Design & Deploying Trusted And Un-Trusted ?· Design & Deploying Trusted And Un-Trusted VoWiFi Kasu…

Embed Size (px)

Text of Design & Deploying Trusted And Un-Trusted ?· Design & Deploying Trusted And Un-Trusted VoWiFi...

  • Design & Deploying Trusted And Un-Trusted VoWiFi

    Kasu Venkat Reddy , Sr Solution Intergration Architect (kvreddy@cisco.com)

    Arun Gunasekaran , Network Consulting Engineer (argunase@cisco.com)

    BRKSPM-2127

  • Introduction

    VoWIFI Use cases

    VoWIFI Call-flows

    Architecture Guidelines and Best Practices

    Deployment Challenges and Best Practices

    Conclusion

    Agenda

  • 2016 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKSPM-2127 4

    What is VoWiFi ?

    ePDG PGW IMS

    SP Packet Core

    IPSec Tunnel

    Apple ios 8 release introduced Wi-Fi calling feature

    WiFi-Calling enables UEs to securely access IMS services over Wi-Fi similar to LTE access inline with 3GPP standards

    Same native voice dialer used for both VoWiFi and Cellular (VoLTE)

    Same MSISDN used for both VoWiFi and Cellular (VoLTE)

    Seamless Mobility across VoWiFi and VoLTE

  • 2016 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKSPM-2127 5

    Cisco VNI Projection ( 2015 2020 )

    VoWiFi is going to outperform VoLTE by 2016

    and VoIP by 2018 in terms of minutes of use.

    By 2020, VoWiFi will have 53 percent of mobile IP

    voice

    Bussiness Drivers

    Leverage global WiFi footprint

    Cost-effective solution to complement cellular coverage (mainly Indoor)

    Customer retention

    Competitive edge over OTT players

    VoWiFi Business Drivers

    0

    1,000

    2,000

    3,000

    4,000

    5,000

    6,000

    7,000

    8,000

    9,000

    10,000

    2015 2016 2017 2018 2019 2020

    VoWiFi ( 15.7% , 52.9% )

    VoLTE ( 18.0% , 26.3% )

    VoIP ( 66.3% , 20.8% )53%

    41%

    Min

    ute

    s o

    f U

    se

    (B

    illio

    ns) p

    er Y

    ea

    r

    Source: ACG, Cisco VNI Global Mobile Data Traffic Forecast, 20152020

    6%

    18%

    16%

    66%

  • Untrusted Voice over WIFI

    Trusted Voice over WIFI

    VoWIFI Usecases

  • 2016 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKSPM-2127 7

    VoWiFi Trusted /Untrusted Use CaseUntrusted VoWiFi Wi-Fi access network is untrusted and un-managed

    IPSec tunnel established between UE (Sw client) and Mobile

    Packet Core (ePDG)

    ePDG handles user authentication and establishes packet data

    network connection with P-GW using S2b based GTP interface

    UE uses Swu client for IMS APN and native client to local

    break out rest of the traffic over Wi-Fi access network

    UE

    ePDG PGWIMS

    NetworkSWuClient

    Native Client

    WLAN

    Internet

    VoWIFI Untrusted Network

    UE

    ePDGIMS

    PGW

    IMS NetworkSWu

    Client

    Internet

    VoWIFI Trusted Network (Hybrid)

    TWAG

    Native Client

    Internet PGW

    UE

    ePDG PGWIMS

    NetworkSWuClient

    DHCP

    Allocated 173.38.0.1

    Internet

    VoWIFI Trusted Network Optimised Routing using SIPTO (Hybrid)

    TWAGSIPTO Enabled

    PGWNO IP Match

    SIPTO

    IP MatchNAT Pool

    173.38.1.0/24

    Trusted VoWiFi Wi-Fi access network is trusted and managed

    As per 3GPP Release 11 ,one of the key characteristic of

    Trusted Wi-Fi architecture is the client-less approach to

    support packet core integration

    TWAG lacks the support for multiple APNs signalling over S2a

    for the UE with PGW .With this , all the offloaded Wi-Fi traffic

    assumed to be part of Internet APN

    VoWiFi cant be supported as it requires its own IMS APN

    Hybrid architecture recommended ,i.e. combination of Release

    11 trusted Wi-Fi and Un-trusted vowifi architecture

    Hybrid model supports simultaneous offloading of IMS APN

    and Internet APN traffic when user moves from cellular to

    trusted Wi-Fi access network

    As per 23.402, UE can be connected with only one non-3GPP

    access

  • 2016 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKSPM-2127 8

    VoWiFi Trusted /Untrusted Use Case Architecture

    End to End Solution

    Component

    ePDG/SaMOG

    3GPP AAA

    PGW

    PCRF, OCS

    HSS

    IMS

    UE

    EMS/NMS

    AP/WLC

    Use Cases

    Un-Trusted / Un-Managed VoWiFi for

    sim-based subscribers

    Trusted/Managed VoWiFi for sim-based

    subscribers

  • 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public

    VoWIFI Initial Attach Untrusted Network

    BRKSPM-2127 9

    UE AP / WLC EPDG 3GPP AAA HSS

    Diameter EAP Request

    Diameter EAP Answer

    User-name: Root NAI

    EAP Identity : EAP-AKA RAT Type : WLAN

    User-name: Root NAI,

    EAP-AKA Challenge Req

    Diameter Mul-Auth Req

    Diameter Mul-Auth Ans

    User-Name : IMSI,

    Rat Type : WLAN

    User-name: IMSI,

    Auth Vector Attributes

    Diameter EAP Request

    Diameter EAP Answer

    Diam Server Assign Req

    Diam Server Assign Answer

    User-Name : IMSI,

    Rat Type : WLANSA Type : Registration

    User-name: IMSI,

    Subscriber profile (APN, QoS, MIP6-Agent-Info, etc..)

    User-name: Root NAI,

    EAP-AKA Challenge Resp

    User-name: Root NAI,

    Subscriber profile (APN, QoS, MIP6-Agent-Info, etc..)

    SWM SWX

    UE performed EPDG Selection

    IKEv2 SA INIT Request

    IKEv2 SA INIT Response

    IKEv2 Auth Request

    IKEv2 Auth Response

    IKEv2 Auth Request

    User-name : Root NAI, EAP Request : AKA Challenge

    User-name : Root NAI

    APN : IMS APNIP : 0.0.0.0

    UE runs AKA algorithm and

    verifies the auth vectors

    SWU

    User-name : Root NAI, EAP Response : AKA Challenge Resp

    IKEv2 Auth Response

    EAP Success

    3GPP AAA Verifies the challenge response

  • 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public

    VoWIFI Initial Attach Untrusted Network

    BRKSPM-2127 10

    AP EPDG PGW 3GPP AAA

    SWXS6BSWU

    HSS PCRF OCS

    EPDG performs PGW Selection

    DNS / Local resolution or HSS Provided

    IKEv2 Auth Request

    Create Session Request

    Create Session Response

    Update Location Request

    User Profile Request

    User Profile Response

    Gy CCR - I

    - IGy CCA - I

    Gx CCR - I

    Gx CCA - I

    Update Location Response

    IKEv2 Auth Response

    IMSI , MSISDN, RAT : WLAN, APN : IMS APN

    Serv NW : MCC & MNC , Handover Ind flag : 0 APCO : P-CSCF Address request

    User-name: Root NAI , RAT Type : WLAN

    Serv Selection : APN Name, MIP Home Agent : PGW Address

    User-name: IMSI , RAT Type : WLAN

    Serv Selection : APN Name, MIP Home Agent : PGW Address

    User-name: IMSI , RAT Type : WLAN

    Serv Selection : APN Name, MIP Home Agent : PGW Address

    Result Code : Diameter Success

    UE IP Address , P-CSCF IP AddressIMSI, MSISDN, PGW S2B TEID

    PAA : UE IP Address, APCO IE: P-CSCF Address

    UE

  • 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public

    VoWIFI : LTE to WiFi Handover

    BRKSPM-2127 11

    UE AP EPDG PGW 3GPP AAA

    SWXS6BSWU

    HSS PCRF OCS

    UE Authenticated with EPDG. EPDG selects

    the PGW IP address provided by HSS

    IKEv2 Auth Request

    Create Session Request

    Create Session Response

    Update Location Request

    User Profile Request

    User Profile Response

    Gy CCR - I

    - IGy CCA - I

    Gx CCR - I

    Gx CCA - I

    Update Location Response

    IKEv2 Auth Response

    IMSI , MSISDN, RAT : WLAN, APN : IMS APN

    Serv NW : MCC & MNC , Handover Ind flag : 1 PAA : A.B.C.D, APCO : P-CSCF Address request

    User-name: Root NAI , RAT Type : WLAN

    Serv Selection : APN Name, MIP Home Agent : PGW Address

    User-name: IMSI , RAT Type : WLAN

    Serv Selection : APN Name, MIP Home Agent : PGW Address

    User-name: IMSI , RAT Type : WLAN

    Serv Selection : APN Name, MIP Home Agent : PGW Address

    Result Code : Diameter Success

    IMSI, MSISDN, PGW S2B TEID

    PAA : A.B.C.D, APCO IE: P-CSCF AddressUE IP Address : A.B.C.D , P-CSCF IP Address

    UE IP Address : A.B.C.D

  • 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public

    VoWIFI Initial Attach Trusted Network

    BRKSPM-2127 12

    UE AP EPDG IMS PGW 3GPP AAA HSS IMSSAMOG INT. PGW

    SaMOG - Authentication & Authorization

    UE IP Address Assignment ( Internet APN )

    EPDG - Authentication & Authorization

    UE Select EPDG using DNS procedure.

    DNS traffic can be routed internally

    SaMOG selectively offloads

    EPDG traffic (SIPTO)

    UE IP Address Assignment ( IMS APN )

    INETERNET

    E P D G C O N T R O L PA C K E T F L O W

    CONTROL PACKETS CONTROL PACKETS CNTL PKTS

    I M S A P N T R A F F I C F L O W ( V O I C E A N D V I D E O )

    VOICE & VIDEO VOICE & VIDEO VOI & VID VOICE & VIDEO

  • ePDG Discovery

    PGW Selection

    Seamless Mobility

    UE Dependancies

    Location Information

    Emergency Calling

    Quality of Service

    Security Framework

    Architecture Guidelines and Best Practices

  • 2016 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKSPM-2127

    EPDG DiscoveryEPDG Selection Options

    UE can dynamically derive ePDGFQDN as per the 3GPP standards

    EPDG FQDN format :

    epdg.epc.mnc.mcc.pub.3gppnetwork.org

    Following possible option available for UE to derive PLMN

    SIM card ( Home location )

    Last known cell id from LTE

    WIFI Hotspo