Professional Documents
Culture Documents
EPDG Overview
EPDG Overview
EPDG Overview
Introduction
• Due to tremendous surge in smart phones and other tablet devices leading to unpredictable data usage growth
rates, While the obvious choice seems to be improving the existing EPC core and access with improved
network architecture to enable bandwidth usage growth, it is not a cost efficient and scalable solution.
• One of the most significant approaches is offloading traffic over other access technologies such as Wi-Fi,
Femto or Small-cells that are connected to the EPC through untrusted 3rd party access networks such as DSL,
Cable, and FTTH. Wi-Fi is uniquely positioned to handle the data surge and throughput requirements on the
mobile networks.
• Operators today can create strategic value by integrating Wi-Fi with their core networks to extend service
reach (esp. indoor coverage), manage capacity, and deliver enhanced customer experience. ePDG and AAA
are crucial network components that allow this integration of non-3GPP Wi-Fi access into the Evolved Packet
Core (EPC). It enables in the operator’s network:
-Secure Access
-Efficient Extension of Network Coverage
-Harmonized Service Capability
-Seamless Mobility
• Figure below shows an overview of Ice.net’s network, where Native Wi-Fi calling, purpose of this
delivery, is added as a new access method to Ice.net’s Network.
• Support of both IPv4 and IPv6 for protocols used in the Access side.
• ePDG provides Ice.net Native VoWiFi clients with the abilities to perform:
-EPC Attachment via an untrusted Wi-Fi network
-IMS Registration over an untrusted Wi-Fi network
-Wi-Fi calling via Ice.net IMS network towards IMS, CS and PSTN numbers
-Encrypted communication
• The UE can connect to the EPC using several access technologies. These
access technologies are composed of
• SWu (UE – ePDG) :The SWu interface is the interface between the UE and the ePDG which supports IPsec tunnels.
• SWm (ePDG – AAA) :The SWm interface is between the ePDG and an external 3GPP-AAA server.
• S2b (ePDG – PGW) :The S2b is interface between the ePDG and the PDN GW. The S2b interface is based upon GTP.
RM – Resource Manager functions as “front end” to the system for external traffic presenting
the system as a single entity rather than individual nodes. RM components are configured as
1:1 (active/standby) pair
DM – Distribution Manager responsible for distribution of internal traffic within system. DM
components are configured as 1:1 (active/standby) pair.
AM – Admin Manager responsible for the management of the system providing EMS as well
as FCAPS functionality. AM components are configured as 1:1 (active/standby) pair.
MP- Media Processor responsible for processing all media plane or user plane packets.
CE- Control Engine responsible for the application logic. Ex. EPDG. CE components are
configured as 1:1 (active/standby) pair to preserve the session states.
1. IPsec tunnel is established between UE and ePDG. UE packages the service packet inside
another IP packet.
3. The outer packet is sourced from the UE’s private IP address within the Wi-Fi network and is
destined to ePDG service address.
4. For illustration purposes, Wi-Fi Access Point, NATs the outer address in IP header. It is now
replaced with Wi-Fi AP’s internet IP address.
5. The packet arrives at ePDG and integrity/confidentiality functions are performed on the ESP.
The packaged IP packet is now ready to be routed to any service within the provider network
which is here sent towards the PDN Gateway after GTP tunneling.
• During the IKEv2 Security Association establishment, the UE provides its identity in the IDi
payload of the IKE_AUTH message. It is possible that attacker generate valid SA_INIT
message with cookie and a subsequent IKE_AUTH with invalid Idi to overload IKE service
and AAA. The operator network can easily be protected against such attacks by filtering our
invalid identities. The UE identity must be in NAI format of username@realm.
• The username field contains IMSI preceded by “1” or “0” depending upon EAP-SIM or EAP-
AKA is used for the authentication (assuming full authentication is used).
234150999999999 (MCC = 234, MNC = 15), the root NAI then takes the form:
0234150999999999@nai.epc.mnc015.mcc234.3gppnetwork.org.
234150999999999 (MCC = 234, MNC = 15), the root NAI then takes the form:
1234150999999999@nai.epc.mnc015.mcc234.3gppnetwork.org.
• ePDG discovery
ePDG will be dynamically discovered by the UE based on DNS queries for resolving the ePDG FQDN.
GLB (Global Load Balancer) will provide the DNS functionality. GLB will randomly pick one IP from the
first site and one IP from the second site and return them to UE in random order. GLB will NOT provide
any capability to monitor the availability of ePDG, e.g. via ICMP.
• PGW selection
PGw Selection from ePDG can be done in one of the following ways, as per configuration:
• Static: ePDG is instructed to select the returned from HSS (via the AAA) PGw IP address.
If no PGw is allocated to the user, ePDG will perform a DNS query to resolve the APN
FQDN
• Dynamic: ePDG will perform a DNS query to resolve the APN FQDN apart from the
Handover cases where ePDG will select the returned from HSS PGw Identity.
the Dynamic method will be implemented in both ePDG and HSS
• P-CSCF discovery
UE will request P-CSCF IPv6 address using the P-CSCF_IP6_ADDRESS attribute in the
CFG_REQUEST configuration payload, as described in TS 24.302 and shown in the “UE
Attachment” call flow The ePDG will map the request to a Private IE in the “Create Bearer
Request” towards the PGW.
UE will then use the received P-CSCF IPv6 IP address for contacting IMS on SIP level that is
sending SIP Registration and subsequent SIP signaling.
The procedure by which the UE discovers the ePDG IPv4 address in order to initiate the IKEv2
authentication procedure. It does this by constructing the ePDG FQDN (Fully Qualified Domain
Name) from the Home PLMN ID
1. The UE performs a DNS lookup against its local DNS (hosted by the broadband ISP), using
the derived FQDN string described above.
2. The local DNS learns (via delegation by the GSMA authoritative DNS) that is needs to query
ICE’s Internet DNS.
3,4. The UE obtains the ePDG public IPv4 address. UE will use the received IPv4 address to
send the IKE_INIT message to initiate the attach over WiFi procedure
• 811_UAG_DIAMETER
• 812_UAG_EPDG_GTPV2
• 814_UAG_EPDG_IKE
• 816_UAG_EPDG_APN
• 810_UAG_EPDG_FUNCTIONAL
• 814_UAG_EPDG_IKE
• 816_UAG_EPDG_APN
• 818_UAG_EPDG_LATENCY
• 819_UAG_EPDG_BEARERS
• for CE
• to check core
• programe version