Content for TS 24.302 Word version: 18.0.0

1 Scope p. 13

The present document specifies the discovery and network selection procedures for access to 3GPP Evolved Packet Core (EPC) via non-3GPP access networks and includes Authentication and Access Authorization using Authentication, Authorization and Accounting (AAA) procedures used for the interworking of the 3GPP EPC and the non-3GPP access networks.

The present document also specifies the Tunnel management procedures used for establishing an end-to-end tunnel from the UE to the ePDG to the point of obtaining IP connectivity and includes the selection of the IP mobility mode.

The non-3GPP access networks considered in this present document are cdma2000® HRPD and Worldwide Interoperability for Microwave Access (WiMAX), and any access technologies covered in TS 23.402. The present document also specifies UE access to PLMN IP-based services via restrictive non-3GPP access networks covered in TS 33.402. These non-3GPP access networks can be trusted or untrusted access networks.

The present document is applicable to the UE and the network. In this technical specification the network is the 3GPP EPC.

2 References p. 13

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.

References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
For a specific reference, subsequent revisions do not apply.
For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.

[1]

TR 21.905: "Vocabulary for 3GPP Specifications".

[2] Void.

[2A]

TS 23.002: "Network architecture".

[3]

TS 23.003: "Numbering, addressing and identification".

[4]

TS 23.122: "Non-Access-Stratum (NAS) functions related to Mobile Station (MS) in idle mode".

[5] Void.

[5A]

TS 23.203: "Policy and Charging Control Architecture".

[6]

TS 23.402: "Architecture enhancements for non-3GPP accesses".

[6A]

TS 23.501: "System Architecture for the 5G System; Stage 2".

[7] Void.

[8] Void.

[9]

TS 24.234: v12.2.0: "3GPP System to Wireless Local Area Network (WLAN) interworking; WLAN User Equipment (WLAN UE) to network protocols".

[10]

TS 24.301: "Non-Access-Stratum (NAS) protocol for Evolved Packet System (EPS)".

[11]

TS 24.303: "Mobility management based on Dual-Stack Mobile IPv6".

[12]

TS 24.304: "Mobility management based on Mobile IPv4; User Equipment (UE) - Foreign Agent interface".

[13]

TS 24.312: "Access Network Discovery and Selection Function (ANDSF) Management Object (MO)".

[14]

TS 25.304: "User Equipment (UE) procedures in idle mode and procedures for cell reselection in connected mode".

[14A]

TS 25.331: "Radio Resource Control (RRC); Protocol Specification".

[15]

TS 33.402: "3GPP System Architecture Evolution: Security aspects of non-3GPP accesses".

[16]

TS 36.304: "Evolved Universal Terrestrial Radio Access (E-UTRA); User Equipment (UE) procedures in idle mode".

[16A]

TS 45.008: "Radio Access Network; Radio subsystem link control".

[16B]

TS 36.331: "Evolved Universal Terrestrial Radio Access (E-UTRA) Radio Resource Control (RRC); Protocol specification".

[17]

TS 29.273: "Evolved Packet System; 3GPP EPS AAA Interfaces".

[18]

TS 29.275: "Proxy Mobile IPv6 (PMIPv6) based Mobility and Tunnelling protocols".

[19]

TS 29.276: "Optimized Handover Procedures and Protocols between EUTRAN Access and cdma2000 HRPD Access".

[20]

3GPP2 X.S0057-B v2.0: "E-UTRAN - HRPD Connectivity and Interworking: Core Network Aspects".

[21]

3GPP2 C.S0087-A v4.0: "E-UTRAN - HRPD and CDMA2000 1x Connectivity and Interworking: Air Interface Aspects".

[22] Void.

[23]

3GPP2 C.S0024-B v3.0: "cdma2000® High Rate Packet Data Air Interface Specification".

[23A]

3GPP2 C.S0016-D v1.0: "Over-the-Air Service Provisioning of Mobile Stations in Spread Spectrum Standards".

[24]

WiMAX Forum Network Architecture Release 1.0 version 1.2 - Stage 2: "Architecture Tenets, Reference Model and Reference Points", November 2007.

[25]

WiMAX Forum Network Architecture Release 1.0 version 1.2 - Stage 3: "Detailed Protocols and Procedures", November 2007.

[26]

WiMAX Forum Mobile System Profile Release 1.0: Approved Specification Revision 1.4.0, April 2007.

[27]

IEEE Std 802.16e-2005 and IEEE Std 802.16-2004/Cor1-2005: "IEEE Standard for Local and Metropolitan Area Networks, Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems Amendments 2 and Corrigendum 1", February 2006.

[28]

RFC 7296 7296 (October 2014): "Internet Key Exchange Protocol Version 2 (IKEv2)".

[29]

RFC 3748 (June 2004): "Extensible Authentication Protocol (EAP)".

[30]

RFC 4301 (December 2005): "Security Architecture for the Internet Protocol".

[31]

RFC 4555 (June 2006): "IKEv2 Mobility and Multihoming Protocol (MOBIKE)".

[32]

RFC 4303 (December 2005): "IP Encapsulating Security Payload (ESP)".

[33]

RFC 4187 (January 2006): "Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA)"

[34]

RFC 3629 (November 2003): "UTF-8, a transformation format of ISO 10646".

[35]

RFC 1035 (November 1987): "DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION".

[36]

Void.

[37]

RFC 6153 (February 2011): "DHCPv4 and DHCPv6 Options for Access Network Discovery and Selection Function (ANDSF) Discovery".

[38]

RFC 5448 (May 2009): "Improved Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA')".

[39]

OMA-ERELD-DM-V1_2: "Enabler Release Definition for OMA Device Management".

[40] Void

[41]

"Unicode 5.1.0: Unicode Standard Annex #15; Unicode Normalization Forms", March 2008. http://www.unicode.org.

[42]

TS 33.220: "Generic Authentication Architecture (GAA); Generic bootstrapping architecture".

[43]

TS 29.109: "Generic Authentication Architecture (GAA); Zh and Zn Interfaces based on the Diameter protocol".

[44]

TS 33.222: "Generic Authentication Architecture (GAA); Access to network application functions using Hypertext Transfer Protocol over Transport Layer Security (HTTPS)".

[45]

TS 31.102: "Characteristics of the Universal Subscriber Identity Module (USIM) application".

[46]

TS 24.008: "Mobile radio interface Layer 3 specification; Core network protocols; Stage 3".

[47]

TS 33.223: "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) Push function".

[48]

TS 24.007: "Mobile radio interface signalling layer 3; General aspects".

[49]

RFC 4739: "Multiple Authentication Exchanges in the Internet Key Exchange (IKEv2) Protocol".

[50]

TS 29.274: "Tunnelling Protocol for Control plane (GTPv2-C)".

[51]

TS 24.139: "3GPP System-Fixed Broadband Access Network Interworking; Stage 3".

[52]

TS 24.109: "Bootstrapping interface (Ub) and network application function interface (Ua); Protocol details".

[53]

RFC 2817 (May 2000): "Upgrading to TLS Within HTTP/1.1".

[54] Void.

[55] Void.

[56]

TS 24.244: "Wireless LAN control plane protocol for trusted WLAN access to EPC".

[57]

IEEE Std 802.11-2016: "IEEE Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications".

[58]

IEEE Std 802-2014: "IEEE Standard for Local and Metropolitan Area Networks: Overview and Architecture", 30th June 2014.

[59] Void.

[60]

RFC 4284 (January 2006): "Identity Selection Hints for the Extensible Authentication Protocol (EAP)".

[61]

IEEE Std 802.1X™-2010: "IEEE Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Port-based Network Access Control".

[62]

RFC 4282: "The Network Access Identifier".

[63]

ITU-T Recommendation E.212: "The international identification plan for mobile terminals and mobile users".

[64]

RFC 7651 (September 2015): "3GPP IP Multimedia Subsystems (IMS) Option for the Internet Key Exchange Protocol Version 2 (IKEv2)".

[65]

TS 33.310: "Network Domain Security (NDS); Authentication Framework (AF)".

[66]

TS 23.380: "IMS Restoration Procedures".

[67]

TS 24.229: "IP multimedia call control protocol based on Session Initiation Protocol (SIP) and Session Description Protocol (SDP); Stage 3".

[68]

TS 23.161: "Network-Based IP Flow Mobility (NBIFOM); Stage 2".

[69]

TS 24.161: "Network-Based IP Flow Mobility (NBIFOM); Stage 3".

[70]

TS 36.300: "Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Overall description; Stage 2".

[70A]

RFC 4309 (December 2005): "Internet Key Exchange Protocol Version 2 (IKEv2)".

[70B]

RFC 7296 (October 2014): "Internet Key Exchange Protocol Version 2 (IKEv2)".

[71]

RFC 6696 (July 2012): "EAP Extensions for the EAP Re-authentication Protocol (ERP)".

[72]

RFC 3948 (January 2005): "UDP Encapsulation of IPsec ESP Packets".

[73]

RFC 2234 (November 1997): "Augmented BNF for Syntax Specification: ABNF".

[74]

RFC 5279 (July 2008): "A Uniform Resource Name (URN) Namespace for the 3rd Generation Partnership Project (3GPP)".

[75]

RFC 2474 (December 1998): "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers".

[76]

TS 24.501: "Non-Access-Stratum (NAS) protocol for 5G System (5GS); Stage 3".

[77]

TR 24.502: "Access to the 3GPP 5G Core Network (5GCN) via non-3GPP access networks".

[78]

TS 33.501: "Security architecture and procedures for 5G System".

3 Definitions, symbols and abbreviations p. 16

3.1 Definitions p. 16

For the purposes of the present document, the terms and definitions given in TR 21.905 and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.

Access Network Discovery and Selection Function:

In this specification, Access Network Discovery and Selection Function (ANDSF) is a network element specified in TS 23.402. Unless otherwise specified, the term ANDSF is used to refer to both Home and Visited ANDSF.

ANDSF rules:

In this specification, ANDSF rules refers to the set of ANDSF policies defined in TS 24.312 for WLAN access selection and traffic routing between E-UTRAN or UTRAN and WLAN. ANDSF rules can contain RAN validity conditions for RAN-assisted WLAN interworking.

Emergency session:

In this specification, an emergency session refers to an emergency PDN connection established in E-UTRAN and handed over to a S2a based cdma2000® HRPD access network, or an emergency PDN connection established over trusted or untrusted WLAN access, or an emergency PDN connection established in 3GPP access and handed over to trusted or untrusted WLAN access.

Equivalent home service provider:

In this specification, equivalent home service provider is a service provider that is equivalent to HPLMN in regard to service provider selection over WLAN.

Equivalent visited service provider:

In this specification, equivalent visited service provider is a service provider that is equivalent to the V-PLMN in regard to service provider selection over WLAN.

Home ANDSF:

In this specification, the Home ANDSF (H-ANDSF) is an ANDSF element located in the home PLMN of a UE.

Offload Preference Indicator (OPI):

In this specification, Offload Preference Indicator (OPI) is a bitmap (i.e. a one-dimensional bit array) that can be used by UEs in an E-UTRA or UTRA cell to determine when to move certain traffic (e.g. certain IP flows) to WLAN access or to 3GPP access. The meaning of each bit in this bitmap is operator specific and is not defined in 3GPP specifications.

Offloadable PDN connection:

In this specification, an offloadable PDN connection is a PDN connection, established in (or previously handed over to) 3GPP access, such that:

the WLAN offload indication information element (see TS 24.301 and TS 24.008) last received for the PDN connection has the "offloading the traffic of the PDN connection via a WLAN when in S1 mode is acceptable" value and the UE is in S1 mode; or
the WLAN offload indication information element (see TS 24.301 and TS 24.008) last received for the PDN connection has the "offloading the traffic of the PDN connection via a WLAN when in UTRAN Iu mode is acceptable" value and the UE is in UTRAN Iu mode.

Preferred Service Providers List (PSPL):

In this specification, the Preferred Service Providers List refers to a prioritized list of service provider realms other than equivalent home service providers preferred by the UE's 3GPP home operator for WLAN.

Set of Access network discovery information:

In this specification, a set of Access network discovery information is the access network discovery information from a single ANDSF.

Set of Inter-system mobility policy:

In this specification, a set of Inter-system mobility policy is the inter-system policy information received from a single ANDSF.

Visited ANDSF:

In this specification, the Visited ANDSF (V-ANDSF) is an ANDSF element located in the visited PLMN of a UE.

RAN Assistance Information:

In this specification, RAN Assistance Information refers to the set of thresholds and parameters that can be provided by E-UTRAN or UTRAN to the UE for assisting WLAN access selection and traffic routing. The RAN assistance information can include 3GPP access thresholds, WLAN access thresholds, an Offload Preference Indicator (OPI) value and WLAN identifiers as defined in TS 25.331 and TS 36.331.

RAN rules:

In this specification, RAN rules refers to the set of RAN assistance parameter and RAN steering command handling, access network selection and traffic steering procedures defined in TS 36.304, TS 25.304 and TS 36.331 for the steering of traffic between E-UTRAN or UTRAN and WLAN associated with RAN-controlled LTE-WLAN interworking or RAN-assisted WLAN interworking.

Restrictive non-3GPP access network type I:

a non-3GPP access network forwarding IP packets of TCP connections initiated by a served UE, with destination port 443, and with destination address outside of the non-3GPP access network, and discarding IP packets of some or all other TCP connections initiated by the served UE, with destination address outside of the non-3GPP access network.

Restrictive non-3GPP access network type II:

a non-3GPP access network discarding IP packets of TCP connections initiated by a served UE, with destination address outside of the non-3GPP access network, where the non-3GPP access network contains HTTP proxy supporting HTTP CONNECT method for URIs with port 443 and with host outside of the non-3GPP access network.

Restrictive non-3GPP access network:

restrictive non-3GPP access network type I or restrictive non-3GPP access network type II.

Firewall traversal tunnel (FTT):

a TCP connection with TLS connection enabling passing of messages between UE in restrictive non-3GPP access network and ePDG.

Firewall traversal tunnel keep-alive time (FTT KAT):

a maximum time between two subsequent messages sent by UE in the firewall traversal tunnel.

Unauthenticated IMSI:

In this specification, the term "unauthenticated IMSI" or the term "IMSI is unauthenticated" is only pertinent to the network. The knowledge that a UE's IMSI is unauthenticated or that the UE has an unauthenticated IMSI, is not available to the UE.

WLAN Selection Policy (WLANSP):

In this specification, the WLAN Selection Policy is a set of operator-defined rules that determine how the UE selects/reselects a WLAN access network.

WLAN selection information:

In this specification, WLAN selection information refers to the information received from ANDSF including WLAN Selection Policy (WLANSP), rule selection information, Home Network Preference information and Visited Network Preference information as specified in TS 24.312.

Visited PLMNs with preferred rules:

In this specification, visited PLMNs with preferred rules included in the rule selection information refers to a list of identifiers of visited PLMNs provided by HPLMN, so that the UE roaming in such visited PLMN prefers ISMP, ISRP or WLANSP rules provided by the visited PLMN over ISMP, ISRP or WLANSP rules provided the HPLMN. In ANDSF MO, the visited PLMNs with preferred rules correspond to the ANDSF/RuleSelectionInformation/VPLMNswithPreferredRules interior node.

For the purposes of the present document, the following terms and definitions given in TS 23.122 apply:

Acceptable cell

EHPLMN

Home PLMN

Limited service state

RPLMN

Visited PLMN

For the purposes of the present document, the following terms and definitions given in TS 23.402 apply:

IFOM capable UE

Inter-APN routing capable UE

Local Operating Environment Information

MAPCON capable UE

S2a

S2b

S2c

Non-seamless WLAN offload capable UE

Single-connection mode (SCM)

Transparent single-connection mode (TSCM)

Multi-connection mode (MCM)

For the purposes of the present document, the following terms and definitions given in TS 29.273 apply:

STa

For the purposes of the present document, the following terms and definitions given in TS 24.301 apply:

Evolved packet core network

Evolved packet system

For the purposes of the present document, the following terms and definitions given in WiMAX Forum Network Architecture Release 1.0 version 1.2 - Stage 3 [25] apply:

Network Access Provider

Network Service Provider

For the purposes of the present document, the following terms and definitions given in TS 33.402 apply:

External AAA server

For the purposes of the present document, the following terms and definitions given in TS 24.312 apply:

Active rule

Valid rule

For the purposes of the present document, the following terms and definitions given in TS 23.003 that relate to access to 3GPP evolved packet core via non-3GPP access networks, apply:

NAI

Alternative NAI

Decorated NAI

Emergency NAI

Fast-Reauthentication NAI

Pseudonym Identity

Root NAI

For the purposes of the present document, the following terms and definitions given in TS 23.002 apply:

3GPP AAA Proxy

3GPP AAA Server

For the purposes of the present document, the following terms and definitions given in TS 23.161 apply:

NBIFOM

Routing Rule

UE-inititaed NBIFOM

Network-initiated NBIFOM

Multi-access PDN connection

For the purposes of the present document, the following terms and definitions given in TS 24.501 apply:

N1 mode

PDU session ID

3.2 Abbreviations p. 19

For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905.

AAA

Authentication, Authorization and Accounting

ACL

Access Control List

AKA

Authentication and Key Agreement

ANDSF

Access Network Discovery and Selection Function

ANDSF-SN

Access Network Discovery and Selection Function Server Name

ANID

Access Network Identity

ANQP

Access Network Query Protocol

APN

Access Point Name

DHCP

Dynamic Host Configuration Protocol

Device Management

DNS

Domain Name System

DSCP

Differentiated Services Code Point

DSMIPv6

Dual-Stack MIPv6

eAN/PCF

Evolved Access Network Packet Control Function

EAP

Extensible Authentication Protocol

EPC

Evolved Packet Core

ePDG

Evolved Packet Data Gateway

EPS

Evolved Packet System

ERP

EAP Re-authentication Protocol

ESP

Encapsulating Security Payload

FQDN

Fully Qualified Domain Name

GAA

Generic Authentication Architecture

GBA

Generic Bootstrapping Architecture

Home Agent

H-ANDSF

Home-ANDSF

HRPD

High Rate Packet Data

HSGW

HRPD Serving Gateway

IEEE

Institute of Electrical and Electronics Engineers

IFOM

IP Flow Mobility

IKEv2

Internet Key Exchange version 2

IARP

Inter-APN Routing Policy

IPMS

IP Mobility Mode Selection

ISMP

Inter-system Mobility Policy

ISRP

Inter-system Routing Policy

IANA

Internet Assigned Numbers Authority

I-WLAN

Interworking - WLAN

MAPCON

Multi Access PDN Connectivity

MCM

Multi-connection mode

Management Object

NAI

Network Access Identifier

NAP

Network Access Provider

NBIFOM

Network-Based IP Flow Mobility

NBM

Network based mobility management

NSP

Network Service Provider

NSSAI

Network Slice Selection Assistance Information

NSWO

Non-Seamless WLAN Offload

NSWOF

Non-Seamless WLAN Offload Function

OMA

Open Mobile Alliance

OPI

Offload Preference Indicator

PCO

Protocol Configuration Options

P-GW

PDN Gateway

PDU

Protocol Data Unit

PSPL

Preferred Service Provider List

QoS

Quality of Service

SCM

Single-connection mode

S-GW

Serving Gateway

S-NSSAI

Single NSSAI

SPI

Security Parameters Index

TFT

Traffic Flow Template

TSCM

Transparent single-connection mode

User Equipment

UICC

Universal Integrated Circuit Card

V-ANDSF

Visited-ANDSF

W-APN

WLAN APN

WiMAX

Worldwide Interoperability for Microwave Access

WLAN

Wireless Local Area Network

WLANSP

WLAN Selection Policy

WLCP

WLAN Control Protocol

WMF

WiMAX Forum