version number as follows:
Version x.y.z
where:
x the first digit:
1 presented to TSG for information;
2 presented to TSG for approval;
3 or greater indicates TSG approved document under change control.
y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections,
updates, etc.
z the third digit is incremented when editorial only changes have been incorporated in the document.
3GPP
Release 9
1
8
3GPP TS 24.302 V9.4.0 (2010-09)
Scope
The present document specifies the discovery and network selection procedures for access to 3GPP Evolved Packet
Core (EPC) via non-3GPP access networks and includes Authentication and Access Authorization using
Authentication, Authorization and Accounting (AAA) procedures used for the interworking of the 3GPP EPC and the
non-3GPP access networks.
The present document also specifies the Tunnel management procedures used for establishing an end-to-end tunnel
from the UE to the ePDG to the point of obtaining IP connectivity and includes the selection of the IP mobility mode.
The non-3GPP access networks considered in this present document are cdma2000® HRPD and Worldwide
Interoperability for Microwave Access (WiMAX), and any access technologies covered in 3GPP TS 23.402 [6]. These
non-3GPP access networks can be trusted or untrusted access networks.
The present document is applicable to the UE and the network. In this technical specification the network is the 3GPP
EPC.
NOTE:
2
cdma2000® is a registered trademark of the Telecommunications Industry Association (TIA-USA).
References
The following documents contain provisions which, through reference in this text, constitute provisions of the present
document.
References are either specific (identified by date of publication, edition number, version number, etc.) or
non-specific.
For a specific reference, subsequent revisions do not apply.
For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including
a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same
Release as the present document.
[1]
3GPP TR 21.905: "Vocabulary for 3GPP Specifications".
[2]
Void.
[3]
3GPP TS 23.003: "Numbering, addressing and identification".
[4]
3GPP TS 23.122: "Non-Access-Stratum (NAS) functions related to Mobile Station (MS) in idle
mode".
[5]
Void.
[6]
3GPP TS 23.402: "Architecture enhancements for non-3GPP accesses".
[7]
3GPP TS 33.234: "3G security; Wireless Local Area Network (WLAN) interworking security".
[8]
Void.
[9]
3GPP TS 24.234: "3GPP System to Wireless Local Area Network (WLAN) interworking; WLAN
User Equipment (WLAN UE) to network protocols".
[10]
3GPP TS 24.301: "Non-Access-Stratum (NAS) protocol for Evolved Packet System (EPS)".
[11]
3GPP TS 24.303: "Mobility management based on Dual-Stack Mobile IPv6".
[12]
3GPP TS 24.304: "Mobility management based on Mobile IPv4; User Equipment (UE) - Foreign
Agent interface".
[13]
3GPP TS 24.312: "Access Network Discovery and Selection Function (ANDSF) Management
Object (MO)".
3GPP
Release 9
9
3GPP TS 24.302 V9.4.0 (2010-09)
[14]
3GPP TS 25.304: "User Equipment (UE) procedures in idle mode and procedures for cell
reselection in connected mode".
[15]
3GPP TS 33.402: "3GPP System Architecture Evolution: Security aspects of non-3GPP accesses".
[16]
3GPP TS 36.304: "Evolved Universal Terrestrial Radio Access (E-UTRA); User Equipment (UE)
procedures in idle mode".
[16a]
3GPP TS 45.008: "Radio Access Network; Radio subsystem link control".
[17]
3GPP TS 29.273: "Evolved Packet System; 3GPP EPS AAA Interfaces".
[18]
3GPP TS 29.275: "Proxy Mobile IPv6 (PMIPv6) based Mobility and Tunnelling protocols".
[19]
3GPP TS 29.276: "Optimized Handover Procedures and Protocols between EUTRAN Access and
cdma2000 HRPD Access".
[20]
3GPP2 X.S0057-A v2.0: "E-UTRAN - HRPD Connectivity and Interworking: Core Network
Aspects".
[21]
3GPP2 C.S0087-A v2.0: "E-UTRAN – HRPD and CDMA2000 1x Connectivity and Interworking:
Air Interface Aspects".
[22]
3GPP2 C.S0024-0 v4.0: "cdma2000® High Rate Packet Data Air Interface Specification".
[23]
3GPP2 C.S0024-A v3.0: "cdma2000® High Rate Packet Data Air Interface Specification".
[23a]
3GPP2 C.S0016-D v1.0: "Over-the-Air Service Provisioning of Mobile Stations in Spread
Spectrum Standards".
[24]
WiMAX Forum Network Architecture Release 1.0 version 1.2 – Stage 2: "Architecture Tenets,
Reference Model and Reference Points", November 2007.
[25]
WiMAX Forum Network Architecture Release 1.0 version 1.2 – Stage 3: "Detailed Protocols and
Procedures", November 2007.
[26]
WiMAX Forum Mobile System Profile Release 1.0 Approved Specification Revision 1.4.0,
April 2007.
[27]
IEEE Std 802.16e-2005 and IEEE Std 802.16-2004/Cor1-2005: "IEEE Standard for Local and
Metropolitan Area Networks, Part 16: Air Interface for Fixed and Mobile Broadband Wireless
Access Systems Amendments 2 and Corrigendum 1", February 2006.
[28]
IETF RFC 4306 (December 2005): "Internet Key Exchange (IKEv2) Protocol".
[29]
IETF RFC 3748 (June 2004): "Extensible Authentication Protocol (EAP)".
[30]
IETF RFC 4301 (December 2005): "Security Architecture for the Internet Protocol".
[31]
IETF RFC 4555 (June 2006): "IKEv2 Mobility and Multihoming Protocol (MOBIKE)".
[32]
IETF RFC 4303 (December 2005): "IP Encapsulating Security Payload (ESP)".
[33]
IETF RFC 4187 (January 2006): "Extensible Authentication Protocol Method for 3rd Generation
Authentication and Key Agreement (EAP-AKA)"
[34]
IETF RFC 3629 (November 2003): "UTF-8, a transformation format of ISO 10646".
[35]
IETF RFC 1035 (November 1987): "DOMAIN NAMES - IMPLEMENTATION AND
SPECIFICATION".
[36]
Void.
[37]
draft-das-mipshop-andsf-dhcp-options-03.txt (February 2010): "Dynamic Host Configuration
Protocol (DHCPv4 and DHCPv6) Options for Access Network Discovery and Selection Function
(ANDSF) Discovery"
3GPP
Release 9
10
3GPP TS 24.302 V9.4.0 (2010-09)
Editor's note: The above document cannot be formally referenced until it is published as an RFC.
[38]
IETF RFC 5448 (May 2009): "Improved Extensible Authentication Protocol Method for 3rd
Generation Authentication and Key Agreement (EAP-AKA')".
[39]
OMA-ERELD-DM-V1_2: "Enabler Release Definition for OMA Device Management".
[40]
Void
[41]
"Unicode 5.1.0, Unicode Standard Annex #15; Unicode Normalization Forms", March 2008.
http://www.unicode.org.
[42]
3GPP TS 33.220: "Generic Authentication Architecture (GAA); Generic bootstrapping
architecture".
[43]
3GPP TS 29.109: "Generic Authentication Architecture (GAA); Zh and Zn Interfaces based on the
Diameter protocol".
[44]
3GPP TS 33.222: "Generic Authentication Architecture (GAA); Access to network application
functions using Hypertext Transfer Protocol over Transport Layer Security (HTTPS)".
[45]
3GPP TS 31.102: "Characteristics of the Universal Subscriber Identity Module (USIM)
application".
[46]
3GPP TS 24.008: "Mobile radio interface Layer 3 specification; Core network protocols; Stage 3".
[47]
3GPP TS 33.223: "Generic Authentication Architecture (GAA); Generic Bootstrapping
Architecture (GBA) Push function".
3
Definitions, symbols and abbreviations
3.1
Definitions
For the purposes of the present document, the terms and definitions given in 3GPP TR 21.905 [1] and the following
apply. A term defined in the present document takes precedence over the definition of the same term, if any, in
3GPP TR 21.905 [1].
Access Network Discovery and Selection Function: In this specification, Access Network Discovery and Selection
Function (ANDSF) is a network element specified in 3GPP TS 23.402 [6]. Unless otherwise specified, the term ANDSF
is used to refer to both Home and Visited ANDSF.
Emergency session: In this specification, an emergency session is an emergency PDN connection established in EUTRAN and handed over to a S2a based cdma2000® HRPD access network.
Home ANDSF: In this specification, the Home ANDSF (H-ANDSF) is an ANDSF element located in the home PLMN
of a UE.
Set of Access network discovery information: In this specification, a set of Access network discovery information is
the access network discovery information from a single ANDSF.
Set of Inter-system mobility policy: In this specification, a set of Inter-system mobility policy is the inter-system
policy information received from a single ANDSF.
Visited ANDSF: In this specification, the Visited ANDSF (V-ANDSF) is an ANDSF element located in the visited
PLMN of a UE.
For the purposes of the present document, the following terms and definitions given in 3GPP TS 23.122 [4] apply:
RPLMN
For the purposes of the present document, the following terms and definitions given in 3GPP TS 23.402 [6] apply:
S2a
3GPP
Release 9
11
3GPP TS 24.302 V9.4.0 (2010-09)
S2b
S2c
For the purposes of the present document, the following terms and definitions given in 3GPP TS 29.273 [17] apply:
STa
For the purposes of the present document, the following terms and definitions given in 3GPP TS 24.301 [10] apply:
Evolved packet core network
Evolved packet system
For the purposes of the present document, the following terms and definitions given in
WiMAX Forum Network Architecture Release 1.0 version 1.2 – Stage 3 [25] apply:
Network Access Provider
Network Service Provider
3.2
Abbreviations
For the purposes of the present document, the abbreviations given in 3GPP TR 21.905 [1] and the following apply. An
abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in
3GPP TR 21.905 [1].
AAA
ACL
AKA
ANDSF
ANID
APN
DHCP
DM
DNS
DSMIPv6
eAN/PCF
EAP
EPC
ePDG
EPS
ESP
FQDN
GAA
GBA
H-ANDSF
HRPD
HSGW
IEEE
IKEv2
IPMS
I-WLAN
MO
NAI
NAP
NBM
NSP
OMA
PCO
P-GW
PDU
S-GW
UE
UICC
V-ANDSF
Authentication, Authorization and Accounting
Access Control List
Authentication and Key Agreement
Access Network Discovery and Selection Function
Access Network Identity
Access Point Name
Dynamic Host Configuration Protocol
Device Management
Domain Name System
Dual-Stack MIPv6
Evolved Access Network Packet Control Function
Extensible Authentication Protocol
Evolved Packet Core
Evolved Packet Data Gateway
Evolved Packet System
Encapsulating Security Payload
Fully Qualified Domain Name
Generic Authentication Architecture
Generic Bootstrapping Architecture
Home-ANDSF
High Rate Packet Data
HRPD Serving Gateway
Institute of Electrical and Electronics Engineers
Internet Key Exchange version 2
IP Mobility Mode Selection
Interworking – WLAN
Management Object
Network Access Identifier
Network Access Provider
Network based mobility management
Network Service Provider
Open Mobile Alliance
Protocol Configuration Options
PDN Gateway
Protocol Data Unit
Serving Gateway
User Equipment
Universal Integrated Circuit Card
Visited-ANDSF
3GPP
Release 9
W-APN
WiMAX
WLAN
WMF
12
3GPP TS 24.302 V9.4.0 (2010-09)
WLAN APN
Worldwide Interoperability for Microwave Access
Wireless Local Area Network
WiMAX Forum
4
General
4.1
Trusted and untrusted accesses
The HPLMN operator of the EPC selects whether a connected non-3GPP IP access network is a trusted or untrusted IP
access network.
For a trusted non-3GPP IP access network the communication between the UE and the EPC is secure. For an untrusted
non-3GPP IP access network the communication between the UE and the EPC is not trusted to be secure.
For a trusted non-3GPP IP access network, all communication between the access network and the EPC is transferred
over pre-established secure links. For an untrusted non-3GPP IP access network an IPSec tunnel needs to be established
on a per access basis, if required, to secure communication between the UE and the EPC.
cdma2000® HRPD Access System
4.2
The cdma2000® HRPD system is a wireless mobile system developed under the auspices of 3GPP2. The cdma2000®
HRPD system and its access network subsystem is compliant with 3GPP2 X.S0057 [20] and 3GPP2 C.S0087 [21],
which define the core network and air interface aspects, respectively.
4.3
WiMAX Access System
The WiMAX system is a wireless mobile broadband system developed under the auspices of the WMF and the IEEE.
The WiMAX system and its access network subsystem are compliant with WiMAX Forum Network Architecture
Release 1.0 version 1.2 – Stage 2 [24]. The protocol architecture and signalling of the WiMAX system is specified in
WiMAX Forum Network Architecture Release 1.0 version 1.2 – Stage 3 [25] which supports the air interface defined in
WiMAX Forum Mobile System Profile Release 1.0 Approved Specification Revision 1.4.0 [26] specifying selected
profiles of IEEE Std 802.16e-2005 and IEEE Std 802.16-2004/Cor1-2005 [27] that are to be supported. The WiMAX
access system correspond to the WiMAX Access Service Network (ASN) and to relevant interfaces, as defined in
WiMAX Forum Network Architecture Release 1.0 version 1.2 – Stage 3 [25].
4.4
Identities
4.4.1
User identities
The user identification shall be either the root NAI, or the decorated NAI as defined in 3GPP TS 23.003 [3], when the
UE accesses the EPC via non-3GPP access networks, and gets authentication, authorization and accounting services
from the EPC. For handover of an emergency session from E-UTRAN to a S2a based cdma2000® HRPD access
network, if IMSI is not available (i.e. a UE without USIM) or IMSI is unauthenticated, the IMEI shall be used for the
identification, as part of the emergency NAI as defined in 3GPP TS 23.003 [3].
User identification in non-3GPP accesses may require additional identities that are out of the scope of 3GPP.
IETF RFC 4187 [33] and 3GPP TS 23.003 [3] provide definitions for UE and user identities although they use slightly
different terms. Similar terms are also used in 3GPP TS 33.402 [15]. The following list provides term equivalencies and
describes the relation between various user identities.
-
The Root-NAI as specified in 3GPP TS 23.003 [3] is to be used as the permanent identity as specified in
3GPP TS 33.402 [15].
-
The Fast-Reauthentication NAI as specified in 3GPP TS 23.003 [3] is to be used as the Fast-Reauthentication
Identity or the re-authentication ID as specified in 3GPP TS 33.402 [15].
3GPP
Release 9
-
13
3GPP TS 24.302 V9.4.0 (2010-09)
The Pseudonym Identity as specified in 3GPP TS 23.003 [3] is to be used as the Pseudonym as specified in
3GPP TS 33.402 [15].
4.4.2
Identification of IP Services/PDN connections
For access to EPC the Access Point Name (APN) is used for identifying IP services/PDN connections. The detailed
definition of APN as used for access to EPC is specified in 3GPP TS 23.003 [3]. APN is used in the IKEv2 signaling
during tunnel establishment and tunnel modification.
4.4.3 FQDN for ePDG Selection
An ePDG Fully Qualified Domain Name (ePDG FQDN) is constructed by UE and used as input to the DNS mechanism
for ePDG selection.
The detailed format of this ePDG FQDN is specified in 3GPP TS 23.003 [3].
4.4.4
Access Network Identity
For access to EPC through a trusted non-3GPP access network via S2a the UE has to use the Access Network Identity
(ANID) in the key derivation (see 3GPP TS 33.402 [15]). The handling of the Access Network Identity is described in
subclause 6.4.2.4 and the generic format and specific values for the Access Network Identity are defined in
subclause 8.1.1.
5
Network Discovery and Selection
5.1
Access network discovery and selection procedures
5.1.1
General
If PLMN selection specified in 3GPP TS 23.122 [4] and in 3GPP TS 24.234 [9] is applicable (e.g., at switch on,
recovery from lack of coverage, or user selection of applicable access technology), the PLMN selection to select the
highest priority PLMN according to these specifications is performed before any access network discovery and
selection procedures based on ANDSF rules are performed in the selected PLMN.
In the access network discovery procedure the UE may get from the ANDSF information on available access networks
in its vicinity. The UE may obtain this information by querying the ANDSF, and may use this information when
determining the presence of operator preferred access networks. Determination of the presence of access networks
requires using radio access specific procedures, which are not further described here.
The UE can first select an access network and then determine the presence of this access network, or first determine the
presence of several access networks and then select between them. If a higher priority access network has been found
connected to the same PLMN or a higher priority PLMN, the UE will then attempt to attach via that network.
5.1.2
5.1.2.1
Access network discovery procedure
Triggering the discovery of operator preferred access networks with the
ANDSF
The UE may initiate communications with the ANDSF for operator preferred access network discovery:
-
when conditions set up within the policies available in the UE are met; or
-
when a user requests for manual selection.
NOTE 1: The minimum allowed time interval between two consecutive UE initiated requests towards the ANDSF
can be set by operator policies.
3GPP
Release 9
14
3GPP TS 24.302 V9.4.0 (2010-09)
NOTE 2: The UE changing of access networks can override the minimum allowed time interval setting.
5.1.2.2
Discovering availability of access networks
The UE may apply the techniques specific to the non-3GPP access technologies to discover available non-3GPP access
networks. Such techniques will not be further described here.
In addition, the UE may signal to the ANDSF to obtain information on operator preferred access networks. The
discovery of the ANDSF by the UE, the connection to the ANDSF by the UE and the signalling between the UE and the
ANDSF are given in subclause 6.8.
5.1.3
5.1.3.1
Access network selection procedure
General
The access network selection may be classified as inter-technology or intra-technology.
The UE can use information received from ANDSF for inter-technology access network selection; other mechanisms
for inter-technology access network selection are out of scope of this specification.
5.1.3.2
Specific intra-technology access network selection
In this release of the specification the use of the following specific intra-technology access network selection
procedures is specified.
5.1.3.2.1
cdma2000® HRPD access network selection
The access network selection process for cdma2000® HRPD access networks shall follow 3GPP2 X.S0057 [20].
5.1.3.2.2
WiMAX NAP selection
The access network selection process for WiMAX which encompasses the NAP discovery and access, shall follow the
WiMAX Forum Network Architecture Release 1.0 version 1.2 – Stage 3 [25].
5.2
EPC network selection
5.2.1
General
The following EPC network selection procedures are defined:
1) WiMAX specific;
2) EPC network selection via cdma2000® HRPD access is given in 3GPP TS 23.122 [4] with any exceptions
detailed in subclause 5.3.4.
3) EPC network selection via WLAN access shall follow the procedures defined for PLMN selection given in
subclause 5.2 of 3GPP TS 24.234 [9] with the exception of the tunnel set up procedure. When the UE is
connected to EPC through WLAN access, the tunnel is set-up with the ePDG (as described in clause 7 of this
document) or with the HA (as described in 3GPP TS 24.303 [11]); and
4) Generic EPC network selection for other access technologies not listed above.
The UE can utilize information received from ANDSF to which EPCs an access network is connected as described in
3GPP TS 24.312 [13]. Additionally, any technology specific means can be employed to acquire such information, but
these are out of scope of this specification.
NOTE: There are no specific EPC network selection procedures specified for emergency access in this version of
the specification.
3GPP
Release 9
5.2.2
5.2.2.1
15
3GPP TS 24.302 V9.4.0 (2010-09)
Generic EPC network selection procedure
Identification of the EPC
The identification of EPC shall be based on one of the following:
-
PLMN-Id (i.e. pair of MCC+MNC), as specified in 3GPP TS 23.003 [3]; or
-
Home/Visited Network Realm/Domain, as specified in 3GPP TS 23.003 [3].
5.2.2.2
5.2.2.2.1
Selection at switch-on or recovery from lack of coverage
UE selection modes
Two modes of EPC network selection are defined, manual and automatic.
At switch-on or following recovery from lack of coverage, the UE shall select the EPC network according to the
selected operating mode.
5.2.2.2.2
Manual EPC network selection
The UE shall present the list of available EPC networks, to which connectivity is provided through the selected non3GPP access network, to the user. If UE’s HPLMN or PLMNs equivalent to it are in this list, they shall be shown in the
highest ranking order. The ordering of the rest of entries in the list is implementation dependent. If available, the UE
should display names and/or realms/domains.
If multiple equivalent HPLMNs are available, then the display order among them is UE implementation specific.
5.2.2.2.3
Automatic EPC network selection
The UE may use locally stored data for selecting between EPC networks available for connectivity via the currently
selected non-3GPP access network.
If UE’s HPLMN or a PLMN equivalent to it is connected through the selected non-3GPP access network, one of them
shall be selected.
If multiple equivalent PLMNs are available, then the choice among them is UE implementation specific.
Additional criteria are out of scope of this specification and remain implementation specific.
5.2.3
5.2.3.1
5.2.3.1.1
Access technology specific EPC network selection procedures
EPC network selection procedures for WiMAX
Identification of the EPC by the WiMAX access network
With WiMAX as a non-3GPP access network, the WiMAX NSP is mapped onto the EPC network operator. The NSP
indication can be provided to the UE in accordance to WiMAX Forum Network Architecture Release 1.0
version 1.2 [25]. The WiMAX access network should advertise the NSP identity of the EPC in the MCC, MNC format.
5.2.3.1.2
5.2.3.1.2.1
Selection at switch-on or recovery from lack of coverage
UE selection modes
There are two modes of network selection, namely, manual network selection and automatic network selection.
At switch-on or following recovery from lack of coverage, the UE shall follow one of the following two procedures
depending on its operating mode.
3GPP
Release 9
5.2.3.1.2.2
16
3GPP TS 24.302 V9.4.0 (2010-09)
Manual EPC network selection
The manual network selection for WiMAX access shall follow the WiMAX Forum Network Architecture Release 1.0
version 1.2 – Stage 3 [25] with the following exceptions and additions:
-
When presenting the list of available networks for user selection, the UE shall provide the network name of the
related MCC + MNC pair. If that is not possible, the UE shall provide the MCC + MNC pair; and
-
If the UE is unable to register to the user selected NSP, further UE action is implementation dependent.
5.2.3.1.2.3
Automatic EPC network selection)
The automatic network selection for WiMAX access shall follow the WiMAX Forum Network Architecture Release 1.0
version 1.2 – Stage 3 [25] without any exceptions or additions.
5.3
Access Network reselection
5.3.1
General
The network reselection procedure shall be executed based on the user's request or the operator's policy. Such operator
policy for supporting network reselection can be provided by the ANDSF or can be pre-provisioned in the UE.
5.3.2
UE procedures
The UE may retrieve information from ANDSF, which includes available access network and operator's policy as
specified in subclause 6.8.2.
The information which is retrieved from the ANDSF shall not impact the PLMN selection and reselection procedures
specified in 3GPP TS 23.122 [4] and in 3GPP TS 24.234 [9].
The network reselection procedure can be in automatic mode or manual mode dependent on UE configuration settings.
For WiMAX access, the manual mode reselection shall follow the behaviour described in subclause 5.2.3.1.2.2 and the
automatic mode reselection shall follow the behaviour described in subclause 5.2.3.1.2.3.
5.3.3
EPC procedures
The ANDSF shall send available access network(s) and operator's policy to the UE in response to the UE’s request or
based on the network triggers as specified in subclause 6.8.2.
5.3.4
Periodic EPC network reselection attempts
In automatic mode, when UE is not in its HPLMN or one of its equivalent HPLMNs, the UE shall make a periodic
attempt to return to its HPLMN or one of its equivalent HPLMNs. For this purpose the timer value given in the
EFHPPLMN as defined in 3GPP TS 31.102 [45] shall be used with the following exceptions:-
For UE accessing the EPC via cdma2000® HRPD access networks, the UE's search for a more preferred system
shall abide by the parameters and procedures defined in 3GPP2 C.S0016 [23a].
-
For UE accessing the EPC via WiMAX access networks, the time period between periodic network searches is
implementation specific.
-
For UE accessing the EPC via any other non-3GPP access networks, unless the UE has availability to EFHPPLMN,
the time period between periodic network searches is implementation specific but shall not be less than 30
minutes.
3GPP
Release 9
17
6
UE – EPC Network protocols
6.1
General
6.2
Trusted and Untrusted Accesses
6.2.1
General
3GPP TS 24.302 V9.4.0 (2010-09)
For a UE, the trust relationship of a non-3GPP IP access network is determined by the home PLMN operator. That trust
relationship is indicated to the UE via the following methods:
-
Pre-configured policies in the UE by the home PLMN operator.
-
Dynamic indication during 3GPP-based access authentication.
For a trusted non-3GPP IP access network, the UE shall follow the access methods given in subclause 6.4. For an
untrusted non-3GPP IP access network, the UE shall follow the access methods given in subclause 6.5.
If the dynamic trust relationship indication is received during 3GPP-based access authentication, the UE shall rely on
the dynamic trust relationship indication. Otherwise the UE shall follow the pre-configured policies for a specific non3GPP access network. If no dynamic indicator is received, and no pre-configured policy matches a specific non-3GPP
access network where the UE attempts to access, the UE shall follow the procedure defined in subclause 6.2.4.
6.2.2
Pre-configured policies in the UE
The following types of policies can be pre-configured on the UE by the home PLMN operator:
-
Pre-configured trust relationship policies for specific non-3GPP access technologies and/or PLMNs. For
example, the UE may be configured to use the procedures for trusted access networks as described in
subclause 6.4 as follows:
-
an access network of access technology X1 from PLMN Y1 is trusted; and/or
-
any access network of access technology X2 is trusted; and/or
-
any access network from PLMN Y2 is trusted; and/or
-
any access network is trusted.
The format of the pre-configured policies is not specified in this release of this specification.
6.2.3
Dynamic Indication
If the UE performs 3GPP-based access authentication, the 3GPP AAA server may send a trust relationship indicator of
the non-3GPP access network to the UE during the EAP-AKA or EAP-AKA' based access authentication (i.e. EAPAKA, EAP-AKA') as specified in 3GPP TS 33.402 [15]. The indicator is sent using a AT_TRUST_IND attribute, by
extending the EAP-AKA (and EAP-AKA') protocol as specified in subclause 8.2 of IETF RFC 4187 [33]. This attribute
is provided in EAP-Request/AKA-Challenge or EAP- Request/AKA'-Challenge message payload respectively. The
detailed coding of this attribute is described in subclause 8.2.3.1.
6.2.4
No trust relationship information
If no dynamic indicator is received, and no pre-configured policies matches a specific non-3GPP access network where
the UE attempts to access, the UE shall consider it as untrusted network and operate based on subclause 6.5.
3GPP
Release 9
18
6.3
IP Mobility Mode Selection
6.3.1
General
3GPP TS 24.302 V9.4.0 (2010-09)
The IP mobility mechanisms supported between 3GPP and non-3GPP accesses within an operator and its roaming
partner's network may be based on either:
a) Static Configuration; or
b) Dynamic Configuration.
The choice between a) and b) depends upon operators' preferences or roaming agreement or both.
6.3.2
Static configuration of inter-access mobility mechanism
For networks deploying a single IP mobility management mechanism, the statically configured mobility mechanism can
be access type or roaming agreement specific or both. The information about the mechanism to be used in such scenario
is expected to be provisioned into the terminal and the network.
In static configuration, if there is a mismatch between the IP mobility mode mechanism parameters pre-configured in
the network and in the UE, the UE may not be able to access the EPC. If the UE is able to access the EPC even if there
is a mismatch between the IP mobility mode mechanisms, the network may not be able to provide session continuity for
the UE. More details of the possible cases of mismatch between the IP mobility mode mechanism are described in the
informative annex D.
If the network is configured with a static mobility mechanism and the AAA server implements protocol extensions for a
dynamic IP Mobility Mode Selection (IPMS) exchange, the AAA server shall send to the UE an AT_RESULT_IND
attribute during the authentication procedure as it is described in subclause 6.3.3.1.2.
6.3.3
6.3.3.0
Dynamic configuration of inter-access mobility mechanism
General
Dynamic IP Mobility Mode Selection (IPMS) consists of:
-
IP mobility management protocol selection between Network Based Mobility (NBM), DSMIPv6 or MIPv4; and
-
Decision on IP address preservation if NBM is selected
Upon initial attachment to a non-3GPP access and upon handoff to non-3GPP accesses, the UE performs IPMS by
providing an indication during network access authentication for EPC. For trusted access, the indication is provided
before an IP address is allocated to the UE, while in untrusted access network, the indication is provided during IKEv2
signalling for IPSec tunnel establishment with the ePDG.
When the UE provides an explicit indication for IPMS, then the network shall provide the indication to the UE
identifying the selected mobility management mechanism.
When the dynamic IP mobility mode selection is used if the UE does not receive any indication of a selected mobility
protocol after the UE provided an explicit indication, it is considered as an abnormal case and the UE may not get
connectivity to the EPC.
NOTE:
6.3.3.1
6.3.3.1.1
The scenarios for mobility mode selection are described in subclause 4.1.3 of 3GPP TS 23.402 [6].
IPMS indication
IPMS indication from UE to 3GPP AAA server
During network access authentication, UE may provide an explicit indication to the 3GPP AAA server about the
supported mobility protocol by using an attribute in the EAP-AKA and EAP-AKA' protocols, to extend these protocols
as specified in subclause 8.2 of IETF RFC 4187 [33]. This attribute is provided in EAP-Response/AKA-Challenge and
corresponding EAP-AKA' message payload.
3GPP
Release 9
19
3GPP TS 24.302 V9.4.0 (2010-09)
The UE may provide the indication for IPMS using AT_IPMS_IND attribute in EAP-AKA or EAP-AKA' if the UE
receives the AT_RESULT_IND attribute within the EAP-Request/AKA-Challenge message, or the EAPRequest'/AKA-Challenge' message when EAP-AKA' is used, received from the 3GPP AAA server. If the UE provides
the AT_IPMS_IND attribute within the EAP-Response/AKA-Challenge message payload, or the EAP-Response'/AKAChallenge' message payload when EAP-AKA' is used, the UE shall also provide the AT_RESULT_IND attribute within
the message.
If the UE supports IPMS indication, it shall indicate support for one or more mobility protocols in AT_IPMS_IND
attribute as follows:
-
the UE shall indicate support for DSMIPv6 if the UE supports DSMIPv6; and
-
the UE shall indicate support for MIPv4 if the UE supports MIPv4; and
-
during initial attach, the UE should indicate support for NBM if the UE supports address preservation based on
NBM between the access it is attaching to and all other accesses that the UE supports.; or
-
upon handover, the UE shall indicate support for NBM if the UE supports address preservation based on NBM
while moving from source access network to target non-3GPP access network that the UE is attaching to.
If the UE does not support any mobility protocol then the UE shall not send the AT_IPMS_IND attribute to the 3GPP
AAA server.
The preference of protocol may be indicated based on the policies configured on the UE. The detailed coding of this
attribute is described in subclause 8.2.1.1.
6.3.3.1.2
IPMS indication from 3GPP AAA server to UE
A 3GPP AAA server supporting IPMS shall include the AT_RESULT_IND attribute within the EAP-Request/AKAChallenge and corresponding EAP-AKA' message payload.
If the UE provided an explicit indication as described in subclause 6.3.3, the 3GPP AAA server shall inform the UE of
its decision on the mobility protocol and IP preservation mode by invoking an EAP-Request/AKA-Notification
dialogue when EAP-AKA is used or an EAP-Request'/AKA-Notification' dialogue when EAP-AKA' is used.
On selecting the mobility protocol based on UE indication, access network capabilities and network policies, the 3GPP
AAA server shall indicate the selected protocol to the UE by using the AT_IPMS_RES attribute. If the 3GPP AAA
server does not receive any indication from the UE but knows the UE's policies allow the usage of NBM and knows the
home and access network supports NBM, the network shall use NBM shall be used for providing connectivity to the
UE.
If the AT_IPMS_RES attribute indicates DSMIPv6 then the UE shall follow the procedures defined in
3GPP TS 24.303 [11].
If the AT_IPMS_RES attribute indicates MIPv4 support, then the UE shall follow the procedures defined in
3GPP TS 24.304 [12].
The detailed coding of this attribute is described in subclause 8.2.1.2.
6.4
Authentication and authorization for accessing EPC via a
trusted non-3GPP access network
6.4.1
General
For access to the EPC via a trusted non-3GPP access network, a connection shall be established between the UE and the
trusted non-3GPP access network using signalling procedures specific to the trusted non-3GPP access network, which
are out of scope of this present document.
Access authentication signalling for access to the EPC shall be executed between the UE and 3GPP AAA server to
ensure mutual authentication of the user and the EPC, with the exception of UEs without IMSI (see subclauses 4.4.1
and 6.6.3.2). Such authentication is based on IETF protocols as specified in 3GPP TS 33.402 [15].
3GPP
Release 9
20
3GPP TS 24.302 V9.4.0 (2010-09)
EAP-AKA' is used for access authentication in the trusted access network, according to 3GPP TS 33.402 [15],
subclause 6.2. According to 3GPP TS 33.402 [15], subclause 6.1, EAP-AKA' can be skipped if conditions listed in
subclause 9.2.2.1 of 3GPP TS 33.402 [15] are met.
If the access network does not support EAP-AKA or EAP-AKA' and the UE considers the access network as trusted,
the UE shall access to the EPC only via S2c and any authentication method (EAP-based or otherwise) can be used for
access authentication as long as the criteria set in 3GPP TS 33.402 [15], subclause 9.2.2.1 are met.
During S2c bootstrapping EAP-AKA authentication is performed between the UE and the PDN-GW as specified in
3GPP TS 24.303 [11] and 3GPP TS 33.402 [15].
6.4.2
6.4.2.1
UE procedures
Identity Management
The user identities to be used by the UE in the authentication and authorization for accessing EPC via a trusted non3GPP access are the Root-NAI (permanent identity), Fast-Reauthentication NAI (Fast-Reauthentication Identity) and
Pseudonym Identity and these identities are described in subclause 4.4.
6.4.2.2
EAP-AKA and EAP-AKA' based Authentication
The UE shall support EAP-AKA based authentication as specified in IETF RFC 4187 [33] and EAP-AKA' based
authentication as specified in IETF RFC 5448 [38]. 3GPP TS 33.402 [15] specifies the conditions under which one or
the other of these two methods is used.
During network access authentication, the UE may provide an explicit indication for IPMS by adding an attribute in the
EAP-AKA or EAP-AKA' payload as defined in subclause 6.3.3.
During network access authentication, the 3GPP AAA server may provide the ANID to the UE, see subclause 6.4.2.4.
6.4.2.3
Full Authentication and Fast Re-authentication
The UE shall support both full authentication and fast re-authentication for EAP AKA as specified in
IETF RFC 4187 [33] and for EAP-AKA' as specified in IETF RFC 5448 [38].
Full authentication is performed to generate new keys. The initial authentication shall be a full authentication as
specified in 3GPP TS 33.402 [15]. For a full authentication either the Permanent Identity or the Pseudonym Identity is
used.
According to 3GPP TS 33.402 [15] the fast re-authentication procedure uses the Fast Re-authentication Identity and is
used for renewing the session keys.
The Permanent Identity is based on the IMSI of the UE. The Fast Re-authentication Identity is provided to the UE by
the 3GPP AAA server during the previous authentication procedure. The UE shall use the Fast Re-authentication
Identity only once. A Pseudonym Identity provided to the UE by the 3GPP AAA Server during a previous
authentication procedure can be reused in later authentications until the UE receives a new Pseudonym identity from the
3GPP AAA Server.
NOTE:
The 3GPP AAA Server will assign a new Pseudonym Identity with a frequency dictated by operator's
policy. The allocation of new pseudonyms is required to prevent that the user's movements are tracked by
an unauthorized party.
If during an authentication request, the UE receives an EAP-Request/AKA-Identity message containing
AT_PERMANENT_ID_REQ, the UE shall return the Permanent Identity in the AT_IDENTITY attribute of the EAPResponse/AKA_Identity. If the UE receives an EAP-Request/AKA'-Identity message containing
AT_PERMANENT_ID_REQ, the UE shall return the Permanent Identity in the AT_IDENTITY attribute of the EAPResponse /AKA'-Identity message.
If during an authentication request, the UE receives an EAP-Request/AKA-Identity message which contains
AT_FULLAUTH_ID_REQ, the UE shall return the Pseudonym Identity as the AT_IDENTITY within EAPResponse/AKA_Identity message if available. If the UE receives an EAP-Request/AKA'-Identity message containing
3GPP
Release 9
21
3GPP TS 24.302 V9.4.0 (2010-09)
AT_FULLAUTH_ID_REQ, the UE shall return the Pseudonym Identity as the AT_IDENTITY within the EAPResponse /AKA'-Identity message if available. Otherwise the UE shall return the Permanent Identity.
If during an authentication request, the UE receives an EAP-Request/AKA-Identity message or EAP-Request/AKA'Identity message respectively, which contains AT_ANY_ID_REQ, the UE shall return the Fast Re-authentication
Identity if available as the AT_IDENTITY. Otherwise the UE shall return the Pseudonym Identity.
6.4.2.4
6.4.2.4.1
Handling of the Access Network Identity
General
The 3GPP AAA server provides the UE with the ANID in EAP signalling. The UE can also obtain the ANID by access
network specific means, which are out of scope of the present document. For some access networks the ANID can also
be configured into the UE and the 3GPP AAA server.
NOTE:
6.4.2.4.2
According to 3GPP TS 33.402 [15], the ANID is used by HSS and UE to generate transformed
authentication vectors and therefore the ANID needs to be identical in the HSS and in the UE. The trusted
non-3GPP access network first sends the ANID to the 3GPP AAA server via the STa reference point and
the 3GPP AAA server sends the ANID to HSS via the SWx reference point, see 3GPP TS 29.273 [17],
and to the UE as specified in this specification.
ANID indication from 3GPP AAA server to UE
When the 3GPP AAA server sends an EAP Request' or AKA-Challenge' message to the UE, the 3GPP AAA server
shall include the ANID to be used when generating transformed authentication vectors, using the AT_KDF_INPUT
attribute as described in subclause 8.2.2. The value and coding of this attribute is described in subclause 8.1.1.
6.4.2.4.3
UE check of ANID for HRPD CDMA 2000® access networks
The UE shall apply the rules for comparison of the locally determined ANID and the one received over EAP-AKA' as
specified in IETF RFC 5448 [38]. The UE, or the user, may use the ANID as a basis for an optional decision whether
the access network is authorized to serve the UE. E.g. the UE may compare the ANID against a list of preferred or
barred ANIDs.
When the UE can locally determine based on physical layer or access network procedures that the UE is connected to a
eHRPD network, the locally determined ANID is "HRPD". If the comparison check is successful and if either the
optional access network authorization decision in the UE is positive or is not performed, the UE shall proceed;
otherwise the UE shall abort the access procedure.
6.4.2.4.4
UE check of ANID for WiMAX access networks
The UE shall apply the rules for comparison of the locally determined ANID and the one received over EAP-AKA' as
specified in IETF RFC 5448 [38]. The UE, or the user, may use the ANID as a basis for an optional decision whether
the access network is authorized to serve the UE. E.g. the UE may compare the ANID against a list of preferred or
barred ANIDs.
When the UE can locally determine based on physical layer or access network procedures that the UE is connected to a
WiMAX access network, the locally determined ANID is "WIMAX". If the comparison check is successful and if either
the optional access network authorization decision in the UE is positive or is not performed, the UE shall proceed;
otherwise the UE shall abort the access procedure.
6.4.2.4.5
UE check of ANID for WLAN access networks
The UE shall apply the rules for comparison of the locally determined ANID and the one received over EAP-AKA' as
specified in IETF RFC 5448 [38]. The UE, or the user, may use the ANID as a basis for an optional decision whether
the access network is authorized to serve the UE. E.g. the UE may compare the ANID against a list of preferred or
barred ANIDs.
When the UE can locally determine based on physical layer or access network procedures that the UE is connected to a
WLAN network, the locally determined ANID is "WLAN". If the comparison check is successful and if either the
3GPP
Release 9
22
3GPP TS 24.302 V9.4.0 (2010-09)
optional access network authorization decision in the UE is positive or is not performed, the UE shall proceed;
otherwise the UE shall abort the access procedure.
6.4.2.4.6
UE check of ANID for ETHERNET access networks
The UE shall apply the rules for comparison of the locally determined ANID and the one received over EAP-AKA' as
specified in IETF RFC 5448 [38]. The UE, or the user, may use the ANID as a basis for an optional decision whether
the access network is authorized to serve the UE. E.g. the UE may compare the ANID against a list of preferred or
barred ANIDs.
When the UE can locally determine based on physical layer or access network procedures that the UE is connected to a
Ethernet network, the locally determined ANID is "ETHERNET". If the comparison check is successful and if either
the optional access network authorization decision in the UE is positive or is not performed, the UE shall proceed;
otherwise the UE shall abort the access procedure.
6.4.3
6.4.3.1
3GPP AAA server procedures
Identity Management
The 3GPP AAA selects the pseudonym identity or the Fast Re-authentication Identity and returns the identity to the UE
during the Authentication procedure as specified in 3GPP TS 33.402 [15]. The 3GPP AAA server shall maintain a
mapping between the UE's permanent identity and the pseudonym identity and between the UE's permanent identity and
the Fast Re-authentication Identity.
6.4.3.2
EAP-AKA and EAP-AKA' based Authentication
The 3GPP AAA server shall support EAP AKA based authentication as specified in IETF RFC 4187 [33] and EAPAKA' based authentication as specified in IETF RFC 5448 [38]. 3GPP TS 33.402 [15] specifies the conditions under
which one or the other of these two methods is used. If the UE provides an explicit indication for the supported mobility
protocols and the network supports multiple IP mobility mechanisms, the network shall select the protocol to be used
and communicate the decision to the UE as defined in subclause 6.3.3.1.2.
6.4.3.3
Full authentication and Fast Re-authentication
The 3GPP AAA shall support full re-authentication and fast re-authentication as specified in IETF RFC 4187 [33].
The decision to use the fast re-authentication process is taken by the home network (i.e. the 3GPP AAA server) and is
based on operator policies. If fast re-authentication is to be used, the home network shall indicate this to the UE by
providing the Fast Re-authentication Identity to the UE during the authentication process.
When initiating an authentication, the home network shall indicate the type of authentication required by including
either AT_PERMANENT_ID_REQ or AT_FULLAUTH_ID_REQ for Full authentication and AT_ANY_ID_REQ for
Fast re-authentication in the EAP-Request/AKA_Identity message or the EAP-Request/AKA'-Identity message
respectively.
The home network (i.e. the 3GPP AAA server) may upon receiving the Fast Re-authentication Identity in
AT_IDENTITY, decide to proceed with the fast re-authentication or choose instead to initiate a full authentication. This
decision is based on operator policies.
6.4.4
Multiple PDN support for trusted non-3GPP access
Connectivity to multiple PDNs via trusted non-3GPP access is supported in the EPS when the network policies, the
non-3GPP access and user subscription allow it. If the UE supports dynamic mobility management selection the UE
shall use the same mobility protocol when multiple connections are established, see 3GPP TS 23.402 [6].
When using the S2a interface to establish connections to additional PDNs the UE shall send a trigger for additional
PDN connectivity specific to the non-3GPP access. The UE shall include an APN in this trigger to connect to the
desired PDN. The UE shall also indicate the Attach Type to the trusted non-3GPP access during additional PDN
connectivity. The Attach Type shall distinguish between Initial Attach and Handover Attach.
3GPP
Release 9
23
3GPP TS 24.302 V9.4.0 (2010-09)
NOTE 1: The indication about Attach Type is non-3GPP access network specific and its coding is out of scope of
this specification.
NOTE 2: The trigger for additional PDN connectivity is non-3GPP access network specific and its coding is out of
scope of this specification.
When using the S2c interface, the UE shall follow the procedures described in 3GPP TS 24.303 [11] to connect to
multiple PDNs.
If the UE is handing over from a source access network to a target non-3GPP access using PMIP-based S2a and the UE
has more than one PDN connection to a given APN in the source access network, and if multiple PDN connections to a
single APN are not supported over the target trusted non-3GPP access network, only one PDN connection to the given
APN shall be established in the target non-3GPP access as specified in 3GPP TS 23.402 [6]. If multiple PDN
connection requests to the same APN are received but the target trusted non-3GPP access network does not support
multiple PDN connections to the same APN, the network shall reject the additional PDN connection requests to the
same APN received from the UE when one PDN connection to the same APN has already been established. The UE
shall determine which PDN connection is re-established in the non-3GPP access based on the home address information
(i.e. IPv4 address or IPv6 prefix or both) provided by the network.
NOTE 3: The protocol details of the PDN connection reject procedure is non-3GPP access network specific and its
coding is outside the scope of this specification.
NOTE 4: When UE supporting IP address preservation for NBM with multiple PDN connections to the same APN
hands over to the non-3GPP access network, the UE can, as an implementation option, prioritise the reestablishment for a particular PDN connection before re-establishing the remaining PDN connections.
The way a UE prioritizes a particular PDN connection is non-3GPP access network specific and its
coding is out of scope of this specification. Another implementation option can be to send multiple reestablishment requests concurrently.
NOTE 5: Any unsuccessful re-establishment of any of the multiple PDN connections to the same APN can be
managed in an implementation specific manner avoiding UE making repeated re-establishment attempts
to the network.
6.5
Authentication and authorization for accessing EPC via an
untrusted non-3GPP access network
6.5.1
General
In order to attach to the evolved packet core network (EPC) via untrusted non-3GPP IP access, the UE first needs to be
configured with a local IP address from the untrusted non-3GPP access network.
During the attach to the untrusted non-3GPP access, the operator of the non-3GPP access network may optionally
require toperform a 3GPP based access authentication as specified in 3GPP TS 33.402 [15].
Once the UE is configured with a local IP address, the UE shall select the Evolved Packet Data Gateway (ePDG) as
described in subclause 7.2.1 and shall initiate the IPsec tunnel establishment procedure as described in subclause 7.2.2.
During these steps authentication and authorization for access to EPC shall be performed.
6.5.2
6.5.2.1
Full authentication and authorization
General
During the establishment of the IPSec tunnel between the UE and the ePDG, 3GPP based authentication signalling for
untrusted non-3GPP access to the EPC shall be exchanged between the UE and the 3GPP AAA server in the EPC to
ensure mutual authentication of the user and the EPC.
Authorization of EPC access shall be performed by the 3GPP AAA server upon successful user authentication.
3GPP
Release 9
24
3GPP TS 24.302 V9.4.0 (2010-09)
The access authentication signalling between the UE and the 3GPP AAA server shall be based on EAP-AKA as
specified in IETF RFC 4187 [33] and is further detailed in 3GPP TS 33.402 [15], 3GPP TS 29.273 [17] and procedural
descriptions in subclauses 7.2.2 and 7.4.4.
6.5.2.2
UE procedures
When accessing the EPC via the ePDG, the UE shall exchange EAP-AKA signalling with the 3GPP AAA server as
specified in 3GPP TS 33.402 [15].
NOTE:
6.5.2.3
the EAP payload exchanged between UE and 3GPP AAA server is transported within the IKEv2
messages exchanged with ePDG as described in subclause 7.2.2.
3GPP AAA server procedures
During the authentication of the UE for accessing the EPC via the ePDG, the 3GPP AAA server shall initiate EAPAKA based authentication with the UE as specified in 3GPP TS 33.402 [15].
6.5.3
Multiple PDN support for untrusted non-3GPP access network
Connectivity to multiple PDNs via untrusted non-3GPP access is supported in the EPS when the network policies, the
non-3GPP access and the user subscription allow it. If the UE supports dynamic mobility management selection the UE
shall use the same mobility protocol when multiple connections are established, see 3GPP TS 23.402 [6].
When using the S2b interface to establish additional PDN connections, the UE shall establish an IPSec tunnel with the
same ePDG for each PDN connection. For each tunnel establishment procedure, the UE shall indicate to the ePDG an
APN to the desired PDN and an attach type indication as specified in subclause 7.2.2.
When using the S2c interface, the UE shall follow the procedures described in 3GPP TS 24.303 [11] when establishing
multiple PDN connections. For multiple PDN connections over the S2c interface, the UE shall establish only one IPsec
tunnel to the ePDG.
If the UE had more than one PDN connection to a given APN in the source access network and the UE is performing a
handover to a target untrusted non-3GPP access network via an ePDG that supports the PMIP-based S2b interface, and
if multiple PDN connections to a single APN are not supported over the target untrusted non-3GPP access network,
only one PDN connection to that given APN shall be established in the target non-3GPP access network as specified in
3GPP TS 23.402 [6] if NBM is used. The UE, if supporting IP address preservation for NBM, shall include the home
address information during the tunnel establishment procedure as specified in subclause 7.2.2. If multiple PDN
connection requests to the same APN are received but the network does not support multiple PDN connections to the
same APN, the ePDG shall reject the additional PDN connection requests to the same APN received from the UE as
described in subclause 7.4.1, in the following circumstances:
-
when one PDN connection to the same APN has already been established;
-
only after the network has successfully established one PDN connection in the case that the additional PDN
connections requests were received prior to the successful establishment of a single PDN connection.
In the above cases, the UE shall determine which PDN connection is re-established in the non-3GPP access based on
the home address information provided by the network.
The UE behaviour, when PDN connection re-establishment is rejected by the network during handover to the untrusted
non-3GPP access network, is described in sublause 7.2.2.
NOTE 1: When a UE supporting IP address preservation for NBM with multiple PDN connections to the same
APN hands over to the non-3GPP access network, the UE can, as an implementation option, prioritise the
re-establisment for a particular PDN connection before re-establishing the remaining PDN connections.
The UE indicates the prioritised PDN connection by including both the APN in the IDr payload and the
home address information in the Handover Attach indicator as specified in subclause 7.2.2. Another
implementation option can be to send multiple re-establishment requests concurrently.
3GPP
Release 9
25
3GPP TS 24.302 V9.4.0 (2010-09)
6.6
UE - 3GPP EPC (cdma2000® HRPD Access)
6.6.1
General
3GPP2 X.S0057 [20] defines the interworking architecture for access to the EPC via cdma2000® HRPD access
networks. In particular, 3GPP2 X.S0057 [20] describes support for a UE using the cdma2000® HRPD air interface to
access the EPC architecture defined in 3GPP TS 23.402 [6] by:
-
specifying the use of the interface across the S2a reference point between the 3GPP2 HRPD Serving Gateway
(HSGW) and the PDN Gateway (P-GW) in the EPC by referencing 3GPP TS 29.275 [18];
-
specifying the use of the interface across the S101 reference point between the eAN/PCF in the 3GPP2 HRPD
access network and the MME in the EPC by referencing 3GPP TS 29.276 [19];
-
specifying the use of the user plane interface across the S103 reference point between the EPC Serving Gateway
(S-GW) and the HSGW by referencing 3GPP TS 29.276 [19]; and
-
describing the internal functions and responsibilities of the HSGW.
3GPP2 C.S0087 [21] defines the signalling requirements and procedures for UEs accessing the EPC via 3GPP2 HRPD
access networks using the cdma2000® HRPD air interface. In particular, 3GPP2 C.S0087 [21]:
-
defines the signalling extensions to the cdma2000® HRPD air interface defined in 3GPP2 C.S0024 [22] and
3GPP2 C.S0024 [23] necessary to support interworking with the EPC and E-UTRAN; and
-
defines the UE and eAN/PCF procedures and signalling formats to support bidirectional handoff between
E-UTRAN and cdma2000® HRPD.
6.6.2
6.6.2.1
Non-emergency case
General
Subclauses 6.6.2.2 through 6.6.2.7 describe the particular requirements for access to the EPC via a cdma2000® HRPD
access network in support of non-emergency accesses and services.
6.6.2.2
UE identities
The UE and network shall use the root NAI as specified in 3GPP TS 23.003 [3] for EPC access authentication when the
UE obtains service via a cdma2000® HRPD access network connected to an EPC in the UE's HPLMN.
Additionally, the UE and network shall use the Fast-Reauthentication NAI and the Pseudonym Identity as described in
subclause 4.4.
6.6.2.3
cdma2000® HRPD access network identity
The access network identity is described in 3GPP TS 23.003 [3] and in subclause 6.4.2.4 of this specification. For a
cdma2000® HRPD network, the value and encoding of the access network identity is described in subclause 8.1.1. The
3GPP AAA server, HSS, and any visited network AAA proxy shall use the access network identity during EAP-AKA'
authentication procedures (see 3GPP TS 33.402 [15]).
6.6.2.4
PLMN system selection
The UE shall rely on information provisioned by the home operator to facilitate the PLMN system selection process
described in 3GPP TS 23.122 [4].
6.6.2.5
Trusted and untrusted accesses
The UE shall determine the trust relationship for access to the EPC via a cdma2000® HRPD access network as
described in subclause 4.1.
3GPP
Release 9
6.6.2.6
26
3GPP TS 24.302 V9.4.0 (2010-09)
IP mobility mode selection
The UE and network shall perform IP mobility mode selection as described in subclauses 6.3.3.1 and 6.4.3.2
6.6.2.7
Authentication and authorization for accessing EPC
The UE and 3GPP AAA server shall perform authentication and authorization procedures for access to the EPC as
defined in 3GPP TS 33.402 [15].
6.6.3
Emergency case
6.6.3.1
General
Subclauses 6.6.3.2 through 6.6.3.3 describe the particular requirements for access to the EPC via a cdma2000® HRPD
access network in support of an emergency session in course of handover from E-UTRAN to HRPD.
In this release of the specification no emergency session related handling other than the handover of an emergency
session from E-UTRAN to an S2a based cdma2000® HRPD access network is specified.
6.6.3.2
UE identities
When the UE obtains emergency services via a cdma2000® HRPD access network connected to an EPC in the UE's
HPLMN, then the UE and the network shall use the NAI for EPC access authentication as follows:
-
if IMSI is available and authenticated , then the UE and the network shall use the root NAI as specified in
3GPP TS 23.003 [3];
-
if IMSI is not available or unauthenticated, then the emergency NAI as specified in 3GPP TS 23.003 [3] shall be
used.
Additionally, the UE and the network shall use the Fast-Reauthentication NAI and the Pseudonym Identity as described
in subclause 4.4.1.
6.6.3.3
Authentication and authorization for accessing EPC
If IMSI is available, then the authentication and authorization procedures via STa are executed if the local regulation
and network operator option requires authenticating the UE.
If the authentication and authorization procedures fail, then it depends on local regulation and network operator option
to allow or reject the emergency services for the UE.
If IMSI is not available, the authentication and authorization procedures via STa are not executed.
6.7
UE - 3GPP EPC (WiMAX Access)
6.7.1
General
The WiMAX system and its access network subsystem are described within WiMAX Forum Network Architecture
Release 1.0 version 1.2 – Stage 2 [24]. The protocol architecture and signalling of the WiMAX system is specified in
WiMAX Forum Network Architecture Release 1.0 version 1.2 – Stage 3 [25]. This protocol architecture and signalling
supports the air interface defined in WiMAX Forum Mobile System Profile Release 1.0 Approved Specification
Revision 1.4.0 [26] which specifies selected profiles of IEEE Std 802.16e-2005 and IEEE Std 802.16-2004/Cor12005 [27].
3GPP
Release 9
6.7.2
6.7.2.1
27
3GPP TS 24.302 V9.4.0 (2010-09)
Non-emergency case
General
Subclauses 6.7.2.2 through 6.7.2.7 describe the particular requirements for access to the EPC via a WiMAX access
network in support of non-emergency accesses and services.
6.7.2.2
UE identities
The UE and network shall use the root NAI as specified in 3GPP TS 23.003 [3] for EPC access authentication when the
UE obtains service via a WiMAX access network connected to an EPC in the UE's HPLMN.
Additionally, the UE and network shall use the Fast-Reauthentication NAI and the Pseudonym Identity as described in
subclause 4.4.
6.7.2.3
WiMAX access network identity
The access network identity is described in 3GPP TS 23.003 [3] and in subclause 6.4.2.4 of this specification. For a
WiMAX network, the value and encoding of the access network identity is described in subclause 8.1.1. The 3GPP
AAA server, HSS, and any visited network AAA proxy shall use the access network identity during EAP-AKA
authentication procedures (see 3GPP TS 33.402 [15]).
6.7.2.4
Selection of the Network Service Provider
The UE shall use WIMAX-specific procedures described in WiMAX Forum Network Architecture Release 1.0 version
1.2 – Stage 3 [25] to discover and select the highest priority Network Service Provider (NSP) which is available and
allowable.
6.7.2.5
Trusted and untrusted accesses
The UE shall determine the trust relationship for access to the EPC via a WiMAX access network as described in
subclause 4.1.
6.7.2.6
IP mobility mode selection
The UE and network shall perform IP mobility mode selection as described in subclauses 6.3.3.1 and 6.4.3.2.
6.7.2.7
NOTE:
6.7.3
NOTE:
Authentication and authorization for accessing EPC
In line with 3GPP TS 33.402 [15], in this present specification, no particular security provisions are
specified for interworking between WiMAX and EPS. Any access specific security procedures for
WiMAX as a non-3GPP access network to EPC will be in accordance with
WiMAX Forum Network Architecture Release 1.0 version 1.2 – Stage 3 [25] and
WiMAX Forum Mobile System Profile Release 1.0 Approved Specification Revision 1.4.0 [26].
Emergency case
Procedures for handling emergency accesses or services are not specificed within this release of the
specification
6.8
Communication over the S14
6.8.1
General
In order to assist the UE with performing access network discovery and selection, ANDSF provides a set of information
to the UE. This information contains the access network discovery and selection information to assist the UE with
3GPP
Release 9
28
3GPP TS 24.302 V9.4.0 (2010-09)
selecting the access network or the inter-system mobility policy to control and assist the UE with performing the intersystem change or both.
This set of information can either be provisioned in the UE by the home operator, or provided to the UE by the ANDSF
over the S14 reference point via pull or push mechanisms as defined in 3GPP TS 23.402 [6] by means of the access
network discovery and selection procedures as described in subclause 6.8.2. While roaming, the UE can receive a set of
information from H-ANDSF or V-ANDSF or both.
The UE, located in the home PLMN, needs to discover the H-ANDSF by means of the discovery procedure as described
in subclause 6.8.2.2.1. The UE, located in the visited PLMN, needs to discover the H-ANDSF or V-ANDSF or both by
means of the discovery procedure as described in subclause 6.8.2.2.1.
Through push mechanisms the ANDSF can provide assistance information to the UE e.g. if the UE has previously used
pull based ANDSF procedure or if OMA-DM bootstrapping is used as described in subclause 6.8.2.2.1A. Through pull
mechanisms the UE can send a request to the ANDSF in order to get assistance information for access network
discovery and selection.
ANDSF shall comply with local, national and regional requirements regarding the privacy and confidentiality of
location information.
NOTE:
6.8.2
6.8.2.1
The regulation and legislations of the home operator of the ANDSF server determines whether the
ANDSF server can store the user's location information.
Interaction with the Access Network Discovery and Selection
Function
General
The S14 interface enables IP level communication between the UE and ANDSF. The protocols supported by the S14
interface are realized above the IP level. Both pull and push mechanisms may be supported for communication between
the UE and the ANDSF. A combination of pull and push mechanisms may also be supported. The communication
security over the S14 interface is specified in 3GPP TS 33.402 [15].
The UE, located in a home PLMN, can communicate securely with the H-ANDSF. The UE, located in a visited PLMN,
can communicate securely with H-ANDSF or V-ANDSF or both.
The information is transferred between the UE and ANDSF using OMA DM as defined in OMA-ERELD-DMV1_2 [39] with the management object as specified in 3GPP TS 24.312 [13].
6.8.2.2
6.8.2.2.1
UE procedures
UE discovering the ANDSF
The UE shall support DNS lookup by name as specified in IETF RFC 1035 [35] to discover the IP address of ANDSF.
Additionally, the UE may support DHCP query as specified in draft-das-mipshop-andsf-dhcp-options [37] to discover
the IP address of H-ANDSF.
The IP address of the H-ANDSF can be provisioned in the UE by the home operator. If not provisioned in the UE, for
the case of a UE located in a home PLMN or an equivalent HPLMN, the domain name or the IP address of the HANDSF can be discovered by the UE using a DHCP query as specified in draft-das-mipshop-andsf-dhcp-options [37].
The H-ANDSF IP address by which the UE can contact the H-ANDSF can also be obtained by the UE through a DNS
lookup by name as specified in IETF RFC 1035 [35]. The QNAME shall be set to the ANDSF-SN FQDN, as defined in
3GPP TS 23.003 [3].
The V-ANDSF IP address by which the UE can contact the V-ANDSF is obtained by the UE through a DNS lookup by
name as specified in IETF RFC 1035 [35]. The QNAME shall be set to the ANDSF-SN FQDN, as defined in
3GPP TS 23.003 [3].
When the UE is in its HPLMN or equivalent HPLMN, the UE may use either DNS lookup or DHCP query to discover
the IP address of the H-ANDSF. If the UE implements DHCP query, the following apply:
-
The preference between DNS lookup and DHCP query is UE implementation dependent; and
3GPP
Release 9
-
29
3GPP TS 24.302 V9.4.0 (2010-09)
If the UE is unable to discover the IP address of the H-ANDSF using one discovery method, the UE may try to
use the other discovery method.
When the UE is in a visited PLMN, the UE shall use DNS lookup to discover the IP address of the ANDSF.
When performing a DNS lookup resolution, the UE shall apply the following procedures:
-
For the H-ANDSF discovery, the UE shall build a Fully Qualified Domain Name (FQDN) as defined in
3GPP TS 23.003 [3] for the DNS request and select the IP address of the H-ANDSF included in the DNS
response message.
-
For the V-ANDSF discovery, the UE shall build a Fully Qualified Domain Name (FQDN) as defined in
3GPP TS 23.003 [3] for the DNS request and select the IP address of the V-ANDSF included in the DNS
response message.
When performing a DHCP query resolution, for the case of a UE located in a home PLMN or an equivalent HPLMN,
the UE shall send a DHCP message with the required DHCP option, as specified in draft-das-mipshop-andsf-dhcpoptions [37], that allows the UE to discover the IP address or the domain name of the H-ANDSF. When the DHCP
Server only provides the domain name of the H-ANDSF, the UE shall perform a DNS lookup to get the IP address of
the H-ANDSF.
6.8.2.2.1A ANDSF communication security
According to 3GPP TS 33.402 [15], for the pull model, the UE and ANDSF shall use PSK TLS with GBA based shared
key-based mutual authentication to establish a secure connection between UE and ANDSF as specified by subclause 5.4
of 3GPP TS 33.222 [44].
According to 3GPP TS 33.402 [15], for the push model, the UE and ANDSF shall use PSK TLS with GBA push based
shared key-based mutual authentication to establish a secure connection between the UE and the ANDSF as specified
by subclause 5.1 of 3GPP TS 33.223 [47].
In accordance with 3GPP TS 29.109 [43], the BSF shall provide either the UE's IMSI or IMPI to NAF, ie the ANDSF
server.
OMA-DM's application level authentication mechanism does not need to be used with ANDSF, since mutual security
association is already established on transport level using PSK-TLS as specified in 3GPP TS 33.402 [15]. According to
OMA-ERELD-DM-V1_2 [39], however, each Managed Object (MO) shall have an access control list (ACL) that lists
authorized OMA DM servers. In order to comply with OMA-ERELD-DM-V1_2 [39], the ANDSF-SN FQDN shall be
used as server name in the ACL list.
If the UE does not support the ANDSF security mechanism as specified in 3GPP TS 33.402 [15], or if the operator does
not implement the GAA bootstrap framework specified in 3GPP TS 33.220 [42], appropriate communication security
can be established with the ANDSF using OMA-DM's bootstrap, secure http (https) mechanism and WAP Push
according to OMA-ERELD-DM-V1_2 [39].
6.8.2.2.2
Role of UE for Push model
The UE shall implement the push model of ANDSF in accordance with OMA-ERELD-DM-V1_2 [39] using WAP
Push, which is applicable for 3GPP access networks only.
In the push model of communication, if the UE receives a notification SMS from the ANDSF, the UE shall establish a
secure data connection using the information received in the notification SMS.
In the push model of communication, if the UE receives a SMS message containing a GBA Push Information as
specified in 3GPP TS 33.223 [47] from the ANDSF, the UE shall establish a secure data connection to the ANDSF
using the GBA Push Information. If the UE does not understand the contents of the SMSfrom the ANDSF, the UE shall
follow the pull model procedure as specified in subclause 6.8.2.2.1A to establish a secure data connection with the
ANDSF.
Upon establishing a secure connection between the UE and ANDSF, the UE may be provided with updated inter-system
policy and information about available access networks. The list of the information is described in subclause 6.8.2.3.3
and the correspondent ANDSF MO is defined in 3GPP TS 24.312 [13].
3GPP
Release 9
6.8.2.2.3
30
3GPP TS 24.302 V9.4.0 (2010-09)
Role of UE for Pull model
In the pull model of communication, the UE sends a query to ANDSF to retrieve or update inter-system mobility policy
or information about available access networks in its vicinity or both. The UE will wait for an implementation
dependent time for an answer from the ANDSF. If ANDSF does not respond within that time, further action by the UE
is implementation dependent. The UE may provide to ANDSF the UE's location information including, if available, the
location parameters (for example, cell identities) associated with the Radio Access Networks the UE has discovered in
its current location at the time the UE sends a query to ANDSF; the format of the location information is described as
UE_Location in ANDSF MO defined in 3GPP TS 24.312 [13].
After communicating with ANDSF, the UE may be provided with updated inter-system policy and information about
available access networks. The list of the information is described in subclause 6.8.2.3.3 and the correspondent ANDSF
MO is defined in 3GPP TS 24.312 [13].
The UE may start Pull model communication with ANDSF based upon the information previously received from the
ANDSF (e.g. based on the value of UpdatePolicy leaf defined in 3GPP TS 24.312 [13]).
NOTE:
6.8.2.2.4
6.8.2.2.4.1
Mechanisms to limit the frequency of queries transmission from the UE to the ANDSF are
implementation dependant.
UE using information provided by ANDSF
General
Network detection and selection shall take into account the access network specific requirements and the UE's local
policy, e.g. user preference settings, access history, etc, along with the information provided by the ANDSF when
selecting an access network. The local policy and the information provided by the ANDSF shall be used by the UE in
an implementation dependent way to limit the undesired alternating between access systems, e.g. ping-pong type of
inter-system changes. However, the use of such information from the ANDSF shall not be in contradiction to functions
specified in 3GPP TS 23.122 [4], 3GPP TS 24.234 [9], 3GPP TS 25.304 [14] and 3GPP TS 36.304 [16].
If the UE is roaming in a VPLMN, the UE may receive Inter-system mobility policies or Access network discovery
information or both from H-ANDSF or V-ANDSF or both. The format of the Inter-system mobility policies and Access
network discovery information is defined in 3GPP TS 24.312 [13].
The maximum number of sets of Inter-system mobility polices or Access network discovery information or both that the
UE may keep is implementation dependent. However, the UE shall retain at least one set of Inter-system mobility
policies and one set of Access network discovery information. This information shall be deleted if there is a change of
USIM. This information may be deleted when UE is switched off.
6.8.2.2.4.2
Use of Inter-system Mobility Policy
If more than one set of Inter-system mobility policies is available in the UE, the UE shall only use one set of Intersystem mobility policies at any one time. If available, the inter-system mobility policy of the RPLMN takes precedence.
For example, when roaming, the Inter-system mobility policy from V-ANDSF of the RPLMN, if available, takes
precedence over the Inter-system mobility policy from H-ANDSF. When applying the Inter-system mobility policy the
following requirements apply:-
the requirements on periodic network reselection as described in subclause 5.3.4 of the present specification;
-
the PLMN selection rules specified in 3GPP TS 23.122 [4] and in 3GPP TS 24.234 [9];
-
the selection rules specified in 3GPP2 C.P0016-D [23a]; and
-
the 3GPP RAT selection, cell selection and reselection rules specified in 3GPP TS 25.304 [14],
3GPP TS 36.304 [16] and 3GPP TS 45.008 [16a].
6.8.2.2.4.3
Use of Access Network Discovery Information
The UE may use the received Access network discovery information of both the H-ANSDF and V-ANDSF for network
discovery and detection. The Access network discovery information received from:-
3GPP
Release 9
31
3GPP TS 24.302 V9.4.0 (2010-09)
a) the H-ANDSF provides guidance for the UE on access networks that have connectivity to the HPLMN or
equivalent HPLMNs or both; and
b) the V-ANDSF provides guidance for the UE on access networks that have connectivity to the corresponding
VPLMN or equivalent PLMNs or both.
6.8.2.3
6.8.2.3.1
ANDSF procedures
General
Both the H-ANDSF and the V-ANDSF can provide information about inter-system mobility policy or information
about available access networks in the vicinity of the UE or both. The inter-system mobility policies may be organized
in a hierarchy and a priority order among multiple policies may determine which policy has the highest priority. The
policies may indicate preference of one access network over another or may restrict inter-system mobility to a particular
access network under certain conditions. The ANDSF may also specify validity conditions which indicate when a
policy is valid. Such conditions may be based on time duration, location, etc. The ANDSF may limit the information
provided to the UE. This can be based on UE's current location, UE capabilities, etc. How the ANDSF decides how
much information to provide to the UE is dependent on network implementation.
6.8.2.3.2
Role of ANDSF for Push model
If there is no existing valid PSK TLS connection between the UE and ANDSF, the ANDSF, not implementing GBA
Push, may send a notification SMS to the UE, without establishing a data connection with the UE.
If there is no existing valid PSK TLS connection between the UE and ANDSF, the ANDSF, implementing GBA Push,
shall send a message via SMS to the UE to establish a secure connection between the UE and ANDSF. The contents of
the message shall contain a GBA Push Information as specified in 3GPP TS 33.223 [47].
If there is an existing valid PSK TLS connection between the UE and ANDSF, the ANDSF shall use the existing
connection to update the inter-system mobility policy in the UE or inform the UE about available access networks in the
vicinity of the UE.
After a secure connection is established according to subclause 6.8.2.2.1A, the ANDSF may update the inter-system
mobility policy in the UE or inform the UE about available access networks in the vicinity of the UE.
6.8.2.3.3
Role of ANDSF for Pull model
When contacted by UE, ANDSF may interact with the UE in order to provide the UE with inter-system mobility policy
or information about available access networks in the vicinity of the UE or both. In case of information about available
access networks, the ANDSF provides the following information about each available access networks in the form of a
list containing:
1) Type of Access network (e.g. WLAN, WiMAX);
2) Location of Access Network (e.g. 3GPP location);
3) Access Network specific information (e.g WLAN information, WiMAX information); and
4) Operator differentiated text field (if supported, e.g. if WNDS MO defined in 3GPP TS 24.312 [13] is used).
The detailed list of information is described in 3GPP TS 24.312 [13].
6.9
Handling of Protocol Configuration Options information
The Protocol Configuration Options (PCO) information element is specified in 3GPP TS 24.008 [46].
The support of PCOs is optional for the UE and the non-3GPP access network.
The content syntax of PCOs for the non-3GPP access UE and non-3GPP access network is access network specific and
not in the scope of 3GPP, but if PCO is supported, the UE and the PDN-GW shall handle the PCO contents in
accordance with 3GPP TS 24.008 [46].
3GPP
Release 9
32
3GPP TS 24.302 V9.4.0 (2010-09)
PCO information is exchanged between the UE and the PDN-GW, see 3GPP TS 23.402 [6] and 3GPP TS 29.275 [18].
The specification of PCO signalling in the non-3GPP access network is access network specific and not in the scope of
3GPP.
7
Tunnel management procedures
7.1
General
The purpose of tunnel management procedures is to define the procedures for establishment or disconnection of an endto-end tunnel between the UE and the ePDG. The tunnel establishment procedure is always initiated by the UE, whereas
the tunnel disconnection procedure can be initiated by the UE or the ePDG.
The tunnel is an IPsec tunnel (see IETF RFC 4301 [30]) established via an IKEv2 protocol exchange
IETF RFC 4306 [28] between the UE and the ePDG. The UE may indicate support for IETF RFC 4555 [31]. The
security mechanisms for tunnel setup using IPsec and IKEv2 are specified in 3GPP TS 33.234 [7].
7.2
UE procedures
7.2.1
Selection of the ePDG
For dynamic selection of the ePDG the UE shall support the implementation of standard DNS mechanisms in order to
retrieve the IP address(es) of the ePDG. The input to the DNS query is an ePDG FQDN as specified in subclause 4.4.3
and in 3GPP TS 23.003 [3]. The ePDG FQDN contains a PLMN ID as Operator Identifier. The UE selects the PLMN
ID used in the ePDG FQDN based on the conditions described below.
If the UE performs an initial attach to the untrusted non-3GPP access network and:
-
the access specific signalling provides to the UE a list of available PLMN ID(s) served by the access network,
the UE shall include in the ePDG FQDN a PLMN ID as described in 3GPP TS 24.234 [9].
-
the access specific signalling does not provide to the UE a list of available PLMN ID(s) served by the access
network, the UE shall include the HPLMN ID in the ePDG FQDN.
If the UE performs a handover attach without having been connected to an ePDG before the handover, the UE shall
include in the ePDG FQDN the PLMN ID, which identifies the PLMN used before the handover.
Upon reception of a DNS response containing one or more IP addresses of ePDGs, the UE shall select an IP address of
ePDG with the same IP version as its local IP address.
The UE shall select only one ePDG also in case of multiple PDN connections.
NOTE:
7.2.2
During handover between two untrusted non-3GPP access networks, the UE can initiate tunnel
establishment to another ePDG while still being attached to the current ePDG.
Tunnel establishment
Once the ePDG has been selected, the UE shall initiate the IPsec tunnel establishment procedure using the IKEv2
protocol as defined in IETF RFC 4306 [28] and 3GPP TS 33.402 [15].
The UE shall send an IKE_SA_INIT request message to the selected ePDG in order to setup an IKEv2 security
association. Upon receipt of an IKE_SA_INIT response, the UE shall send an IKE_AUTH request message to the
ePDG, including the type of IP address (IPv4 address or IPv6 prefix or both) that needs to be configured in an IKEv2
CFG_REQUEST Configuration Payload. If the UE requests for both IPv4 address and IPv6 prefix, it shall send two
configuration attributes in the CFG_REQUEST Configuration Payload, one for the IPv4 address and the other for the
IPv6 prefix. The IKE_AUTH request message shall contain in "IDr" payload the APN and in the "IDi" payload the
NAI. The UE indicates a request for the default APN by omitting IDr payload, which is in accordance with IKEv2
protocol as defined in IETF RFC 4306 [28]. The IKE_AUTH request message may contain in a notify payload an
indication that MOBIKE is supported by the UE.
3GPP
Release 9
33
3GPP TS 24.302 V9.4.0 (2010-09)
During the IKEv2 authentication and security association establishment, if the UE supports explicit indication about the
supported mobility protocols, it shall provide the indication as described in subclause 6.3.
During the IKEv2 authentication and tunnel establishment for initial attach, the UE shall provide an indication about
Attach Type, which indicates Initial Attach. To indicate attach due to initial attach, the UE shall include either the
INTERNAL_IP4_ADDRESS or the INTERNAL_IP6_ADDRESS attribute or both in the CFG_REQUEST
Configuration Payload within the IKE_AUTH request message. The INTERNAL_IP4_ADDRESS shall contain no
value and the length field shall be set to 0. The INTERNAL_IP6_ADDRESS shall contain no value and the length field
shall be set to 0.
During the IKEv2 authentication and tunnel establishment for handover, the UE not supporting IP address preservation
for NBM shall indicate Initial Attach as described in the previous paragraph.
During the IKEv2 authentication and security association establishment for handover, the UE supporting IP address
preservation for NBM, shall provide an indication about Attach Type, which indicates Handover Attach. To indicate
attach due to handover, the UE shall include the previously allocated home address information during the IPSec tunnel
establishment. Depending on the IP version, the UE shall include either the INTERNAL_IP4_ADDRESS or the
INTERNAL_IP6_ADDRESS attribute or both in the CFG_REQUEST Configuration Payload within the IKE_AUTH
request message to indicate the home address information which is in accordance with IKEv2 protocol as defined in
IETF RFC 4306 [28]. The UE shall support IPSec ESP (see IETF RFC 4303 [32]) in order to provide secure tunnels
between the UE and the ePDG as specified in 3GPP TS 33.402 [15].
If NBM is used and if the UE receives from the ePDG an IKE_AUTH response message containing a Notify Payload
with a Notify Message Type value 8192 that includes an IP address information in the Notification Data field, the UE
shall treat this message as an indication that the PDN connection corresponding to the IP address information has been
rejected by the network. The UE shall not attempt to re-establish this PDN connection while connected to the current
ePDG and the UE shall close the related IKEv2 security association states.
If NBM is used and if the UE receives from the ePDG an IKE_AUTH response message containing a Notify Payload
with a Notify Message Type value 8192 and no Notification Data field, the UE shall treat this message as an indication
that the requested IKEv2 security association establishment is rejected, as the network does not accept any additional
PDN connections to the given APN. As long as any existing PDN connection to the given APN is not released, the UE
shall not attempt to establish additional PDN connections to this APN while connected to the current ePDG. The UE
shall close the related IKEv2 security association states.
After the successful authentication with the 3GPP AAA server, the UE receives from the ePDG an IKE_AUTH
response message containing a single CFG_REPLY Configuration Payload including the assigned remote IP address
information (IPv4 address or IPv6 prefix) as described in subclause 7.4.1. Depending on the used IP mobility
management mechanism the following cases can be differentiated:
-
-
If DSMIPv6 is used for IP mobility management, the UE configures a remote IP address based on the IP
address information contained in the INTERNAL_IP4_ADDRESS or INTERNAL_IP6_SUBNET attribute of
the CFG_REPLY Configuration Payload. The UE uses the remote IP address as Care-of-Address to contact the
HA.
If NBM is used for IP mobility management and the UE performs an initial attach, the UE configures a home
address based on the address information from the CFG_REPLY Configuration Payload. Otherwise, if NBM is
used and the UE performs a handover attach, the UE continues to use its IP address configured before the
handover, if the address information provided in the CFG_REPLY Configuration Payload does match with the
UE's IP address configured before the handover. If the UE's IP address does not match with the address
information of the CFG_REPLY Configuration Payload, the UE shall configure a new home address based on
the IP address information contained in the INTERNAL_IP4_ADDRESS or INTERNAL_IP6_SUBNET
attribute of the CFG_REPLY Configuration Payload. In the latter case, the IP address preservation is not
possible.
If the UE supports DSMIPv6, the UE may request the HA IP address(es), by including a corresponding
CFG_REQUEST Configuration Payload containing a HOME_AGENT_ADDRESS attribute. The
HOME_AGENT_ADDRESS attribute content is defined in subclause 8.2.4.1. The HA IP address(es) requested in this
attribute are for the APN for which the IPsec tunnel with the ePDG is set-up. In the CFG_REQUEST, the UE sets
respectively the IPv6 address field and the optional IPv4 address field of the HOME_AGENT_ADDRESS attribute to
0::0 and to 0.0.0.0.
3GPP
Release 9
34
3GPP TS 24.302 V9.4.0 (2010-09)
In case the UE wants to establish multiple PDN connections and if the UE uses DSMIPv6 for mobility management, the
UE shall use DNS as defined in 3GPP TS 24.303 [11] to discover the HA IP address(es) for the additional PDN
connections after IKEv2 security association was established to the ePDG.
7.2.3
Tunnel modification
This procedure is used if MOBIKE as defined in IETF RFC 4555 [31] is supported by the UE.
When there is a change of local IP address for the UE, the UE shall update the IKE security association with the new
address, and shall update the IPsec security association associated with this IKE security association with the new
address. The UE shall then send an INFORMATIONAL request containing the UPDATE_SA_ADDRESSES
notification to the ePDG.
If, further to this update, the UE receives an INFORMATIONAL request with a COOKIE2 notification present, the UE
shall copy the notification to the COOKIE2 notification of an INFORMATIONAL response and send it to the ePDG.
7.2.4
7.2.4.1
Tunnel disconnection
UE initiated disconnection
The UE shall use the procedures defined in the IKEv2 protocol (see IETF RFC 4306 [28]) to disconnect an IPsec tunnel
to the ePDG. The UE shall close the incoming security associations associated with the tunnel and instruct the ePDG to
do the same by sending the INFORMATIONAL request message including a "DELETE" payload. The DELETE
payload shall contain either:
i) Protocol ID set to "1" and no subsequent Security Parameters Indexes (SPIs) in the payload. This indicates
closing of IKE security association, and implies the deletion of all IPsec ESP security associations that were
negotiated within the IKE security association; or
ii) Protocol ID set to "3" for ESP. The Security Parameters Indexes included in the payload shall correspond to the
particular incoming ESP security associations at the UE for the given tunnel in question.
7.2.4.2
UE behaviour towards ePDG initiated disconnection
On receipt of the INFORMATIONAL request message including "DELETE" payload, indicating that the ePDG is
attempting tunnel disconnection, the UE shall:
i) Close all security associations identified within the DELETE payload (these security associations correspond to
outgoing security associations from the UE perspective). If no security associations were present in the DELETE
payload, and the protocol ID was set to "1", the UE shall close the IKE security association, and all IPsec ESP
security associations that were negotiated within it towards the ePDG; and
ii) The UE shall delete the incoming security associations corresponding to the outgoing security associations
identified in the "DELETE" payload.
The UE shall send an INFORMATIONAL response message. If the INFORMATIONAL request message contained a
list of security associations, the INFORMATIONAL response message shall contain a list of security associations
deleted in step (ii) above.
If the UE is unable to comply with the INFORMATIONAL request message, the UE shall send INFORMATION
response message with either:
i) A NOTIFY payload of type "INVALID_SPI", for the case that it could not identify one or more of the Security
Parameters Indexes in the message from the ePDG; or
ii) A more general NOTIFY payload type. This payload type is implementation dependent.
7.3
3GPP AAA server procedures
The UE – 3GPP AAA server procedures are as specified in 3GPP TS 29.273 [17] and 3GPP TS 33.402 [15].
3GPP
Release 9
35
7.4
ePDG procedures
7.4.1
Tunnel establishment
3GPP TS 24.302 V9.4.0 (2010-09)
Upon receipt of an IKE_AUTH request message from the UE requesting the establishment of a tunnel, the ePDG shall
proceed with authentication and authorization. The basic procedure described in 3GPP TS 33.402 [15], while further
details are given below.
During the UE's authentication and authorization procedure, the 3GPP AAA server provides to the ePDG an indication
about the selected IP mobility mechanism as specified in 3GPP TS 29.273 [17].
The ePDG shall proceed with IPsec tunnel setup completion and shall relay in the IKEv2 Configuration Payload
(CFG_REPLY) of the final IKE_AUTH response message the remote IP address information to the UE. If NBM is used
as IP mobility mechanism, the ePDG shall assign either an IPv4 address or an IPv6 Home Network Prefix or both to the
UE via a single CFG_REPLY Configuration Payload. If the UE requests for both IPv4 address and IPv6 prefix, but the
ePDG only assigns an IPv4 address or an IPv6 Home Network Prefix due to subscription restriction or network
preference, the ePDG shall include the assigned remote IP address information (IPv4 address or IPv6 prefix) via a
single CFG_REPLY Configuration Payload. If the ePDG assigns an IPv4 address, the CFG_REPLY contains the
INTERNAL_IP4_ADDRESS attribute. If the ePDG assigns an IPv6 Home Network Prefix, the CFG_REPLY contains
the INTERNAL_IP6_SUBNET configuration attribute. The ePDG obtains the IPv4 address and/or the IPv6 Home
Network Prefix during the PBU/PBA exchange with the PDN GW. If the UE does not provide an APN to the ePDG
during the tunnel establishment, the ePDG shall include the default APN in the IDr payload of the IKE_AUTH response
message.
If DSMIPv6 is used as IP mobility mechanism, depending on the information provided by the UE in the
CFG_REQUEST payload the ePDG shall assign to the UE either a local IPv4 address or local IPv6 address (or a local
IPv6 prefix) via a single CFG_REPLY Configuration Payload. If the ePDG assigns a local IPv4 address, the
CFG_REPLY contains the INTERNAL_IP4_ADDRESS attribute. If the ePDG assigns a local IPv6 address or a local
IPv6 prefix the CFG_REPLY contains correspondingly the INTERNAL_IP6_ADDRESS or the
INTERNAL_IP6_SUBNET attribute. If the UE provided an APN to the ePDG during the tunnel establishment, the
ePDG shall not change the provided APN and shall include the APN in the IDr payload of the IKE_AUTH response
message. An IPsec tunnel is now established between the UE and the ePDG.
If NBM is used and if the ePDG needs to reject a PDN connection due to the network policies or the ePDG capabilities,
the ePDG shall include in theIKE_AUTH response message containing the IDr payload a Notify Payload with a Notify
Message Type value 8192. Additionally if the IKE_AUTH request message from the UE indicated Handover Attach as
specified in subclause 7.2.2, the Notification Data field of the Notify Payload shall include the IP address information
from the Handover Attach indication. If the UE indicated Initial Attach, the Notification Data field shall be omitted. The
Notify Message Type value 8192 is an error notification meaning that the IPsec tunnel for the PDN connection to the
APN requested by the UE cannot be established.
If the UE indicates Handover Attach by including the previously allocated home address information and the ePDG
obtains one or more PDN GW identities from the 3GPP AAA server, the ePDG shall use these identified PDN GWs in
the subsequent PDN GW selection process. If the UE indicates Initial Attach i.e. home address information not
included, the ePDG may run its initial PDN GW selection process to determine the PDN GW without using the received
PDN GW identities.
The ePDG shall support IPSec ESP (see IETF RFC 4303 [32]) in order to provide secure tunnels between the UE and
the ePDG as specified in 3GPP TS 33.402 [15].
During the IKEv2 authentication and tunnel establishment, if the UE requested the HA IP address(es) and if DSMIPv6
was chosen and if the HA IP address(es) are available, the ePDG shall provide the HA IP address(es) (IPv6 address and
optionally IPv4 address) for the corresponding APN as specified by the "IDr" payload in the IKE_AUTH request
message by including in the CFG_REPLY Configuration Payload a HOME_AGENT_ADDRESS attribute. In the
CFG_REPLY, the ePDG sets respectively the IPv6 Home Agent address field and optionally the IPv4 Home Agent
address field of the HOME_AGENT_ADDRESS attribute to the IPv6 address of the HA and to the IPv4 address of the
HA. If no IPv4 HA address is available at the ePDG or if it was not requested by the UE, the ePDG shall omit the IPv4
Home Agent Address field. If the ePDG is not able to provide an IPv6 HA address for the corresponding APN, then the
ePDG shall not include a HOME_AGENT_ADDRESS attribute in the CFG_REPLY.
3GPP
Release 9
7.4.2
36
3GPP TS 24.302 V9.4.0 (2010-09)
Tunnel modification
When receiving an INFORMATIONAL request containing the UPDATE_SA_ADDRESSES notification, the ePDG
shall check the validity of the IP address and update the IP address in the IKE security association with the values from
the IP header. The ePDG shall reply with an INFORMATIONAL response.
The ePDG may initiate a return routability check for the new address provided by the UE, by including a COOKIE2
notification in an INFORMATIONAL request and send it to the UE. When the ePDG receives the INFORMATIONAL
response from the UE, it shall check that the COOKIE2 notification payload is the same as the one it sent to the UE. If
it is different, the ePDG shall close the IKE security association by sending an INFORMATIONAL request message
including a "DELETE" payload.
If no return routability check is initiated by the ePDG, or if a return routability check is initiated and is successfully
completed, the ePDG shall update the IPsec security associations associated with the IKE security association with the
new address.
7.4.3
7.4.3.1
Tunnel disconnection
ePDG initiated disconnection
The ePDG shall use the procedures defined in the IKEv2 protocol (see IETF RFC 4306 [28]) to disconnect an IPsec
tunnel to the UE. The ePDG shall close the incoming security associations associated with the tunnel and instruct the
UE to do likewise by sending the INFORMATIONAL request message including a "DELETE" payload. The DELETE
payload shall contain either:
i) Protocol ID set to "1" and no subsequent Security Parameter Indexes in the payload. This indicates that the IKE
security association, and all IPsec ESP security associations that were negotiated within it between ePDG and
UE shall be deleted; or
ii) Protocol ID set to "3" for ESP. The SECURITY PARAMETERS INDEXES s included in the payload shall
correspond to the particular incoming ESP SECURITY ASSOCIATION at the UE for the given tunnel in
question.
7.4.3.2
ePDG behaviour towards UE initiated disconnection
On receipt of the INFORMATIONAL request message including "DELETE" payload indicating that the UE is
initiating tunnel disconnect procedure, the ePDG shall:
i) Close all security associations identified within the DELETE payload (these security associations correspond to
outgoing security associations from the ePDG perspective). If no security associations were present in the
DELETE payload, and the protocol ID was set to "1", the ePDG shall close the IKE security association, and all
IPsec ESP security associations that were negotiated within it towards the UE; and
ii) The ePDG shall delete the incoming security associations corresponding to the outgoing security associations
identified in the "DELETE" payload.
The ePDG shall send an INFORMATIONAL response message. This shall contain a list of security associations deleted
in step (ii) above.
If the ePDG is unable to comply with the INFORMATIONAL request message, the ePDG shall send INFORMATION
response message with either:
i) a NOTIFY payload of type "INVALID_SPI", for the case that it could not identify one or more of the
SECURITY PARAMETERS INDEXES in the message from the UE; or
ii) a more general NOTIFY payload type. This payload type is implementation dependent.
3GPP
Release 9
37
3GPP TS 24.302 V9.4.0 (2010-09)
8
PDUs and parameters specific to the present
document
8.1
3GPP specific coding information defined within present
document
8.1.1
Access Network Identity format and coding
8.1.1.1
Generic format of the Access Network Identity
The Access Network Identity shall take the generic format of an octet string without terminating null characters. The
length indicator for the ANID is 2 bytes long, see IETF RFC 5448 [38]. Representation as a character string is allowed,
but this character string shall be converted into an octet string of maximum length 253 according to UTF-8 encoding
rules as specified in IETF RFC 3629 [34] before the Access Network Identity is input to the Key Derivation Function,
as specified in 3GPP TS 33.402 [15], or used in the Access Network Identity indication from 3GPP AAA server to UE,
cf. subclause 8.2.2. The ANID is structured as an ANID Prefix and none, one or more ANID additional character strings
separated by the colon character ":". In case additional ANID strings are not indicated the complete ANID consists of
the ANID Prefix character string only. The ANID shall be represented by Unicode characters encoded as UTF-8 as
specified in IETF RFC 3629 [34] and formatted using Normalization Form KC (NFKC) as specified in Unicode 5.1.0,
Unicode Standard Annex #15; Unicode Normalization Forms [41].
8.1.1.2
Definition of Access Network Identities for Specific Access Networks
Table 8.1.1.2 specifies the list of Access Network Identities defined by 3GPP in the context of non-3GPP access to
EPC.
3GPP
Release 9
38
3GPP TS 24.302 V9.4.0 (2010-09)
Table 8.1.1.2: Access Network Identities
Access Network Identity
ANID Prefix
Additional ANID strings
"HRPD" constant character No additional ANID
string, see NOTE 1 and
string, see NOTE 2 and
NOTE 2
NOTE 6
Type of Access Network
cdma2000® HRPD access
network
"WIMAX" constant
character string, see
NOTE 1
No additional ANID
string, see NOTE 3 and
NOTE 6
WiMAX access network
"WLAN" constant character
string, see NOTE 1
WLAN access network
"ETHERNET" constant
character string, see
NOTE 1
No additional ANID
string, see NOTE 4 and
NOTE 6
No additional ANID
string, see NOTE 5 and
NOTE 6
All other character strings
Not applicable
Not defined, see NOTE 6 and
Annex B
Fixed access network
NOTE 1: The quotes are not part of the definition of the character string.
NOTE 2: The value of the ANID Prefix for cdma2000® HRPD access networks is defined
in 3GPP2 X.S0057 [20]. 3GPP2 is responsible for specifying possible additional
ANID strings applicable to the "HRPD" ANID Prefix.
NOTE 3: WiMAX Forum is responsible for specifying possible additional ANID strings
applicable to the "WIMAX" ANID Prefix.
NOTE 4: IEEE 802 is responsible for specifying possible additional ANID strings
applicable to the "WLAN" ANID Prefix.
NOTE 5: IEEE 802 is responsible for specifying possible additional ANID strings
applicable to the "ETHERNET" ANID Prefix.
NOTE 6: Additional ANID Prefixes and ANID strings can be added to this table following
the procedure described in the informative Annex B.
8.2
IETF RFC coding information defined within present
document
8.2.1
IPMS attributes
8.2.1.1
AT_IPMS_IND attribute
7
6
5
5
3
2
1
0
octet 1
Attribute Type = AT_IPMS_IND
octet 2
Length = 1
Value
Figure 8.2.1.1: AT_IPMS_IND attribute
3GPP
octet 3
octet 4
Release 9
39
3GPP TS 24.302 V9.4.0 (2010-09)
Table 8.2.1.1: AT_IPMS_IND attribute
Octet 1 indicates the type of attribute as AT_IPMS_IND with a value of 137.
Octet 2 is the length of this attribute which shall be set to 1 as per IETF RFC 4187 [33]
Octet 3 and 4 is the value of this attribute. Octet 3 is reserved and shall be coded as zero. Octet 4
shall be set as follows. All other values are reserved.
8.2.1.2
7
0
6
0
4
0
5
0
3
0
2
0
1
0
0
1
Protocol Supported
DSMIPv6 only
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
1
NBM only
MIPv4 only
0
0
0
0
0
1
0
0
DSMIPv6 and NBM both supported
0
0
0
0
0
1
0
1
MIPv4 and NBM both supported
0
0
0
0
0
0
0
0
0
0
1
1
1
1
0
1
DSMIPv6 and NBM Supported;DSMIPv6 preferred
DSMIPv6 and NBM Supported; NBM preferred
0
0
0
0
0
0
0
0
1
1
0
0
0
0
0
1
MIPv4 and NBM supported; MIPv4 preferred
MIPv4 and NBM supported; NBM preferred
0
0
0
0
1
0
1
0
MIPv4 and DSMIPv6 supported; MIPv4 preferred
0
0
0
0
1
0
1
1
MIPv4 and DSMIPv6 supported; DSMIPv6 preferred
0
0
0
0
0
0
0
0
1
1
1
1
0
0
0
1
MIPv4, DSMIPv6 and NBM supported; MIPv4 preferred
MIPv4, DSMIPv6 and NBM supported; DSMIPv6 preferred
0
0
0
0
1
1
1
0
MIPv4, DSMIPv6 and NBM supported; NBM preferred
AT_IPMS_RES attribute
7
6
5
4
3
2
1
0
octet 1
Attribute Type = AT_IPMS_RES
octet 2
Length = 1
Value
octet 3
octet 4
Figure 8.2.1.2: AT_IPMS_RES attribute.
Table 8.2.1.2: AT_IPMS_RES attribute
Octet 1 indicates the type of attribute as AT_IPMS_RES with a value of 138.
Octet 2 is the length of this attribute which shall be set to 1 as per IETF RFC 4187 [33]
Octet
Octet
7
0
0
0
3 and 4 is the value of this attribute. Octet 3 is reserved and shall be coded as zero.
4 shall be set as follows. All other values are reserved.
6
4
5
3
2
1
0
Protocol Selected
0
0
0
0
0
0
1
DSMIPv6
0
0
0
0
0
1
0
NBM
0
0
0
0
0
1
1
MIPv4
3GPP
Release 9
8.2.2
40
3GPP TS 24.302 V9.4.0 (2010-09)
Access Network Identity indication attribute
8.2.2.1
Access Network Identity in the AT_KDF_INPUT attribute
The Access Network Identity is indicated in the Network Name Field of the AT_KDF_INPUT attribute as specified in
IETF RFC 5448 [38]. The Network Name Field shall contain the Access Network Identity as specified in
subclause 8.1.1 of this specification.
NOTE:
8.2.3
IETF in IETF RFC 5448 [38] refers to this specification for the value of the Network Name field.
Trust relationship indication attribute
8.2.3.1
AT_TRUST_IND attribute
7
6
5
5
3
2
1
0
octet 1
Attribute Type = AT_TRUST_IND
octet 2
Length = 1
Value
octet 3
octet 4
Figure 8.2.3.1-1: AT_TRUST_IND attribute
Table 8.2.3.1-1: AT_TRUST_IND attribute
Octet 1 indicates the type of attribute as AT_TRUST_IND with a value of 139.
Octet 2 is the length of this attribute which shall be set to 1 as per IETF RFC 4187 [33]
Octet 3 and 4 is the value of the attribute. Octet 3 is reserved and shall be coded as zero. Octet 4
shall be set as follows. All other values are reserved.
8.2.4
8.2.4.1
7
0
6
0
4
0
5
0
3
0
2
0
1
0
0
1
Indicated Trust Relationship
Trusted
0
0
0
0
0
0
1
0
UnTrusted
IKEv2 Configuration Payloads attributes
HOME_AGENT_ADDRESS attribute
The HOME_AGENT_ADDRESS attribute is shown in figure 8.2.4.1-1. The length of the HOME_AGENT_ADDRESS
attribute is 16 or 20 bytes. The IPv4 Home Agent Address field is optional. The HA's IPv6 and IPv4 addresses are laid
out respectively in IPv6 Home Agent Address and IPv4 Home Agent Address fields in big endian order (aka most
significant byte first, or network byte order), see IETF RFC 4306 [28].
3GPP
Release 9
41
3GPP TS 24.302 V9.4.0 (2010-09)
Bits
7
R
6
5
4
3
2
Attribute Type
Attribute Type
Length
IPv6 Home Agent Address
IPv4 Home Agent Address
1
0
Figure 8.2.4.1-1: HOME_AGENT_ADDRESS attribute
The R bit in the first octet is defined in IETF RFC 4306 [28].
The Attribute Type indicating HOME_AGENT_ADDRESS is of the value 19.
3GPP
Octets
1
2
3, 4
5 - 20
21 - 24
Release 9
42
3GPP TS 24.302 V9.4.0 (2010-09)
Annex A (informative):
Example signalling flows for inter-system change between
3GPP and non-3GPP systems using ANDSF
A.1
Scope of signalling flows
This annex gives examples of signalling flows for mobility between 3GPP and non-3GPP systems. These signalling
flows provide as example detailed information on Network Discovery and Selection aspects involving the use of
ANDSF.
A.2
Signalling flow for inter-system change between
3GPP access network and non-3GPP access
network
Figure A1 below shows an inter-system change procedure between 3GPP access network and non-3GPP access network
using information obtained from ANDSF.
In this example the UE uses DHCP query to obtain the FQDN of the ANDSF. The UE then uses DNS query to obtain
the ANDSF IP address according to IETF RFC 1035 [35].
In this example flow, the communication between the UE and ANDSF does not imply use of any specific protocol.
The steps involved in inter-system change between 3GPP access network and non-3GPP access network are as follows.
3GPP
Release 9
43
3GPP
Access
UE
3GPP TS 24.302 V9.4.0 (2010-09)
Non-3GPP
Access
ANDSF
1. UE connected to 3GPP Access
2. Inter-System Mobility
Policy pre-provisioned in UE
ANDSF
Discovery
3. ANDSF Discovery
4. Inter-System Mobility Policy Update
Policy Update
5. Evaluate non-3GPP
access networks for HO
6. Access Network Information Request
Access
Network
Discovery
7. Access Network Information Response
8. Turn ON non-3GPP radio
and check availability of non3GPP access network
Network
Selection
9. Network Selection and HO
Decision
Inter-system
change
Procedure
10. Inter-system change procedure
Figure A1. Procedure for Inter-system change between 3GPP access and non-3GPP using ANDSF
1. Initial connectivity
The UE is connected to 3GPP network. The current applications are supported over the 3GPP access network.
NOTE:
The procedure remains the same if the UE is initially connected to non-3GPP access network and wants
to change to 3GPP access network.
3GPP
Release 9
44
3GPP TS 24.302 V9.4.0 (2010-09)
2. Pre-provisioned policies
The inter-system mobility policy is pre-provisioned on the UE. Based on pre-provisioned operator policies the
UE has preference for different non-3GPP networks such as WLAN, and WiMAX. The UE can select these
access networks when they are available.
3. ANDSF Discovery
ANDSF discovery is performed as described in subclause 6.8.2.2.1. The UE can discover ANDSF using DHCP
query options as specified in draft-das-mipshop-andsf-dhcp-options [37], where ANDSF may be identified with
a specific sub-option code. Optionally, the home operator can use OMA-DM's bootstrap mechanism as specified
in OMA-ERELD-DM-V1_2 [39] to provide ANDSF information and security parameters for application layer
authentication. Transport security is ensured by establishing an https tunnel between the UE and ANDSF,
4. Policy Update based on Network Triggers
Based on network triggers the ANDSF sends an updated inter-system mobility policy to the UE. The intersystem mobility policy includes validity conditions, i.e. conditions indicating when the policy is valid. Such
conditions can include time duration, location area, etc.
5. Evaluate which non-3GPP networks to discover
The inter-system mobility policies specify the access networks that the UE can select; the UE has both WLAN
and WiMAX radios. In this case, the inter-system mobility policy provided by the operator allows the UE to
select either WLAN or WiMAX networks under all conditions. The UE, taking into account of the UE's local
policy, e.g. user preference settings, access history, obtains information about availability of both WLAN and
WiMAX access networks in its vicinity.
6. Access Network Information Request
The UE sends a request to ANDSF to get information about available access networks. The UE also includes its
location information in the request. ANDSF can limit the information sent to UE based on internal settings.
7. Access Network Information Response
The ANDSF sends a response to the UE which includes the list of available access networks types (in order of
operator preferences), access network identifier and PLMN identifier. In this case the ANDSF responds with
availability of both WLAN and WiMAX network in the vicinity of the UE.
8. Evaluate candidate non-3GPP networks
Based on the received information and UE's local policy, the UE evaluates if it is within the coverage area of the
available access networks in the order of preferences. In this case,based on the history and radio quality of
WiMAX, the UE prefers WiMAX over WLAN access type. The UE powers on the WiMAX radio and checks
for the presence of WiMAX network. The UE can listen to WiMAX broadcast messages (uplink/downlink
channel data messages) and determines the presence of WiMAX network. Since the WiMAX network is the
preferred network and since the UE has verified the presence of WiMAX network, the UE does not check for
presence of WLAN network.
9. Non-3GPP Network Selection
The UE selects the most preferred available access network for inter-system mobility. In this case the UE selects
the WiMAX access network.
10. Inter-system change Procedure
The UE initiates inter-system change procedure to the selected non-3GPP access network. The details of the
inter-system change procedure are described elsewhere, see 3GPP TS 23.402 [6].
3GPP
Release 9
45
3GPP TS 24.302 V9.4.0 (2010-09)
Annex B (informative):
Assignment of Access Network Identities in 3GPP
This annex describes the recommended assignment procedure of Access Network Identities within 3GPP.
B.1
Access Network Identities
According to 3GPP TS 23.003 [3] the encoding of the Access Network Identity is specified within 3GPP, but the
Access Network Identity definition for each non-3GPP access network is under the responsibility of the corresponding
standardisation organisation respectively.
If a standardisation organisation for a non-3GPP access network determines they need to define a new Access Network
Identity Prefix or additional ANID strings, they can contact the 3GPP TSG-CT WG 1 via a Liaison Statement and
indicate the specific values of the Access Network Identity Prefixes or the specific values of, or construction principles
for, the additional ANID strings to be specified by 3GPP and give reference to the corresponding specification(s) of the
requesting organisation. 3GPP TSG CT WG 1 will then specify the values for the Access Network Identities by
updating Table 8.1.1.2 in this specification and inform the requesting standardisation organisation.
3GPP
Release 9
46
3GPP TS 24.302 V9.4.0 (2010-09)
Annex C (informative):
Example usage of ANDSF
C.1
Scope of ANDSF Example
This Annex gives an example of organization of ANDSF database and how it can be used to discover access network
information. In this example the UE is in 3GPP network and is trying to discover available WiMAX networks. The
ANDSF database is provided by the 3GPP operator with PLMN = PLMN_3GPP.
C.2
Organization of ANDSF Coverage Map for WiMAX
Network discovery
Table C1 illustrates the organization of ANDSF database for discovering WiMAX and WiFi networks. The ANDSF
database provides the coverage mapping information for WiMAX and WiFi networks based on 3GPP cell identifiers. In
this example the UE_Location can be specified either in terms of 3GPP parameters (PLMN + Cell Identifier) or in terms
of geo spatial co-ordinates.
Table C1: ANDSF Database Organization for PLMN = PLMN_3GPP
UE_Location
- 3GPP (CellId)
- Other (Geopriv)
Locn_1
Cell_Id = Cell_1
Locn_2
Cell_Id = Cell_2
Locn_3
Cell_Id = Cell_3
…..
Locn_n
Cell_Id = Cell_n
AccessType = WiMAX
NSP-ID= NSP_1:
-NAP_ID = NAP_1
-NAP_ID = NAP_2
NSP-ID = NSP_2
-NAP_ID = NAP_2
-NAP_ID = NAP_3
NSP-ID = NSP_2
- NAP_ID = NAP_3
N/A
…….
NSP-ID = NSP_1
NAP_ID = NAP_2
AccessType = WiFi
SSID = WiFi1, BSSID = BS1
SSID = WiFi2, BSSID = BS2
N/A
SSID = WiFi1, BSSID = BS3
SSID = WiFi4, BSSID = BS4
…….
SSID = WiFi6, BSSID = BS5
For WiMAX network the database provides information about WiMAX NSP and NAP that provide coverage in
respective 3GPP cells. Thus for example in 3GPP Cell_1, WiMAX Service provider NSP_1 provides service to
WiMAX radio access providers NAP_1 and NAP-2. Similarly WiMAX Service Provider NSP_2 provides service to
Network access providers NAP-2 and NAP_3 as well. Similarly in 3GPP Cell_2 WiMAX Network Service Provider
NSP_2 provides service to network Access Provider NAP_3. Further it can be seen that no WiMAX coverage is
available in 3GPP cell Cell_3.
C.3
Parameters in Pull mode
The UE is currently in 3GPP network. The UE sends a query to OMA ANDSF server as follows:
ANDSF_Query ( UE_Location, AccessNetworkType=WiMAX )
The UE specifies the UE_Location information in terms of current 3GPP Cell Id (e.g. Cell_2)
On receipt of the query message the ANDSF looks up the UE_Location (Cell_2) in the ANDSF database and searches
for a prospective WiMAX entry. In this case the ANDSF retrieves WiMAX Service provider identifier (NSP-ID)
NSP_2 and WiMAX Network Access Provider Identifier (NAP-ID) NAP_3. The ANDSF retrieves the network
3GPP
Release 9
47
3GPP TS 24.302 V9.4.0 (2010-09)
parameters for this combination. The ANDSF fills these parameters in the WNDS MO and sends the information back
to the UE.
ANDSF_Response ( UE_Location, AccessNetworkInformationRef MO=WIMAXNDS).
Annex D (informative):
Mismatch of static configuration of mobility mechanism in
the UE and in the network
This annex describes the possible cases of mismatch between the statically configured mobility mechanisms in the UE
and in the EPC as shown in table D1. Additionally the table shows whether the UE would be able to access EPC
services as a consequence of the mismatch.
3GPP
Release 9
48
3GPP TS 24.302 V9.4.0 (2010-09)
Table D1: Mismatch of static configuration of mobility mechanism in the UE and in the network
NBM configured in the network
NBM
No mismatch
configured
in the UE
DSMIPv6 Mismatch. The UE can be able to
configured access EPC services. After attach to
in the UE the non-3GPP network, the UE is on
the home link and configures an IP
address based on the HNP, however
in some cases the UE cannot detect
the home link. Since the UE is
configured with DSMIPv6, the UE
would initiate a DSMIPv6
bootstrapping:
- If the network offers a HA function to
the UE and if the bootstrapping is
successful, the UE detects that it is
attached to the home link. Depending
of the UE capabilities and the network
configuration, the UE can access
EPC services via the S2a/S2b
interface, but session continuity is not
supported.
- If the network does not offer a HA
function or if the bootstrapping to the
HA is not successful, the UE is not
able to receive its Home Network
Prefix and hence the UE cannot
detect that it is on the home link. If no
APN bound to the configured IP
address was received and the access
network doesn’t support APN
delivery, the UE would not recognize
the mismatch and cannot access
EPC services. If the access network
supports APN delivery and the
configured IP address is bound to an
APN, the UE can access EPC
services.
MIPv4
Mismatch. The UE is not able to
configured access EPC services because no
in the UE Foreign Agent functionality is
supported in the non-3GPP access
network.
DSMIPv6 configured in the
network
Mismatch. The UE is not able to
access EPC services because
the UE configures a local IP
address and there is no
connectivity to the PGW in the
EPC. Depending on operator’s
policy and roaming agreements,
local IP access services (e.g.
Internet access) can be
provided in the non-3GPP
network using the local IP
address. However, such local IP
access services, where the user
traffic does not traverse the
EPC, are not described in this
specification.
No mismatch
MIPv4 configured in the
network
Mismatch. The UE is not
able to access EPC services
because the UE does not
support communication with
the Foreign Agent in the
trusted non-3GPP network.
Mismatch. The UE is not
able to access EPC services
because the UE does not
support communication with
the Foreign Agent in the
trusted non-3GPP network.
Mismatch. The UE is not able to No mismatch
access EPC services because
no Foreign Agent functionality is
supported in the non-3GPP
access network.
3GPP
Release 9
49
3GPP TS 24.302 V9.4.0 (2010-09)
Annex E (informative):
UE procedures based on preconfigured and received
information
The flow diagrams in figure E-1 and figure E-2 show examples of the procedures that the UE can follow in order to
establish a PDN connection based on information available to the UE about the authentication method, received or preconfigured access network trust relationship information or received or preconfigured IP mobility mode selection
information.
The following symbols are used:
AN_TRUST
IPMM
trust relationship between the non-3GPP access network and the 3GPP EPC, considered to be
applicable by the UE
IP mobility mode, considered applicable by the UE
Initially, at the entry to flow chart the UE has established contact with the non-3GPP access network, but the UE does
not know whether it is in a trusted or untrusted access network.
3GPP
Release 9
50
3GPP TS 24.302 V9.4.0 (2010-09)
L2 attach (access specific),
Access authentication (optional)
No
Was
EAP-AKA’ or AKA
executed?
Yes
Not received
at all
Which AT_TRUST_IND
received?
Trusted
Untrusted
No preconfiguration
Trusted
Preconfigured info
for AN_TRUST?
AN_TRUST=
TRUSTED
Untrusted
Trusted
Preconfigured info
for AN_TRUST?
No preconfiguration
AT_IPMS_RES
Received?
No
Yes
Untrusted
Yes
AN_TRUST= TRUSTED,
Only DSMIPv6 can be
used
Preconfigured
IP mobility mode
available?
AN_TRUST=
UNTRUSTED
1
No
DSMIPv6
2
NBM
IPMM=?
MIPv4
MIPv4 MM
registration
(see TS 24.304)
Yes
IPv6 HNP/ IPv4 HoA
= as received via
access specific
signaling
DSMIPv6 bootstrapping
performed?
No
DSMIPv6
bootstrapping
Create DSMIPv6 binding
to HA
(see TS 24.303)
PDN connection
set up completed
Figure E-1. Procedures to be followed by the UE depending on received and preconfigured
information - part 1
3GPP
Release 9
51
3GPP TS 24.302 V9.4.0 (2010-09)
1
ePDG discovery.
Tunnel establishment
to ePDG
No
AT_IPMS_RES
Received?
Preconfigured
IP mobility mode
available?
Yes
No
Yes
yes
IPMM=DSMIPv6?
No
2
NBM used
Pv6 HNP/ IPv4 HoA
= IPv6/IPv4
address(es) in
CFG_REPLY
PDN connection
set up completed
Figure E-2. Procedures to be followed by the UE depending on received and preconfigured
information - part 2
3GPP
Release 9
52
3GPP TS 24.302 V9.4.0 (2010-09)
Annex F (informative):
Change history
Change history
Date
TSG #
2008-01
2008-02
CT1#51
2008-02
CT1#51 bis
2008-04
CT1#52
2008-04
2008-05
email
review
CT1#53
2008-06
CT1#54
2008-08
CT1#55
TSG
Doc.
CR
2008-09
2008-10
CT1#55bis
2008-11
CT1#56
2008-11
2008-12
2009-03
CT#42
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
CP090129
CP090131
CP090130
CP090129
CP090125
CP090127
CP090128
CP090128
CP090126
CP090130
CP090125
CP090129
CP090130
CP090129
CP-
0001
0002
R Subject/Comment
e
v
Draft skeleton provided in C1-080125 by rapporteur to CT1#51.
Includes the following contribution agreed by CT1 at CT1#51:
C1-080568
Includes the following contributions agreed by CT1 at CT1#51 bis:
C1-080722, C1-080765, C1-080773, C1-080783, C1-080792,
C1-080793
Includes the following contributions agreed by CT1 at CT1#52:C1-080921, C1-081391, C1-081392, C1-081393, C1-081394
Incomplete implementation C1-080921
Old
New
0.0.0
0.0.0
0.1.0
0.1.0
0.2.0
0.2.0
0.3.0
0.3.0
0.3.1
Includes the following contributions agreed by CT1 at CT1#53:C1-081575, C1-082019, C1-082066, C1-082067, C1-082074,
C1-082077, C1-082078, C1-082086, C1-082091, C1-082092,
C1-082093.
Includes the following contributions agreed by CT1 at CT1#54:C1-082470, C1-082563, C1-082567, C1-082569, C1-082688,
C1-082803, C1-082804, C1-082809.
Includes the following contributions agreed by CT1 at CT1#55:C1-082923, C1-082982, C1-083084, C1-083171, C1-083179,
C1-083262, C1-083466, C1-083480, C1-083481, C1-083512,
C1-083513, C1-083514, C1-083526, C1-083603, C1-083617
Version 1.0.0 created for presentation to TSG CT#41 for
information
Includes the following contributions agreed by CT1 at CT1#55bis:C1-083851; C1-083976; C1-084155; C1-084383; C1-084385;
C1-084386; C1-084387; C1-084388; C1-084391; C1-084393;
C1-084394; C1-084395; C1-084396; C1-084482
Includes the following contributions agreed by CT1 at CT1#56:C1-084934; C1-085322; C1-085327; C1-085328; C1-085329;
C1-085331; C1-085333; C1-085335; C1-085336; C1-085338;
C1-085516; C1-085526; C1-085534
Editorial corrections by the rapporteur to align with drafting rules
Version 2.0.0 created for presentation to CT#42 for approval
Version 8.0.0 created after approval in CT#42
2 Rapporteur's cleanup of editorial and typo mistakes
0.3.1
0.4.0
0.4.0
0.5.0
0.5.0
0.6.0
0.6.0
1.0.0
1.0.0
1.1.0
1.1.0
1.2.0
1.2.0
2.0.0
8.0.0
2.0.0
8.0.0
8.1.0
8.0.0
8.1.0
Trust Relationship Detection
0005
1 Removing redundant and out-of-date editor's notes
8.0.0
8.1.0
0006
1 Missing specification text on WIMAX ANID
8.0.0
8.1.0
0007
3 ANDSF discovery and bootstrapping
8.0.0
8.1.0
0008
1 Corrections for authentication in trusted and untrusted access
8.0.0
8.1.0
0009
2 Incorrect protocol type and wrong reference
8.0.0
8.1.0
0011
4 Delivering HA-APN information to the UE
8.0.0
8.1.0
0012
2 Clarifications for IP mobility mode selection
8.0.0
8.1.0
8.0.0
8.1.0
0014
System selection
0017
2 ANDSF procedure - align with 24.312
8.0.0
8.1.0
0024
2 Clarifying the number of ePDGs
8.0.0
8.1.0
0027
1 Restructuring sub-clause 5.1
8.0.0
8.1.0
0028
2 Refining sub-clause 5.2 on EPC network selection
8.0.0
8.1.0
8.0.0
8.1.0
0029
Use of decorated NAI for cdma2000 access to EPC
3GPP
Release 9
53
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-03
CT#43
2009-06
CT#44
2009-06
CT#44
2009-06
CT#44
2009-06
CT#44
2009-06
CT#44
2009-06
CT#44
2009-06
CT#44
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-09
CT#45
2009-12
CT#46
2009-12
CT#46
2009-12
CT#46
2009-12
CT#46
2009-12
CT#46
2009-12
CT#46
2009-12
CT#46
2009-12
CT#46
2009-12
CT#46
2009-12
CT#46
090131
CP090126
CP090126
CP090126
CP090127
CP090130
CP090413
CP090357
CP090413
CP090413
CP090413
CP090413
CP090413
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090654
CP090937
CP090937
CP090937
CP090934
CP090901
CP090901
CP090901
CP090901
CP090901
CP-
0030
3GPP TS 24.302 V9.4.0 (2010-09)
Clarification of AAA procedures for cdma2000 access
8.0.0
8.1.0
0034
1 Clarification on Tunnel establishment for Multiple PDNs
8.0.0
8.1.0
0038
8.0.0
8.1.0
0042
1 Cleanup for Static Configuration of Inter-technology Mobility
Mechanism
1 Cleanup for UE discovering the ANDSF
8.0.0
8.1.0
0044
2 Selection of the ePDG – resolution of open issues
8.0.0
8.1.0
0043
8.1.0
8.2.0
0048
3 Mismatch in the static configuration of IP mobility mechanisms in
the UE and the EPC
2 Refining UE procedures for IPSec tunnel management
8.1.0
8.2.0
0049
1 Access authentication for untrusted non-3GPP access
8.1.0
8.2.0
0051
1 Clarification about ANDSF usage
8.1.0
8.2.0
0055
1 IPMS indication to the ePDG and IP address assignment
8.1.0
8.2.0
0057
1 ANDSF DHCP Options
8.1.0
8.2.0
0058
1 Network selection and I-WLAN
8.1.0
8.2.0
0037
5 Clarifications on UE procedures
8.2.0
8.3.0
0056
5 Handover of multiple PDN connections to one APN
8.2.0
8.3.0
0060
2 Corrections and clarifications on identity usage
8.2.0
8.3.0
0061
1 Periodic network selection attempts for non-3GPP accesses
8.2.0
8.3.0
0062
1 Correcting ambiguity of EPC network selection for WLAN as a non- 8.2.0
3GPP access
1 Correction on how UE uses ANDSF information in Annex A
8.2.0
8.3.0
0065
0066
Alignment of text for ANDSF and PLMN selection interaction
8.3.0
8.2.0
8.3.0
0068
1 APN information in IKE message
8.2.0
8.3.0
0069
1 IP address allocation during IPsec tunnel establishment procedure
8.2.0
8.3.0
0070
Editorial corrections to subclause 7.2.2
8.2.0
8.3.0
0071
2 Corrections in IP Mobility Mode selection
8.2.0
8.3.0
0072
4 PCO handling on PMIP based interfaces
8.2.0
8.3.0
0076
1 Attach to untrusted network correction
8.2.0
8.3.0
0077
2 Corrections to sending of IPMS indication
8.2.0
8.3.0
0075
1 Description on ANDSF in roaming case
8.3.0
9.0.0
0079
1 ANDSF Discovery in roaming scenarios
9.0.0
9.1.0
0082
2 ANDSF discovery procedures performed by a UE
9.0.0
9.1.0
0083
3 Secure connection between UE and ANDSF
9.0.0
9.1.0
0087
6 Implementation of stage 2 requirements for MUPSAP
9.0.0
9.1.0
0090
1 Tunnel set up after WLAN PLMN selection
9.0.0
9.1.0
0091
2 UE behavior when connectin to v-ANDSF
9.0.0
9.1.0
0095
9.0.0
9.1.0
0097
2 UE’s IP configuration during IPsec tunnel establishemnet with
ePDG
2 PDN connection reject during the IPsec tunnel establishment
9.0.0
9.1.0
0099
1 Removal of outdated or redundant editor's notes ahead of CT#46
9.0.0
9.1.0
0102
1 Addition of abbreviations
9.0.0
9.1.0
3GPP
Release 9
54
3GPP TS 24.302 V9.4.0 (2010-09)
090901
2009-12
2010-03
CT#47
2010-03
CT#47
2010-03
CT#47
2010-03
CT#47
2010-03
CT#47
2010-03
CT#47
2010-03
CT#47
2010-03
CT#47
2010-03
CT#47
2010-03
CT#47
2010-06
CT#48
2010-06
CT#48
2010-06
CT#48
2010-06
CT#48
2010-09
CT#49
2010-09
CT#49
CP100107
CP100144
CP100107
CP100107
CP100150
CP100150
CP100147
CP100147
CP100147
CP100107
CP100339
CP100339
CP100354
CP100339
CP100509
CP100485
0094
Editorial correction
3 Removing version identifier from ANDSF information request
9.1.0
9.1.1
9.1.1
9.2.0
0100
4 Emergency session handling (for handovers to HRPD access)
9.1.1
9.2.0
0104
1 Completion of Network selection procedures
9.1.1
9.2.0
0106
1 Corrections to decodes of Value part of EAP attribute
9.1.1
9.2.0
0107
2 DHCP discovery of ANDSF for UE while roaming
9.1.1
9.2.0
0108
2 UE's use of V-ANDSF information vs H-ANDSF information
9.1.1
9.2.0
0109
9.1.1
9.2.0
9.1.1
9.2.0
0113
1 Allowing UE optional behaviour towards networks not supporting
MUPSAP
Resolution of Editor’s note on PDN connection rejection in section
6.4.4
2 Handling of concurrent PDN connection requests at ePDG
9.1.1
9.2.0
0115
1 Correction on attachment with ePDG
9.1.1
9.2.0
9.2.0
9.3.0
9.2.0
9.3.0
0110
0118
0122
Correction to the Full Authentication and Fast Re-authentication
procedures
Reference Updates
0123
1 Corrections to PDN connection reject procedure for S2b interface
9.2.0
9.3.0
0125
Removing Editor's notes on AT_IPMS_IND, AT_IPMS_RES and
AT_TRUST_IND
4 Corrections to UE and ANDSF Pull mode procedures
9.2.0
9.3.0
9.3.0
9.4.0
9.3.0
9.4.0
0120
0129
Removing editor's note on HOME AGENT ADDRESS
3GPP