1 / 30

Week #16 LTE/WLAN Radio Level Integration Using IPsec Tunnel ( LWIP ) Encapsulation

教育部行動寬頻尖端技術人才培育計畫 - 小細胞基站聯盟 中心 示範課程 :行動寬頻網路之異質性存取. Week #16 LTE/WLAN Radio Level Integration Using IPsec Tunnel ( LWIP ) Encapsulation. 助理教授:吳俊興 助教:王瑞元、許力中 國立 高雄大學 資訊工程學 系. MME. /. S. -. GW. S. 1. WLAN. I. P. eNB. LWIP-SeGW. UE.

skelley
Download Presentation

Week #16 LTE/WLAN Radio Level Integration Using IPsec Tunnel ( LWIP ) Encapsulation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 教育部行動寬頻尖端技術人才培育計畫-小細胞基站聯盟中心教育部行動寬頻尖端技術人才培育計畫-小細胞基站聯盟中心 示範課程:行動寬頻網路之異質性存取 Week #16LTE/WLAN Radio Level Integration Using IPsec Tunnel (LWIP) Encapsulation 助理教授:吳俊興 助教:王瑞元、許力中 國立高雄大學 資訊工程學系

  2. MME / S - GW S 1 WLAN I P eNB LWIP-SeGW UE LWIP - LTE/WLAN Radio Level Integration with IPsec Tunnel (LWIP) • UEuses WLANviaIPSectunnelbetweeneNBand UE • Fasttimetomarket,useoflegacyWLANinfrastructure • WLANis hiddenfromCN • Exceptfor WLANauthentication

  3. Motivation • LWIP was introduced in Release-13 to address the operator needs • To leverage the capacity available from the large incumbent WLAN network base where modifications to WLAN • As required by LWA would not be feasible because of hardware, architectural or operational constraints • The use of WLAN resources in downlink and uplink is controlled by the eNB, and bypasses the LTE user plane protocol stack • LWIPallows use of combined LTE and WLAN capacity for a user by allowing either inter-bearer distribution or intra-bearer per IP flow distribution across the LTE and WLAN radio links

  4. Overview • LWIPis controlledbyeNB, basedon UEmeasurement reporting • LWIPfeature allows a UE in RRC_CONNECTED to be configured by the eNB to utilize WLAN radio resources via IPsec tunnelling • Connectivity between eNB and WLAN is over IP (TS36.300 Section 22A.3)

  5. LWIP Tunnel • IP packets transferred between the UE and LWIP-SeGW are encapsulated using IPSec • Provide security to the packets that traverse WLAN • Uplink and downlink data supported over WLAN • Multiple bearers can be offloaded via IPSec • The IP packets are then transported between the LWIP-SeGW and eNB • The end to end path between the UE and eNB via the WLAN network is referred to as the LWIPtunnel

  6. Security and Transparence • For security reasons IPsec tunnel isterminated in LWIP-SeGW in eNB • Single IPSec tunnel per UE for UL and DL data • IPsec tunnel is transparent to WLAN infrastructure • There are no standardized network interfaces in LWIP

  7. LWIP Protocol Architecture

  8. LWIP Protocol Stack

  9. Security Gateway (SeGW) • The use of insecure third party broadband for backhauling mobile voice and multimedia data from small cells exposes the mobile operator’s core network to IP-based attacks, user identity theft and fraud • The SeGW provides market-leading IP Security/Internet Key Exchange Version 2 (IPsec/IKEv2) tunnel performance • The SeGW is a carrier class gateway for secure, scalable fixed mobile convergence solutions • The SeGW provides mobile operators with a complete Security Gateway solution for security and aggregation of 3G (HNB), 4G LTE (HeNB) and 3GPP2cdma cellular small cells, including femtocells, picocells or metrocells

  10. Definitions, Symbols and Abbreviations • The terms and definitions given in TR 21.905 • Data Radio Bearer -DRB • Internet Protocol -IP • LTE/WLAN Radio Level Integration Using Ipsec(security) Tunnel -LWIP • LWIP Encapsulation Protocol -LWIPEP • Generic Routing and Encapsulation -GRE • Packet Data Convergence Protocol -PDCP • Protocol Data Unit -PDU • Radio Resource Control -RRC • Service Access Point -SAP • Service Data Unit -SDU

  11. Bearer over LWIPTunnel • The data bearer refers to the EPS bearer mapped to the Data Radio Bearer (DRB) which is maintained on the LTE side • The DRB configuration on the LTE access corresponding to the data bearer using IPsec resources shall not be released • A single IPSec tunnel is used per UE for all the data bearers that are configured to send and/ or receive data over WLAN • Each data bearer may be configured so that traffic for that bearer can be routed over the IPsec tunnel in either only downlink or both uplink and downlink over WLAN • The RRC_Connection_Reconfiguration message provides the necessary parameters for the UE to initiate the establishment of the IPSec tunnel for the DRB

  12. DL/UL of a Data Bearer • For the DL of a data bearer, the packets received from the IPsec tunnel are forwarded directly to upper layers • For the UL, the eNB configures the UE to route the uplink data either via LTE or via WLAN using RRCsignaling • If routed via WLAN then all UL traffic of the data bearer is offloaded to the WLAN • UL bearer packets sent over the LWIP tunnel are encapsulated using LWIPEP as specified in TS 36.361 with the ‘Key’ field in the LWIPEP header populated with the DRB Identity associated with offloaded UL bearer

  13. Release of a LWIP Tunnel • The release of the IPSectunnel is initiated by the eNB • Upon receiving the Handover Command or on transition to RRC_IDLE state, the UE shall autonomously release IPsec tunnel configuration and the use of it by the data bearers • A UE supporting LWIP may be configured for WLAN measurements as per subclause22A.1.5.

  14. LWIP Mobility • The same mobility concept as specified in 22A.1.4 for LWA is also used for LWIP • Since WT node does not exist in LWIP operation, WT related description and procedures does not apply to LWIP • Mobility Set should be considered as the set of WLAN APs across which UE can perform mobility without informing the eNB, when applying the concept for LWIPoperation

  15. Issue with Multiple WLAN Interworking • E-UTRAN does not configure LWIP with DC, LWA or RCLWI simultaneously for the same UE. • If LWIP and RAN assisted WLAN interworking are simultaneously configured for the same UE, in RRC Connected, the UE only applies LWIP

  16. LWIP Operation • LWIP Tunnel Setup and Data Bearer Configuration The UE uses the parameters in the new radio resource configuration to setup the IPsec tunnel with the LWIP-SeGW to complete the establishment of the LWIP tunnel with the eNB over the WLAN access eNBmay add or remove data bearers to utilise the LWIP tunnel at any time after the establishment of the LWIP tunnel by sending the RRCConnectionReconfiguration message to the UE

  17. LWIP Tunnel for Data Bearer Setup Procedure 1. The eNB configures the UE to perform WLAN measurements for LWIPoperation 2. The UE applies the new configuration and replies with RRCConnectionReconfigurationCompletemessage 3. UE sends WLAN measurements to the eNB 4. The eNB sends the RRCConnectionReconfiguration message to the UE including the WLAN mobility set 5. The UE applies the new configuration and replies with RRCConnectionReconfigurationCompletemessage 6. UE associates with WLAN in consideration of the mobility set, if not already associated 7. UE sends confirmation of the WLAN association to the eNB 8. The eNB sends the RRCConnectionReconfiguration message to the UE including the necessary parameters to establish IPSec tunnel over WLAN and may, configure data bearers to utilise the IPsec tunnel 9. The UE applies the new configuration and replies with RRCConnectionReconfigurationCompletemessage

  18. Reconfiguration to Remove WLAN Resources

  19. Remove Reconfiguration Procedure UE and eNB have the LWIP tunnel setup via WLAN 1. The UE is configured to receive data from a data bearer over the LWIPtunnel 2. The eNB determines that it needs to remove the WLAN resources for the data bearer 3. The eNB sends the RRCConnectionReconfiguration message to the UE including the necessary parameters to remove WLAN resources for the data bearer 4. The UE applies the new configuration and replies with RRCConnectionReconfigurationCompletemessage 5. UEstops receiving data for the data bearer over the LWIPtunnel

  20. LWIP Tunnel Release

  21. Release Procedure 1. The eNB determines that it needs to release the LWIP tunnel and initiates the release of the IPsec tunnel between the UE and LWIP-SeGW 2. The eNB sends the RRCConnectionReconfiguration message to the UE including the indication to release the LWIP tunnel 3. The UE applies the new configuration and replies with the RRCConnectionReconfigurationCompletemessage 4. The UE releases the IPsec tunnel and associated data bearer configuration, and terminates the LWIP tunnel

  22. LWIPEP Sublayer

  23. LWIPEP Entity • RRC is in control of the LWIPEP configuration • Functions of the LWIPEP sublayer are performed by LWIPEP entities • For an LWIPEP entity configured at the eNB • There is a peer LWIPEP entity configured at the UE and vice versa • The LWIPEP entity responsible for • Encapsulating LWIPEP SDUs is referred to as the transmitter • DecapsulatingLWIPEP PDUs is referred to as the receiver

  24. LWIPEP Operation • An LWIPEP entity receives/delivers LWIPEPSDUs from/to upper layers (i.e. IP) and sends/receives LWIPEPPDUs to/from its peer LWIPEP entity via an LWIPTunnel • In the uplink direction: • At the UE, when an LWIPEP entity receives an LWIPEPSDU from upper layers, it constructs the corresponding LWIPEPPDU and delivers it to lower layers • At the eNB, when an LWIPEP entity receives an LWIPEPPDU from lower layers, it reassembles the corresponding LWIPEPSDU and delivers it to upper layers

  25. LWIP Services • Services provided to upper layers • The following services are provided by LWIPEP to upper layers (i.e. IP):transfer of user plane data • Services expected from lower layers • The following services are expected by LWIPEP from lower layers (i.e. LWIP Tunnel):transfer of user plane data • Functions • The following functions are supported by the LWIPEP sublayer: • Transfer of user plane data • Identification of the DRB identity to which the LWIPEP SDU belongs

  26. LWIP Procedures • Data transfer procedures • UL data transfer procedures • When receiving an LWIPEP SDU from upper layers, the LWIPEP entity shall form the LWIPEP PDU • Handling of unknown, unforeseen and erroneous protocol data • When an LWIPEP entity receives an LWIPEP PDU that contains reserved or invalid values, the LWIPEP entity shall: • discard the received PDU

  27. LWIPEP Data PDU • An LWIPEP data PDU consists of the LWIPEP header and the LWIPEPSDU

  28. LWIPEP Data Bit Strings • LWIPEPdata PDU • An LWIPEP PDU is a bit string that is byte aligned (i.e. multiple of 8 bits) in length • Bit strings are represented by tables in which • The most significant bit is the leftmost bit of the first line of the table, • The least significant bit is the rightmost bit on the last line of the table, and • More generally the bit string is to be read from left to right and then in the reading order of the lines • The bit order of each parameter field within an LWIPEP PDU is represented with • the first and most significant bit in the leftmost bit and • the last and least significant bit in the rightmost bit

  29. Formats and Parameters • The LWIPEP Header is a GRE header as specified in RFC 2890 and has a fixed size of eight bytes including the Keyfield • The UE shall set the 5 LSB's of the Key field in the GRE header to the DRB Identity associated with the LWIPEPSDU and set the remaining MSB's to '0‘ • All other optional fields are unused, and the values of other fields shall be set as specified in RFC 2784 [4] and RFC 2890

  30. References • 3GPP TS 36.300: “E-UTRAand E-UTRAN Overall Description; Stage 2”, Section 22A.3 • 3GPPTS 36.361: “LTE/WLAN Radio Level Integration Using IPsec Tunnel (LWIP) Encapsulation; Protocol Specification” • 3GPPTR 21.905: “Vocabulary for 3GPP Specifications” • 3GPP TS 36.331: “E-UTRARRC Protocol Specification” • IETF RFC 2784: “Generic Routing Encapsulation (GRE)” • IETF RFC 2890: “Key and Sequence Number Extensions to GRE”

More Related