SlideShare a Scribd company logo

Attach flow & srb

Mausam Panchal
Mausam Panchal

The document describes network identities and procedures used in LTE attach flows. It discusses identifiers like GUTI, RNTI, and bearers. The attach flow involves the UE sending an attach request to the eNB which triggers authentication and establishment of default bearer towards the PGW, after which the UE receives an attach accept. Timers are involved at different nodes during this process.

Education
1 of 115
Download to read offline
Attach – Call Flow 13 Feb 2016
2015 © Samsung Electronics 2 2015 © Samsung Electronics 2 Network Identities
2015 © Samsung Electronics 3 2015 © Samsung Electronics 3  GUTI – Globally Unique Temporary UE Identity - is assigned only by the MME during initial attach of a UE to the E-UTRAN – masks the true identity of the subscriber  GUTI provides an unambiguous identification of the UE that does not revel the UE’s permanent identity. It also allows identification of the MME and Network to which UE attaches  GUTI has to main components - GUMMEI Globally Unique Mobility management Entity Identifier and the M –TMSI that uniquely identifies the UE within the MME  For paging, the mobile is paged with the S-TMSI which is a shorter version of GUTI  On the S1 Interface, the IMSI is typically not seen just like the GUTI. Exceptions are initial attach when no old GUTI is stored on the USIM card or in paging procedure Identities Used in LTE - GUTI MCC and MNC are 3 DIGITS
2015 © Samsung Electronics 4 2015 © Samsung Electronics 4  RNTI – Radio Network Temporary Identifier  RNTI is signaled in the MAC Layer. When MAC uses the PDCCH to indicate radio resource allocation, the RNTI is mapped on the PDCCH depends on the logical channel type -  C- RNTI : Temporary Cell Radio Network Temporary Identifier for Dedicated Control Channel (DCCH and DTCH). It defines which data sent in DL belongs to a particular subscriber – all RRC messages are marked with same C RNTI for a subscriber  P- RNTI : Paging Radio Network Temporary Identifier for Paging Control Channel (PCCH) is derived from IMSI. It does not refer to a particular UE but to a group of UEs.  RA- RNTI : Random Access Radio Network Temporary Identifier for Random Access Response (RAR) on DL-SCH – assigned to particular UE and is contained in the response from eNode B for PRACH. The UE then uses this RA- RNTI to send RRC Connection Request  Temporary C-RNTI for Common Control Channel (CCCH) during random access procedure  SI- RNTI : System Information Radio Network Temporary Identifier for Broadcast Control Channel (BCCH) – sent on PDCCH - it signals to all UEs where SIBs are found on PDSCH Identities Used in LTE - RNTI RNTI Values
2015 © Samsung Electronics 5 2015 © Samsung Electronics 5 LTE Identities
2015 © Samsung Electronics 6 2015 © Samsung Electronics 6 Bearers
2015 © Samsung Electronics 7 2015 © Samsung Electronics 7 LTE Identifiers
2014 © Samsung Electronics 8 UE Temporary ID’s at different interfaces
2014 © Samsung Electronics 9 S1AP Interface  In between eNB and MME, the User can be identified using the S1AP ID’s.  eNB-UE-S1AP ID is the S1AP ID terminating at the eNB side  MME-UE-S1AP ID is the S1AP ID terminating at the MME Side.
2014 © Samsung Electronics 10 GTP Teid’s  GTP-C Teid’s (S11 MME GTPC Teid and S11/S4 SGW GTPC Teid) are used as the control plane teid’s at MME and GW respectively.  GTP-U Teid’s(S1-U eNB GTPU Teid and S1-U SGW GTPU Teid) are used as the user plane teid’s at eNB and GW respectively.
2014 © Samsung Electronics 11 Diameter Session ID  Gx Diameter Session Id can be used to identify the diameter packets related to a particular subscriber session.  Gx diameter session Id will be created when the session is created for the subscriber and will stay till the session is available.
12 Attach Call Flow
2014 © Samsung Electronics 13 Attach Procedure
2015 © Samsung Electronics 14 Attach Procedure T300 stops in UE T300 starts in UE (200ms) Timer starts in eNB : RRC_CONNECTION_SETUP (1000 ms) Timer stops in eNB : RRC_CONNECTION_SETUP Timer Stops at UE : S1_INITIAL_CONTEXT_SETUP Timer Starts at UE : S1_INITIAL_CONTEXT_SETUP = 10000 ms
2015 © Samsung Electronics 15 Attach Procedure RRC Connection Reconfiguration message including EPS Radio Bearer Identity and Attach Accept message; UE sends Uplink Information Transfer message to the eNodeB which includes the Attach Complete message
2015 © Samsung Electronics 16 Attach Procedure RRC Connection Reconfiguration message including EPS Radio Bearer Identity and Attach Accept message; UE sends Uplink Information Transfer message to the eNodeB which includes the Attach Complete message Timer starts in eNB : RRC_CONNECTION_RECONFIG = 1500 ms Timer stops in eNB : RRC_CONNECTION_RECONFIG = 1500 ms Timer starts in eNB : RRC_SECURITY_MODE_COMMAND = 2000 ms Timer stops in eNB : RRC_SECURITY_MODE_COMMAND Timer starts in eNB : RRC_UE_CAPABILITY_ENQUIRY[ms] = 2000
2015 © Samsung Electronics 17 RACH rrcConnection Request rrcConnection Setup rrcConnection Setup Complete EPS mobility management
2015 © Samsung Electronics 18 RACH Trigger (Two Examples)
2015 © Samsung Electronics 19 RRC Connection Request (UpLink) (Two Examples)
2015 © Samsung Electronics 20 RRC Connection Setup (Down Link)
2015 © Samsung Electronics 21 RRC Connection Setup Complete (Uplink) Attach Request
2015 © Samsung Electronics 22 • The UE initiates the Attach procedure by sending the Attach Request message to the eNodeB with following identities. • IMSI or GUTI • TAI (if available) • UE Capabilities - indicates supported NAS and AS security algorithms by UE • Attach Type - indicates EPS or combined EPS/IMSI • ESM Message Container • RRC Parameters • The ESM Message Container contains the following identities. • Request Type • PDN Type - indicates requested IP version (IPv4, IPv6 or IPv4v6) • Protocol Configuration Options (PCO) - included by UE and sent transparently to MME to indicate Address allocation preference of UE (eg. after establishing default bearer using DHCP) • Ciphered Options Transfer flag - must be set if PCO or APN or both are to be sent by UE • KSIASME (if valid EPS security parameters available) • NAS Sequence number (if valid EPS security parameters available) • NAS-MAC (if valid EPS security parameters available) • additional GUTI • P-TMSI • The RRC parameters indicate the Selected Network and old GUMMEI. Attach Request
2015 © Samsung Electronics 23 RRC Connection Setup Complete (Uplink) Attach Request
2015 © Samsung Electronics 24 RRC Connection Setup Complete (Uplink) Attach Request
2015 © Samsung Electronics 25 RRC Connection Setup Complete (Uplink)
2015 © Samsung Electronics 26 RRC Connection Setup Complete (Uplink) Attach Request
2015 © Samsung Electronics 27 RRC Connection Setup Complete (Uplink) Attach Request
2015 © Samsung Electronics 28 • UE-AMBR and APN-AMBR • APN-AMBR The APN-AMBR defines the total bit rate that is allowed for all non-GBR bearers associated with a specific APN. The APN-AMBR limits the total non-GBR traffic for an APN, independent of the number of PDN connections and non-GBR bearers that are opened for that APN. For example, if an operator provides an APN for Internet, the operator may then limit the total bandwidth for that APN. UE-AMBR • The UE-AMBR is defined per subscriber and defines the total bit rate allowed to be consumed for all non-GBR bearers of a UE. The subscription profile contains the UE-AMBR. The eNodeB enforces the UE-AMBR. • There are different AMBR values for uplink and downlink directions - UL APN-AMBR, DL APN- AMBR, and UL UE-AMBR, DL UE-AMBR. AMBR
29 Samsung Confidential and Proprietary Information. All Contents Copyright ⓒ 2011 Samsung Electronics Co., Ltd. RJIL Initial Attach Request (APN=jionet) SAE GW UE eNB MME S-GW P-GW HSS PCRF SPR Power on RRC Connection Setup 1. Attach Request(PDN Connectivity Request) 3. UE IP allocation LTE Authentication NAS Security Setup 2. Create Session Request IMSI, MSISDN, APN=jionet, PCO, Bearer Context (Bearer ID, Bearer QoS – QCI:9, GBR: 0, MBR: 0) 4. CCR(Indication of IP-CAN Session establishment) Initial Request, Subscription-Id(e.g., IMSI), UE-IP, APN, Event- Report, QoS Info(APN-AMBR(UL/DL)), EPS Bearer QoS(QCI, ARP) 5. Profile Request 6. Profile Response User Profile = internet 7. Policy Decision 8. CCA(Acknowledge of IP-CAN Session Establishment) PCC Rule for Default bearer(QCI=9, ARP=1, APN- AMBR(UL/DL)=50Mbps/100Mbps, Offline, TFT(UL/DL)) IMSI, Initial Request, APN=jionet 11. Attach Accept(Activate Default EPS bearer Context Request) APN=jionet, UE-IP, Default Bearer QoS(QCI=9, ARP=1, UE-AMBR(ULAPN- AMBR(UL)=50Mbps, TFT(UL)=(UE IP, *, SIP, *, UDP), PCO, GUTI, TAI-list 12. Policy Enforcement 13. Attach Complete(Activate Default Bearer Context Accept) 14. Modify Bearer Request 15. Modify Bearer Response Default Bearer(QCI=9) Bearer ID Location Update 9. Policy Enforcement 10. Create Session Response UE-IP, Default bearer QoS(QCI=9, ARP=1, APN-AMBR(UL)=50Mbps, TFT(UL)=(UE IP, *, SIP, *, UDP) OCS 9.1 CCR (Indication of Session, APN=JioNet) 9.2 CCA (Ack of session, APN=JioNet) Steps after Attach Request are : 1. Authentication 2. Security Mode 3. Identity Check 4. Update Location 5. Create Session 6. Attach Accept 7. UE capability 8. Modify Bearer ASIUCAUM
30 Samsung Confidential and Proprietary Information. All Contents Copyright ⓒ 2011 Samsung Electronics Co., Ltd. RJIL PDN Connectivity Request (APN=ims) OCS 4.1 CCR & CCA to/from PCRF, APN=ims) PCRF 4.2 CCR & CCA to/from OCS, APN=ims) PCO : Protocol Configuration Option is used to allocate the PCSCF domain name /IP address DNS : Domain Name Server translates hostname into IP address PCO option is used by UE during PDP context activation to request for P_CSCF address, DNS server details etc Steps after Modify Bearer are : 1. PDN Request 2. Create Session 3. Activate Bearer 4. Modify Bearer Modify Bearer Request Modify Bearer Response Not configured PCAM
2015 © Samsung Electronics 31 2015 © Samsung Electronics 31 VoLTE - UE Attachment and IMS Registration message UAR : User Authorization Request, UAA : User Authorization Answer MAR : Multimedia Authorization Request, MAA : Multimedia Authorization Answer UDR : Update Data Request, UDA : Update Data Answer SAR : Server Authorization Request, SAA : Server Authorization Answer Auth Challenge Steps after Modify Bearer are : 1. REGISTER 2. Authorization 3. 401 Unauthorized 4. REGISTER 5. Authorization 6. 200 OK RA4RA2
2015 © Samsung Electronics 32 2015 © Samsung Electronics 32  "Signalling Radio Bearers" (SRBs) are defined as Radio Bearers (RB) that are used only for the transmission of RRC and NAS messages. More specifically, the following three SRBs are defined:  SRB0 is for RRC messages using the CCCH logical channel;  SRB1 is for RRC messages (which may include a piggybacked NAS message) as well as for NAS messages prior to the establishment of SRB2, all using DCCH logical channel;  SRB2 is for RRC messages which include logged measurement information as well as for NAS messages, all using DCCH logical channel. SRB2 has a lower-priority than SRB1 and is always configured by E-UTRAN after security activation.  Once security is activated, all RRC messages on SRB1 and SRB2, including those containing NAS or non-3GPP messages, are integrity protected and ciphered by PDCP. NAS independently applies integrity protection and ciphering to the NAS messages SRB
2015 © Samsung Electronics 33 2015 © Samsung Electronics 33 LTE SRB Type Direction RRC message RLC Mode LTE SRB0 (CCCH) Downlink RRC Connection Setup RRC Connection Reject RRC Connection Re-establishment RRC Connection Re-establishment reject Transparent Uplink RRC Connection Request RRC Connection Re-esblishment Request LTE SRB1(DCCH) Downlink RRC Connection Reconfiguration RRC Connection Release Security Mode Command UE Capability Enquiry DL information transfer(if no SRB-2) Mobility from EUTRA Command Handover from EUTRA preparation request CS Fallback parameter response CDMA2000 Counter Check Acknowledged Uplink RRC Connection Setup Complete Security Mode Complete Security Mode Failure RRC Connection Reconfiguration Complete RRC Connection Re-establishment Complete Measurement report UE Capability information UL Information Transfer(if no SRB2) UL handover preparation transfer CS fallback parameters request CDMA2000 Counter Check response LTE SRB2 (DCCH) Downlink DL Information Transfer Uplink UL Information Transfer SRB
2015 © Samsung Electronics 34 2015 © Samsung Electronics 34 Message RB Lo CH LoCH No LCID MIB - BCCH 0 - SIB 1 - BCCH 1 - SIB 2 - BCCH 1 - RRC : PRACH Preamble - - - - RRC : RACH Response - - - - RRC : RRC Connection Request SRB0 UL CCCH 0 0 RRC : RRC Connection Setup SRB0 DL CCCH 0 0 RRC : RRC Connection Setup Complete + NAS : Attach Request + ESM : PDN Connectivity Request SRB1 UL DCCH 0 1 RRC : DL Information Transfer + NAS : Authentication Request SRB1 DL DCCH 0 1 RRC : UL Information Transfer + NAS : Authentication Response SRB1 UL DCCH 0 1 RRC : DL Information Transfer + NAS : Security Mode Command SRB1 DL DCCH 0 1 RRC : UL Information Transfer + NAS : Security Mode Complete SRB1 UL DCCH 0 1 RRC : Security Mode Command SRB1 DL DCCH 0 1 RRC : Security Mode Complete SRB1 UL DCCH 0 1 RRC : RRC Connection Reconfiguration SRB1 DL DCCH 0 1 RRC : RRC Connection Reconfiguration Complete SRB1 UL DCCH 0 1 RRC : UL InformationTransfer + NAS : Attach Complete + NAS : Activate Default EPS Bearer SRB2 UL DCCH 1 2 RRC : UL Information Transfer + ESM : PDN Connectivity Request SRB2 UL DCCH 1 2 Control Channel Mapping DRB (user) Data Radio Bearer SRB Signalling Radio Bearer
2015 © Samsung Electronics 35 2015 © Samsung Electronics 35  Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from and replaces the much less capable RADIUS protocol that preceded it.  The main features provided by Diameter but lacking in RADIUS are:  Support for SCTP  Capability negotiation  Application layer acknowledgements, Diameter defines failover methods and state machines (RFC 3539)  Extensibility; new commands can be defined  Aligned on 32-bit boundaries  A Diameter Application is not a software application but is a protocol based on the Diameter base protocol defined in RFC 6733 (Obsoletes: RFC 3588).  Each application is defined by an application identifier and can add new command codes and/or new mandatory AVPs (Attribute-Value Pair). Adding a new optional AVP does not require a new application. Diameter
LTE Attach Messages FromeNB to MME UE Capabilities for E-UTRAN IMS PS Voice preferred and CS voice as secondary
Message Details in brief (UE messages shown in Red Font) Attach Request – UE to MME over 102 VLAN (RRC Connection Set Up); contains S1AP ID allocated from eNB, Contains PDN connectivity request for Jionet APN, with IMS Voice as preferred and CS Voice as secondary 1. Authentication – MME to DRA to HSS using Diameter ID for S6a, contains IMSI, HSS replies using same Diameter Session ID with Authentication Vectors , MME sends Authentication Request (EPS Challenge Request) to UE using same S1AP ID received from eNB during Attach Request and allocates the MME end S1AP ID. Now both S1AP ID allocated (eNB side and MME side). UE then sends Authentication Response computed by it using the same S1AP IDs. 2. Security Mode – MME to UE over S1AP interface; MME sends Security Mode Command to UE using the same S1AP ID, UE replies with Security Mode Response which also includes IMEI. 3. Identity Check – MME to DRA to EIR over S13 interface; MME sends IMSI & IMEI to EIR for Identity Check through Diameter. New Diameter ID created. EIR replies stating IMEI as “white listed” 4. Update Location – MME to HSS over S6a; In case MME does not have context information of UE, Update Location is sent to HSS which then sends Cancel Location Message to old MME. HSS sends Update Location Answer to new MME using same Diameter Session ID as contained in the request – this reply contains APN details (Jionet and IMS) and three PDN types IPv4, IPv6 and IPv4/IPv6
Message Details in brief (UE messages shown in Red Font) 5. Create Session: MME to SAEGW over S11 interface; This is first GTP C message for the subscriber. GPTC TeID from MME side added. SAEGW sends CCR-I request over Gx interface to PCRF. CCA-I is received from PCRF containing the charging rules & the triggers for CCR-U towards PCRF. SAEGW sends CCR-I towards OCS over Gy interface with details of session related information. OCS replies with CCA-I. After receiving reply from both PCRF and OCS, SAEGW sends Create Session Response to MME and adds the GTPC TeID for the S11 interface (now both ends TeID created for GTPC over S11) and IPv4 and IPv6 Address allocated to UE for Jionet APN, indicates the AMBR values, adds the GTPU TeID for eNB for S1-U interface 6. Attach Accept: MME to UE using the same S1AP ID created earlier. Contains GTPU TeID for S1-U interface received from SAEGW, contains GUTI & S-TMSI. 7. UE capability: eNB to MME using already existing S1AP ID; sends UE capability for UTRAN and GERAN; eNB sends Initial Context Set Up Response to UE (Activate Default EPS Bearer Context Request) which includes the GTPU TeID for S1-U interface towards SAEGW; UE sends Attach Complete Message towards MME 8. Modify Bearer: MME sends Modify Bearer Request towards SAEGW which contains the GTPU TeID received from eNB (Now both ends TeID of GTPU are with SAEGW); SAEGW acknowledges by sending Modify Bearer Response to MME
IMS Attach Messages IMS Registration Messages
eNB S1AP ID which was allocated by eNB for this UE NAS-PDU content received from UE. InitialUEMessage, Attach Request (1/2) S1AP/NAS message from UE S1AP message from eNB Message in Hex Attach Request from UE to MME VLAN 102
Attach Request – Voice Preference (2/2) FromUE to MME IMS PS Voice preferred and CS voice as secondary VLAN 102
Authentication Information Request from MME to HSS AIR message from MME DRA HSS Diameter session ID for S6a Interface IMSI Authentication Request from MME to HSS
Authentication Vectors Authentication Information Answer from HSS to MME AIA message from HSS  DRA MME Same session ID
EPS Challenge towards UE Authentication Request Same eNB S1AP ID as received in Attach Request MME sends the Allocated MME S1AP ID Authentication Request from MME to UE Now both UE S1AP Ids are created from eNB side and MME side
eNB and MME S1AP ID’s Response calculated by UE Authentication Response Authentication Response from UE to MME Same UE S1AP Ids created from eNB side and MME side are used
Security Mode Command Security Capability related From MME to UE
Security Mode Complete FromUE to MME Contains IMEI
IMEI Check MME  DRA  EIR ME Identity Check Request Diameter Session ID for S 13 IMSI IMEI ME Identity from MME to EIR
IMEI Check Response EIR -> DRA -> MME ME Identity Check Answer White Listed ME Identity Response from EIR to MME Same Session ID
ULR message from MME -> DRA -> HSS Update Location Request Update Location Request is sent when MME does not have the context information for the UE Diameter Session ID for S6a Update Location Request from MME to HSS IMSI
CLR to Old MME to delete the UE Context HSS-> DRA -> Old MME Cancel Location Request to old MME
ULA message with subscription data HSS -> DRA -> new MME Update Location Answer to new MME APN Information is sent Same Diameter Session ID for S6a as contained in request
APN Profile in Update Location Answer Jionet IMS APN Three PDN types IpV4, IpV6 and IPv4v6
S11 MME GTP-C Teid Create Session Request First GTP-C message for this subscriber, so GW GTP-C Teid is ‘0’ From MME to Gateway (SAEGW) IMSI Can contain - Three PDN types IpV4, IpV6 and IPv4v6
CCR-I SAEGW(PCEF) -> DRA -> PCRF Credit Control Request –Gx(CCR - I) From PGW to PCRF over Gx Diameter Gx Session ID Subscription ID contains IMSI
CCA-I PCRF -> DRA -> SAEGW(PCEF) Credit Control Answer – Gx(CCA-I) Event Triggers for CCR-U towards PCRF Charging Rule Names Trigger for ECGI change can be added Same Session ID
CCR –I (Gy) SAEGW -> DRA -> OCS Credit Control Request – Gy(CCR-I) Session Related Info Sent to OCS Gy Interface Diameter Session ID for Gy Interface
CCA-I (Gy) OCS -> DRA -> SAEGW Credit Control Answer – Gy(CCA-I)
IPv4 and IPv6 Address allocated to UE Create Session Response SGW GTP-c Teid SGW GTP-U Teid From SAEGW to MME after receipt of CCA from OCS TeID already received by SAEGW SAEGW adds its GTP C TeID GTP C both ends TeID complete SAEGW adds its GTP U TeID to eNB Aggregate MBR values for Jionet APN
S1AP Attach Accept S1AP Attach Accept MME -> eNB GUTI Value Allocated To UE GW GTP U TeID S-TMSI Allocated = MME Code + M- TMSI
UE Capability Info Indication FromeNB to MME UE Capabilities for E-UTRAN UE Capabilities for geran-cs UE Capabilities for geran-ps
eNB GTP-U Teid S1AP Initial Context Setup Response Initial Context Seutp Response eNB -> MME
S1AP Attach Complete From UE to MME
CCA-I (Gy) OCS -> DRA -> SAEGW Gtpv2 Modify Bearer Request GTP-C Teid of GW S1-U eNB GTP-U Teid From MME to SAEGW for Default Bearer
S1U SGW GTP-U Teid Gtpv2 Modify Bearer Response GTP-C Teid of MME From SAEGW to MME for Default Bearer
IMS Attach
Message Details in brief (UE messages shown in Red Font) 1. PDN Connectivity Request for IMS APN – UE to MME; uses the same S1 AP ID already created ; indicates PDN connectivity type as IPv4 or IPv6 or IPV4/IPv6; requests details of P CSCF and DNS Server; 2. Create Session: MME to SAEGW using the GTPC TeID already defined; This contains the GTPC TeID from MME; SAEGW sends CCR U message to PCRF over Gx interface; New Diameter Session ID created for IMS APN; This message contains details of IMSI & MSISDN and the IPv4 & IPv6 address allotted to IMS APN; PCRF replies with CCA I which contains charging rule and event triggers to sent CCR U; SAEGW then sends Create Session Response to MME with GTPC TeID of SGW & PGW for QCI 5 and the Primary & Secondary IPv4 & IPv6 address of P-CSCF and the IP Address of DNS and the IPv4 & IPv6 address allocated to IMS APN and the SAEGW TeIDs for S1-U traffic 3. Attach Accept: MME to ENB ; MME sends S1 ERAB Set Up Request to eNB and Activate Default Bearer Context Request to UE; Message also contains the the IP address for IMS APN for UE and AMBR values for IMS APN. The eNB sends ERAB Set Up Response containing the GTPU TeIDs for S1 U for QCI 5; Now both ends of GTPU TeID defined for QCI 5; UE sends Activate Default Bearer Context Accept. 4. Modify Bearer: MME to SAEGW; MME sends Modify Bearer Request which contains details of the eNB GTP TeID for S1 U for QCI 5; SAEGW sends Modify Bearer Accept. Now QCI 5 bearer is established and data can start flowing.
IMS Attach Messages IMS Registration Messages
S1AP PDN Connectivity Request [1/2] Same MME- UE-S1AP-ID Same ENB- UE-S1AP-ID S1AP PDN Connectivity Request for IMS APN UE to MME
S1AP PDN Connectivity Request [2/2] S1AP PDN Connectivity Request for IMS APN APN: IMS Requesting Details of DNS and P-CSCF Address UE to MME Three PDN types IpV4, IpV6 and IPv4v6
Create Session Request for IMS APN GTPv2 Create Session Request APN: IMS IMSI: same GTP-C Teid of MME GW GTP-C Teid allocated before MME to SAEGW
CCR-I for IMS Session on Gx Interface CCR-I for IMS Apn on Gx Interface SAEGW(PCEF)  DRA  PCRF Subscription ID contains IMSI and MSISDN Diameter Gx Session ID for IMS APN IPv4 and V6 Address allocated to IMS APN This is new Diameter Session ID allocated for IMS. This is not the same ID which has been used for Jionet SAEGW to PCRF
CCA-I for IMS Session on Gx Interface CCA-I for IMS Apn in Gx Interface PCRF  DRA  PCEF(SAEGW) Charging Rule Name Event Triggers about when to send CCR-U Same IMS Diameter Session ID of Gx Interface used in Request message(CCR-I)
Create Session Response for IMS APN [1/3] GTPv2 Create Session Response Bearer ID for IMS EBI - 6 GTP-C Teid of SGW and PGW MME GTP-C Teid allocated before SAEGW to MME EBI 5 is allocated to Jionet and EBI 6 for IMS based on availability
Create Session Response for IMS APN [2/3] GTPv2 Create Session Response Primary and Secondary IPV4 P- CSCF Address (since only IPv4 configured) IPv4 and IPv6 Address allocated for IMS APN If available, IPv6 P-CSCF address can also be given by SAEGW SAEGW to MME UE is allocated two sets of IP Addresses – one for Jionet APN and second for IMS APN The UE would be allocated IPv4 or IPv6 or IPv4v6 based on initial request, configuration in HSS and PGW. Final decision on allocation by PGW . For usage Ipv6 would be preferred if available on both UE and Network side DNS IP which UE has to Use
Create Session Response for IMS APN [3/3] GTPv2 Create Session Response S1-U SGW and S5/S8 PGW GTP- U Teid’s for User Plane Packet's QOS for EBI-6 bearer QCI -5 SAEGW to MME
S1AP E-RAB Setup, Activate default EPS… [1/3] S1AP E-RAB Setup Request S1AP E-RAB Setup Request which contains EBI-6 QOS details One message contains S1AP E-RAB Setup Request & NAS Activate default EPS bearer Context Request MME to eNode B
S1AP E-RAB Setup, Activate default EPS… [2/2] NAS Activate default EPS bearer Context Request NAS PDU towards UE QCI -5 EBI-6 Only last 64 bits of IPv6 Address and IPv4 Address Aggregate MBR values for IMS APN MME to UE
S1AP E-RAB Setup Response S1AP E-RAB Setup Response S1AP Message from eNB EBI-6 GTP-U Fteid details of eNB eNode B to MME
S1AP/NAS Activate default EPS bearer context accept Activate Default EPS bearer context accept NAS Message from UE Accept message from UE UE to MME
Gtpv2 Modify Bearer Request for Ebi-6 Modify Bearer Request GTP-U Fteid of eNB MME to SAEGW
Gtpv2 Modify Bearer Response for Ebi-6 Modify Bearer Response GTP-U Fteid of SGW Request Accepted Now the GTP-U teid’s of eNB and GW are known at both sides. User data transfer can flow now. SAEGW to MME
TCP SYN
TCP 3-Way Handshake A three-way-handshake is a method used in a TCP/IP network to create a Reliable Connection between a client and server. It is a three-step method that requires both client and server to exchange SYN and ACK (acknowledgment) packets before actual data communication begins. A three-way-handshake is also known as a TCP handshake.
TCP SYN When Client wants to initiate a connection with Server, Client sends a segment with SYN(Synchronize Sequence Number). This segment will inform the Server that Client would like to start a communication with Server and informs that with what sequence number it will start its segments with. Note: Sequence Numbers are mainly used to keep data in order.
TCP SYN –ACK Now Server will respond to Client with "Acknowledgment" (ACK) and SYN bits set. Here Servers ACK segment does two things; they are as below 1. It acknowledges Client’s SYN segment. 2. It informs Client that what sequence number it will start its data with.
TCP ACK Now finally Client Acknowledges Server’s initial sequence Number and in its ACK signal. And then Client will start the actual data transfer. Note: Initial Sequence Numbers are randomly selected while initiating connections between two machines.
IMS REGISTRATION using QCI 5 Bearer already created A different subscriber taken as example CCR: Credit Control Request , CCA: Credit Control Answer UAR : User Authorization Request, UAA : User Authorization Answer MAR : Multimedia Authorization Request, MAA : Multimedia Authorization Answer UDR : Update Data Request, UDA : Update Data Answer SAR : Server Authorization Request, SAA : Server Authorization Answer
Message Details in brief(UE messages shown in Red Font) 1. REGISTER: UE to P CSCF; contains the IP Address allocated for IMS APN to UE and IP address of P CSCF received via PCO Options and the SIP Call ID used for Registration; P CSCF sends REGISTER Message to ICSCF : contains the Public User Identity which generally starts with sip: or tel: 2. Authorization: ICSCF sends UAR message to HSS; HSS replies with UAA to I CSCF; I- CSCF forwards the SIP Register message to the S-CSCF address received from HSS; S CSCF then sends MAR to HSS requesting Authentication Vectors for Multimedia session from HSS. HSS replies with MAA; 3. 401 Unauthorized: From S CSCF to P CSCF to SAEGW to UE; Contains SIP Authorization parameters received from HSS and uses the same Call ID as received in the REGISTER Message; 4. REGISTER: UE sends second REGISTER to SAEGW to P CSCF to S CSCF using same Call ID; This contains the Authentication Response based on the keys received in 401 Unauthorized 5. Authorization: S-CSCF Sends the REGISTER Message to I CSCF; I-CSCF (SCFX in NSN) sends UAA to HSS and again asks HSS about which S CSCF (S-CFX) to use; HSS replies with UAA to I CSCF; I-CSCF forwards the SIP Register message to the S-CSCF address received from HSS; S CSCF sends SAR to HSS and Updates HSS that the user is authenticated and asks to provide the subscription Information; S-CSCF request HSS to map the subscriber to the mentioned S-CSCF server name; HSS replies with SAA which contains charging information and identities present in HSS for the subscriber; 6. 200 OK: S- CSCF to P CSSF to SAEGW to UE; uses the same Call ID; After this message is received we can see the two Horizontal BARS symbols for IMS in UE
IMS Attach Messages IMS Registration Messages
SIP REGISTER (Unprotected) SIP Register(Unprotected) SIP Call ID used for Registration process P-CSCF Address received i PCO options IPv6 Address allocated to IMS APN SIP “Via” header contains Transport, Last SIP hop and transaction ID Expiry Value for SIP Transaction Private Identity of the user Used in Authentication Request A different subscriber taken as example UE to P CSCF
SIP REGISTER (Unprotected) from P-CSCF to I-CSCF SIP Register(Unprotected) REGISTER message One more “Via” header added about p-cscf route Content of the Message will not be modified, rather new headers like Via and IMS related will be added. From: contains the Public User Identity Generally starts with sip: or tel:
User Authorization Request (I-CSCF to HSS) User Authorization Request SCFX  DRA  HSS New Diameter Session ID allocated by I-CSCF User Name Contains IMSI
User Authorization Answer (HSS to I-CSCF) User Authorization Response HSS  DRA  SCFX S-CSCF address Result as Diameter Subsequent Registration I-CSCF forwards the SIP Register message to the S-CSCF address received from HSS
Multimedia Auth Request (S-CSCF to HSS) Requesting Authentication Vectors for Multimedia session from HSS. Requested Authentication Vectors : 5 New diameter Session ID allocated by S-CSCF
Multimedia Auth Answer (HSS to S-CSCF) Received SIP Auth Items : 1 Same diameter session ID used for MAR
SIP 401 Unauthorized (S-CSCF  P-CSCF  SAEGW UE) SIP Auth parameters Received from HSS Same SIP Call ID used in REGISTER message “Via” header used for routing purposes
SIP Register (2nd ) (UE -> SAEGW -> PCFX -> SCFX) Same SIP Call ID Authentication Response based on the keys received in 401 Unauthorized
User Authorization Request ( 2nd time) New Diameter Session ID again I-CSCF(SCFX in NSN) again asks HSS about which S-CFX to use
User Authorization Answer(HSS  I-CSCF) S-CSCF Server name I-CSCF forwards the SIP Register message to the S-CSCF address received from HSS
Server Assignment Request (S-CSCF  DRA  HSS) S-CSCF Server name S-CSCF Updates HSS that user is authenticated and asks to provide the subscription Information
Server Assignment Answer (HSS  DRA  S-CSCF) Identities present in HSS for this subscriber S-CSCF request HSS to map the subscriber to the mentioned S-CSCF server name Charging Information
200 Ok for SIP Register (S-CSCF  P-CSCF  SAEGW  UE) SIP Call ID Used for registration process After this message is received we can see the two Horizontal BARS symbols for IMS in UE Public Identity for the user for next transactions
Modify bearer request *is initiated by MME/S4-SGSN and/or from S-GW to P-GW* Here you are not adding or deleting any resources/bearers. This message is used when there is no change on allocated bearers, Only the cause is user is moving from one place to another. Basically Radio Part is changing. This information MME should inform to all Core Network Elements (S-GW) and it helps them to attain the resources and handovers case too. It will just modify the bearers. After getting the response of Modify Bearer Request it indicates that User Plane is ready to carry the user data as Control plane is done and now data can flow in between E-UTRAN and S-GW. Update Bearer Request: *is initiated by P-GW to S-GW and/or from S-GW to MME/S4- SGSN* I want to explain here with example. Suppose you are playing a online game in your Mobile. It requires a promised speed to avoid the delay and you are subscribed for that too. Now suddenly you got to know that you have to send a mail to your boss but you don't want to close your game. For this purpose you need more resources. Here Update Procedure will come. You already have dedicated bearers with you. Your packet forwarding is happening through P-GW but you need more resources. In this case P-GW will initiate the message Update Bearer Request.
DRIVE TEST LOGS
2015 © Samsung Electronics 106 Attach Procedure
2015 © Samsung Electronics 107 Attach Procedure T300 stops in UE T300 starts in UE (200ms) Timer starts in eNB : RRC_CONNECTION_SETUP (1000 ms) Timer stops in eNB : RRC_CONNECTION_SETUP Timer Stops at UE : S1_INITIAL_CONTEXT_SETUP Timer Starts at UE : S1_INITIAL_CONTEXT_SETUP = 10000 ms
2015 © Samsung Electronics 108 Attach Procedure RRC Connection Reconfiguration message including EPS Radio Bearer Identity and Attach Accept message; UE sends Uplink Information Transfer message to the eNodeB which includes the Attach Complete message
2015 © Samsung Electronics 109 Attach Procedure RRC Connection Reconfiguration message including EPS Radio Bearer Identity and Attach Accept message; UE sends Uplink Information Transfer message to the eNodeB which includes the Attach Complete message Timer starts in eNB : RRC_CONNECTION_RECONFIG = 1500 ms Timer stops in eNB : RRC_CONNECTION_RECONFIG = 1500 ms Timer starts in eNB : RRC_SECURITY_MODE_COMMAND = 2000 ms Timer stops in eNB : RRC_SECURITY_MODE_COMMAND Timer starts in eNB : RRC_UE_CAPABILITY_ENQUIRY[ms] = 2000
Attach Request (RACH third Message) ASIUCAUM EPC ATTACH PDN connectivity Request for Jionet APN
Security Attach Accept & Activate Default Bearer ASIUCAUM Attach Accept and Default EPS Bearer Request QCI 9 EPC ATTACH UE Capability Information Authentication Request Authentication Response
Attach Complete / Default EPS Bearer QCI 9 accept PDN Connectivity Request to IMS Default Bearer Accept QCI 5 PCAM IMS ATTACH
REGISTER 401 Unauthorized REGISTER 200 OK RA4RA2 SUBSCRIBE 200 OK NOTIFY 200 OK IMS REGISTRATION TCP SYNC SIP MESSAGES WOULD START AFTER TCP SYN
INVITE 100 TRYING 183 Session in Progress PRACK 200 OK
Attach flow & srb

Recommended

NSA Mobility Managment.pptx
NSA Mobility Managment.pptxNSA Mobility Managment.pptx
NSA Mobility Managment.pptx
ErayUyanik
 
Chap 4. call processing and handover.eng
Chap 4. call processing and handover.engChap 4. call processing and handover.eng
Chap 4. call processing and handover.eng
sivakumar D
 
395317358-LTE-Resource-Usage-Optimization.pptx
395317358-LTE-Resource-Usage-Optimization.pptx395317358-LTE-Resource-Usage-Optimization.pptx
395317358-LTE-Resource-Usage-Optimization.pptx
SudheeraIndrajith
 
Lte default and dedicated bearer / VoLTE
Lte default and dedicated bearer / VoLTELte default and dedicated bearer / VoLTE
Lte default and dedicated bearer / VoLTE
manish_sapra
 
LTE RADIO PROTOCOLS
LTE RADIO PROTOCOLSLTE RADIO PROTOCOLS
LTE RADIO PROTOCOLS
brkavyashree
 
CS Services in LTE
CS Services in LTECS Services in LTE
CS Services in LTE
Darshan Patil
 
UMTS/LTE/EPC Call Flows for CSFB
UMTS/LTE/EPC Call Flows for CSFBUMTS/LTE/EPC Call Flows for CSFB
UMTS/LTE/EPC Call Flows for CSFB
Justin MA (馬嘉昌)
 
Connection management
Connection managementConnection management
Connection management
Muhammad Shehzad Ashraf
 

Recommended

NSA Mobility Managment.pptx
NSA Mobility Managment.pptxNSA Mobility Managment.pptx
NSA Mobility Managment.pptx
ErayUyanik
 
Chap 4. call processing and handover.eng
Chap 4. call processing and handover.engChap 4. call processing and handover.eng
Chap 4. call processing and handover.eng
sivakumar D
 
395317358-LTE-Resource-Usage-Optimization.pptx
395317358-LTE-Resource-Usage-Optimization.pptx395317358-LTE-Resource-Usage-Optimization.pptx
395317358-LTE-Resource-Usage-Optimization.pptx
SudheeraIndrajith
 
Lte default and dedicated bearer / VoLTE
Lte default and dedicated bearer / VoLTELte default and dedicated bearer / VoLTE
Lte default and dedicated bearer / VoLTE
manish_sapra
 
LTE RADIO PROTOCOLS
LTE RADIO PROTOCOLSLTE RADIO PROTOCOLS
LTE RADIO PROTOCOLS
brkavyashree
 
CS Services in LTE
CS Services in LTECS Services in LTE
CS Services in LTE
Darshan Patil
 
UMTS/LTE/EPC Call Flows for CSFB
UMTS/LTE/EPC Call Flows for CSFBUMTS/LTE/EPC Call Flows for CSFB
UMTS/LTE/EPC Call Flows for CSFB
Justin MA (馬嘉昌)
 
Connection management
Connection managementConnection management
Connection management
Muhammad Shehzad Ashraf
 
5g-Air-Interface-pptx.pptx
5g-Air-Interface-pptx.pptx5g-Air-Interface-pptx.pptx
5g-Air-Interface-pptx.pptx
Murali Munagapati
 
LTE Training Course
LTE Training CourseLTE Training Course
LTE Training Course
ChiehChun
 
LTE1617 RLF Triggered Handover.pptx
LTE1617 RLF Triggered Handover.pptxLTE1617 RLF Triggered Handover.pptx
LTE1617 RLF Triggered Handover.pptx
kuldeep288490
 
LTE Call Processing and Handover
LTE Call Processing and HandoverLTE Call Processing and Handover
LTE Call Processing and Handover
Sitha Sok
 
06a_LTE mobility management v1_0.ppt
06a_LTE mobility management v1_0.ppt06a_LTE mobility management v1_0.ppt
06a_LTE mobility management v1_0.ppt
ssuser022794
 
VoLTE optimization.pdf
VoLTE optimization.pdfVoLTE optimization.pdf
VoLTE optimization.pdf
RakhiJadav1
 
Cs fallback feature
Cs fallback featureCs fallback feature
Cs fallback feature
Achmad Salsabil
 
Lte signaling
Lte signalingLte signaling
Lte signaling
Mansour Naslcheraghi
 
VoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack ExplainedVoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack Explained
Vikas Shokeen
 
Volte troubleshooting
Volte troubleshootingVolte troubleshooting
Volte troubleshooting
Jamil Awan
 
Simplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach ProcedureSimplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach Procedure
3G4G
 
Ericsson important optimization parameters
Ericsson important optimization parametersEricsson important optimization parameters
Ericsson important optimization parameters
Pagla Knight
 
dokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.ppt
dokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.pptdokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.ppt
dokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.ppt
LibaBali
 
Lte basic parameters
Lte basic parametersLte basic parameters
Lte basic parameters
Linh Phạm
 
Lte system signaling procedures
Lte system signaling proceduresLte system signaling procedures
Lte system signaling procedures
tharinduwije
 
AIRCOM LTE Webinar 2 - Air Interface
AIRCOM LTE Webinar 2 - Air InterfaceAIRCOM LTE Webinar 2 - Air Interface
AIRCOM LTE Webinar 2 - Air Interface
AIRCOM International
 
Initial LTE call Setup Flow
Initial LTE call Setup FlowInitial LTE call Setup Flow
Initial LTE call Setup Flow
assinha
 
LTE KPIs and Formulae
LTE KPIs and FormulaeLTE KPIs and Formulae
LTE KPIs and Formulae
Mradul Nagpal
 
Rach procedure in lte
Rach procedure in lteRach procedure in lte
Rach procedure in lte
Saurav Banerjee
 
3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)
Dattaraj Pangam
 
AIRCOM LTE Webinar 1 - Network Architecture
AIRCOM LTE Webinar 1 - Network ArchitectureAIRCOM LTE Webinar 1 - Network Architecture
AIRCOM LTE Webinar 1 - Network Architecture
AIRCOM International
 
4G and 5G network security techniques and algorithms.pdf
4G and 5G network security techniques and algorithms.pdf4G and 5G network security techniques and algorithms.pdf
4G and 5G network security techniques and algorithms.pdf
ssuser989b18
 

More Related Content

What's hot

5g-Air-Interface-pptx.pptx
5g-Air-Interface-pptx.pptx5g-Air-Interface-pptx.pptx
5g-Air-Interface-pptx.pptx
Murali Munagapati
 
LTE Training Course
LTE Training CourseLTE Training Course
LTE Training Course
ChiehChun
 
LTE1617 RLF Triggered Handover.pptx
LTE1617 RLF Triggered Handover.pptxLTE1617 RLF Triggered Handover.pptx
LTE1617 RLF Triggered Handover.pptx
kuldeep288490
 
LTE Call Processing and Handover
LTE Call Processing and HandoverLTE Call Processing and Handover
LTE Call Processing and Handover
Sitha Sok
 
06a_LTE mobility management v1_0.ppt
06a_LTE mobility management v1_0.ppt06a_LTE mobility management v1_0.ppt
06a_LTE mobility management v1_0.ppt
ssuser022794
 
VoLTE optimization.pdf
VoLTE optimization.pdfVoLTE optimization.pdf
VoLTE optimization.pdf
RakhiJadav1
 
Cs fallback feature
Cs fallback featureCs fallback feature
Cs fallback feature
Achmad Salsabil
 
Lte signaling
Lte signalingLte signaling
Lte signaling
Mansour Naslcheraghi
 
VoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack ExplainedVoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack Explained
Vikas Shokeen
 
Volte troubleshooting
Volte troubleshootingVolte troubleshooting
Volte troubleshooting
Jamil Awan
 
Simplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach ProcedureSimplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach Procedure
3G4G
 
Ericsson important optimization parameters
Ericsson important optimization parametersEricsson important optimization parameters
Ericsson important optimization parameters
Pagla Knight
 
dokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.ppt
dokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.pptdokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.ppt
dokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.ppt
LibaBali
 
Lte basic parameters
Lte basic parametersLte basic parameters
Lte basic parameters
Linh Phạm
 
Lte system signaling procedures
Lte system signaling proceduresLte system signaling procedures
Lte system signaling procedures
tharinduwije
 
AIRCOM LTE Webinar 2 - Air Interface
AIRCOM LTE Webinar 2 - Air InterfaceAIRCOM LTE Webinar 2 - Air Interface
AIRCOM LTE Webinar 2 - Air Interface
AIRCOM International
 
Initial LTE call Setup Flow
Initial LTE call Setup FlowInitial LTE call Setup Flow
Initial LTE call Setup Flow
assinha
 
LTE KPIs and Formulae
LTE KPIs and FormulaeLTE KPIs and Formulae
LTE KPIs and Formulae
Mradul Nagpal
 
Rach procedure in lte
Rach procedure in lteRach procedure in lte
Rach procedure in lte
Saurav Banerjee
 
3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)
Dattaraj Pangam
 

What's hot (20)

5g-Air-Interface-pptx.pptx
5g-Air-Interface-pptx.pptx5g-Air-Interface-pptx.pptx
5g-Air-Interface-pptx.pptx
 
LTE Training Course
LTE Training CourseLTE Training Course
LTE Training Course
 
LTE1617 RLF Triggered Handover.pptx
LTE1617 RLF Triggered Handover.pptxLTE1617 RLF Triggered Handover.pptx
LTE1617 RLF Triggered Handover.pptx
 
LTE Call Processing and Handover
LTE Call Processing and HandoverLTE Call Processing and Handover
LTE Call Processing and Handover
 
06a_LTE mobility management v1_0.ppt
06a_LTE mobility management v1_0.ppt06a_LTE mobility management v1_0.ppt
06a_LTE mobility management v1_0.ppt
 
VoLTE optimization.pdf
VoLTE optimization.pdfVoLTE optimization.pdf
VoLTE optimization.pdf
 
Cs fallback feature
Cs fallback featureCs fallback feature
Cs fallback feature
 
Lte signaling
Lte signalingLte signaling
Lte signaling
 
VoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack ExplainedVoLTE Interfaces , Protocols & IMS Stack Explained
VoLTE Interfaces , Protocols & IMS Stack Explained
 
Volte troubleshooting
Volte troubleshootingVolte troubleshooting
Volte troubleshooting
 
Simplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach ProcedureSimplified Call Flow Signaling: Registration - The Attach Procedure
Simplified Call Flow Signaling: Registration - The Attach Procedure
 
Ericsson important optimization parameters
Ericsson important optimization parametersEricsson important optimization parameters
Ericsson important optimization parameters
 
dokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.ppt
dokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.pptdokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.ppt
dokumen.tips_ericsson-lte-throughput-troubleshooting-techniquesppt.ppt
 
Lte basic parameters
Lte basic parametersLte basic parameters
Lte basic parameters
 
Lte system signaling procedures
Lte system signaling proceduresLte system signaling procedures
Lte system signaling procedures
 
AIRCOM LTE Webinar 2 - Air Interface
AIRCOM LTE Webinar 2 - Air InterfaceAIRCOM LTE Webinar 2 - Air Interface
AIRCOM LTE Webinar 2 - Air Interface
 
Initial LTE call Setup Flow
Initial LTE call Setup FlowInitial LTE call Setup Flow
Initial LTE call Setup Flow
 
LTE KPIs and Formulae
LTE KPIs and FormulaeLTE KPIs and Formulae
LTE KPIs and Formulae
 
Rach procedure in lte
Rach procedure in lteRach procedure in lte
Rach procedure in lte
 
3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)3 lte mac_rrc(조봉열)
3 lte mac_rrc(조봉열)
 

Similar to Attach flow & srb

AIRCOM LTE Webinar 1 - Network Architecture
AIRCOM LTE Webinar 1 - Network ArchitectureAIRCOM LTE Webinar 1 - Network Architecture
AIRCOM LTE Webinar 1 - Network Architecture
AIRCOM International
 
4G and 5G network security techniques and algorithms.pdf
4G and 5G network security techniques and algorithms.pdf4G and 5G network security techniques and algorithms.pdf
4G and 5G network security techniques and algorithms.pdf
ssuser989b18
 
LTE-Network-Planning-Huawei-Technologies EMERSON EDUARDO RODRIGUES
LTE-Network-Planning-Huawei-Technologies EMERSON EDUARDO RODRIGUESLTE-Network-Planning-Huawei-Technologies EMERSON EDUARDO RODRIGUES
LTE-Network-Planning-Huawei-Technologies EMERSON EDUARDO RODRIGUES
EMERSON EDUARDO RODRIGUES
 
Lte questions adv
Lte questions advLte questions adv
Lte questions adv
Kehinde Yussuf
 
LTE network: How it all comes together architecture technical poster
LTE network: How it all comes together architecture technical posterLTE network: How it all comes together architecture technical poster
LTE network: How it all comes together architecture technical poster
David Swift
 
Best practices-lte-call-flow-guide
Best practices-lte-call-flow-guideBest practices-lte-call-flow-guide
Best practices-lte-call-flow-guideMorg
 
Lte call flows_att_best_practices_lte_pe
Lte call flows_att_best_practices_lte_peLte call flows_att_best_practices_lte_pe
Lte call flows_att_best_practices_lte_pe
Hatim100
 
5.2 qos priority_preemption-alu
5.2 qos priority_preemption-alu5.2 qos priority_preemption-alu
5.2 qos priority_preemption-alu
Milind Gunjan
 
LTE, System Architecture Evolution
LTE, System Architecture EvolutionLTE, System Architecture Evolution
LTE, System Architecture Evolution
Yousef Zanjireh
 
System Architecture Evolution- overview
System Architecture Evolution- overviewSystem Architecture Evolution- overview
System Architecture Evolution- overview
Yousef Zanjireh
 
AIRCOM LTE Webinar 3 - LTE Carriers
AIRCOM LTE Webinar 3 - LTE CarriersAIRCOM LTE Webinar 3 - LTE Carriers
AIRCOM LTE Webinar 3 - LTE Carriers
AIRCOM International
 
Lte network planning_huawei_pdf
Lte network planning_huawei_pdfLte network planning_huawei_pdf
Lte network planning_huawei_pdf
NumanKapsal
 
LTE_poster.pdf
LTE_poster.pdfLTE_poster.pdf
LTE_poster.pdf
LibaBali
 
EWSD Switching Systems
EWSD Switching Systems EWSD Switching Systems
EWSD Switching Systems
Arun Rajput
 
Lte network planning huawei technologies
Lte network planning huawei technologiesLte network planning huawei technologies
Lte network planning huawei technologies
Chaudary Imran
 
Aug12 sridhar
Aug12 sridharAug12 sridhar
Aug12 sridhar
Hossein Abbasi
 
LTE KPI and PI Formula_NOKIA.pdf
LTE KPI and PI Formula_NOKIA.pdfLTE KPI and PI Formula_NOKIA.pdf
LTE KPI and PI Formula_NOKIA.pdf
VahidZibakalam3
 
Designing an 4K/UHD1 HDR OB Truck as 12G-SDI or IP-based
Designing an 4K/UHD1 HDR OB Truck as 12G-SDI or IP-basedDesigning an 4K/UHD1 HDR OB Truck as 12G-SDI or IP-based
Designing an 4K/UHD1 HDR OB Truck as 12G-SDI or IP-based
Dr. Mohieddin Moradi
 

Similar to Attach flow & srb (20)

AIRCOM LTE Webinar 1 - Network Architecture
AIRCOM LTE Webinar 1 - Network ArchitectureAIRCOM LTE Webinar 1 - Network Architecture
AIRCOM LTE Webinar 1 - Network Architecture
 
4G and 5G network security techniques and algorithms.pdf
4G and 5G network security techniques and algorithms.pdf4G and 5G network security techniques and algorithms.pdf
4G and 5G network security techniques and algorithms.pdf
 
LTE-Network-Planning-Huawei-Technologies EMERSON EDUARDO RODRIGUES
LTE-Network-Planning-Huawei-Technologies EMERSON EDUARDO RODRIGUESLTE-Network-Planning-Huawei-Technologies EMERSON EDUARDO RODRIGUES
LTE-Network-Planning-Huawei-Technologies EMERSON EDUARDO RODRIGUES
 
Lte questions adv
Lte questions advLte questions adv
Lte questions adv
 
LTE network: How it all comes together architecture technical poster
LTE network: How it all comes together architecture technical posterLTE network: How it all comes together architecture technical poster
LTE network: How it all comes together architecture technical poster
 
Best practices-lte-call-flow-guide
Best practices-lte-call-flow-guideBest practices-lte-call-flow-guide
Best practices-lte-call-flow-guide
 
Lte call flows_att_best_practices_lte_pe
Lte call flows_att_best_practices_lte_peLte call flows_att_best_practices_lte_pe
Lte call flows_att_best_practices_lte_pe
 
5.2 qos priority_preemption-alu
5.2 qos priority_preemption-alu5.2 qos priority_preemption-alu
5.2 qos priority_preemption-alu
 
LTE, System Architecture Evolution
LTE, System Architecture EvolutionLTE, System Architecture Evolution
LTE, System Architecture Evolution
 
System Architecture Evolution- overview
System Architecture Evolution- overviewSystem Architecture Evolution- overview
System Architecture Evolution- overview
 
AIRCOM LTE Webinar 3 - LTE Carriers
AIRCOM LTE Webinar 3 - LTE CarriersAIRCOM LTE Webinar 3 - LTE Carriers
AIRCOM LTE Webinar 3 - LTE Carriers
 
Lte network planning_huawei_pdf
Lte network planning_huawei_pdfLte network planning_huawei_pdf
Lte network planning_huawei_pdf
 
LTE_poster.pdf
LTE_poster.pdfLTE_poster.pdf
LTE_poster.pdf
 
Project
ProjectProject
Project
 
EWSD Switching Systems
EWSD Switching Systems EWSD Switching Systems
EWSD Switching Systems
 
PolyMooc4G.pdf
PolyMooc4G.pdfPolyMooc4G.pdf
PolyMooc4G.pdf
 
Lte network planning huawei technologies
Lte network planning huawei technologiesLte network planning huawei technologies
Lte network planning huawei technologies
 
Aug12 sridhar
Aug12 sridharAug12 sridhar
Aug12 sridhar
 
LTE KPI and PI Formula_NOKIA.pdf
LTE KPI and PI Formula_NOKIA.pdfLTE KPI and PI Formula_NOKIA.pdf
LTE KPI and PI Formula_NOKIA.pdf
 
Designing an 4K/UHD1 HDR OB Truck as 12G-SDI or IP-based
Designing an 4K/UHD1 HDR OB Truck as 12G-SDI or IP-basedDesigning an 4K/UHD1 HDR OB Truck as 12G-SDI or IP-based
Designing an 4K/UHD1 HDR OB Truck as 12G-SDI or IP-based
 

Recently uploaded

Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
Tamralipta Mahavidyalaya
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
gb193092
 
Chapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdfChapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdf
Kartik Tiwari
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
thanhdowork
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
timhan337
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 
Digital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion DesignsDigital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion Designs
chanes7
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
Group Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana BuscigliopptxGroup Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana Buscigliopptx
ArianaBusciglio
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
Peter Windle
 

Recently uploaded (20)

Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
 
Chapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdfChapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdf
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
Digital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion DesignsDigital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion Designs
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
Group Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana BuscigliopptxGroup Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana Buscigliopptx
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 

Attach flow & srb

  • 1. Attach – Call Flow 13 Feb 2016
  • 2. 2015 © Samsung Electronics 2 2015 © Samsung Electronics 2 Network Identities
  • 3. 2015 © Samsung Electronics 3 2015 © Samsung Electronics 3  GUTI – Globally Unique Temporary UE Identity - is assigned only by the MME during initial attach of a UE to the E-UTRAN – masks the true identity of the subscriber  GUTI provides an unambiguous identification of the UE that does not revel the UE’s permanent identity. It also allows identification of the MME and Network to which UE attaches  GUTI has to main components - GUMMEI Globally Unique Mobility management Entity Identifier and the M –TMSI that uniquely identifies the UE within the MME  For paging, the mobile is paged with the S-TMSI which is a shorter version of GUTI  On the S1 Interface, the IMSI is typically not seen just like the GUTI. Exceptions are initial attach when no old GUTI is stored on the USIM card or in paging procedure Identities Used in LTE - GUTI MCC and MNC are 3 DIGITS
  • 4. 2015 © Samsung Electronics 4 2015 © Samsung Electronics 4  RNTI – Radio Network Temporary Identifier  RNTI is signaled in the MAC Layer. When MAC uses the PDCCH to indicate radio resource allocation, the RNTI is mapped on the PDCCH depends on the logical channel type -  C- RNTI : Temporary Cell Radio Network Temporary Identifier for Dedicated Control Channel (DCCH and DTCH). It defines which data sent in DL belongs to a particular subscriber – all RRC messages are marked with same C RNTI for a subscriber  P- RNTI : Paging Radio Network Temporary Identifier for Paging Control Channel (PCCH) is derived from IMSI. It does not refer to a particular UE but to a group of UEs.  RA- RNTI : Random Access Radio Network Temporary Identifier for Random Access Response (RAR) on DL-SCH – assigned to particular UE and is contained in the response from eNode B for PRACH. The UE then uses this RA- RNTI to send RRC Connection Request  Temporary C-RNTI for Common Control Channel (CCCH) during random access procedure  SI- RNTI : System Information Radio Network Temporary Identifier for Broadcast Control Channel (BCCH) – sent on PDCCH - it signals to all UEs where SIBs are found on PDSCH Identities Used in LTE - RNTI RNTI Values
  • 5. 2015 © Samsung Electronics 5 2015 © Samsung Electronics 5 LTE Identities
  • 6. 2015 © Samsung Electronics 6 2015 © Samsung Electronics 6 Bearers
  • 7. 2015 © Samsung Electronics 7 2015 © Samsung Electronics 7 LTE Identifiers
  • 8. 2014 © Samsung Electronics 8 UE Temporary ID’s at different interfaces
  • 9. 2014 © Samsung Electronics 9 S1AP Interface  In between eNB and MME, the User can be identified using the S1AP ID’s.  eNB-UE-S1AP ID is the S1AP ID terminating at the eNB side  MME-UE-S1AP ID is the S1AP ID terminating at the MME Side.
  • 10. 2014 © Samsung Electronics 10 GTP Teid’s  GTP-C Teid’s (S11 MME GTPC Teid and S11/S4 SGW GTPC Teid) are used as the control plane teid’s at MME and GW respectively.  GTP-U Teid’s(S1-U eNB GTPU Teid and S1-U SGW GTPU Teid) are used as the user plane teid’s at eNB and GW respectively.
  • 11. 2014 © Samsung Electronics 11 Diameter Session ID  Gx Diameter Session Id can be used to identify the diameter packets related to a particular subscriber session.  Gx diameter session Id will be created when the session is created for the subscriber and will stay till the session is available.
  • 13. 2014 © Samsung Electronics 13 Attach Procedure
  • 14. 2015 © Samsung Electronics 14 Attach Procedure T300 stops in UE T300 starts in UE (200ms) Timer starts in eNB : RRC_CONNECTION_SETUP (1000 ms) Timer stops in eNB : RRC_CONNECTION_SETUP Timer Stops at UE : S1_INITIAL_CONTEXT_SETUP Timer Starts at UE : S1_INITIAL_CONTEXT_SETUP = 10000 ms
  • 15. 2015 © Samsung Electronics 15 Attach Procedure RRC Connection Reconfiguration message including EPS Radio Bearer Identity and Attach Accept message; UE sends Uplink Information Transfer message to the eNodeB which includes the Attach Complete message
  • 16. 2015 © Samsung Electronics 16 Attach Procedure RRC Connection Reconfiguration message including EPS Radio Bearer Identity and Attach Accept message; UE sends Uplink Information Transfer message to the eNodeB which includes the Attach Complete message Timer starts in eNB : RRC_CONNECTION_RECONFIG = 1500 ms Timer stops in eNB : RRC_CONNECTION_RECONFIG = 1500 ms Timer starts in eNB : RRC_SECURITY_MODE_COMMAND = 2000 ms Timer stops in eNB : RRC_SECURITY_MODE_COMMAND Timer starts in eNB : RRC_UE_CAPABILITY_ENQUIRY[ms] = 2000
  • 17. 2015 © Samsung Electronics 17 RACH rrcConnection Request rrcConnection Setup rrcConnection Setup Complete EPS mobility management
  • 18. 2015 © Samsung Electronics 18 RACH Trigger (Two Examples)
  • 19. 2015 © Samsung Electronics 19 RRC Connection Request (UpLink) (Two Examples)
  • 20. 2015 © Samsung Electronics 20 RRC Connection Setup (Down Link)
  • 21. 2015 © Samsung Electronics 21 RRC Connection Setup Complete (Uplink) Attach Request
  • 22. 2015 © Samsung Electronics 22 • The UE initiates the Attach procedure by sending the Attach Request message to the eNodeB with following identities. • IMSI or GUTI • TAI (if available) • UE Capabilities - indicates supported NAS and AS security algorithms by UE • Attach Type - indicates EPS or combined EPS/IMSI • ESM Message Container • RRC Parameters • The ESM Message Container contains the following identities. • Request Type • PDN Type - indicates requested IP version (IPv4, IPv6 or IPv4v6) • Protocol Configuration Options (PCO) - included by UE and sent transparently to MME to indicate Address allocation preference of UE (eg. after establishing default bearer using DHCP) • Ciphered Options Transfer flag - must be set if PCO or APN or both are to be sent by UE • KSIASME (if valid EPS security parameters available) • NAS Sequence number (if valid EPS security parameters available) • NAS-MAC (if valid EPS security parameters available) • additional GUTI • P-TMSI • The RRC parameters indicate the Selected Network and old GUMMEI. Attach Request
  • 23. 2015 © Samsung Electronics 23 RRC Connection Setup Complete (Uplink) Attach Request
  • 24. 2015 © Samsung Electronics 24 RRC Connection Setup Complete (Uplink) Attach Request
  • 25. 2015 © Samsung Electronics 25 RRC Connection Setup Complete (Uplink)
  • 26. 2015 © Samsung Electronics 26 RRC Connection Setup Complete (Uplink) Attach Request
  • 27. 2015 © Samsung Electronics 27 RRC Connection Setup Complete (Uplink) Attach Request
  • 28. 2015 © Samsung Electronics 28 • UE-AMBR and APN-AMBR • APN-AMBR The APN-AMBR defines the total bit rate that is allowed for all non-GBR bearers associated with a specific APN. The APN-AMBR limits the total non-GBR traffic for an APN, independent of the number of PDN connections and non-GBR bearers that are opened for that APN. For example, if an operator provides an APN for Internet, the operator may then limit the total bandwidth for that APN. UE-AMBR • The UE-AMBR is defined per subscriber and defines the total bit rate allowed to be consumed for all non-GBR bearers of a UE. The subscription profile contains the UE-AMBR. The eNodeB enforces the UE-AMBR. • There are different AMBR values for uplink and downlink directions - UL APN-AMBR, DL APN- AMBR, and UL UE-AMBR, DL UE-AMBR. AMBR
  • 29. 29 Samsung Confidential and Proprietary Information. All Contents Copyright ⓒ 2011 Samsung Electronics Co., Ltd. RJIL Initial Attach Request (APN=jionet) SAE GW UE eNB MME S-GW P-GW HSS PCRF SPR Power on RRC Connection Setup 1. Attach Request(PDN Connectivity Request) 3. UE IP allocation LTE Authentication NAS Security Setup 2. Create Session Request IMSI, MSISDN, APN=jionet, PCO, Bearer Context (Bearer ID, Bearer QoS – QCI:9, GBR: 0, MBR: 0) 4. CCR(Indication of IP-CAN Session establishment) Initial Request, Subscription-Id(e.g., IMSI), UE-IP, APN, Event- Report, QoS Info(APN-AMBR(UL/DL)), EPS Bearer QoS(QCI, ARP) 5. Profile Request 6. Profile Response User Profile = internet 7. Policy Decision 8. CCA(Acknowledge of IP-CAN Session Establishment) PCC Rule for Default bearer(QCI=9, ARP=1, APN- AMBR(UL/DL)=50Mbps/100Mbps, Offline, TFT(UL/DL)) IMSI, Initial Request, APN=jionet 11. Attach Accept(Activate Default EPS bearer Context Request) APN=jionet, UE-IP, Default Bearer QoS(QCI=9, ARP=1, UE-AMBR(ULAPN- AMBR(UL)=50Mbps, TFT(UL)=(UE IP, *, SIP, *, UDP), PCO, GUTI, TAI-list 12. Policy Enforcement 13. Attach Complete(Activate Default Bearer Context Accept) 14. Modify Bearer Request 15. Modify Bearer Response Default Bearer(QCI=9) Bearer ID Location Update 9. Policy Enforcement 10. Create Session Response UE-IP, Default bearer QoS(QCI=9, ARP=1, APN-AMBR(UL)=50Mbps, TFT(UL)=(UE IP, *, SIP, *, UDP) OCS 9.1 CCR (Indication of Session, APN=JioNet) 9.2 CCA (Ack of session, APN=JioNet) Steps after Attach Request are : 1. Authentication 2. Security Mode 3. Identity Check 4. Update Location 5. Create Session 6. Attach Accept 7. UE capability 8. Modify Bearer ASIUCAUM
  • 30. 30 Samsung Confidential and Proprietary Information. All Contents Copyright ⓒ 2011 Samsung Electronics Co., Ltd. RJIL PDN Connectivity Request (APN=ims) OCS 4.1 CCR & CCA to/from PCRF, APN=ims) PCRF 4.2 CCR & CCA to/from OCS, APN=ims) PCO : Protocol Configuration Option is used to allocate the PCSCF domain name /IP address DNS : Domain Name Server translates hostname into IP address PCO option is used by UE during PDP context activation to request for P_CSCF address, DNS server details etc Steps after Modify Bearer are : 1. PDN Request 2. Create Session 3. Activate Bearer 4. Modify Bearer Modify Bearer Request Modify Bearer Response Not configured PCAM
  • 31. 2015 © Samsung Electronics 31 2015 © Samsung Electronics 31 VoLTE - UE Attachment and IMS Registration message UAR : User Authorization Request, UAA : User Authorization Answer MAR : Multimedia Authorization Request, MAA : Multimedia Authorization Answer UDR : Update Data Request, UDA : Update Data Answer SAR : Server Authorization Request, SAA : Server Authorization Answer Auth Challenge Steps after Modify Bearer are : 1. REGISTER 2. Authorization 3. 401 Unauthorized 4. REGISTER 5. Authorization 6. 200 OK RA4RA2
  • 32. 2015 © Samsung Electronics 32 2015 © Samsung Electronics 32  "Signalling Radio Bearers" (SRBs) are defined as Radio Bearers (RB) that are used only for the transmission of RRC and NAS messages. More specifically, the following three SRBs are defined:  SRB0 is for RRC messages using the CCCH logical channel;  SRB1 is for RRC messages (which may include a piggybacked NAS message) as well as for NAS messages prior to the establishment of SRB2, all using DCCH logical channel;  SRB2 is for RRC messages which include logged measurement information as well as for NAS messages, all using DCCH logical channel. SRB2 has a lower-priority than SRB1 and is always configured by E-UTRAN after security activation.  Once security is activated, all RRC messages on SRB1 and SRB2, including those containing NAS or non-3GPP messages, are integrity protected and ciphered by PDCP. NAS independently applies integrity protection and ciphering to the NAS messages SRB
  • 33. 2015 © Samsung Electronics 33 2015 © Samsung Electronics 33 LTE SRB Type Direction RRC message RLC Mode LTE SRB0 (CCCH) Downlink RRC Connection Setup RRC Connection Reject RRC Connection Re-establishment RRC Connection Re-establishment reject Transparent Uplink RRC Connection Request RRC Connection Re-esblishment Request LTE SRB1(DCCH) Downlink RRC Connection Reconfiguration RRC Connection Release Security Mode Command UE Capability Enquiry DL information transfer(if no SRB-2) Mobility from EUTRA Command Handover from EUTRA preparation request CS Fallback parameter response CDMA2000 Counter Check Acknowledged Uplink RRC Connection Setup Complete Security Mode Complete Security Mode Failure RRC Connection Reconfiguration Complete RRC Connection Re-establishment Complete Measurement report UE Capability information UL Information Transfer(if no SRB2) UL handover preparation transfer CS fallback parameters request CDMA2000 Counter Check response LTE SRB2 (DCCH) Downlink DL Information Transfer Uplink UL Information Transfer SRB
  • 34. 2015 © Samsung Electronics 34 2015 © Samsung Electronics 34 Message RB Lo CH LoCH No LCID MIB - BCCH 0 - SIB 1 - BCCH 1 - SIB 2 - BCCH 1 - RRC : PRACH Preamble - - - - RRC : RACH Response - - - - RRC : RRC Connection Request SRB0 UL CCCH 0 0 RRC : RRC Connection Setup SRB0 DL CCCH 0 0 RRC : RRC Connection Setup Complete + NAS : Attach Request + ESM : PDN Connectivity Request SRB1 UL DCCH 0 1 RRC : DL Information Transfer + NAS : Authentication Request SRB1 DL DCCH 0 1 RRC : UL Information Transfer + NAS : Authentication Response SRB1 UL DCCH 0 1 RRC : DL Information Transfer + NAS : Security Mode Command SRB1 DL DCCH 0 1 RRC : UL Information Transfer + NAS : Security Mode Complete SRB1 UL DCCH 0 1 RRC : Security Mode Command SRB1 DL DCCH 0 1 RRC : Security Mode Complete SRB1 UL DCCH 0 1 RRC : RRC Connection Reconfiguration SRB1 DL DCCH 0 1 RRC : RRC Connection Reconfiguration Complete SRB1 UL DCCH 0 1 RRC : UL InformationTransfer + NAS : Attach Complete + NAS : Activate Default EPS Bearer SRB2 UL DCCH 1 2 RRC : UL Information Transfer + ESM : PDN Connectivity Request SRB2 UL DCCH 1 2 Control Channel Mapping DRB (user) Data Radio Bearer SRB Signalling Radio Bearer
  • 35. 2015 © Samsung Electronics 35 2015 © Samsung Electronics 35  Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from and replaces the much less capable RADIUS protocol that preceded it.  The main features provided by Diameter but lacking in RADIUS are:  Support for SCTP  Capability negotiation  Application layer acknowledgements, Diameter defines failover methods and state machines (RFC 3539)  Extensibility; new commands can be defined  Aligned on 32-bit boundaries  A Diameter Application is not a software application but is a protocol based on the Diameter base protocol defined in RFC 6733 (Obsoletes: RFC 3588).  Each application is defined by an application identifier and can add new command codes and/or new mandatory AVPs (Attribute-Value Pair). Adding a new optional AVP does not require a new application. Diameter
  • 36. LTE Attach Messages FromeNB to MME UE Capabilities for E-UTRAN IMS PS Voice preferred and CS voice as secondary
  • 37. Message Details in brief (UE messages shown in Red Font) Attach Request – UE to MME over 102 VLAN (RRC Connection Set Up); contains S1AP ID allocated from eNB, Contains PDN connectivity request for Jionet APN, with IMS Voice as preferred and CS Voice as secondary 1. Authentication – MME to DRA to HSS using Diameter ID for S6a, contains IMSI, HSS replies using same Diameter Session ID with Authentication Vectors , MME sends Authentication Request (EPS Challenge Request) to UE using same S1AP ID received from eNB during Attach Request and allocates the MME end S1AP ID. Now both S1AP ID allocated (eNB side and MME side). UE then sends Authentication Response computed by it using the same S1AP IDs. 2. Security Mode – MME to UE over S1AP interface; MME sends Security Mode Command to UE using the same S1AP ID, UE replies with Security Mode Response which also includes IMEI. 3. Identity Check – MME to DRA to EIR over S13 interface; MME sends IMSI & IMEI to EIR for Identity Check through Diameter. New Diameter ID created. EIR replies stating IMEI as “white listed” 4. Update Location – MME to HSS over S6a; In case MME does not have context information of UE, Update Location is sent to HSS which then sends Cancel Location Message to old MME. HSS sends Update Location Answer to new MME using same Diameter Session ID as contained in the request – this reply contains APN details (Jionet and IMS) and three PDN types IPv4, IPv6 and IPv4/IPv6
  • 38. Message Details in brief (UE messages shown in Red Font) 5. Create Session: MME to SAEGW over S11 interface; This is first GTP C message for the subscriber. GPTC TeID from MME side added. SAEGW sends CCR-I request over Gx interface to PCRF. CCA-I is received from PCRF containing the charging rules & the triggers for CCR-U towards PCRF. SAEGW sends CCR-I towards OCS over Gy interface with details of session related information. OCS replies with CCA-I. After receiving reply from both PCRF and OCS, SAEGW sends Create Session Response to MME and adds the GTPC TeID for the S11 interface (now both ends TeID created for GTPC over S11) and IPv4 and IPv6 Address allocated to UE for Jionet APN, indicates the AMBR values, adds the GTPU TeID for eNB for S1-U interface 6. Attach Accept: MME to UE using the same S1AP ID created earlier. Contains GTPU TeID for S1-U interface received from SAEGW, contains GUTI & S-TMSI. 7. UE capability: eNB to MME using already existing S1AP ID; sends UE capability for UTRAN and GERAN; eNB sends Initial Context Set Up Response to UE (Activate Default EPS Bearer Context Request) which includes the GTPU TeID for S1-U interface towards SAEGW; UE sends Attach Complete Message towards MME 8. Modify Bearer: MME sends Modify Bearer Request towards SAEGW which contains the GTPU TeID received from eNB (Now both ends TeID of GTPU are with SAEGW); SAEGW acknowledges by sending Modify Bearer Response to MME
  • 39. IMS Attach Messages IMS Registration Messages
  • 40. eNB S1AP ID which was allocated by eNB for this UE NAS-PDU content received from UE. InitialUEMessage, Attach Request (1/2) S1AP/NAS message from UE S1AP message from eNB Message in Hex Attach Request from UE to MME VLAN 102
  • 41. Attach Request – Voice Preference (2/2) FromUE to MME IMS PS Voice preferred and CS voice as secondary VLAN 102
  • 42. Authentication Information Request from MME to HSS AIR message from MME DRA HSS Diameter session ID for S6a Interface IMSI Authentication Request from MME to HSS
  • 43. Authentication Vectors Authentication Information Answer from HSS to MME AIA message from HSS  DRA MME Same session ID
  • 44. EPS Challenge towards UE Authentication Request Same eNB S1AP ID as received in Attach Request MME sends the Allocated MME S1AP ID Authentication Request from MME to UE Now both UE S1AP Ids are created from eNB side and MME side
  • 45. eNB and MME S1AP ID’s Response calculated by UE Authentication Response Authentication Response from UE to MME Same UE S1AP Ids created from eNB side and MME side are used
  • 46. Security Mode Command Security Capability related From MME to UE
  • 47. Security Mode Complete FromUE to MME Contains IMEI
  • 48. IMEI Check MME  DRA  EIR ME Identity Check Request Diameter Session ID for S 13 IMSI IMEI ME Identity from MME to EIR
  • 49. IMEI Check Response EIR -> DRA -> MME ME Identity Check Answer White Listed ME Identity Response from EIR to MME Same Session ID
  • 50. ULR message from MME -> DRA -> HSS Update Location Request Update Location Request is sent when MME does not have the context information for the UE Diameter Session ID for S6a Update Location Request from MME to HSS IMSI
  • 51. CLR to Old MME to delete the UE Context HSS-> DRA -> Old MME Cancel Location Request to old MME
  • 52. ULA message with subscription data HSS -> DRA -> new MME Update Location Answer to new MME APN Information is sent Same Diameter Session ID for S6a as contained in request
  • 53. APN Profile in Update Location Answer Jionet IMS APN Three PDN types IpV4, IpV6 and IPv4v6
  • 54. S11 MME GTP-C Teid Create Session Request First GTP-C message for this subscriber, so GW GTP-C Teid is ‘0’ From MME to Gateway (SAEGW) IMSI Can contain - Three PDN types IpV4, IpV6 and IPv4v6
  • 55. CCR-I SAEGW(PCEF) -> DRA -> PCRF Credit Control Request –Gx(CCR - I) From PGW to PCRF over Gx Diameter Gx Session ID Subscription ID contains IMSI
  • 56. CCA-I PCRF -> DRA -> SAEGW(PCEF) Credit Control Answer – Gx(CCA-I) Event Triggers for CCR-U towards PCRF Charging Rule Names Trigger for ECGI change can be added Same Session ID
  • 57. CCR –I (Gy) SAEGW -> DRA -> OCS Credit Control Request – Gy(CCR-I) Session Related Info Sent to OCS Gy Interface Diameter Session ID for Gy Interface
  • 58. CCA-I (Gy) OCS -> DRA -> SAEGW Credit Control Answer – Gy(CCA-I)
  • 59. IPv4 and IPv6 Address allocated to UE Create Session Response SGW GTP-c Teid SGW GTP-U Teid From SAEGW to MME after receipt of CCA from OCS TeID already received by SAEGW SAEGW adds its GTP C TeID GTP C both ends TeID complete SAEGW adds its GTP U TeID to eNB Aggregate MBR values for Jionet APN
  • 60. S1AP Attach Accept S1AP Attach Accept MME -> eNB GUTI Value Allocated To UE GW GTP U TeID S-TMSI Allocated = MME Code + M- TMSI
  • 61. UE Capability Info Indication FromeNB to MME UE Capabilities for E-UTRAN UE Capabilities for geran-cs UE Capabilities for geran-ps
  • 62. eNB GTP-U Teid S1AP Initial Context Setup Response Initial Context Seutp Response eNB -> MME
  • 64. CCA-I (Gy) OCS -> DRA -> SAEGW Gtpv2 Modify Bearer Request GTP-C Teid of GW S1-U eNB GTP-U Teid From MME to SAEGW for Default Bearer
  • 65. S1U SGW GTP-U Teid Gtpv2 Modify Bearer Response GTP-C Teid of MME From SAEGW to MME for Default Bearer
  • 67. Message Details in brief (UE messages shown in Red Font) 1. PDN Connectivity Request for IMS APN – UE to MME; uses the same S1 AP ID already created ; indicates PDN connectivity type as IPv4 or IPv6 or IPV4/IPv6; requests details of P CSCF and DNS Server; 2. Create Session: MME to SAEGW using the GTPC TeID already defined; This contains the GTPC TeID from MME; SAEGW sends CCR U message to PCRF over Gx interface; New Diameter Session ID created for IMS APN; This message contains details of IMSI & MSISDN and the IPv4 & IPv6 address allotted to IMS APN; PCRF replies with CCA I which contains charging rule and event triggers to sent CCR U; SAEGW then sends Create Session Response to MME with GTPC TeID of SGW & PGW for QCI 5 and the Primary & Secondary IPv4 & IPv6 address of P-CSCF and the IP Address of DNS and the IPv4 & IPv6 address allocated to IMS APN and the SAEGW TeIDs for S1-U traffic 3. Attach Accept: MME to ENB ; MME sends S1 ERAB Set Up Request to eNB and Activate Default Bearer Context Request to UE; Message also contains the the IP address for IMS APN for UE and AMBR values for IMS APN. The eNB sends ERAB Set Up Response containing the GTPU TeIDs for S1 U for QCI 5; Now both ends of GTPU TeID defined for QCI 5; UE sends Activate Default Bearer Context Accept. 4. Modify Bearer: MME to SAEGW; MME sends Modify Bearer Request which contains details of the eNB GTP TeID for S1 U for QCI 5; SAEGW sends Modify Bearer Accept. Now QCI 5 bearer is established and data can start flowing.
  • 68. IMS Attach Messages IMS Registration Messages
  • 69. S1AP PDN Connectivity Request [1/2] Same MME- UE-S1AP-ID Same ENB- UE-S1AP-ID S1AP PDN Connectivity Request for IMS APN UE to MME
  • 70. S1AP PDN Connectivity Request [2/2] S1AP PDN Connectivity Request for IMS APN APN: IMS Requesting Details of DNS and P-CSCF Address UE to MME Three PDN types IpV4, IpV6 and IPv4v6
  • 71. Create Session Request for IMS APN GTPv2 Create Session Request APN: IMS IMSI: same GTP-C Teid of MME GW GTP-C Teid allocated before MME to SAEGW
  • 72. CCR-I for IMS Session on Gx Interface CCR-I for IMS Apn on Gx Interface SAEGW(PCEF)  DRA  PCRF Subscription ID contains IMSI and MSISDN Diameter Gx Session ID for IMS APN IPv4 and V6 Address allocated to IMS APN This is new Diameter Session ID allocated for IMS. This is not the same ID which has been used for Jionet SAEGW to PCRF
  • 73. CCA-I for IMS Session on Gx Interface CCA-I for IMS Apn in Gx Interface PCRF  DRA  PCEF(SAEGW) Charging Rule Name Event Triggers about when to send CCR-U Same IMS Diameter Session ID of Gx Interface used in Request message(CCR-I)
  • 74. Create Session Response for IMS APN [1/3] GTPv2 Create Session Response Bearer ID for IMS EBI - 6 GTP-C Teid of SGW and PGW MME GTP-C Teid allocated before SAEGW to MME EBI 5 is allocated to Jionet and EBI 6 for IMS based on availability
  • 75. Create Session Response for IMS APN [2/3] GTPv2 Create Session Response Primary and Secondary IPV4 P- CSCF Address (since only IPv4 configured) IPv4 and IPv6 Address allocated for IMS APN If available, IPv6 P-CSCF address can also be given by SAEGW SAEGW to MME UE is allocated two sets of IP Addresses – one for Jionet APN and second for IMS APN The UE would be allocated IPv4 or IPv6 or IPv4v6 based on initial request, configuration in HSS and PGW. Final decision on allocation by PGW . For usage Ipv6 would be preferred if available on both UE and Network side DNS IP which UE has to Use
  • 76. Create Session Response for IMS APN [3/3] GTPv2 Create Session Response S1-U SGW and S5/S8 PGW GTP- U Teid’s for User Plane Packet's QOS for EBI-6 bearer QCI -5 SAEGW to MME
  • 77. S1AP E-RAB Setup, Activate default EPS… [1/3] S1AP E-RAB Setup Request S1AP E-RAB Setup Request which contains EBI-6 QOS details One message contains S1AP E-RAB Setup Request & NAS Activate default EPS bearer Context Request MME to eNode B
  • 78. S1AP E-RAB Setup, Activate default EPS… [2/2] NAS Activate default EPS bearer Context Request NAS PDU towards UE QCI -5 EBI-6 Only last 64 bits of IPv6 Address and IPv4 Address Aggregate MBR values for IMS APN MME to UE
  • 79. S1AP E-RAB Setup Response S1AP E-RAB Setup Response S1AP Message from eNB EBI-6 GTP-U Fteid details of eNB eNode B to MME
  • 80. S1AP/NAS Activate default EPS bearer context accept Activate Default EPS bearer context accept NAS Message from UE Accept message from UE UE to MME
  • 81. Gtpv2 Modify Bearer Request for Ebi-6 Modify Bearer Request GTP-U Fteid of eNB MME to SAEGW
  • 82. Gtpv2 Modify Bearer Response for Ebi-6 Modify Bearer Response GTP-U Fteid of SGW Request Accepted Now the GTP-U teid’s of eNB and GW are known at both sides. User data transfer can flow now. SAEGW to MME
  • 84. TCP 3-Way Handshake A three-way-handshake is a method used in a TCP/IP network to create a Reliable Connection between a client and server. It is a three-step method that requires both client and server to exchange SYN and ACK (acknowledgment) packets before actual data communication begins. A three-way-handshake is also known as a TCP handshake.
  • 85. TCP SYN When Client wants to initiate a connection with Server, Client sends a segment with SYN(Synchronize Sequence Number). This segment will inform the Server that Client would like to start a communication with Server and informs that with what sequence number it will start its segments with. Note: Sequence Numbers are mainly used to keep data in order.
  • 86. TCP SYN –ACK Now Server will respond to Client with "Acknowledgment" (ACK) and SYN bits set. Here Servers ACK segment does two things; they are as below 1. It acknowledges Client’s SYN segment. 2. It informs Client that what sequence number it will start its data with.
  • 87. TCP ACK Now finally Client Acknowledges Server’s initial sequence Number and in its ACK signal. And then Client will start the actual data transfer. Note: Initial Sequence Numbers are randomly selected while initiating connections between two machines.
  • 88. IMS REGISTRATION using QCI 5 Bearer already created A different subscriber taken as example CCR: Credit Control Request , CCA: Credit Control Answer UAR : User Authorization Request, UAA : User Authorization Answer MAR : Multimedia Authorization Request, MAA : Multimedia Authorization Answer UDR : Update Data Request, UDA : Update Data Answer SAR : Server Authorization Request, SAA : Server Authorization Answer
  • 89. Message Details in brief(UE messages shown in Red Font) 1. REGISTER: UE to P CSCF; contains the IP Address allocated for IMS APN to UE and IP address of P CSCF received via PCO Options and the SIP Call ID used for Registration; P CSCF sends REGISTER Message to ICSCF : contains the Public User Identity which generally starts with sip: or tel: 2. Authorization: ICSCF sends UAR message to HSS; HSS replies with UAA to I CSCF; I- CSCF forwards the SIP Register message to the S-CSCF address received from HSS; S CSCF then sends MAR to HSS requesting Authentication Vectors for Multimedia session from HSS. HSS replies with MAA; 3. 401 Unauthorized: From S CSCF to P CSCF to SAEGW to UE; Contains SIP Authorization parameters received from HSS and uses the same Call ID as received in the REGISTER Message; 4. REGISTER: UE sends second REGISTER to SAEGW to P CSCF to S CSCF using same Call ID; This contains the Authentication Response based on the keys received in 401 Unauthorized 5. Authorization: S-CSCF Sends the REGISTER Message to I CSCF; I-CSCF (SCFX in NSN) sends UAA to HSS and again asks HSS about which S CSCF (S-CFX) to use; HSS replies with UAA to I CSCF; I-CSCF forwards the SIP Register message to the S-CSCF address received from HSS; S CSCF sends SAR to HSS and Updates HSS that the user is authenticated and asks to provide the subscription Information; S-CSCF request HSS to map the subscriber to the mentioned S-CSCF server name; HSS replies with SAA which contains charging information and identities present in HSS for the subscriber; 6. 200 OK: S- CSCF to P CSSF to SAEGW to UE; uses the same Call ID; After this message is received we can see the two Horizontal BARS symbols for IMS in UE
  • 90. IMS Attach Messages IMS Registration Messages
  • 91. SIP REGISTER (Unprotected) SIP Register(Unprotected) SIP Call ID used for Registration process P-CSCF Address received i PCO options IPv6 Address allocated to IMS APN SIP “Via” header contains Transport, Last SIP hop and transaction ID Expiry Value for SIP Transaction Private Identity of the user Used in Authentication Request A different subscriber taken as example UE to P CSCF
  • 92. SIP REGISTER (Unprotected) from P-CSCF to I-CSCF SIP Register(Unprotected) REGISTER message One more “Via” header added about p-cscf route Content of the Message will not be modified, rather new headers like Via and IMS related will be added. From: contains the Public User Identity Generally starts with sip: or tel:
  • 93. User Authorization Request (I-CSCF to HSS) User Authorization Request SCFX  DRA  HSS New Diameter Session ID allocated by I-CSCF User Name Contains IMSI
  • 94. User Authorization Answer (HSS to I-CSCF) User Authorization Response HSS  DRA  SCFX S-CSCF address Result as Diameter Subsequent Registration I-CSCF forwards the SIP Register message to the S-CSCF address received from HSS
  • 95. Multimedia Auth Request (S-CSCF to HSS) Requesting Authentication Vectors for Multimedia session from HSS. Requested Authentication Vectors : 5 New diameter Session ID allocated by S-CSCF
  • 96. Multimedia Auth Answer (HSS to S-CSCF) Received SIP Auth Items : 1 Same diameter session ID used for MAR
  • 97. SIP 401 Unauthorized (S-CSCF  P-CSCF  SAEGW UE) SIP Auth parameters Received from HSS Same SIP Call ID used in REGISTER message “Via” header used for routing purposes
  • 98. SIP Register (2nd ) (UE -> SAEGW -> PCFX -> SCFX) Same SIP Call ID Authentication Response based on the keys received in 401 Unauthorized
  • 99. User Authorization Request ( 2nd time) New Diameter Session ID again I-CSCF(SCFX in NSN) again asks HSS about which S-CFX to use
  • 100. User Authorization Answer(HSS  I-CSCF) S-CSCF Server name I-CSCF forwards the SIP Register message to the S-CSCF address received from HSS
  • 101. Server Assignment Request (S-CSCF  DRA  HSS) S-CSCF Server name S-CSCF Updates HSS that user is authenticated and asks to provide the subscription Information
  • 102. Server Assignment Answer (HSS  DRA  S-CSCF) Identities present in HSS for this subscriber S-CSCF request HSS to map the subscriber to the mentioned S-CSCF server name Charging Information
  • 103. 200 Ok for SIP Register (S-CSCF  P-CSCF  SAEGW  UE) SIP Call ID Used for registration process After this message is received we can see the two Horizontal BARS symbols for IMS in UE Public Identity for the user for next transactions
  • 104. Modify bearer request *is initiated by MME/S4-SGSN and/or from S-GW to P-GW* Here you are not adding or deleting any resources/bearers. This message is used when there is no change on allocated bearers, Only the cause is user is moving from one place to another. Basically Radio Part is changing. This information MME should inform to all Core Network Elements (S-GW) and it helps them to attain the resources and handovers case too. It will just modify the bearers. After getting the response of Modify Bearer Request it indicates that User Plane is ready to carry the user data as Control plane is done and now data can flow in between E-UTRAN and S-GW. Update Bearer Request: *is initiated by P-GW to S-GW and/or from S-GW to MME/S4- SGSN* I want to explain here with example. Suppose you are playing a online game in your Mobile. It requires a promised speed to avoid the delay and you are subscribed for that too. Now suddenly you got to know that you have to send a mail to your boss but you don't want to close your game. For this purpose you need more resources. Here Update Procedure will come. You already have dedicated bearers with you. Your packet forwarding is happening through P-GW but you need more resources. In this case P-GW will initiate the message Update Bearer Request.
  • 106. 2015 © Samsung Electronics 106 Attach Procedure
  • 107. 2015 © Samsung Electronics 107 Attach Procedure T300 stops in UE T300 starts in UE (200ms) Timer starts in eNB : RRC_CONNECTION_SETUP (1000 ms) Timer stops in eNB : RRC_CONNECTION_SETUP Timer Stops at UE : S1_INITIAL_CONTEXT_SETUP Timer Starts at UE : S1_INITIAL_CONTEXT_SETUP = 10000 ms
  • 108. 2015 © Samsung Electronics 108 Attach Procedure RRC Connection Reconfiguration message including EPS Radio Bearer Identity and Attach Accept message; UE sends Uplink Information Transfer message to the eNodeB which includes the Attach Complete message
  • 109. 2015 © Samsung Electronics 109 Attach Procedure RRC Connection Reconfiguration message including EPS Radio Bearer Identity and Attach Accept message; UE sends Uplink Information Transfer message to the eNodeB which includes the Attach Complete message Timer starts in eNB : RRC_CONNECTION_RECONFIG = 1500 ms Timer stops in eNB : RRC_CONNECTION_RECONFIG = 1500 ms Timer starts in eNB : RRC_SECURITY_MODE_COMMAND = 2000 ms Timer stops in eNB : RRC_SECURITY_MODE_COMMAND Timer starts in eNB : RRC_UE_CAPABILITY_ENQUIRY[ms] = 2000
  • 110. Attach Request (RACH third Message) ASIUCAUM EPC ATTACH PDN connectivity Request for Jionet APN
  • 111. Security Attach Accept & Activate Default Bearer ASIUCAUM Attach Accept and Default EPS Bearer Request QCI 9 EPC ATTACH UE Capability Information Authentication Request Authentication Response
  • 112. Attach Complete / Default EPS Bearer QCI 9 accept PDN Connectivity Request to IMS Default Bearer Accept QCI 5 PCAM IMS ATTACH
  • 113. REGISTER 401 Unauthorized REGISTER 200 OK RA4RA2 SUBSCRIBE 200 OK NOTIFY 200 OK IMS REGISTRATION TCP SYNC SIP MESSAGES WOULD START AFTER TCP SYN
  • 114. INVITE 100 TRYING 183 Session in Progress PRACK 200 OK