Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TS 29.500  Word version:  19.0.0

Top   Top   Up   Prev   Next
1…   5…   5.2.3.2…   5.2.3.3…   5.2.4…   6…   6.3…   6.4…   6.5…   6.6…   6.7…   6.10…   6.10.3…   6.10.6…   6.10.11…   6.10.12…   6.11…   A   B   C   D…
6 General Functionalities in Service Based Architecture6.1 Routing Mechanisms6.1.1 General6.1.2 Identifying a target resource6.1.3 Connecting inbound6.1.4 Pseudo-header setting6.1.4.1 General6.1.4.2 Routing within a PLMN6.1.4.3 Routing across PLMN6.1.4.3.1 General6.1.4.3.2 Use of telescopic FQDN between NFs and SEPP within a PLMN6.1.4.3.3 Use of 3gpp-Sbi-Target-apiRoot between NFs and SEPP within a PLMN6.1.4.3.4 Routing between SEPPs6.1.5 Host header6.1.6 Message forwarding6.2 Server-Initiated Communication6.2.1 General6.2.2 Subscription on behalf of NF Service Consumer6.2.3 Notification error handling
...

 

6  General Functionalities in Service Based Architecturep. 69

6.1  Routing Mechanismsp. 69

6.1.1  Generalp. 69

This clause specifies the generic routing mechanisms in the 5GC. Specific requirements to support Indirect communication are further defined in clause 6.10.
For HTTP message routing between Network Functions, the message routing mechanism as specified in Section 7 of RFC 9110 is almost followed with some differences due to the adoption of HTTP/2 and to some 5G system specificities.
Up

6.1.2  Identifying a target resourcep. 69

The target resource is identified by a target URI (e.g. a Resource URI, a Custom operation URI or a Callback URI as defined in clause 4.4 of TS 29.501).

6.1.3  Connecting inboundp. 69

If the request is not satisfied by a local cache, then the client shall connect to an authority server for the target resource or to a proxy.
If a proxy is applicable for the target URI, the client connects inbound by establishing (or reusing) a connection to that proxy as defined in Section 7.3.2 of RFC 9110. For connecting inbound to an authority not in the same PLMN, the client connects to the Security Edge Protection Proxy.
If no proxy is applicable, then the client connects directly to an authority server for the target resource as defined in RFC 9110.
Up

6.1.4  Pseudo-header settingp. 70

6.1.4.1  Generalp. 70

Once an inbound connection is obtained, the client sends a request message over the wire. The message starts with a HEADERS frame containing the Pseudo-Header Fields identifying the request target. The ":method" pseudo-header is always present.
When sending a request directly to an origin server or to a proxy, other than a CONNECT or server-wide OPTIONS request, a client shall include the below pseudo-headers:
  • ":scheme".
  • ":authority".
  • ":path" includes the path and query components of the target URI. The path includes the optional deployment-specific string of the Resource URI or Custom operation URI "apiRoot" part.
When sending a CONNECT request to a proxy, a client shall include the ":authority" pseudo-header. The ":scheme" and ":path" ones shall be absent.
When sending a server-wide OPTIONS request to an origin server or to a proxy, a client shall include the below pseudo-headers:
  • ":scheme".
  • ":authority".
  • ":path" set with the value "*".
Up

6.1.4.2  Routing within a PLMNp. 70

For HTTP/2 request messages where the target URI authority component designates an origin server in the same PLMN as the client, the ":authority" HTTP/2 pseudo-header field shall be set to:
":authority" = uri-host [":" port] as specified in Section 8.3.1 of RFC 9113, excluding the [userinfo "@"] information as specified in Section 3.2 of RFC 3986].
Where the uri-host shall be:
  • FQDN of the target NF service; or
  • IP address of the target NF service
The FQDN of the target NF service need not contain the PLMN identifier.
Up

6.1.4.3  Routing across PLMNp. 70

6.1.4.3.1  General |R16|p. 70
This clause specifies how to route requests across PLMNs when the target NF instance from the target PLMN has been selected by the source PLMN (i.e. PLMN of the NF service consumer). Specific requirements to support indirect communication with or without delegated discovery between different PLMNs with NF selection at target PLMN are defined in clause 6.10.12.
In order to reach the correct target NF service in the right PLMN and for HTTP/2 request messages where the target URI authority component designates an origin server not in the same PLMN as the client, the ":authority" HTTP/2 pseudo-header shall contain the FQDN including the PLMN ID.
The ":authority" pseudo-header field in the HTTP/2 request message shall be set to:
":authority" = uri-host [":" port] as specified in Section 8.3.1 of RFC 9113, excluding the [userinfo "@"] information as specified in Section 3.2 of RFC 3986.
Where the uri-host shall be:
  • FQDN of the target NF service or the FQDN (authority) part of a callback URI or a specified link relation
The FQDN of the target NF service or the FQDN (authority) part of a callback URI or a specified link relation shall contain the PLMN identifier.
The format of the FQDN of target NF service is specified in clause 28.5 of TS 23.003.
To allow for TLS protection between the SEPP and Network Functions within a PLMN, the SEPP shall support:
  • TLS wildcard certificate for its domain name and generation of telescopic FQDN, as specified in clause 13.1 of TS 33.501 and in clause 6.1.4.3.2; and
  • forwarding HTTP requests originated by NFs within the SEPP's PLMN towards the remote PLMN using the 3gpp-Sbi-Target-apiRoot header as specified in clause 6.1.4.3.3.
Both solutions for TLS protection between the SEPP and Network Functions within a PLMN may be used concurrently in a PLMN, e.g. in the transient phase where not all NFs of the PLMN have been upgraded to support the 3gpp-Sbi-Target-apiRoot header but when the PLMN operator would like to use the solution based on the 3gpp-Sbi-Target-apiRoot header with upgraded NFs. In this case, the SEPP should skip converting URIs into telescopic FQDNs (and use the solution based on 3gpp-Sbi-Target-apiRoot header) in:
  • HTTP responses received from the remote PLMN (e.g. including the FQDN of the target NF service) when the corresponding HTTP request contains a 3gpp-Sbi-Target-apiRoot header;
  • HTTP requests received from the remote PLMN (e.g. including callback URIs) using SEPP policies based on the target URI (i.e. target FQDN).
Up
6.1.4.3.2  Use of telescopic FQDN between NFs and SEPP within a PLMN |R16|p. 71
When using TLS wildcard certificate and telescopic FQDN between the SEPP and NFs within the SEPP's PLMN, the SEPP on the HTTP/2 client side shall form the telescopic FQDN, as specified in TS 23.003, for the following cases:
  • FQDN of the target NF service in HPLMN is modified into a telescopic FQDN by the SEPP in the VPLMN;
  • FQDN of the target NF service in VPLMN is modified into a telescopic FQDN by the SEPP in the HPLMN;
  • FQDN (authority) part of callback URI of NF service resources in VPLMN is modified into a telescopic FQDN by the SEPP in the HPLMN;
  • FQDN (authority) part of callback URI of NF service resources in HPLMN is modified into a telescopic FQDN by the SEPP in the VPLMN;
  • FQDN (authority) part of link relation URI of NF service resources in VPLMN is modified into a telescopic FQDN by the SEPP in the HPLMN;
  • FQDN (authority) part of link relation URI of NF service resources in HPLMN is modified into a telescopic FQDN by the SEPP in the VPLMN.
Up
6.1.4.3.3  Use of 3gpp-Sbi-Target-apiRoot between NFs and SEPP within a PLMN |R16|p. 71
When using the 3gpp-Sbi-Target-apiRoot header between the SEPP and NFs within the SEPP's PLMN, HTTP requests between the NFs and the SEPP shall be routed as specified in clause 6.10.2 for indirect communications, with the SEPP taking the role of the SCP.
When sending an HTTP request targeting a URI with an authority of a remote PLMN, NFs shall include the 3gpp-Sbi-Target-apiRoot header in the HTTP request, containing the apiRoot of the target URI in the remote PLMN, and shall set the apiRoot in the request URI to the apiRoot of the SEPP (or to the apiRoot of the SCP if the communication between the NF and SEPP goes through an SCP). The apiRoot of the SEPP (or SCP) may include an optional deployment-specific string of the SEPP (or SCP).
An SCP that receives an HTTP request targeting a URI with an authority of a remote PLMN shall route the HTTP request towards the SEPP as specified in clause 6.10.2 for indirect communications, i.e. the SCP shall forward the 3gpp-Sbi-Target-apiRoot header in the HTTP request it forwards to the SEPP, containing the apiRoot of the target URI in the remote PLMN, and it shall set the apiRoot in the request URI to the apiRoot of the SEPP.
If the SEPP receives an HTTP request from a NF with a request URI containing a telescopic FQDN and with a 3gpp-Sbi-Target-apiRoot header, the SEPP shall ignore the 3gpp-Sbi-Target-apiRoot header and route the request using the telescopic FQDN.
Up
6.1.4.3.4  Routing between SEPPs |R16|p. 72
The 3gpp-Sbi-Target-apiRoot header shall not be used between SEPPs if PRINS security is negotiated between the SEPPs. The apiRoot of the Request URI of the HTTP request encapsulating the protected message shall be set to the apiRoot of the remote SEPP. See clause 5.3.2.4 of TS 29.573.
If TLS security is negotiated between the SEPPs and at least one SEPP does not indicate support of the 3gpp-Sbi-Target-apiRoot header when negotiating the security policy, the SEPP shall use a pre-established TLS connection towards the other SEPP to forward the HTTP/2 messages sent by the NF service producers and NF service consumers, as is without reformatting. Additionally,
  • if the NF uses the 3gpp-Sbi-Target-apiRoot HTTP header in the HTTP Request to convey the target apiRoot to the sending SEPP, the sending SEPP shall remove the 3gpp-Sbi-Target-apiRoot header and set the apiRoot of the request URI it forwards on the N32-f interface to the apiRoot received in the 3gpp-Sbi-Target-apiRoot header from the HTTP client;
  • if the NF uses a telescopic FQDN in the HTTP Request to convey the target apiRoot to the sending SEPP, or if TLS is not used between the NF and the sending SEPP, the sending SEPP shall set the apiRoot of the Request URI in the HTTP Request towards the remote SEPP to the apiRoot of the target NF derived from the telescopic FQDN or from the request URI respectively.
If TLS security is negotiated between the SEPPs and both SEPPs indicate support of the 3gpp-Sbi-Target-apiRoot header when negotiating the security policy, HTTPS shall be used to forward messages between SEPPs. The sending SEPP shall replace the apiRoot of the Request URI in the HTTP Request with the apiRoot of the receiving SEPP before forwarding the HTTP Request on the N32 interface. Additionally,
  • if the NF uses the 3gpp-Sbi-Target-apiRoot HTTP header in the HTTP Request to convey the target apiRoot to the sending SEPP, the sending SEPP shall forward the 3gpp-Sbi-Target-apiRoot header unmodified in the HTTP request towards the remote SEPP;
  • if the NF uses a telescopic FQDN in the HTTP Request to convey the target apiRoot to the sending SEPP, or if TLS is not used between the NF and the sending SEPP, the sending SEPP shall insert the 3gpp-Sbi-Target-apiRoot header in the HTTP request towards the remote SEPP and set it to the apiRoot of the target NF derived from the telescopic FQDN or from the request URI respectively.
Up

6.1.5  Host headerp. 72

Clients that generate HTTP/2 requests shall use the ":authority" pseudo-header field instead of the Host header field.

6.1.6  Message forwardingp. 73

An HTTP/2 proxy shall use the ":authority" pseudo-header field to connect inbound to the origin server or another proxy if the request cannot be satisfied by the proxy cache.
An HTTP/2 proxy may also use other headers and/or content to connect inbound to the origin server or another proxy if the request cannot be satisfied by the proxy cache.

6.2  Server-Initiated Communicationp. 73

6.2.1  General |R17|p. 73

The Subscribe-Notify service operations shall be supported between NFs as specified in clause 7.1.2 of TS 23.501.
Subscribe-Notify service operations require bidirectional communication between the NFs when the server needs to initiate communication with the client.
Subscribe-Notify service operations shall be supported with two TCP connections, one per direction, as follows:
  • NF service consumer acts as an HTTP client and NF service producer acts as an HTTP server when NF service consumer subscribes to NF service producer's notifications;
  • NF service producer acts as an HTTP client and NF service consumer acts as an HTTP server when NF service producer delivers notifications to NF service consumer.
As described in TS 23.501, the Subscribe-Notify interaction requires the NF Service Consumer to provide a "notification endpoint" and a "notification correlation ID"; those are also called "callback URI" in the context of the present Technical Specification, and the authority of the "callback URI" is the HTTP endpoint where the notifications shall be delivered by the NF Service Producer. As indicated in TS 23.501, the interaction between NF Service Consumer and NF Service Producer may not occur, or may occur via interactions on a different service or API, prior to the notification sent by the NF Service Producer (e.g. for Implicit Subscriptions, or for Default Notifications); in that case, the notification is called "standalone notification", and shall be specified as described in clause 5.3.7 of TS 29.501.
For notifications sent in Direct Communication scenarios, if the authority of the callback URI contains an FQDN, the NF Service Producer shall use DNS as resolution mechanism in order to setup the TCP connection with the NF Service Consumer; for notifications sent in Indirect Communication scenarios, see clause 6.10.7.
Up

6.2.2  Subscription on behalf of NF Service Consumer |R17|p. 73

When an NF service consumer subscribes to an intermediate NF for events which may be detected and reported directly by target NF (e.g. an NEF subscribes to Location Reporting event at AMF via UDM and AMF directly reports to the NEF), the NF service consumer may include the "3gpp-Sbi-Consumer-Info" header in the subscription creation request to indicate the supported API versions, features and accepted encodings of the service on the target NF.
When subscribing to the target NF and requiring the target NF to directly report to NF service consumer, the intermediate NF shall invoke the highest API version at the target NF which is supported by the NF service consumer (if indicated) and the intermediate NF. The intermediate NF shall include all received "3gpp-Sbi-Consumer-Info" header(s) in the subscription creation request sent to the target NF.
If the target NF received this header in event subscription creation, the target NF shall generate the request body according to the supported feature(s) and accepted encodings of the NF service consumer for notifications directly sent to the NF service consumer.
Based on operator policy, the NF service consumer may provide a default inter-PLMN or intra-PLMN callback URI in a subscription request to the intermediate NF.
The NF Service Consumer may also include, for each provided service, the following information in the "3gpp-Sbi-Consumer-Info" header(s):
  • the intraPlmnCallbackRoot parameter containing the callback root for receiving intra-PLMN notifications, and
  • the interPlmnCallbackRoot parameter containing the callback root for receiving inter-PLMN notifications.
Upon receiving a subscription request including the above information in the "3gpp-Sbi-Consumer-Info" header, the intermediate NF should check if the target NF is in VPLMN or HPLMN and adapt the callback Root of the callback URI according to the information received from the NF service consumer. For instance, if the NF service consumer included an inter-PLMN callback URI in the subscription request:
  • if the target NF is in HPLMN, then the intermediate NF should replace the callback Root of the callback URI in the subscription request with the provided intraPlmnCallbackRoot while sending the subscription creation request to the target NF; and
  • if the target NF is in VPLMN, then the intermediate NF shall not change the notification/callback URI.
In either case, the Intermediate NF should then forward the "3gpp-Sbi-Consumer-Info" header in the subscription creation request sent to the target NF.
If the intermediate NF expects to receive notifications from the target NF (e.g. the UDM may provide the callback URI to receive subscription change event notifications from the AMF when subscribing to AMF events on behalf of the NEF), to enable the target NF to use, e.g., the proper callback URI, the supported features, the intermediate NF may provide the "3gpp-Sbi-Consumer-Info" header for itself in the subscription creation request to the target NF. If it does so, the intermediate NF shall include the intermediate NF indication parameter in the header.
When the target NF is an AMF, the source AMF should forward the information in the received "3gpp-Sbi-Consumer-Info" header(s) to the target AMF during inter-AMF mobility. If the target AMF received intraPlmnCallbackRoot and interPlmnCallbackRoot parameters in the "3gpp-Sbi-Consumer-Info" header information from the source AMF, the target AMF should determine the PLMN of the NF Service Consumer and adapt the callback root of the callback URI correspondingly.
Up

6.2.3  Notification error handling |R18|p. 74

The following requirements apply unless specified otherwise for a given API,
An NF Service Producer that sends a notification request should consider that the subscription is no longer valid and terminate the subscription, if it receives any of the following response codes and application errors:
  • "400 Bad Request" with the application error "RESOURCE_CONTEXT_NOT_FOUND"; or
  • "404 Not Found" with the application error "SUBSCRIPTION_NOT_FOUND".
An NF Service Producer should not keep on sending notification requests to an NF service consumer and may consider that the subscription is no longer valid and terminate the subscription, if it receives one or more "404 Not Found" responses without application errors or with other application errors.
Up

Up   Top   ToC