Cisco ASR 5x00 Mobility Management Entity Administration Guide MME 100 15 0 Admin
User Manual: MME-100
Open the PDF directly: View PDF .
Page Count: 266
Download | |
Open PDF In Browser | View PDF |
Cisco ASR 5x00 Mobility Management Entity Administration Guide Version 15.0 Last Updated June 13, 2014 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phon e numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown fo r illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Cisco ASR 5x00 Mobility Management Entity Administration Guide © 2014 Cisco Systems, Inc. All rights reserved. CONTENTS About this Guide ................................................................................................ xi Conventions Used ................................................................................................................................... xii Supported Documents and Resources .................................................................................................. xiii Related Common Documentation ...................................................................................................... xiii Related Product Documentation .................................................................................................... xiii Obtaining Documentation .............................................................................................................. xiii Contacting Customer Support ................................................................................................................ xiv Mobility Management Entity Overview ........................................................... 15 Product Description ................................................................................................................................ 16 Qualified Platforms ............................................................................................................................. 18 Licenses ............................................................................................................................................. 18 Network Deployment and Interfaces ...................................................................................................... 19 MME in the E-UTRAN/EPC Network ................................................................................................. 19 Supported Logical Network Interfaces (Reference Points) ............................................................ 21 Features and Functionality - Base Software .......................................................................................... 27 3GPP R8 Identity Support .................................................................................................................. 28 ANSI T1.276 Compliance ................................................................................................................... 29 APN Restriction Support .................................................................................................................... 29 Authentication and Key Agreement (AKA) ......................................................................................... 29 Bulk Statistics Support ....................................................................................................................... 30 Closed Subscriber Groups ................................................................................................................. 30 Congestion Control............................................................................................................................. 30 Emergency Session Support .............................................................................................................. 31 EPS Bearer Context Support ............................................................................................................. 32 EPS GTPv2 Support on S11 Interface ............................................................................................... 32 HSS Support Over S6a Interface ....................................................................................................... 33 Inter-MME Handover Support ............................................................................................................ 34 Interworking Support .......................................................................................................................... 34 Interworking with SGSNs ............................................................................................................... 34 Handover Support for S4-SGSNs .................................................................................................. 35 IPv6 Support ....................................................................................................................................... 35 MME Interfaces Supporting IPv6 Transport................................................................................... 36 Load Balancing................................................................................................................................... 36 Load Re-balancing ......................................................................................................................... 36 Management System Overview ......................................................................................................... 37 MME Pooling ...................................................................................................................................... 38 MME Selection ................................................................................................................................... 39 Mobile Equipment Identity Check ....................................................................................................... 39 Mobility Restriction ............................................................................................................................. 39 Handover Restriction ..................................................................................................................... 39 Regional Zone Code Restriction .................................................................................................... 39 Multiple PDN Support ......................................................................................................................... 40 NAS Protocol Support ........................................................................................................................ 40 EPS Mobility Management (EMM) ................................................................................................. 40 EPS Session Management (ESM) ................................................................................................. 41 NAS Signalling Security ..................................................................................................................... 41 Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ iii ▀ Contents Network Sharing ................................................................................................................................. 41 Operator Policy Support ..................................................................................................................... 41 Overload Control ................................................................................................................................ 42 PDN Type Control .............................................................................................................................. 42 Packet Data Network Gateway (P-GW) Selection ............................................................................. 43 Radio Resource Management Functions ........................................................................................... 43 RAN Information Management ........................................................................................................... 43 Reachability Management .................................................................................................................. 43 SCTP Multi-homing Support ............................................................................................................... 44 SCTP Multi-homing for S6a ........................................................................................................... 44 SCTP Multi-homing for S1-MME .................................................................................................... 44 SCTP Multi-homing for SGs ........................................................................................................... 44 Serving Gateway Pooling Support ..................................................................................................... 44 Serving Gateway Selection ................................................................................................................ 44 Session and Quality of Service Management .................................................................................... 45 Subscriber Level Session Trace ......................................................................................................... 45 Threshold Crossing Alerts (TCA) Support .......................................................................................... 46 Tracking Area List Management ........................................................................................................ 47 UMTS to LTE ID Mapping .................................................................................................................. 47 Features and Functionality - External Application Support .................................................................... 49 Web Element Management System ................................................................................................... 49 Features and Functionality - Licensed Enhanced Feature Software...................................................... 50 Attach Rate Throttling ......................................................................................................................... 50 Circuit Switched Fall Back (CSFB) and SMS over SGs Interface ...................................................... 50 Enhanced Congestion Control and Overload Control ........................................................................ 53 Idle-mode Signaling Reduction .......................................................................................................... 54 IP Security (IPSec) ............................................................................................................................. 54 Lawful Intercept .................................................................................................................................. 55 Location Services ............................................................................................................................... 55 Optimized Paging Support ................................................................................................................. 56 Overcharging Protection ..................................................................................................................... 56 Session Recovery Support ................................................................................................................. 56 Single Radio Voice Call Continuity Support ....................................................................................... 57 User Location Information Reporting .................................................................................................. 57 VLR Management............................................................................................................................... 59 How the MME Works .............................................................................................................................. 60 EPS Bearer Context Processing ........................................................................................................ 60 Purge Procedure ................................................................................................................................ 60 Paging Procedure ............................................................................................................................... 60 Subscriber-initiated Initial Attach Procedure ...................................................................................... 61 Subscriber-initiated Detach Procedure............................................................................................... 64 Service Request Procedures .............................................................................................................. 65 UE-initiated Service Request Procedure ....................................................................................... 65 Network-initiated Service Request Procedure ............................................................................... 66 Supported Standards .............................................................................................................................. 69 3GPP References ............................................................................................................................... 69 Release 10 Supported Standards .................................................................................................. 69 Release 9 Supported Standards .................................................................................................... 69 IETF References ................................................................................................................................ 70 Object Management Group (OMG) Standards .................................................................................. 73 Mobility Management Entity Configuration ................................................... 75 Configuring the System as a Standalone MME (base configuration) ..................................................... 76 Information Required .......................................................................................................................... 76 Required MME Context Configuration Information ........................................................................ 76 ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide iv Contents ▀ Required MME Policy Configuration Information ........................................................................... 79 How This Configuration Works ........................................................................................................... 79 MME Configuration............................................................................................................................. 81 Creating and Configuring the MME Context and Service .............................................................. 81 Creating and Configuring the eGTP Service and Interface Association ........................................ 83 Creating and Configuring the HSS Peer Service and Interface Associations ............................... 84 Configuring Dynamic Destination Realm Construction for Foreign Subscribers ........................... 85 Configuring Optional Features on the MME ........................................................................................... 87 Configuring Circuit Switched Fallback ................................................................................................ 87 Configuring Dual Address Bearers ..................................................................................................... 89 Configuring Dynamic Peer Selection ................................................................................................. 89 Configuring Emergency Session Support .......................................................................................... 90 Configuring Gn/Gp Handover Capability ............................................................................................ 91 Configuring Inter-MME Handover Support ......................................................................................... 92 Configuring X.509 Certificate-based Peer Authentication.................................................................. 93 Configuring Dynamic Node-to-Node IP Security on the S1-MME Interface ...................................... 94 Creating and Configuring an IPSec Transform Set ....................................................................... 94 Creating and Configuring an IKEv2 Transform Set ....................................................................... 95 Creating and Configuring a Crypto Template ................................................................................ 96 Binding the S1-MME IP Address to the Crypto Template ............................................................. 96 Configuring ACL-based Node-to-Node IP Security on the S1-MME Interface .................................. 97 Creating and Configuring a Crypto Access Control List ................................................................ 97 Creating and Configuring an IPSec Transform Set ....................................................................... 97 Creating and Configuring an IKEv2 Transform Set ....................................................................... 98 Creating and Configuring a Crypto Map ........................................................................................ 99 Configuring Load Balancing on the MME ........................................................................................ 100 Configuring Mobility Restriction Support .......................................................................................... 100 Configuring Inter-RAT Handover Restrictions on the MME ......................................................... 101 Configuring Location Area Handover Restrictions on the MME .................................................. 101 Configuring Tracking Area Handover Restrictions on the MME .................................................. 101 Configuring S4-SGSN Handover Capability .................................................................................... 102 Configuring SCTP Multi-homing Support ......................................................................................... 103 Configuring SCTP Multi-homing on the S1-MME Interface ......................................................... 103 Configuring SCTP Multi-homing on the S6a Interface ................................................................. 104 Configuring S6a SCTP and Application Timers for Multi-homing ................................................ 105 Configuring SCTP Multi-homing on the SGs Interface ................................................................ 106 Configuring Static S-GW Pools ........................................................................................................ 106 Creating and Configuring a TAI Management Database and Object .......................................... 106 Associating a TAI Management Database with an MME Service ............................................... 107 Associating a TAI Management Database with a Call Control Profile ......................................... 108 Configuring UMTS to LTE ID Mapping ............................................................................................. 108 Configuring User Location Information Reporting Support .............................................................. 109 Operator Policy ............................................................................................... 111 What Operator Policy Can Do .............................................................................................................. 112 A Look at Operator Policy on an SGSN ........................................................................................... 112 A Look at Operator Policy on an S-GW ........................................................................................... 112 The Operator Policy Feature in Detail .................................................................................................. 113 Call Control Profile ........................................................................................................................... 113 APN Profile ....................................................................................................................................... 114 IMEI-Profile (SGSN only) ................................................................................................................. 115 APN Remap Table ........................................................................................................................... 115 Operator Policies .............................................................................................................................. 116 IMSI Ranges ..................................................................................................................................... 116 How It Works ........................................................................................................................................ 118 Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ v ▀ Contents Operator Policy Configuration .............................................................................................................. 119 Call Control Profile Configuration ..................................................................................................... 120 Configuring the Call Control Profile for an SGSN ........................................................................ 120 Configuring the Call Control Profile for an MME or S-GW ........................................................... 120 APN Profile Configuration ................................................................................................................ 121 IMEI Profile Configuration - SGSN only ........................................................................................... 121 APN Remap Table Configuration ..................................................................................................... 122 Operator Policy Configuration .......................................................................................................... 122 IMSI Range Configuration ................................................................................................................ 123 Configuring IMSI Ranges on the MME or S-GW ......................................................................... 123 Configuring IMSI Ranges on the SGSN ....................................................................................... 123 Associating Operator Policy Components on the MME ................................................................... 124 Configuring Accounting Mode for S-GW .......................................................................................... 125 Verifying the Feature Configuration ...................................................................................................... 126 APN Override ................................................................................................... 127 Feature Description .............................................................................................................................. 128 How it Works ......................................................................................................................................... 129 Network Identifier (NI) Overriding ..................................................................................................... 129 Operator Identifier (OI) Overriding .................................................................................................... 129 Charging Characteristics Overriding ................................................................................................ 129 Configuring APN Override .................................................................................................................... 130 Before You Begin ............................................................................................................................. 130 Configuring Network Identifier Override ........................................................................................... 131 Configuring Operator Identifier Override .......................................................................................... 131 Configuring Charging Characteristics Override ................................................................................ 131 Verifying the APN Override Configuration ........................................................................................ 132 Closed Subscriber Groups ............................................................................ 133 Feature Description .............................................................................................................................. 134 How it Works ......................................................................................................................................... 135 Access Control ................................................................................................................................. 135 S1AP Messaging .......................................................................................................................... 135 S6a Messaging ............................................................................................................................ 136 CSG Notification to S-GW/P-GW ..................................................................................................... 136 CSG Status Communication to Peer MME/SGSN ........................................................................... 137 Message Flows ................................................................................................................................. 138 Configuring Closed Subscriber Groups ................................................................................................ 140 Verifying the Closed Subscriber Groups Configuration .................................................................... 140 Monitoring and Troubleshooting Closed Subscriber Groups ................................................................ 141 Enhanced Congestion Control and Overload Control ................................ 143 Feature Description .............................................................................................................................. 144 Enhanced Congestion Control and Overload Control ...................................................................... 144 Relationships to Other Features ....................................................................................................... 144 Limitations ........................................................................................................................................ 145 Configuring Enhanced Congestion Control .......................................................................................... 146 Configuring Enhanced Congestion Control ...................................................................................... 146 Configuring Thresholds and Tolerances ...................................................................................... 146 Configuring a Congestion Action Profile ...................................................................................... 149 Associating a Congestion Action Profile with Congestion Control Policies ................................. 149 Configuring Overload Control....................................................................................................... 150 Configuring Enhanced Congestion SNMP Traps ........................................................................ 150 Verifying the Congestion Control Configuration ............................................................................... 151 Verifying Congestion Action Profiles ................................................................................................ 153 ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide vi Contents ▀ Monitoring and Troubleshooting ........................................................................................................... 154 Congestion Control Show Command(s) and/or Outputs.................................................................. 154 show congestion-control statistics mme ...................................................................................... 154 show congestion-control statistics mme ...................................................................................... 155 Foreign PLMN GUTI Management ................................................................. 157 Feature Description .............................................................................................................................. 158 How it Works ........................................................................................................................................ 159 Configuring Foreign PLMN GUTI Management ................................................................................... 160 Creating a Foreign PLMN GUTI Management Database ................................................................ 160 Configuring Foreign PLMN GUTI Management Database Entries .................................................. 160 Associating an MME Service with a Foreign PLMN GUTI Management Database ........................ 161 Verifying the Configuration ............................................................................................................... 161 Monitoring Foreign PLMN GUTI Management ..................................................................................... 163 Show Command(s) and/or Outputs .................................................................................................. 163 show session disconnect-reasons ............................................................................................... 163 Bulk Statistics ................................................................................................................................... 163 Heuristic and Intelligent Paging .................................................................... 165 Feature Description .............................................................................................................................. 166 How it Works ........................................................................................................................................ 167 Heuristic Paging ............................................................................................................................... 167 Intelligent Paging .............................................................................................................................. 167 Configuring MME Paging Features ...................................................................................................... 169 Configuring Heuristic Paging ............................................................................................................ 169 Configuring Intelligent Paging .......................................................................................................... 169 Creating and Configuring the Paging-Profile ............................................................................... 169 Creating and Configuring the Paging-Map .................................................................................. 170 Enable Heuristic Paging with Paging-Map (Intelligent Paging) ................................................... 170 Verifying the Paging Configuration ................................................................................................... 170 Monitoring and Troubleshooting the MME Paging Features ................................................................ 172 Paging Bulk Statistics ....................................................................................................................... 172 Paging Show Command(s) and/or Outputs ..................................................................................... 172 Idle-mode Signaling Reduction ..................................................................... 175 Feature Description .............................................................................................................................. 176 How it Works ........................................................................................................................................ 177 ISR Activation ................................................................................................................................... 177 ISR Deactivation............................................................................................................................... 178 ISR Behavior with Circuit Switched Fallback ................................................................................... 179 Standards Compliance ..................................................................................................................... 179 Configuring ISR .................................................................................................................................... 180 Configuring ISR ................................................................................................................................ 180 Verifying ISR Configuration .............................................................................................................. 180 Monitoring and Troubleshooting ISR .................................................................................................... 181 ISR Bulk Statistics ............................................................................................................................ 181 ISR Show Command(s) and/or Outputs........................................................................................... 182 Load Balancing and Rebalancing ................................................................. 185 Feature Description .............................................................................................................................. 186 Load Balancing................................................................................................................................. 186 Load Rebalancing ............................................................................................................................ 186 Relationships to Other Features ...................................................................................................... 186 How it Works ........................................................................................................................................ 187 Load Balancing................................................................................................................................. 187 Load Rebalancing ............................................................................................................................ 187 Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ vii ▀ Contents Configuring Load Balancing and Rebalancing ..................................................................................... 188 Configuring Load Balancing ............................................................................................................. 188 Verifying Load Balancing .................................................................................................................. 188 Performing Load Rebalancing (UE Offloading) ................................................................................ 188 Verifying Load Rebalancing (UE Offloading).................................................................................... 189 Monitoring Load Rebalancing ............................................................................................................... 190 Load Rebalancing Show Command(s) and/or Outputs .................................................................... 190 Location Services ........................................................................................... 193 Location Services - Feature Description ............................................................................................... 194 How Location Services Works .............................................................................................................. 195 Architecture ........................................................................................................................................... 196 Supported Functionality ........................................................................................................................ 197 Limitations ........................................................................................................................................ 197 Flows ..................................................................................................................................................... 198 Standards Compliance ......................................................................................................................... 201 Configuring Location Services (LCS) ................................................................................................... 202 Creating and Configuring a Location Service ....................................................................................... 203 Associate the MME Service with the Location Service ........................................................................ 204 Associate the LTE Emergency Profile with the Location Service ......................................................... 205 Verifying the LCS Configuration ........................................................................................................... 206 Show Command(s) and/or Outputs ...................................................................................................... 207 Overcharging Protection ................................................................................ 209 Feature Description .............................................................................................................................. 210 Relationships to Other Features ....................................................................................................... 210 How it Works ......................................................................................................................................... 211 Call Flows ......................................................................................................................................... 211 Configuring Overcharge Protection ...................................................................................................... 213 Enabling Overcharging Protection .................................................................................................... 213 Configuring S1AP Cause Code Group and Cause Code ................................................................. 213 Verifying the Overcharge Protection Configuration .......................................................................... 213 Single Radio Voice Call Continuity ............................................................... 215 Feature Description .............................................................................................................................. 216 Relationships to Other Features ....................................................................................................... 217 How it Works ......................................................................................................................................... 218 Flows ................................................................................................................................................ 218 Standards Compliance ..................................................................................................................... 218 Configuring Single Radio Voice Call Continuity.................................................................................... 219 Configuring SRVCC .......................................................................................................................... 219 Configuring an MSC Pool Area ........................................................................................................ 220 IMSI Hash MSC Pool ................................................................................................................... 220 Round-Robin MSC Pool ............................................................................................................... 221 MSC Offload ..................................................................................................................................... 222 Verifying the SRVCC Configuration ................................................................................................. 222 Monitoring and Troubleshooting SRVCC ............................................................................................. 223 SRVCC Show Command(s) and/or Outputs .................................................................................... 223 show mme-service statistics ........................................................................................................ 223 show egtpc statistics .................................................................................................................... 223 SRVCC Bulk Statistics...................................................................................................................... 225 eGTP-C Schema .......................................................................................................................... 225 MME Schema ............................................................................................................................... 225 UE Relocation .................................................................................................. 227 Feature Description .............................................................................................................................. 228 ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide viii Contents ▀ How it Works ........................................................................................................................................ 229 UE Relocation .................................................................................................................................. 229 Relocating UE to Specific MME............................................................................................................ 230 Issuing the mme relocate-ue Command .......................................................................................... 230 Monitoring UE Relocation ..................................................................................................................... 231 UE Relocation Bulk Statistics ........................................................................................................... 231 UE Relocation Show Command(s) and/or Outputs ......................................................................... 231 VLR Management ............................................................................................ 233 Feature Description .............................................................................................................................. 234 Passive VLR Offloading ................................................................................................................... 234 Active VLR Offloading ...................................................................................................................... 234 UE Detach on VLR Recovery ........................................................................................................... 234 UE Detach on VLR Failure ............................................................................................................... 234 Enabling Active and Passive VLR Offloading....................................................................................... 235 Passive VLR Offloading ................................................................................................................... 235 Active VLR Offloading ...................................................................................................................... 235 Verifying VLR Offload Status and Configuration .............................................................................. 235 Enabling UE Detach on VLR Failure or VLR Recover ......................................................................... 238 UE Detach on VLR Recovery ........................................................................................................... 238 UE Detach on VLR Failure ............................................................................................................... 238 Manually Enabling UE Detach on VLR Failure ............................................................................ 238 Verifying UE Detach on VLR Failure/Recovery Status and Configuration ....................................... 239 Monitoring and Troubleshooting VLR Offload ...................................................................................... 240 SNMP Traps ..................................................................................................................................... 240 Bulk Statistics ................................................................................................................................... 240 Show Command(s) and/or Outputs .................................................................................................. 240 Active and Passive VLR Offload .................................................................................................. 240 UE Detach on VLR Recovery and VLR Failure ........................................................................... 240 Monitoring the MME Service .......................................................................... 243 Monitoring System Status and Performance ........................................................................................ 244 Clearing Statistics and Counters .......................................................................................................... 246 Configuring Subscriber Session Tracing ..................................................... 247 Introduction ........................................................................................................................................... 248 Supported Functions ........................................................................................................................ 249 Supported Standards ............................................................................................................................ 251 Subscriber Session Trace Functional Description ............................................................................... 252 Operation .......................................................................................................................................... 252 Trace Session .............................................................................................................................. 252 Trace Recording Session............................................................................................................. 252 Network Element (NE)...................................................................................................................... 252 Activation .......................................................................................................................................... 252 Management Activation ............................................................................................................... 253 Signaling Activation ...................................................................................................................... 253 Start Trigger ..................................................................................................................................... 253 Deactivation ...................................................................................................................................... 253 Stop Trigger ...................................................................................................................................... 253 Data Collection and Reporting ......................................................................................................... 253 Trace Depth ................................................................................................................................. 253 Trace Scope ................................................................................................................................. 254 Network Element Details .................................................................................................................. 254 MME ............................................................................................................................................. 254 S-GW ........................................................................................................................................... 254 Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ ix ▀ Contents P-GW ............................................................................................................................................ 255 Subscriber Session Trace Configuration .............................................................................................. 256 Enabling Subscriber Session Trace on EPC Network Element ....................................................... 256 Trace File Collection Configuration .................................................................................................. 257 Verifying Your Configuration ................................................................................................................. 258 Troubleshooting the MME Service ................................................................ 261 Test Commands ................................................................................................................................... 262 Using the eGTPC Test Echo Command .......................................................................................... 262 Engineering Rules........................................................................................... 263 APN Engineering Rules ........................................................................................................................ 264 Service Engineering Rules ................................................................................................................... 265 Node Engineering Rules ....................................................................................................................... 266 ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide x About this Guide This preface describes the Cisco ASR 5x00 Mobility Management Entity Administration Guide, how it is organized and its document conventions. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ xi About this Guide ▀ Conventions Used Conventions Used The following tables describe the conventions used throughout this documentation. Icon Notice Type Description Information Note Provides information about important features or instructions. Caution Alerts you of potential damage to a program, device, or system. Warning Alerts you of potential personal injury or fatality. May also alert you of potential electrical hazards. Typeface Conventions Description Text represented as a screen display This typeface represents displays that appear on your terminal screen, for example: Login: Text represented as commands This typeface represents commands that you enter, for example: show ip access-list This document always gives the full form of a command in lowercase letters. Commands are not case sensitive. Text represented as a command This typeface represents a variable that is part of a command, for example: variable show card slot_number slot_number is a variable representing the desired chassis slot number. Text represented as menu or submenu names This typeface represents menus and sub-menus that you access within a software application, for example: Click the File menu, then click New ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide xii About this Guide Supported Documents and Resources ▀ Supported Documents and Resources Related Common Documentation The most up-to-date information for this product is available in the product Release Notes provided with each product release. The following common documents are available: Hardware Installation Guide (hardware dependent) System Administration Guide (hardware dependent) Cisco ASR 5x00 Command Line Interface Reference Cisco ASR 5x00 Statistics and Counters Reference Cisco ASR 5x00 Release Change Reference Cisco ASR 5x00 Thresholding Configuration Guide Cisco ASR 5x00 SNMP MIB Reference Web Element Manager Installation and Administration Guide Cisco ASR 5x00 AAA Interface Administration and Reference Cisco ASR 5x00 GTPP Interface Administration and Reference Cisco StarOS IP Security (IPSec) Reference Related Product Documentation The following product documents are also available and work in conjunction with the MME: Cisco ASR 5x00 Packet Data Network Gateway Administration Guide Cisco ASR 5x00 Serving Gateway Administration Guide Cisco ASR 5x00 System Architecture Evolution Gateway Administration Guide Cisco ASR 5x00 Serving GPRS Support Node Administration Guide Cisco ASR 5000 Session Control Manager Administration Guide Cisco ASR 5x00 Gateway GPRS Support Node Administration Guide Cisco ASR 5x00 HRPD Serving Gateway Administration Guide Cisco ASR 5x00 System Architecture Evolution Gateway Administration Guide Obtaining Documentation The most current Cisco documentation is available on the following website: http://www.cisco.com/cisco/web/psa/default.html Use the following path selections to access the MME documentation: Products > Wireless > Mobile Internet> Network Functions > Cisco MME Mobility Management Entity Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ xiii About this Guide ▀ Contacting Customer Support Contacting Customer Support Use the information in this section to contact customer support. Refer to the support area of http://www.cisco.com for up-to-date product documentation or to submit a service request. A valid username and password are required to access this site. Please contact your Cisco sales or service representative for additional information. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide xiv Chapter 1 Mobility Management Entity Overview Cisco Mobility Management Entity (MME) is critical to the network function of the 4G mobile core network, known as the evolved packet core (EPC). The MME resides in the EPC control plane and manages session states, authentication, paging, mobility with 3GPP, 2G and 3G nodes, roaming, and other bearer management functions. This overview provides general information about the MME including: Product Description Network Deployment and Interfaces Features and Functionality - Base Software Features and Functionality - External Application Support Features and Functionality - Licensed Enhanced Feature Software How the MME Works Supported Standards Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 15 Mobility Management Entity Overview ▀ Product Description Product Description This section describes the MME network function and its position in the LTE network. The MME is the key control-node for the LTE access network. It works in conjunction with the evolved NodeB (eNodeB), Serving Gateway (S-GW) within the Evolved Packet Core (EPC), or LTE/SAE core network to perform the following functions: Involved in the bearer activation/deactivation process and is also responsible for choosing the S-GW and for a UE at the initial attach and at the time of intra-LTE handover involving Core Network (CN) node relocation. Provides P-GW selection for subscriber to connect to PDN. Provides idle mode UE tracking and paging procedure, including retransmissions. Chooses the appropriate S-GW for a UE. Responsible for authenticating the user (by interacting with the HSS). Works as termination point for Non-Access Stratum (NAS) signaling. Responsible for generation and allocation of temporary identities to UEs. Checks the authorization of the UE to camp on the service provider’s Public Land Mobile Network (PLMN) and enforces UE roaming restrictions. The MME is the termination point in the network for ciphering/integrity protection for NAS signaling and handles the security key management. Communicates with MMEs in same PLMN or on different PLMNs. The S10 interface is used for MME relocation and MME-to-MME information transfer or handoff. Besides the above mentioned functions, the lawful interception of signaling is also supported by the MME. The MME also provides the control plane function for mobility between LTE and 2G/3G access networks with the S3 interface terminating at the MME from the SGSN. In addition, the MME interfaces with SGSN for interconnecting to the legacy network. The MME also terminates the S6a interface towards the home HSS for roaming UEs. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 16 Mobility Management Entity Overview Product Description ▀ Figure 1. MME in the E-UTRAN/EPC Network Topology In accordance with 3GPP standard, the MME provides following functions and procedures in the LTE/SAE network: Non Access Stratum (NAS) signalling NAS signalling security Inter CN node signalling for mobility between 3GPP access networks (terminating S3) UE Reachability in ECM-IDLE state (including control and execution of paging retransmission) Tracking Area list management PDN GW and Serving GW selection MME selection for handover with MME change SGSN selection for handover to 2G or 3G 3GPP access networks Roaming (S6a towards home HSS) Authentication Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 17 Mobility Management Entity Overview ▀ Product Description Bearer management functions including dedicated bearer establishment Lawful Interception of signalling traffic UE Reachability procedures Interfaces with MSC for Voice paging Interfaces with SGSN for interconnecting to legacy network Qualified Platforms MME is a StarOS application that runs on Cisco ASR 5x00 platforms. For additional platform information, refer to the appropriate System Administration Guide and/or contact your Cisco account representative. Licenses The MME is a licensed Cisco product. Separate session and feature licenses may be required. Contact your Cisco account representative for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of the Software Management Operations chapter in the System Administration Guide. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 18 Mobility Management Entity Overview Network Deployment and Interfaces ▀ Network Deployment and Interfaces This section describes the supported interfaces and deployment scenario of MME in LTE/SAE network. The following information is provided in this section: MME in the E-UTRAN/EPC Network Supported Logical Network Interfaces (Reference Points) MME in the E-UTRAN/EPC Network The following figure displays the specific network interfaces supported by the MME. Refer to Supported Logical Network Interfaces (Reference Points) for detailed information about each interface. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 19 Mobility Management Entity Overview ▀ Network Deployment and Interfaces Figure 2. Supported MME Interfaces in the E-UTRAN/EPC Network The following figure displays a sample network deployment of an MME, including all of the interface connections with other 3GPP Evolved-UTRAN/Evolved Packet Core network devices. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 20 Mobility Management Entity Overview Network Deployment and Interfaces ▀ Figure 3. E-UTRAN/EPC Network Scenario Supported Logical Network Interfaces (Reference Points) The MME supports the following logical network interfaces/reference points: S1-MME Interface This interface is the reference point for the control plane protocol between eNodeB and MME. S1-MME uses the S1 Application Protocol (S1-AP) over the Stream Control Transmission Protocol (SCTP) as the transport layer protocol for guaranteed delivery of signaling messages between MME and eNodeB (S1). This is the interface used by the MME to communicate with eNodeBs on the same LTE Public Land Mobile Network (PLMN). This interface serves as path for establishing and maintaining subscriber UE contexts. The S1-MME interface supports IPv4, IPv6, IPSec, and multi-homing. One or more S1-MME interfaces can be configured per system context. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 21 Mobility Management Entity Overview ▀ Network Deployment and Interfaces Supported protocols: Application Layer: S1 Application Protocol (S1-AP) Transport Layer: SCTP Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet S3 Interface This is the interface used by the MME to communicate with S4-SGSNs on the same Public PLMN for interworking between GPRS/UMTS and LTE network access technologies. This interface serves as the signalling path for establishing and maintaining subscriber UE contexts. The MME communicates with SGSNs on the PLMN using the GPRS Tunnelling Protocol (GTP). The signalling or control aspect of this protocol is referred to as the GTP Control Plane (GTPC) while the encapsulated user data traffic is referred to as the GTP User Plane (GTPU). One or more S3 interfaces can be configured per system context. Supported protocols: Transport Layer: UDP, TCP Tunneling: IPv4 or IPv6 GTPv2-C (signaling channel) Signalling Layer: UDP Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 22 Mobility Management Entity Overview Network Deployment and Interfaces ▀ S6a Interface This is the interface used by the MME to communicate with the Home Subscriber Server (HSS). The HSS is responsible for transfer of subscription and authentication data for authenticating/authorizing user access and UE context authentication. The MME communicates with the HSSs on the PLMN using Diameter protocol. One or more S6a interfaces can be configured per system context. Supported protocols: Transport Layer: SCTP or TCP Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet S10 Interface This is the interface used by the MME to communicate with an MME in the same PLMN or on different PLMNs. This interface is also used for MME relocation and MME-to-MME information transfer or handoff. This interface uses the GTPv2 protocol. One or more S10 interfaces can be configured per system context. Supported protocols: Transport Layer: UDP, TCP Tunneling: IPv4 or IPv6 GTPv2-C (signaling channel) Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 23 Mobility Management Entity Overview ▀ Network Deployment and Interfaces S11 Interface This interface provides communication between the MME and Serving Gateways (S-GW) for information transfer. This interface uses the GTPv2 protocol. One or more S11 interfaces can be configured per system context. Supported protocols: Transport Layer: UDP, TCP Tunneling: IPv4 or IPv6 GTPv2-C (signaling channel) Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet S13 Interface This interface provides communication between MME and Equipment Identity Register (EIR). One or more S13 interfaces can be configured per system context. Supported protocols: Transport Layer: SCTP or TCP Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet SGs Interface The SGs interface connects the databases in the VLR and the MME to support circuit switch fallback scenarios. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 24 Mobility Management Entity Overview Network Deployment and Interfaces ▀ Supported protocols: Transport Layer: UDP, TCP Tunneling: IPv4 or IPv6 GTP-C (signaling channel) Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet Sv Interface This interface connects the MME to a Mobile Switching Center to support the exchange of messages during a handover procedure for the Single Radio Voice Call Continuity (SRVCC) feature. Supported protocols: Transport Layer: UDP, TCP Tunneling: IPv4 or IPv6 GTP-C (signaling channel) Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet Gn Interface Gn interfaces facilitate user mobility between 2G/3G 3GPP networks. The Gn interface is used for intra-PLMN handovers. The MME supports pre-Release-8 Gn interfaces to allow inter-operation between EPS networks and 2G/3G 3GPP networks. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 25 Mobility Management Entity Overview ▀ Network Deployment and Interfaces Roaming and inter access mobility between 2G and/or 3G SGSNs and an MME/S-GW are enabled by: Gn functionality, as specified between two SGSNs, which is provided by the MME, and Gp functionality, as specified between SGSN and GGSN, that is provided by the P-GW. Supported protocols: Transport Layer: UDP, TCP Tunneling: IPv4 or IPv6 GTP-C (signaling channel) Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet SLg Interface This interface is used by the MME to communicate with the Gateway Mobile Location Center (GMLC). This diameterbased interface is used for LoCation Services (LCS), which enables the system to determine and report location (geographical position) information for connected UEs in support of a variety of location services. Supported protocols: Transport Layer: SCTP or TCP Network Layer: IPv4, IPv6 Data Link Layer: ARP Physical Layer: Ethernet Important: MME Software also supports additional interfaces. For more information on additional interfaces, refer to the Features and Functionality - Licensed Enhanced Feature Software section. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 26 Mobility Management Entity Overview Features and Functionality - Base Software ▀ Features and Functionality - Base Software This section describes the features and functions supported by default in the base software on the MME service and do not require any additional licenses. Important: To configure the basic service and functionality on the system for MME service, refer configuration examples provide in MME Administration Guide. This section describes following features: 3GPP R8 Identity Support ANSI T1.276 Compliance APN Restriction Support Authentication and Key Agreement (AKA) Bulk Statistics Support Closed Subscriber Groups Congestion Control Emergency Session Support EPS Bearer Context Support EPS GTPv2 Support on S11 Interface HSS Support Over S6a Interface Inter-MME Handover Support Interworking Support IPv6 Support Load Balancing Management System Overview MME Pooling MME Selection Mobile Equipment Identity Check Mobility Restriction Multiple PDN Support NAS Protocol Support NAS Signalling Security Network Sharing Operator Policy Support Overload Control Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 27 Mobility Management Entity Overview ▀ Features and Functionality - Base Software Packet Data Network Gateway (P-GW) Selection Radio Resource Management Functions RAN Information Management Reachability Management SCTP Multi-homing Support Serving Gateway Pooling Support Serving Gateway Selection Subscriber Level Session Trace Threshold Crossing Alerts (TCA) Support Tracking Area List Management UMTS to LTE ID Mapping 3GPP R8 Identity Support Provides the identity allocation of following type: EPS Bearer Identity Globally Unique Temporary UE Identity (GUTI) Tracking Area Identity (TAI) MME S1-AP UE Identity (MME S1-AP UE ID) EPS Bearer Identity: An EPS bearer identity uniquely identifies EPS bearers within a user session for attachment to the E-UTRAN access and EPC core networks. The EPS Bearer Identity is allocated by the MME. There is a one to one mapping between EPS Radio Bearers via the E-UTRAN radio access network and EPS Bearers via the S1-MME interface between the eNodeB and MME. There is also a one-to-one mapping between EPS Radio Bearer Identity via the S1 and X2 interfaces and the EPS Bearer Identity assigned by the MME. Globally Unique Temporary UE Identity (GUTI): The MME allocates a Globally Unique Temporary Identity (GUTI) to the UE. A GUTI has; 1) unique identity for MME which allocated the GUTI; and 2) the unique identity of the UE within the MME that allocated the GUTI. Within the MME, the mobile is identified by the M-TMSI. The Globally Unique MME Identifier (GUMMEI) is constructed from MCC, MNC and MME Identifier (MMEI). In turn the MMEI is constructed from an MME Group ID (MMEGI) and an MME Code (MMEC). The GUTI is constructed from the GUMMEI and the M-TMSI. For paging, the mobile is paged with the S-TMSI. The S-TMSI is constructed from the MMEC and the M-TMSI. The operator needs to ensure that the MMEC is unique within the MME pool area and, if overlapping pool areas are in use, unique within the area of overlapping MME pools. The GUTI is used to support subscriber identity confidentiality, and, in the shortened S-TMSI form, to enable more efficient radio signaling procedures (e.g. paging and Service Request). Tracking Area Identity (TAI): Provides the function to assign the TAI list to the mobile access device to limit the frequency of Tracking Area Updates in the network. The TAI is the identity used to identify the tracking area or group of cells in which the idle mode access terminal will be paged when a remote host attempts to ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 28 Mobility Management Entity Overview Features and Functionality - Base Software ▀ reach that user. The TAI consists of the Mobile Country Code (MCC), Mobile Network Code (MNC) and Tracking Area Code (TAC). MME S1-AP UE Identity (MME S1-AP UE ID): This is the temporary identity used to identify a UE on the S1-MME reference point within the MME. It is unique within the MME per S1-MME reference point instance. ANSI T1.276 Compliance ANSI T1.276 specifies security measures for Network Elements (NE). In particular it specifies guidelines for password strength, storage, and maintenance security measures. ANSI T1.276 specifies several measures for password security. These measures include: Password strength guidelines Password storage guidelines for network elements Password maintenance, e.g. periodic forced password changes These measures are applicable to the system and the Web Element Manager since both require password authentication. A subset of these guidelines where applicable to each platform will be implemented. A known subset of guidelines, such as certificate authentication, are not applicable to either product. Furthermore, the platforms support a variety of authentication methods such as RADIUS and SSH which are dependent on external elements. ANSI T1.276 compliance in such cases will be the domain of the external element. ANSI T1.276 guidelines will only be implemented for locally configured operators. APN Restriction Support The APN-Restriction value may be configured for each APN in the P-GW and transferred to the MME. It is used to determine, on a per-MS basis, whether it is allowed to establish EPS bearers to other APNs. The APN-Restriction value is defined in clause 15.4 of 3GPP TS 23.060. APN-Restriction affects multiple procedures, such as Initial Attach, TAU, PDN connectivity, and inter-MME handovers. The MME saves the APN-Restriction value received in create session response for an APN and uses the maximum of the values from the currently active PDNs in the next create session request. If a PDN is disconnected, then the maximum APN-Restriction is adjusted accordingly. Authentication and Key Agreement (AKA) The MME provides EPS Authentication and Key Agreement mechanism for user authentication procedure over the EUTRAN. The Authentication and Key Agreement (AKA) mechanism performs authentication and session key distribution in networks. AKA is a challenge- response based mechanism that uses symmetric cryptography. AKA is typically run in a Services Identity Module. AKA is the procedure that take between the user and network to authenticate themselves towards each other and to provide other security features such as integrity and confidentiality protection. In a logical order this follows the following procedure: 1. Authentication: Performs authentication by identifying the user to the network and identifying the network to the user. 2. Key agreement: Performs key agreement by generating the cipher key and generating the integrity key. 3. Protection: When the AKA procedure is performed, it protects the integrity of messages, the confidentiality of the signalling data, and the confidentiality of the user data. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 29 Mobility Management Entity Overview ▀ Features and Functionality - Base Software Bulk Statistics Support The system's support for bulk statistics allows operators to choose to view not only statistics that are of importance to them, but also to configure the format in which it is presented. This simplifies the post-processing of statistical data since it can be formatted to be parsed by external, back-end processors. When used in conjunction with the Web Element Manager, the data can be parsed, archived, and graphed. The system can be configured to collect bulk statistics (performance data) and send them to a collection server (called a receiver). Bulk statistics are statistics that are collected in a group. The individual statistics are grouped by schema. Following is a partial list of supported schemas: System: Provides system-level statistics Card: Provides card-level statistics Port: Provides port-level statistics MME: Provides MME service statistics GTPC: Provides GPRS Tunneling Protocol - Control message statistics The system supports the configuration of up to 4 sets (primary/secondary) of receivers. Each set can be configured with to collect specific sets of statistics from the various schemas. Statistics can be pulled manually from the chassis or sent at configured intervals. The bulk statistics are stored on the receiver(s) in files. The format of the bulk statistic data files can be configured by the user. Users can specify the format of the file name, file headers, and/or footers to include information such as the date, chassis host name, chassis uptime, the IP address of the system generating the statistics (available for only for headers and footers), and/or the time that the file was generated. When the Web Element Manager is used as the receiver, it is capable of further processing the statistics data through XML parsing, archiving, and graphing. The Bulk Statistics Server component of the Web Element Manager parses collected statistics and stores the information in the PostgreSQL database. If XML file generation and transfer is required, this element generates the XML output and can send it to a Northbound NMS or an alternate bulk statistics server for further processing. Additionally, if archiving of the collected statistics is desired, the Bulk Statistics server writes the files to an alternative directory on the server. A specific directory can be configured by the administrative user or the default directory can be used. Regardless, the directory can be on a local file system or on an NFS-mounted file system on the Web Element Manager server. Closed Subscriber Groups Closed Subscriber Group identifies a group of subscribers who are permitted to access one or more CSG cells of the PLMN as a member of the CSG for a Home eNodeB. Refer to the Closed Subscriber Groups chapter in the MME Administration Guide for more information. Congestion Control The congestion control feature allows you to set policies and thresholds and specify how the system reacts when faced with a heavy load condition. Congestion control monitors the system for conditions that could potentially degrade performance when the system is under heavy load. Typically, these conditions are temporary (for example, high CPU or memory utilization) and are ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 30 Mobility Management Entity Overview Features and Functionality - Base Software ▀ quickly resolved. However, continuous or large numbers of these conditions within a specific time interval may have an impact the system’s ability to service subscriber sessions. Congestion control helps identify such conditions and invokes policies for addressing the situation. Congestion control operation is based on configuring the following: Congestion Condition Thresholds: Thresholds dictate the conditions for which congestion control is enabled and establishes limits for defining the state of the system (congested or clear). These thresholds function in a way similar to operation thresholds that are configured for the system as described in the Thresholding Configuration Guide. The primary difference is that when congestion thresholds are reached, a service congestion policy and an SNMP trap, starCongestion, are generated. A threshold tolerance dictates the percentage under the configured threshold that must be reached in order for the condition to be cleared. An SNMP trap, starCongestionClear, is then triggered. The following system resources can be monitored: System CPU usage System service CPU usage (Demux-Card CPU usage) System Memory usage License usage Maximum Session per service Service Congestion Policies: Congestion policies are configurable for each service. These policies dictate how services respond when the system detects that a congestion condition threshold has been crossed. Congestion control can be used in conjunction with the load balancing feature provided on the MME. For more information on MME load balancing, refer to the Load Balancing section in this chapter. For more information or to configure Overload Control using the basic Congestion Control functionality, refer to the Congestion Control chapter in the Cisco ASR 5x00 Series System Administration Guide. For more information about the Enhanced Congestion Control functionality (a licensed feature), refer to the Enhanced Congestion Control and Overload Control chapter in this guide. Emergency Session Support The MME supports the creation of emergency bearer services which, in turn, support IMS emergency sessions. Emergency bearer services are provided to normally attached UEs and to UEs that are in a limited service state (depending on local service regulations, policies, and restrictions). The standard (refer to 3GPP TS 23.401) has identified four behaviors that are supported: Valid UEs only Authenticated UEs only IMSI required, authentication optional All UEs To request emergency services, the UE has the following two options: UEs that are in a limited service state (due to attach reject from the network, or since no SIM is present), initiate an ATTACH indicating that the ATTACH is for receiving emergency bearer services. After a successful attach, the services that the network provides the UE is solely in the context of Emergency Bearer Services. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 31 Mobility Management Entity Overview ▀ Features and Functionality - Base Software UEs that camp normally on a cell initiates a normal ATTACH if it requires emergency services. Normal attached UEs initiated a UE Requested PDN Connectivity procedure to request Emergency Bearer Services. EPS Bearer Context Support Provides support for subscriber default and dedicated Evolved Packet System (EPS) bearer contexts in accordance with the following standards: 3GPP TS 36.412 V8.6.0 (2009-12): 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Access Network (E-UTRAN); S1 signaling transport (Release 8) 3GPP TS 36.413 V8.8.0 (2009-12): 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access Network (E-UTRAN); S1 Application Protocol (S1AP) (Release 8) IETF RFC 4960, Stream Control Transmission Protocol, December 2007 EPS bearer context processing is based on the APN that the subscriber is attempting to access. Templates for all of the possible APNs that subscribers will be accessing must be configured within the system. Up to 1024 APNs can be configured on the system. Each APN template consists of parameters pertaining to how UE contexts are processed such as the following: PDN Type: IPv4, IPv6, or IPv4v6 EPS Bearer Context timers Quality of Service A total of 11 EPS bearer per subscriber are supported. These could be all dedicated, or 1 default and 10 dedicated or any combination of default and dedicated context. Note that there must be at least one default EPS Bearer context in order for dedicated context to come up. EPS GTPv2 Support on S11 Interface Support for the EPS GTPv2 on S11 interface in accordance with the following standards: 3GPP TS 29.274 V8.4.0 (2009-12): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; 3GPP Evolved Packet System (EPS); Evolved General Packet Radio Service (GPRS) Tunnelling Protocol for Control plane (GTPv2-C); Stage 3 (Release 8) The system supports the use of GTPv2 for EPS signalling context processing. When the GTPv2 protocol is used, accounting messages are sent to the charging gateways (CGs) over the Ga interface. The Ga interface and GTPv2 functionality are typically configured within the system's source context. As specified by the standards, a CDR is not generated when a session starts. CDRs are generated according to the interim triggers configured using the charging characteristics configured for the MME, and a CDR is generated when the session ends. For interim accounting, STOP/START pairs are sent based on configured triggers. GTP version 2 is always used. However, if version 2 is not supported by the CGF, the system reverts to using GTP version 1. All subsequent CDRs are always fully-qualified partial CDRs. All CDR fields are R4. Whether or not the MME accepts charging characteristics from the SGSN can be configured on a per-APN basis based on whether the subscriber is visiting, roaming or, home. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 32 Mobility Management Entity Overview Features and Functionality - Base Software ▀ By default, the MME always accepts the charging characteristics from the SGSN. They must always be provided by the SGSN for GTPv1 requests for primary EPS Bearer contexts. If they are not provided for secondary EPS Bearer contexts, the MME re-uses those from the primary. If the system is configured to reject the charging characteristics from the SGSN, the MME can be configured with its own that can be applied based on the subscriber type (visiting, roaming, or home) at the APN level. MME charging characteristics consist of a profile index and behavior settings. The profile indexes specify the criteria for closing accounting records based specific criteria. Important: For more information on GTPv2 configuration, refer to the Creating and Configuring the eGTP Service and Interface Association section in the Mobility Management Entity Configuration chapter of the MME Service Administration Guide. HSS Support Over S6a Interface Provides a mechanism for performing Diameter-based authorization, authentication, and accounting (AAA) for subscriber bearer contexts based on the following standards: 3GPP TS 23.401 V8.1.0 (2008-03): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access (Release 8) 3GPP TS 29.272 V8.1.1 (2009-01): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Evolved Packet System (EPS); Mobility Management Entity (MME) and Serving GPRS Support Node (SGSN) related interfaces based on Diameter protocol (Release 8) 3GPP TS 33.401 V8.2.1 (2008-12): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP System Architecture Evolution (SAE): Security Architecture; (Release 8) RFC 3588, Diameter Base Protocol, December 2003 The S6a protocol is used to provide AAA functionality for subscriber EPS Bearer contexts through Home Subscriber Server (HSS). During the initial attachment procedures the MME sends to the USIM on AT via the HSS the random challenge (RAND) and an authentication token AUTN for network authentication from the selected authentication vector. At receipt of this message, the USIM verifies that the authentication token can be accepted and if so, produces a response. The AT and HSS in turn compute the Cipher Key (CK) and Integrity Key (IK) that are bound to Serving Network ID. During the attachment procedure the MME requests a permanent user identity via the S1-MME NAS signaling interface to eNodeB and inserts the IMSI, Serving Network ID (MCC, MNC) and Serving Network ID it receives in an Authentication Data Request to the HSS. The HSS returns the Authentication Response with authentication vectors to MME. The MME uses the authentication vectors to compute the cipher keys for securing the NAS signaling traffic. At EAP success, the MME also retrieves the subscription profile from the HSS which includes QoS information and other attributes such as default APN name and S-GW/P-GW fully qualified domain names. Among the AAA parameters that can be configured are: Authentication of the subscriber with HSS Subscriber location update/location cancel Update subscriber profile from the HSS Priority to dictate the order in which the servers are used allowing for multiple servers to be configured in a single context Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 33 Mobility Management Entity Overview ▀ Features and Functionality - Base Software Routing Algorithm to dictate the method for selecting among configured servers. The specified algorithm dictates how the system distributes AAA messages across the configured HSS servers for new sessions. Once a session is established and an HSS server has been selected, all subsequent AAA messages for the session will be delivered to the same server. Inter-MME Handover Support The S10 interface facilitates user mobility between two MMEs providing for the transfer of the UE context from one to the other. It is a GTPv2 control plane interface that supports the following handover types and features: E-UTRAN-to-UTRAN (MME-to-MME) handover through: Tracking Area Update based inter-MME relocation Attach at an eNodeB connected to a different MME S1 handover based inter-MME relocation The MME supports handing over multiple bearers and multiple PDNs over to another MME Trace functionality, monitor protocol, and monitor subscriber DNS client configuration IPv4 and IPv6: for peer MME selection, the preference is given to IPv6 addresses. IPv4 addresses are ignored if IPv6 addresses are present. Interworking Support This section describes various interworking and handover scenarios supported by the MME. The following interworking types are provided: Interworking with SGSNs Handover Support for S4 SGSNs Interworking with SGSNs This feature enables an integrated EPC core network to anchor calls from multi-mode access terminals and supports seamless mobility on call hand-offs between an LTE or GERAN/UTRAN access network. This provides a valuable function to enable LTE operators to generate incremental revenue from inbound roaming agreements with 2G/3G roaming partners. In order to support inter-RAT hand-offs for dual-mode access terminals between LTE and 2G/3G networks with 3GPP Pre-Release 8 SGSN's, the MME will support combined hard handover and SRNS relocation procedures via the GTPv1 Gn/Gp reference interface. In preparation for the handover, the MME sends a Forward Relocation Request to the SGSN and includes subscriber identity and context information including IMSI, Mobility Management context and PDP context. The PDP context includes the GGSN address for the user plane and the uplink Tunnel Endpoint ID. These addresses are equivalent to the PDN GW address. The MME maps the EPS bearer parameters to the PDP contexts. After sending the forward relocation signaling to the target SGSN, the MME deletes the EPS bearer resources by sending a Delete Bearer Request to the S-GW with a Cause code that instructs the S-GW not to initiate delete procedures toward the P-GW. When a mobile subscriber roams from an EUTRAN to GERAN/UTRAN access network it must also send a Routing Area Update (RAU) to register its location with the target network. The target SGSN sends a Context Request to the ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 34 Mobility Management Entity Overview Features and Functionality - Base Software ▀ MME with P-TMSI to get the Mobility Management contexts and PDP contexts for the subscriber session. The SGSN uses the Globally Unique Temporary ID (GUTI) from the MME to identify the P-TMSI/RAI. Handover Support for S4-SGSNs The S3 interface facilitates user mobility between an MME and an S4-SGSN providing for the transfer of the UE context between the two. It is a GTPv2 control plane interface that supports the following handover types: E-UTRAN-to-UTRAN and E-UTRAN-to-GERAN (MME-to-R8 SGSN) handover through: Routing Area Update (RAU) based MME-R8 SGSN relocation where the RAU could be a result of UE movement. Attach at an RNC connected to a R8 SGSN S1 handover/SRNS relocation based MME-R8 SGSN relocation UTRAN-to-E-UTRAN and GERAN-to-E-UTRAN (R8 SGSN-to-MME) handover through: Tracking Area Update (TAU) based R8 SGSN-MME relocation where the TAU could be a result of UE movement. Attach at an eNodeB connected to an MME. SRNS relocation/S1 handover based R8 SGSN-MME relocation. All handover types support handing over multiple bearers and multiple PDNs from the MME to a R8 SGSN and vice versa. The S3 interface also supports the following features: Monitor Protocol and Monitor Subscriber Subscriber Session Trace IPv4 and IPv6: for peer SGSN selection, the preference is given to IPv6 addresses. IPv4 addresses are ignored if IPv6 addresses are present. Operator Policy for SGSN selection Session Recovery: all MME sessions established using the S3 interface are capable of being recovered in case of a session manager task failure. IPv6 Support This feature allows IPv6 subscribers to connect via the LTE/SAE infrastructure in accordance with the following standards: RFC 2460: Internet Protocol, Version 6 (IPv6) Specification RFC 2461: Neighbor Discovery for IPv6 RFC 2462: IPv6 Stateless Address Autoconfiguration RFC 3314: Recommendations for IPv6 in 3GPP Standards RFC 3316: Internet Protocol Version 6 (IPv6) for Some Second and Third Generation Cellular Hosts RFC 3056: Connection of IPv6 domains via IPv4 clouds 3GPP TS 27.060: Mobile Station Supporting Packet Switched Services Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 35 Mobility Management Entity Overview ▀ Features and Functionality - Base Software 3GPP TS 29.061: Interworking between the Public Land Mobile Network (PLMN) supporting Packet Based Services and Packet Data Networks (PDN) The MME allows an APN to be configured for IPv6 EPS Bearer contexts. Also, an APN may be configured to simultaneously allow IPv4 EPS Bearer contexts. The MME supports IPv6 stateless dynamic auto-configuration. The mobile station may select any value for the interface identifier portion of the address. The link-local address is assigned by the MME to avoid any conflict between the mobile station link-local address and the MME address. The mobile station uses the interface identifier assigned by the MME during the stateless address auto-configuration procedure. Once this has completed, the mobile can select any interface identifier for further communication as long as it does not conflict with the MME's interface identifier that the mobile learned through router advertisement messages from the MME. Control and configuration of the above is specified as part of the APN configuration on the MME, e.g., IPv6 address prefix and parameters for the IPv6 router advertisements. RADIUS VSAs may be used to override the APN configuration. Following IPv6 EPS Bearer context establishment, the MME can perform either manual or automatic 6to4 tunneling, according to RFC 3056, Connection of IPv6 Domains Via IPv4 Clouds. MME Interfaces Supporting IPv6 Transport The following MME interfaces support IPv6 transport: S1-MME: runs S1-AP/SCTP over IPv6 and supports IPv6 addresses for S1-U endpoints. S3 S6a S10 S11 S13 SGs Sv Load Balancing Load balancing functionality permits UEs that are entering into an MME pool area to be directed to an appropriate MME in a more efficient manner, spreading the load across a number of MMEs. Load balancing is achieved by setting a weight factor for each MME so that the probability of the eNodeB selecting an MME is proportional to its weight factor. The weight factor is typically set according to the capacity of an MME node relative to other MME nodes. The weight factor is sent from the MME to the eNodeB via S1-AP messages. Refer to the Load Balancing and Rebalancing chapter for more information about this feature. MME load balancing can be used in conjunction with congestion control. For more information on congestion control, refer to the Congestion Control section in this chapter. Load Re-balancing The MME load re-balancing functionality permits UEs that are registered on an MME (within an MME pool area) to be moved to another MME. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 36 Mobility Management Entity Overview Features and Functionality - Base Software ▀ The rebalancing is triggered using an exec command on the mme-service from which UEs should be offloaded. When initiated, the MME begins to offload a cross-section of its subscribers with minimal impact on the network and users. The MME avoids offloading only low activity users, and it offloads the UEs gradually (configurable from 1-1000 minutes). The load rebalancing can off-load part of or all the subscribers. Refer to the Load Balancing and Rebalancing chapter in the MME Administration Guide for more information about this feature. Management System Overview The system's management capabilities are designed around the Telecommunications Management Network (TMN) model for management - focusing on providing superior quality network element (NE) and element management system (Web Element Manager) functions. The system provides element management applications that can easily be integrated, using standards-based protocols (CORBA and SNMPv1, v2), into higher-level management systems - giving wireless operators the ability to integrate the system into their overall network, service, and business management systems. In addition, all management is performed out-of-band for security and to maintain system performance. The Operation and Maintenance module of the system offers comprehensive management capabilities to the operators and enables them to operate the system more efficiently. There are multiple ways to manage the system either locally or remotely using its out-of-band management interfaces. These include: Using the command line interface (CLI) Remote login using Telnet, and Secure Shell (SSH) access to CLI through SPIO card's Ethernet management interfaces Local login through the Console port on SPIO card using an RS-232 serial connection Using the Web Element Manager application Supports communications through 10 Base-T, 100 Base-TX, 1000 Base-TX, or 1000 Base-SX (optical gigabit Ethernet) Ethernet management interfaces on the SPIO Client-Server model supports any browser (i.e. Microsoft Internet Explorer v5.0 and above or Netscape v4.7 or above, and others) Supports Common Object Request Broker Architecture (CORBA) protocol and Simple Network Management Protocol version 1 (SNMPv1) for fault management Provides complete Fault, Configuration, Accounting, Performance, and Security (FCAPS) capabilities Can be easily integrated with higher-level network, service, and business layer applications using the Object Management Group's (OMG’s) Interface Definition Language (IDL) The following figure demonstrates these various element management options and how they can be utilized within the wireless carrier network. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 37 Mobility Management Entity Overview ▀ Features and Functionality - Base Software Figure 4. Element Management Methods Important: MME management functionality is enabled by default for console-based access. For GUI-based management support, refer Web Element Management System. For more information on command line interface based management, refer to the Command Line Interface Reference. MME Pooling Provides support to configure MME pool area consisting multiple MMEs within which a UE may be served without any need to change the serving MME. The benefits of MME pooling are: Enables Geographical Redundancy, as a pool can be distributed across sites. Increases overall capacity, as load sharing across the MMEs in a pool is possible (see the Load Balancing feature in this chapter). Converts inter-MME Tracking Area Updates (TAUs) to intra-MME TAUs for moves between the MMEs of the same pool. This substantially reduces signaling load as well as data transfer delays. Eases introduction of new nodes and replacement of old nodes as subscribers can be moved is a planned manner to the new node. Eliminates single point of failure between an eNodeB and MME. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 38 Mobility Management Entity Overview Features and Functionality - Base Software ▀ Enables service downtime free maintenance scheduling. An MME Pool Area is defined as an area within which a UE may be served without need to change the serving MME. An MME Pool Area is served by one or more MMEs in parallel. MME Pool Areas are a collection of complete Tracking Areas. MME Pool Areas may overlap each other. The Cisco MME supports MME Pooling functionality as defined in 3GPP TS 23.401. MME pooling allows carriers to load balance sessions among pooled MMEs. The Cisco MME supports configuration of up to a pool size of 32 nodes. MME Selection The MME selection function selects an available MME for serving a UE. This feature is needed for MME selection for handover with minimal MME changes. MME selection chooses an available MME for serving a UE. Selection is based on network topology, i.e. the selected MME serves the UE’s location and in case of overlapping MME service areas, the selection function may prefer MME’s with service areas that reduce the probability of changing the MME. Mobile Equipment Identity Check The Mobile Equipment Identity Check Procedure permits the operator(s) of the MME and/or the HSS and/or the PDNGW to check the Mobile Equipment's identity with EIR. The mobile equipment (ME) identity is checked through the MME by passing it to an Equipment Identity Register (EIR) over the S13 interface and then the MME analyzes the response from the EIR in order to determine its subsequent actions; like rejecting or attaching a UE. Mobility Restriction The following types of mobility restriction are supported on the MME: Handover Restriction Regional Zone Code Restriction Handover Restriction Mobility Restriction comprises the functions for restrictions to mobility handling of a UE in E-UTRAN access. In ECM-CONNECTED state, the core network provides the radio network with a Handover Restriction List. The MME performs mobility or handover restrictions through the use of handover restriction lists. Handover restriction lists are used by the MME operator policy to specify roaming, service area, and access restrictions. Mobility restrictions at the MME are defined in 3GPP TS 23.401. Regional Zone Code Restriction Regional Zone Code Restriction allows an operator to control the areas in which a UE can roam in to receive service. The code representing the zone in which a UE is to be offered service by the network can be configured in the HSS or using local provisioning in the MME. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 39 Mobility Management Entity Overview ▀ Features and Functionality - Base Software Once provisioned, the following restriction types are supported on the MME: HSS subscription based zone code restriction - if the subscription data in the HSS contains zone codes, the UE is allowed to camp only on those zones. Support for Regional Zone Code restriction based on HSS subscription data allows operators to offer zone based EPC subscriptions to home subscribers. Local policy based zone code restrictions - using the operator policy on the MME, certain ranges of IMSI or specific PLMN(s) could be restricted from or allowed to camp on, zones within the MME service area. This policy could apply to any PLMN. Local policy based zone code restriction allows operators to control access of EPC by roaming subscribers on a zone basis. Multiple PDN Support This feature provides multiple PDN connectivity support for UE initiated service requests. The MME supports an UE-initiated connectivity establishment to separate P-GWs or a single P-GW in order to allow parallel access to multiple PDNs. Up to 11 PDNs are supported per subscriber. Refer to PDN Type Control in this chapter for information about the ability to control the PDN type (IPv4, IPv6) to which a given UE can be connected. NAS Protocol Support MME provides this protocol support between the UE and the MME. The NAS protocol includes following elementary procedures for EPS Mobility Management (EMM) and EPS Session Management (ESM): EPS Mobility Management (EMM) This feature used to support the mobility of user equipment, such as informing the network of its present location and providing user identity confidentiality. It also provides connection management services to the session management (SM) sublayer. An EMM context is established in the MME when an attach procedure is successfully completed. The EMM procedures are classified as follows: EMM Common Procedures: An EMM common procedure can always be initiated when a NAS signalling connection exists. Following are the common EMM procedure types: Globally Unique Temporary Identity (GUTI) reallocation Authentication and security mode Identification EMM information EMM Specific Procedures: This procedure provides Subscriber Detach or de-registration procedure. EMM Connection Management Procedures: This procedure provides connection management related function like Paging procedure. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 40 Mobility Management Entity Overview Features and Functionality - Base Software ▀ EPS Session Management (ESM) This feature is used to provide the subscriber session management for bearer context activation, deactivation, modification, and update procedures. NAS Signalling Security It provides integrity protection and encryption of NAS signalling. The NAS security association is between the UE and the MME. The MME uses the NAS security mode command procedure to establish a NAS security association between the UE and MME, in order to protect the further NAS signalling messages. The MME implements AES algorithm (128-EEA1 and 128-EEA2) for NAS signalling ciphering and SNOW 3G algorithm (128-EIA1 and 128-EIA2) for NAS signalling integrity protection. 128-EIA1= SNOW 3G 128-EIA2= AES Network Sharing The LTE architecture enables service providers to reduce the cost of owning and operating the network by allowing the service providers to have separate Core Network (CN) elements (MME, SGW, PDN GW) while the E-UTRAN (eNBs) is jointly shared by them. This is enabled by the S1-flex mechanism by enabling each eNodeB to be connected to multiple CN entities. When a UE attaches to the network, it is connected to the appropriate CN entities based on the identity of the service provider sent by the UE. In such a network sharing configuration, complete radio (access) network and partial core network is shared among different operators. Each operator has its own network node for S-GW/P-GW, etc., while sharing a MME and the rest of the radio network. To support this network sharing configuration, the MME service can be configured with multiple local PLMNs per service. This means that each mme-service will handle multiple PLMNs and will indicate this to the eNodeb during S1 SETUP procedure (as well using the S1 MME CONFIGURATION UPDATE message). The configuration of these additional PLMNs is implemented using the network-sharing command within the mmeservice config mode. Refer to the Command Line Reference for detailed information on using this command. When a UE attaches to the MME, the GUTI assignment will use the mme id corresponding to the PLMN configuration. The plmn-id filter in the operator policy selection criteria allows PLMN-specific configurations in an operator policy. Operator Policy Support The operator policy provides mechanisms to fine tune the behavior of subsets of subscribers above and beyond the behaviors described in the user profile. It also can be used to control the behavior of visiting subscribers in roaming scenarios, enforcing roaming agreements and providing a measure of local protection against foreign subscribers. An operator policy associates APNs, APN profiles, an APN remap table, and a call-control profile to ranges of IMSIs. These profiles and tables are created and defined within their own configuration modes to generate sets of rules and instructions that can be reused and assigned to multiple policies. In this manner, an operator policy manages the application of rules governing the services, facilities, and privileges available to subscribers. These policies can override Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 41 Mobility Management Entity Overview ▀ Features and Functionality - Base Software standard behaviors and provide mechanisms for an operator to get around the limitations of other infrastructure elements, such as DNS servers and HSSs. The operator policy configuration to be applied to a subscriber is selected on the basis of the selection criteria in the subscriber mapping at attach time. A maximum of 1,024 operator policies can be configured. If a UE was associated with a specific operator policy and that policy is deleted, the next time the UE attempts to access the policy, it will attempt to find another policy with which to be associated. A default operator policy can be configured and applied to all subscribers that do not match any of the per-PLMN or IMSI range policies. Changes to the operator policy take effect when the subscriber re-attaches and subsequent EPS Bearer activations. Refer to the Operator Policy chapter in this guide for more information. Overload Control Using the Congestion Control functionality or the Enhanced Congestion Control functionality, the MME can signal to the eNodeBs to which it is connected to redirect traffic to other MMEs in the MME pool. This is accomplished using the S1 interface Overload Procedure (3GPP TS 36.300 and 3GPP TS 36.413). When overload control is configured and a congestion threshold is reached, the MME can be configured to send an S1AP Overload Start message to a percentage of the eNodeBs to which the MME is connected. To reflect the amount of load that the MME wishes to reduce, this percentage configurable. In the Overload Response IE sent to the eNodeBs, the MME can request the eNodeB to reject or permit specific types of sessions, including: reject non-emergency sessions reject new sessions permit emergency sessions permit high-priority sessions and mobile-terminated services reject delay-tolerant access. For more information or to configure Overload Control using the basic Congestion Control functionality, refer to the Congestion Control chapter in the System Administration Guide. For more information or to configure Overload Control using the Enhanced Congestion Control functionality, refer to the Enhanced Congestion Control and Overload Control chapter in this guide. PDN Type Control PDN Type Control enables the MME to override the requested Packet Data Network (PDN) type based on the inbound roamer PLMN, and assign the UE to an IPv4 only or IPv6 only PDN. If a UE requests an IPv4v6 PDN, it can be downgraded to an IPv4- or IPv6-only address. The MME signals the appropriate cause to the UE to account for the PDN type change. This functionality enables operators to control resource usage for roaming and home subscribers differently, and ensures that IP network continuity works for inbound roamers. PDN Type Control is configured in a call control profile that is applied via an operator policy. Refer to the Call Control Profile Configuration Mode chapter of the Command Line Reference for more information. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 42 Mobility Management Entity Overview Features and Functionality - Base Software ▀ Packet Data Network Gateway (P-GW) Selection Provides a straightforward method based on a default APN provided during user attachment and authentication to assign the P-GW address in the VPLMN or HPLMN. The MME also has the capacity to use a DNS transaction to resolve an APN name provided by a UE to retrieve the PDN GW address. P-GW selection allocates a P-GW that provides the PDN connectivity for the 3GPP access. The function uses subscriber information provided by the HSS and possibly additional criteria. For each of the subscribed PDNs, the HSS provides: an IP address of a P-GW and an APN, or an APN and an indication for this APN whether the allocation of a P-GW from the visited PLMN is allowed or whether a P-GW from the home PLMN shall be allocated. The HSS also indicates the default APN for the UE. To establish connectivity with a PDN when the UE is already connected to one or more PDNs, the UE provides the requested APN for the PDN GW selection function. If the HSS provides an APN of a PDN and the subscription allows for allocation of a PDN GW from the visited PLMN for this APN, the PDN GW selection function derives a PDN GW address from the visited PLMN. If a visited PDN GW address cannot be derived, or if the subscription does not allow for allocation of a PDN GW from the visited PLMN, then the APN is used to derive a PDN GW address from the HPLMN. Radio Resource Management Functions Radio resource management functions are concerned with the allocation and maintenance of radio communication paths, and are performed by the radio access network. To support radio resource management in E-UTRAN, the MME provides the RAT/Frequency Selection Priority (RFSP) parameter to an eNodeB across S1. The RFSP is a “per UE” parameter that is used by the E-UTRAN to derive UE specific cell reselection priorities to control idle mode camping. The RFSP can also be used by the E-UTRAN to decide on redirecting active mode UEs to different frequency layers or RATs. The MME receives the RFSP from the HSS during the attach procedure. For non-roaming subscribers, the MME transparently forwards the RFSP to the eNodeB across S1. For roaming subscribers, the MME may alternatively send an RFSP value to the eNodeB across S1 that is based on the visited network policy, such as an RFSP pre-configured per Home-PLMN or a single RFSP’s values to be used for all roamers independent of the Home-PLMN. RAN Information Management The MME supports RAN Information Management (RIM) procedures as defined in 3GPP TS 23.401 on the S1-MME, S3, Gn, and S10 interfaces. RIM procedures allow the MME to exchange information between applications belonging to the RAN nodes. The MME provides addressing, routing and relaying support for the RAN information exchange. Reachability Management It provides a mechanism to track a UE which is in idle state for EPS connection management. To reach a UE in idle state the MME initiates paging to all eNodeBs in all tracking areas in the TA list assigned to the UE. The EPS session manager have knowledge about all the eNodeB associations to the MME and generates a list of eNodeBs that needs to be paged to reach a particular UE. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 43 Mobility Management Entity Overview ▀ Features and Functionality - Base Software The location of a UE in ECM-IDLE state is known by the network on a Tracking Area List granularity. A UE in ECMIDLE state is paged in all cells of the Tracking Areas in which it is currently registered. The UE may be registered in multiple Tracking Areas. A UE performs periodic Tracking Area Updates to ensure its reachability from the network. SCTP Multi-homing Support This sections describes multi-homing support for specific interfaces on the MME. SCTP Multi-homing for S6a The Cisco MME service supports up to four SCTP bind end point IPv4 or IPv6 addresses for the S6a interface. SCTP Multi-homing for S1-MME The Cisco MME service supports up to two SCTP bind end point IPv4 or IPv6 addresses for the S1-MME interface. SCTP Multi-homing for SGs The Cisco MME service supports up to two SCTP bind end point IPv4 or IPv6 addresses for the SGs interface. Serving Gateway Pooling Support The S-GW supports independent service areas from MME pooling areas. Each cell is associated to a pool of MMEs and a pool of Serving Gateways. Once a cell selects an MME, that MME is able to select an S-GW which is in an S-GW pool supported by the cell. Static S-GW pools can be configurable on the MME. Each pool is organized as a set of S-GWs and the Tracking Area Identities (TAIs) supported by them, known as a service area (SA). The incoming TAI is used to select an SA. Then, based on protocol and statistical weight factors, an S-GW is selected from the pool serving that SA. The same list of SGWs may serve multiple TAIs. Static S-GW pools are used if there is no DNS configured or as a fallback if DNS discovery fails. For additional Information on TAI lists, refer to the Tracking Area List Management section in this overview. Serving Gateway Selection The Serving Gateway (S-GW) selection function selects an available S-GW to serve a UE. This feature reduces the probability of changing the S-GW and a load balancing between S-GWs. The MME uses DNS procedures for S-GW selection. The selection is based on network topology; the selected S-GW serves the UE’s location, and in the case of overlapping S-GW service areas, the selection may prefer S-GWs with service areas that reduce the probability of changing the SGW. If a subscriber of a GTP-only network roams into a PMIP network, the PDN GWs (P-GWs) selected for local breakout supports the PMIP protocol, while P-GWs for home routed traffic use GTP. This means the S-GW selected for such subscribers may need to support both GTP and PMIP, so that it is possible to set up both local breakout and home routed sessions for these subscribers. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 44 Mobility Management Entity Overview Features and Functionality - Base Software ▀ Session and Quality of Service Management This support provides a foundation for contributing towards improved Quality of User Experience (QoE) by enabling deterministic end-to-end forwarding and scheduling treatments for different services or classes of applications pursuant to their requirements for committed bandwidth resources, jitter and delay. In this way, each application receives the service treatment that users expect. The MME Operator Policy configuration allows the specification of QoS for each traffic class that can either be used as a default or as an over ride to the HSS settings. In LTE-EPC 4G architectures, QoS management is network controlled via dynamic policy interactions between the PCRF and PDN GW. EPS bearer management is used to establish, modify or remove dedicated EPC bearers in order to provide service treatments tied to the needs of specific applications/service data flows. The service priority is provisioned based on QoS Class Identifiers (QCI) in the Gx policy signaling. PCRF signaling interaction may also be used to establish or modify the APN-AMBR attribute assigned to the default EPS bearer. When it is necessary to set-up a dedicated bearer, the PDN GW initiates the Create Dedicated Bearer Request which includes the IMSI (permanent identity of mobile access terminal), Traffic Flow Template (TFT - 5-tuple packet filters) and S5 Tunnel Endpoint ID (TEID) information that is propagated downstream via the S-GW over the S11 interface to the MME. The Dedicated Bearer signaling includes requested QoS information such as QCI, Allocation and Retention Priority (ARP), Guaranteed Bit Rate (GBR - guaranteed minimum sending rate) and Maximum Bit Rate (MBRmaximum burst size). The MME allocates a unique EPS bearer identity for every dedicated bearer and encodes this information in a Session Management Request that includes Protocol Transaction ID (PTI), TFT’s and EPS bearer QoS parameters. The MME signals the Bearer Setup Request in the S1-MME message toward the neighboring eNodeB. Subscriber Level Session Trace The Subscriber Level Trace provides a 3GPP standards-based session-level trace function for call debugging and testing new functions and access terminals in an LTE environment. In general, the Session Trace capability records and forwards all control activity for the monitored subscriber on the monitored interfaces. This is typically all the signaling and authentication/subscriber services messages that flow when a UE connects to the access network. As a complement to Cisco's protocol monitoring function, the MME supports 3GPP standards based session level trace capabilities to monitor all call control events on the respective monitored interfaces including S6a, S1-MME and S11. The trace can be initiated using multiple methods: Management initiation via direct CLI configuration Management initiation at HSS with trace activation via authentication response messages over S6a reference interface Signaling based activation through signaling from subscriber access terminal The session level trace function consists of trace activation followed by triggers. The EPC network element buffers the trace activation instructions for the provisioned subscriber in memory using camp-on monitoring. Trace files for active calls are buffered as XML files using non-volatile memory on the local dual redundant hard drives. The Trace Depth defines the granularity of data to be traced. Six levels are defined including Maximum, Minimum and Medium with ability to configure additional levels based on vendor extensions. All call control activity for active and recorded sessions is sent to an off-line Trace Collection Entity (TCE) using a standards-based XML format over a FTP or secure FTP (SFTP) connection. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 45 Mobility Management Entity Overview ▀ Features and Functionality - Base Software Note: In the current release the IPv4 interfaces are used to provide connectivity to the TCE. Trace activation is based on IMSI or IMEI and only Maximum Trace Depth is supported in this release. The following figure shows a high-level overview of the session-trace functionality and deployment scenario: Figure 5. Session Trace Function and Interfaces For more information on this feature, refer to the Configuring Subscriber Session Tracing chapter in the MME Service Administration Guide. Threshold Crossing Alerts (TCA) Support Thresholding on the system is used to monitor the system for conditions that could potentially cause errors or outage. Typically, these conditions are temporary (i.e high CPU utilization, or packet collisions on a network) and are quickly resolved. However, continuous or large numbers of these error conditions within a specific time interval may be indicative of larger, more severe issues. The purpose of thresholding is to help identify potentially severe conditions so that immediate action can be taken to minimize and/or avoid system downtime. The system supports Threshold Crossing Alerts for certain key resources such as CPU, memory, number of sessions etc. With this capability, the operator can configure threshold on these resources whereby, should the resource depletion cross the configured threshold, a SNMP Trap would be sent. The following thresholding models are supported by the system: Alert: A value is monitored and an alert condition occurs when the value reaches or exceeds the configured high threshold within the specified polling interval. The alert is generated then generated and/or sent at the end of the polling interval. Alarm: Both high and low threshold are defined for a value. An alarm condition occurs when the value reaches or exceeds the configured high threshold within the specified polling interval. The alert is generated then generated and/or sent at the end of the polling interval. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 46 Mobility Management Entity Overview Features and Functionality - Base Software ▀ Thresholding reports conditions using one of the following mechanisms: SNMP traps: SNMP traps have been created that indicate the condition (high threshold crossing and/or clear) of each of the monitored values. Generation of specific traps can be enabled or disabled on the chassis. Ensuring that only important faults get displayed. SNMP traps are supported in both Alert and Alarm modes. Logs: The system provides a facility called threshold for which active and event logs can be generated. As with other system facilities, logs are generated Log messages pertaining to the condition of a monitored value are generated with a severity level of WARNING. Logs are supported in both the Alert and the Alarm models. Alarm System: High threshold alarms generated within the specified polling interval are considered “outstanding” until a the condition no longer exists or a condition clear alarm is generated. “Outstanding” alarms are reported to the system's alarm subsystem and are viewable through the Alarm Management menu in the Web Element Manager. The Alarm System is used only in conjunction with the Alarm model. Important: For more information on threshold crossing alert configuration, refer to the Thresholding Configuration Guide. Tracking Area List Management Provides the functions to allocate and reallocate a Tracking Area Identity (TAI) list to the UE to minimize Tracking Area Updates (TAUs). The MME assigns the TAI list to a UE so as to minimize the TAUs that are sent by the UE. The TAI list should be kept to a minimum in order to maintain a lower paging load. The MME allows up to 16 tracking areas configured locally to be included and sent to the mobile station in Tracking Area List IE as part of Attach/TAU Accept message. UMTS to LTE ID Mapping The MME allows seamless inter-RAT interworking when the operator’s networks are configured with LACs allocated from the reserved space of 32K to 64K. 3GPP Specifications have reserved this space for LTE MME Group IDs. The MME and SGSN can distinguish between UMTS IDs (P-TMSI/RAI) and LTE IDs (GUTI) by configuring an MME group ID to PLMN ID mapping. Use Case 1: When a UE moves from 3G to LTE, the UE maps the P-TMSI and RAI to GUTI and uses this mapped GUTI in the TAU Attach Request that it sends to the MME. At the MME, this mapped GUTI gets reverse mapped to PTMSI and RAI, which are used to fetch the UE’s Context from the old SGSN. Use Case 1: When a UE moves from LTE to 3G, theUE maps the GUTI to P-TMSI and RAI, and performs a RAU Attach to the SGSN. A Pre-Rel8 SGSN would attempt to fetch the UE’s context over the Gn/Gp interface using the mapped P-TMSI and RAI. At the MME, the P-TMSI and RAI are reverse mapped to GUTI to fetch the locally stored UE’s context. An S3-SGSN also behaves similar to Pre-Rel8 SGSN except for the way it discovers the source MME. S3-SGSN identifies the P-TMSI & RAI received in RAU Request as a mapped one and performs LTE specific DNS query using MME ID, to discover the source MME. For the two use cases above, the MME/S3-SGSN would need to identify whether a given UMTS or LTE ID is a native one or a mapped one. MME GroupID or LAC is used to make this distinction. If the Most Significant Bit(MSB) in LAC Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 47 Mobility Management Entity Overview ▀ Features and Functionality - Base Software is set then the UMTS ID is mapped from LTE. Similarly, if the MSB of MME Group ID is zero then the LTE ID is mapped from UMTS. If the standard defined ranges are not complied, the target MME/S3-SGSN may incorrectly conclude the source node as S3-SGSN/MME. This misinterpretation would lead to unsuccessful attempt to resolve the source node since the DNS query is formulated with the assumption that the source node is either MME or S3-SGSN. In order to address networks where the 1/0 MSB logic does not apply, the MME and SGSN can rely on a global database of MME Group IDs (configured via CLI) instead of the standards specified MSB, to distinguish between mapped and native UMTS and LTE IDs. The MME consults this database of MME Group IDs when the below two conditions apply: 1. The MME is not aware of the received GUTI Type, such as when either the UE or the network are not Release 10 compliant. 2. MME-Service is associated with the MME Group ID database. Refer to Configuring UMTS to LTE ID Mapping in Chapter 2 of this document for steps to create and configure this database and to associate the MME service to this database. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 48 Mobility Management Entity Overview Features and Functionality - External Application Support ▀ Features and Functionality - External Application Support This section describes the features and functions of external applications supported on the MME. These services require additional licenses to implement the functionality. This section describes following external applications: Web Element Management System Web Element Management System Provides a graphical user interface (GUI) for performing fault, configuration, accounting, performance, and security (FCAPS) management. The Web Element Manager is a Common Object Request Broker Architecture (CORBA)-based application that provides complete fault, configuration, accounting, performance, and security (FCAPS) management capability for the system. For maximum flexibility and scalability, the Web Element Manager application implements a client-server architecture. This architecture allows remote clients with Java-enabled web browsers to manage one or more systems via the server component which implements the CORBA interfaces. The server component is fully compatible with the fault-tolerant Sun® Solaris® operating system. The following figure demonstrates various interfaces between the Cisco Web Element Manager and other network components. Figure 6. Web Element Manager Network Interfaces Important: MME management functionality is enabled by default for console-based access. For GUI-based management support, refer Web Element Management System. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 49 Mobility Management Entity Overview ▀ Features and Functionality - Licensed Enhanced Feature Software Features and Functionality - Licensed Enhanced Feature Software This section describes the optional enhanced features and functions for MME service. Important: The following features require the purchase of an additional feature license to implement the functionality with the MME service. This section describes following enhanced features: Attach Rate Throttling Circuit Switched Fall Back (CSFB) and SMS over SGs Interface Enhanced Congestion Control and Overload Control Idle-mode Signaling Reduction IP Security (IPSec) Lawful Intercept Location Services Optimized Paging Support Overcharging Protection Session Recovery Support Single Radio Voice Call Continuity Support User Location Information Reporting VLR Management Attach Rate Throttling This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. This feature enables operators to limit the rate at which the MME processes new connections (attaches, TAU requests, and forward relocation requests) which in turn reduces the signaling on the external nodes. See the network-overload-protection mme-new-connections-per-second command in the Global Configuration Mode Commands chapter of the Command Line Reference for more information. Circuit Switched Fall Back (CSFB) and SMS over SGs Interface This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. Circuit Switched Fall Back (CSFB) enables the UE to camp on an EUTRAN cell and originate or terminate voice calls through a forced switchover to the circuit switched (CS) domain or other CS-domain services (e.g., Location Services ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 50 Mobility Management Entity Overview Features and Functionality - Licensed Enhanced Feature Software ▀ (LCS) or supplementary services). Additionally, SMS delivery via the CS core network is realized without CSFB. Since LTE EPC networks were not meant to directly anchor CS connections, when any CS voice services are initiated, any PS based data activities on the EUTRAN network will be temporarily suspended (either the data transfer is suspended or the packet switched connection is handed over to the 2G/3G network). Important: CSFB to CDMA 1x networks is not supported in this release. CSFB provides an interim solution for enabling telephony and SMS services for LTE operators that do not plan to deploy IMS packet switched services at initial service launch. CSFB function is realized by reusing Gs interface mechanisms, as defined in 3GPP TS 29.018, on the interface between the MME in the EPS and the VLR. This interface is called the SGs interface. The SGs interface connects the databases in the VLR and the MME. EPC core networks are designed for all IP services and as such lack intrinsic support for circuit switched voice and telephony applications. This presents challenges for those operators that do not plan to launch packet switched IMS core networks at initial service deployment. CSFB represents an interim solution to address this problem by enabling dual radio mobile devices (LTE/GSM/UMTS or CDMA1xRTT) to fall back to GSM/UMTS or CDMA1x access networks to receive incoming or place outgoing voice calls. Highlights of the CSFB procedure are as follows: Preparation Phase: When the GSM/UMTS/LTE access terminal attaches to the EUTRAN access network, it uses combined attachment procedures to request assistance from the MME to register its presence in the 2G/3G network. The MME uses SGs signaling to the MSC/VLR to register on behalf of the AT to the 2G/3G network. The MME represents itself as an SGSN to the MSC and the MSC performs a location update to the SGSN in the target 2G/3G network. The MME uses the Tracking Area Identity provided by UE to compute the Location Area Identity it provides to the MSC. Execution Phase: Mobile Terminated Call: When a call comes in at the MSC for the user, the MSC signals the incoming call via the SGs interface to MME. If the AT is an active state, the MME forwards the request directly to the mobile. If the user wishes to receive the call the UE instructs the MME to hand over the call to the 2G/3G network. The MME then informs the eNodeB to initiate the handoff. If the AT is in dormant state, the MME attempts to page it at every eNodeB within the Tracking Area list to reestablish the radio connection. As no data transfer is in progress, there are no IP data sessions to handover and the mobile switches to its 2G/3G radio to establish the connection with the target access network. If the mobile is active and an IP data transfer is in progress at the time of the handover, the data transfer can either be suspended or the packet switched connection can be handed over if the target network supports Dual Transfer Mode. Note that this is typically only supported on UMTS networks. Once the access terminal attaches to the 2G/3G cell, it answers the initial paging via the target cell. Execution Phase: Mobile Originated Calls This is very similar to the procedure for Mobile Terminated Calls, except there is no requirement for idle mode paging for incoming calls and the AT has no need to send a paging response to the MSC after it attaches to the target 2G/3G network. The following CSFB features are supported: Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 51 Mobility Management Entity Overview ▀ Features and Functionality - Licensed Enhanced Feature Software Release 8 and Release 9 Specification Support SGs-AP Encode/Decode of all messages SGs-AP Procedure Support Paging Location Update Non-EPS Alert Explicit IMSI Detach Implicit IMSI Detach VLR Failure HSS Failure MM Information NAS Message Tunneling Service Request MME Failure SMS Mobile Originating Voice Call Mobile Terminating Voice Call Gn/Gp Handover S3 Handover Basic and Enhanced TAI to LAI Mapping Basic LAI to VLR Mapping VLR association distribution among multiple MMEMGRs IMSI Paging Procedure SCTP Multi-homing for SGs interface IPv6 Transport for SGs interface SNMP Trap Support (Service/VLR association) Operator Policy Support SMS-only Disallow CSFB Reject EPS if IMSI attach fails Reject EPS if VoIMS and no CSFB CSFB Not Preferred Configurable RFSP based on UE Usage and and Voice Domain Preference PS Suspend/Resume over S11 (Release 8) PS Suspend/Resume over S3/S11 (Release 9) Support for SGs AP Timers: TS6-1, ts8, ts9, ts10, ts12-1, ts12-2, ts-13 ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 52 Mobility Management Entity Overview Features and Functionality - Licensed Enhanced Feature Software ▀ Idle mode Signaling Reduction (ISR) Multiple Association Support SNMP Trap Support VLRAssocDown - sent when an SCTP association to a VLR is down. VLRDown - sent when all SCTP associations to a VLR are down. VlrAllAssocDown - sent when all associations to all VLRs are down. Support for Passive VLR Offload: See VLR Management . Support for Active VLR Offload: See VLR Management . UE Detach on VLR Failure: See VLR Management . UE Detach on VLR Recovery: See VLR Management . Enhanced Congestion Control and Overload Control This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. This feature builds on the functionality provided by Congestion Control and Overload Control . To allow greater control during overload conditions, the MME supports the configuration of three separate levels (critical, major, minor) of congestion thresholds for the following system resources: System CPU usage System service CPU usage (Demux-Card CPU usage) System Memory usage License usage Maximum Session per service The MME can, in turn, be configured to take specific actions when any of these thresholds are crossed, such as: Drop or reject the following S1-AP/NAS messages: S1 Setup, Handover events, TAU request, Service request, PS-Attach request, Combined-attach request, Additional PDN request, or UE initiated bearer resource allocation. Allow voice or emergency calls/events. Initiate S1AP overload start to a percentage of eNodeBs with options to signal any of the following in the Overload Response IE: reject non-emergency sessions reject new sessions permit emergency sessions permit high-priority sessions and mobile-terminated services reject delay-tolerant access. For more information on configuring this functionality, refer to Enhanced Congestion Control and Overload Control chapter of the MME Administration Guide. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 53 Mobility Management Entity Overview ▀ Features and Functionality - Licensed Enhanced Feature Software Idle-mode Signaling Reduction This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. Idle-mode Signaling Reduction (ISR) allows a UE to be registered on (and roam between) E-UTRAN and UTRAN/GERAN networks while reducing the frequency of TAU and RAU procedures and overall signaling. Refer to the Idle-mode Signaling Reduction chapter in the MME Administration Guide for more information. IP Security (IPSec) This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. IP Security provides a mechanism for establishing secure tunnels from mobile subscribers to pre-defined endpoints (i.e. enterprise or home networks) in accordance with the following standards: RFC 2401, Security Architecture for the Internet Protocol RFC 2402, IP Authentication Header (AH) RFC 2406, IP Encapsulating Security Payload (ESP) RFC 2409, The Internet Key Exchange (IKE) RFC-3193, Securing L2TP using IPSEC, November 2001 IP Security (IPSec) is a suite of protocols that interact with one another to provide secure private communications across IP networks. These protocols allow the system to establish and maintain secure tunnels with peer security gateways. IPSec can be implemented on the system for the following applications: PDN Access: Subscriber IP traffic is routed over an IPSec tunnel from the system to a secure gateway on the packet data network (PDN) as determined by access control list (ACL) criteria. Mobile IP: Mobile IP control signals and subscriber data is encapsulated in IPSec tunnels that are established between foreign agents (FAs) and home agents (HAs) over the Pi interfaces. Important: Once an IPSec tunnel is established between an FA and HA for a particular subscriber, all new Mobile IP sessions using the same FA and HA are passed over the tunnel regardless of whether or not IPSec is supported for the new subscriber sessions. Data for existing Mobile IP sessions is unaffected. L2TP: L2TP-encapsulated packets are routed from the system to an LNS/secure gateway over an IPSec tunnel. The following figure shows IPSec configurations. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 54 Mobility Management Entity Overview Features and Functionality - Licensed Enhanced Feature Software ▀ Figure 7. IPSec Applications Important: For more information on IPSec support, refer to the Cisco StarOS IP Security (IPSec) Reference. Lawful Intercept The feature use license for Lawful Intercept on the MME is included in the MME session use license. The Cisco Lawful Intercept feature is supported on the MME. Lawful Intercept is a license-enabled, standards-based feature that provides telecommunications service providers with a mechanism to assist law enforcement agencies in monitoring suspicious individuals for potential illegal activity. For additional information and documentation on the Lawful Intercept feature, contact your Cisco account representative. Location Services This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. LoCation Services (LCS) on the MME and SGSN is a 3GPP standards-compliant feature that enables the system (MME or SGSN) to collect and use or share location (geographical position) information for connected UEs in support of a variety of location services. Refer to the Location Services chapter in the MME Administration Guide for more information. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 55 Mobility Management Entity Overview ▀ Features and Functionality - Licensed Enhanced Feature Software Optimized Paging Support This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. Also known as heuristic or idle-mode paging, this feature reduces network operations cost through more efficient utilization of paging resources and reduced paging load in the EUTRAN access network. Idle mode paging over EUTRAN access networks is an expensive operation that causes volumes of signaling traffic between the S-GW and MME/SGSN. This problem is acute in the radio access network, where paging is a shared resource with finite capacity. When a request for an idle mode access terminal is received by the S-GW, the MME floods the paging notification message to all eNodeBs in the Tracking Area List (TAI). To appreciate the magnitude of the problem, consider a network with three million subscribers and a total of 800 eNodeBs in the TAI. If each subscriber was to receive one page during the busy hour, the total number of paging messages would exceed one million messages per second. To limit the volume of unnecessary paging related signaling, the Cisco MME provides intelligent paging heuristics. Each MME maintains a list of “n” last heard from eNodeBs inside the TAI for the UE. The intent is to keep track of the eNodeBs that the AT commonly attaches to such as the cells located near a person's residence and place of work. During the average day, the typical worker spends the most time attaching to one of these two locations. When an incoming page arrives for the idle mode user, the MME attempts to page the user at the last heard from eNodeB. The MME uses Tracking Area Updates to build this local table. If no response is received within a configurable period, the MME attempts to page the user at the last “n” heard from eNodeBs. If the MME has still not received acknowledgement from the idle mode UE, only then does it flood the paging messages to all eNodeBs in the TAI. In the majority of instances with this procedure, the UE will be paged in a small set of eNodeBs where it is most likely to be attached. Overcharging Protection This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. Overcharging Protection helps in avoiding charging subscribers for dropped downlink packets while the UE is in idle mode. This feature helps ensure subscribers are not overcharged while the subscriber is in idle mode. Refer to the Overcharging Protection chapter in the MME Administration Guide for more information. Session Recovery Support The feature use license for Session Recovery on the MME is included in the MME session use license. The Session Recovery feature provides seamless failover and reconstruction of subscriber session information in the event of a hardware or software fault within the system preventing a fully connected user session from being disconnected. This feature is also useful for Software Patch Upgrade activities. If session recovery feature is enabled during the software patch upgrading, it helps to permit preservation of existing sessions on the active PSC during the upgrade process. Session recovery is performed by mirroring key software processes (e.g. session manager and AAA manager) within the system. These mirrored processes remain in an idle state (in standby-mode), wherein they perform no processing, until they may be needed in the case of a software failure (e.g. a session manager task aborts). The system spawns new instances of “standby mode” session and AAA managers for each active control processor (CP) being used. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 56 Mobility Management Entity Overview Features and Functionality - Licensed Enhanced Feature Software ▀ Additionally, other key system-level software tasks, such as VPN manager, are performed on a physically separate packet processing card to ensure that a double software fault (e.g. session manager and VPN manager fails at same time on same card) cannot occur. The packet processing card used to host the VPN manager process is in active mode and is reserved by the operating system for this sole use when session recovery is enabled. The additional hardware resources required for session recovery include a standby system processor card (SPC) and a standby packet processing card. There are two modes for Session Recovery. Task recovery mode: Wherein one or more session manager failures occur and are recovered without the need to use resources on a standby packet processing card. In this mode, recovery is performed by using the mirrored “standby-mode” session manager task(s) running on active packet processing cards. The “standbymode” task is renamed, made active, and is then populated using information from other tasks such as AAA manager. Full packet processing card recovery mode: Used when a PSC or PSC2 hardware failure occurs, or when a packet processing card migration failure happens. In this mode, the standby packet processing card is made active and the “standby-mode” session manager and AAA manager tasks on the newly activated packet processing card perform session recovery. Session/Call state information is saved in the peer AAA manager task because each AAA manager and session manager task is paired together. These pairs are started on physically different packet processing cards to ensure task recovery. Important: For more information on session recovery support, refer to the Session Recovery chapter in the System Administration Guide. Single Radio Voice Call Continuity Support This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. Voice over IP (VoIP) subscribers anchored in the IP Multimedia Subsystem (IMS) network can move out of an LTE coverage area and continue the call over the circuit-switched (CS) network through the use of the Single Radio Voice Call Continuity (SRVCC) feature. The smooth handover of the VoIP call does not require dual-mode radio. For more information about SRVCC, refer to the Single Radio Voice Call Continuity chapter in this document. User Location Information Reporting This feature requires that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. User Location Information (ULI) Reporting allows the eNodeB to report the location of a UE to the MME, when requested by a P-GW. The following procedures are used over the S1-MME interface to initiate and stop location reporting between the MME and eNodeB: Location Reporting Control: The purpose of Location Reporting Control procedure is to allow the MME to request that the eNodeB report where the UE is currently located. This procedure uses UE-associated signaling. Location Report Failure Indication: The Location Report Failure Indication procedure is initiated by an eNodeB in order to inform the MME that a Location Reporting Control procedure has failed. This procedure uses UE-associated signalling. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 57 Mobility Management Entity Overview ▀ Features and Functionality - Licensed Enhanced Feature Software Location Report: The purpose of Location Report procedure is to provide the UE's current location to the MME. This procedure uses UE-associated signalling. The start/stop trigger for location reporting for a UE is reported to the MME by the S-GW over the S11 interface. The Change Reporting Action (CRA) Information Element (IE) is used for this purpose. The MME updates the location to the S-GW using the User Location Information (ULI) IE. The following S11 messages are used to transfer CRA and ULI information between the MME and S-GW: Create Session Request: The ULI IE is included for E-UTRAN Initial Attach and UE-requested PDN Connectivity procedures. It includes ECGI and TAI. The MME includes the ULI IE for TAU/ X2-Handover procedure if the P-GW has requested location information change reporting and the MME support location information change reporting. The S-GW includes the ULI IE on S5/S8 exchanges if it receives the ULI from the MME. If the MME supports change reporting, it sets the corresponding indication flag in the Create Session Request message. Create Session Response: The CRA IE in the Create Session Response message can be populated by the S-GW to indicate the type of reporting required. Create Bearer Request: The CRA IE is included with the appropriate Action field if the Location Change Reporting mechanism is to be started or stopped for the subscriber in the MME. Modify Bearer Request: The MME includes the ULI IE for TAU/Handover procedures and UE-initiated Service Request procedures if the P-GW has requested location information change reporting and the MME supports location information change reporting. The S-GW includes this IE on S5/S8 exchanges if it receives the ULI from the MME. Modify Bearer Response: The CRA IE is included with the appropriate Action field if the Location Change Reporting mechanism is to be started or stopped for the subscriber in the MME. Delete Session Request: The MME includes the ULI IE for the Detach procedure if the P-GW has requested location information change reporting and MME supports location information change reporting. The S-GW includes this IE on S5/S8 exchanges if it receives the ULI from the MME. Update Bearer Request: The CRA IE is included with the appropriate Action field if the Location Change Reporting mechanism is to be started or stopped for the subscriber in the MME. Change Notification Request: If no existing procedure is running for a UE, a Change Notification Request is sent upon receipt of an S1-AP location report message. If an existing procedure is running, one of the following messages reports the ULI: Create Session Request Create Bearer Response Modify Bearer Request Update Bearer Response Delete Bearer Response Delete Session Request If an existing Change Notification Request is pending, it is aborted and a new one is sent. Important: Information on configuring User Location Information Reporting support is located in the Configuring Optional Features on the MME section of the Mobility Management Entity Configuration chapter in this guide. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 58 Mobility Management Entity Overview Features and Functionality - Licensed Enhanced Feature Software ▀ VLR Management These features require that a valid license key be installed. Contact your Cisco Account or Support representative for information on how to obtain a license. The following features provide for additional resiliency of the Circuit Switched Fallback (CSFB) service. Passive VLR Offloading and Active VLR Offloading: The MME supports the capability to passively offload UEs for a specific VLR. This capability enables operators to preemptively move subscribers away from an SGs interface associated with a VLR which is planned for maintenance mode. Active VLR Offloading provides all of the functionality of Passive VLR Offloading, but also actively detaches UEs associated with the VLR during an operator-specified time period. This expedites the process of offloading UEs prior to a planned VLR maintenance event. Both passive and active offload functionality is available only for VLRs within a LAC pool area. UE Detach on VLR Failure: The MME supports the ability to perform a controlled release of UEs when a VLR connection becomes unavailable. UE Detach on VLR Recovery: The MME also has the ability to perform a controlled release of CSFB (SMSonly) UEs when a failed VLR becomes responsive again (thereby returning the UE to a combined attached state on a different VLR). Refer to the VLR Management chapter in the MME Administration Guide for more information about these features. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 59 Mobility Management Entity Overview ▀ How the MME Works How the MME Works This section provides information on the function and procedures of the MME in an EPC network and presents message flows for different stages of session setup. The following procedures are supported in this release: EPS Bearer Context Processing Purge Procedure Paging Procedure Subscriber-initiated Initial Attach Procedure Subscriber-initiated Detach Procedure Service Request Procedures UE-initiated Service Request Procedure Network-initiated Service Request Procedure EPS Bearer Context Processing EPS Bearer context processing is based on the APN that the subscriber is attempting to access. Templates for all of the possible APNs that subscribers will be accessing must be configured within the P-GW system. Each APN template consists of parameters pertaining to how EPS Bearer contexts are processed such as the following: PDN Type: The system supports IPv4, IPv6, or IPv4v6. Timeout: Absolute and idle session timeout values specify the amount of time that an MS can remain connected. Quality of Service: Parameters pertaining to QoS feature support such as for Traffic Policing and traffic class. A total of 11 EPS bearer contexts are supported per subscriber. These could be all dedicated, or 1 default and 10 dedicated or any combination of default and dedicated context. Note that there must be at least one default EPS bearer context in order for dedicated context to come up. Purge Procedure The purge procedure is employed by the Cisco MME to inform the concerned node that the MME has removed the EPS bearer contexts of a detached UE. This is usually invoked when the number of records exceeds the maximum capacity of the system. Paging Procedure Paging is initiated when there is data to be sent to an idle UE to trigger a service request from the UE. Once the UE reaches connected state, the data is forwarded to it. Paging retransmission can be controlled by configuring a paging-timer and retransmission attempts on system. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 60 Mobility Management Entity Overview How the MME Works ▀ Subscriber-initiated Initial Attach Procedure The following figure and the text that follows describe the message flow for a successful user-initiated subscriber attach procedure. Figure 8. Subscriber-initiated Attach (initial) Call Flow Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 61 Mobility Management Entity Overview ▀ How the MME Works Table 1. Subscriber-initiated Attach (initial) Call Flow Description Step Description 1 The UE initiates the Attach procedure by the transmission of an Attach Request (IMSI or old GUTI, last visited TAI (if available), UE Network Capability, PDN Address Allocation, Protocol Configuration Options, Attach Type) message together with an indication of the Selected Network to the eNodeB. IMSI is included if the UE does not have a valid GUTI available. If the UE has a valid GUTI, it is included. 2 The eNodeB derives the MME from the GUTI and from the indicated Selected Network. If that MME is not associated with the eNodeB, the eNodeB selects an MME using an “MME selection function”. The eNodeB forwards the Attach Request message to the new MME contained in a S1-MME control message (Initial UE message) together with the Selected Network and an indication of the E-UTRAN Area identity, a globally unique E-UTRAN ID of the cell from where it received the message to the new MME. 3 If the UE is unknown in the MME, the MME sends an Identity Request to the UE to request the IMSI. 4 The UE responds with Identity Response (IMSI). 5 If no UE context for the UE exists anywhere in the network, authentication is mandatory. Otherwise this step is optional. However, at least integrity checking is started and the ME Identity is retrieved from the UE at Initial Attach. The authentication functions, if performed this step, involves AKA authentication and establishment of a NAS level security association with the UE in order to protect further NAS protocol messages. 6 The MME sends an Update Location Request (MME Identity, IMSI, ME Identity) to the HSS. 7 The HSS acknowledges the Update Location message by sending an Update Location Ack to the MME. This message also contains the Insert Subscriber Data (IMSI, Subscription Data) Request. The Subscription Data contains the list of all APNs that the UE is permitted to access, an indication about which of those APNs is the Default APN, and the 'EPS subscribed QoS profile' for each permitted APN. If the Update Location is rejected by the HSS, the MME rejects the Attach Request from the UE with an appropriate cause. 8 The MME selects an S-GW using “Serving GW selection function” and allocates an EPS Bearer Identity for the Default Bearer associated with the UE. If the PDN subscription context contains no P-GW address the MME selects a P-GW as described in clause “PDN GW selection function”. Then it sends a Create Default Bearer Request (IMSI, MME Context ID, APN, RAT type, Default Bearer QoS, PDN Address Allocation, AMBR, EPS Bearer Identity, Protocol Configuration Options, ME Identity, User Location Information) message to the selected S-GW. 9 The S-GW creates a new entry in its EPS Bearer table and sends a Create Default Bearer Request (IMSI, APN, S-GW Address for the user plane, S-GW TEID of the user plane, S-GW TEID of the control plane, RAT type, Default Bearer QoS, PDN Address Allocation, AMBR, EPS Bearer Identity, Protocol Configuration Options, ME Identity, User Location Information) message to the P-GW. 10 If dynamic PCC is deployed, the P-GW interacts with the PCRF to get the default PCC rules for the UE. The IMSI, UE IP address, User Location Information, RAT type, AMBR are provided to the PCRF by the P-GW if received by the previous message. 11 The P-GW returns a Create Default Bearer Response (P-GW Address for the user plane, P-GW TEID of the user plane, PGW TEID of the control plane, PDN Address Information, EPS Bearer Identity, Protocol Configuration Options) message to the S-GW. PDN Address Information is included if the P-GW allocated a PDN address Based on PDN Address Allocation received in the Create Default Bearer Request. PDN Address Information contains an IPv4 address for IPv4 and/or an IPv6 prefix and an Interface Identifier for IPv6. The P-GW takes into account the UE IP version capability indicated in the PDN Address Allocation and the policies of operator when the P-GW allocates the PDN Address Information. Whether the IP address is negotiated by the UE after completion of the Attach procedure, this is indicated in the Create Default Bearer Response. 12 The Downlink (DL) Data can start flowing towards S-GW. The S-GW buffers the data. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 62 Mobility Management Entity Overview How the MME Works ▀ Step Description 13 The S-GW returns a Create Default Bearer Response (PDN Address Information, S-GW address for User Plane, S-GW TEID for User Plane, S-GW Context ID, EPS Bearer Identity, Protocol Configuration Options) message to the new MME. PDN Address Information is included if it was provided by the P-GW. 14 The new MME sends an Attach Accept (APN, GUTI, PDN Address Information, TAI List, EPS Bearer Identity, Session Management Configuration IE, Protocol Configuration Options) message to the eNodeB. 15 The eNodeB sends Radio Bearer Establishment Request including the EPS Radio Bearer Identity to the UE. The Attach Accept message is also sent along to the UE. 16 The UE sends the Radio Bearer Establishment Response to the eNodeB. In this message, the Attach Complete message (EPS Bearer Identity) is included. 17 The eNodeB forwards the Attach Complete (EPS Bearer Identity) message to the MME. 18 The Attach is complete and UE sends data over the default bearer. At this time the UE can send uplink packets towards the eNodeB which are then tunnelled to the S-GW and P-GW. 19 The MME sends an Update Bearer Request (eNodeB address, eNodeB TEID) message to the S-GW. 20 The S-GW acknowledges by sending Update Bearer Response (EPS Bearer Identity) message to the MME. 21 The S-GW sends its buffered downlink packets. 22 After the MME receives Update Bearer Response (EPS Bearer Identity) message, if an EPS bearer was established and the subscription data indicates that the user is allowed to perform handover to non-3GPP accesses, and if the MME selected a P-GW that is different from the P-GW address which was indicated by the HSS in the PDN subscription context, the MME sends an Update Location Request including the APN and P-GW address to the HSS for mobility with non-3GPP accesses. 23 The HSS stores the APN and P-GW address pair and sends an Update Location Response to the MME. 24 Bidirectional data is passed between the UE and PDN. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 63 Mobility Management Entity Overview ▀ How the MME Works Subscriber-initiated Detach Procedure The following figure and the text that follows describe the message flow for a user-initiated subscriber de-registration procedure. Figure 9. Subscriber-initiated Detach Call Flow Table 2. Subscriber-initiated Detach Call Flow Description Step Description 1 The UE sends NAS message Detach Request (GUTI, Switch Off) to the MME. Switch Off indicates whether detach is due to a switch off situation or not. 2 The active EPS Bearers in the S-GW regarding this particular UE are deactivated by the MME sending a Delete Bearer Request (TEID) message to the S-GW. 3 The S-GW sends a Delete Bearer Request (TEID) message to the P-GW. 4 The P-GW acknowledges with a Delete Bearer Response (TEID) message. 5 The P-GW may interact with the PCRF to indicate to the PCRF that EPS Bearer is released if PCRF is applied in the network. 6 The S-GW acknowledges with a Delete Bearer Response (TEID) message. 7 If Switch Off indicates that the detach is not due to a switch off situation, the MME sends a Detach Accept message to the UE. 8 The MME releases the S1-MME signalling connection for the UE by sending an S1 Release command to the eNodeB with Cause = Detach. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 64 Mobility Management Entity Overview How the MME Works ▀ Service Request Procedures Service Request procedures are used to establish a secure connection to the MME as well as request resource reservation for active contexts. The MME allows configuration of the following service request procedures: UE-initiated Service Request Procedure Network-initiated Service Request Procedure UE-initiated Service Request Procedure The call flow in this section describes the process for re-connecting an idle UE. The following figure and the text that follows describe the message flow for a successful UE-initiated service request procedure. Figure 10. UE-initiated Service Request Message Flow Table 3. UE-initiated Service Request Message Flow Description Step Description 1 (NAS) The UE sends a Network Access Signaling (NAS) message Service Request (S-TMSI) towards the MME encapsulated in an RRC message to the eNodeB. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 65 Mobility Management Entity Overview ▀ How the MME Works Step Description 2 The eNodeB forwards NAS message to the MME. The NAS message is encapsulated in an S1-AP: Initial UE message (NAS message, TAI+ECGI of the serving cell). 3 NAS authentication procedures may be performed. 4 The MME sends an S1-AP Initial Context Setup Request (S-GW address, S1-TEID(s) (UL), EPS Bearer QoS(s), Security Context, MME Signalling Connection Id, Handover Restriction List) message to the eNodeB. This step activates the radio and S1 bearers for all the active EPS Bearers. The eNodeB stores the Security Context, MME Signalling Connection Id, EPS Bearer QoS(s) and S1-TEID(s) in the UE RAN context. 5 The eNodeB performs the radio bearer establishment procedure. 6 The uplink data from the UE can now be forwarded by eNodeB to the S-GW. The eNodeB sends the uplink data to the SGW address and TEID provided in step 4. 7 The eNodeB sends an S1-AP message Initial Context Setup Complete message (eNodeB address, List of accepted EPS bearers, List of rejected EPS bearers, S1 TEID(s) (DL)) to the MME. 8 The MME sends a Modify Bearer Request message (eNodeB address, S1 TEID(s) (DL) for the accepted EPS bearers, RAT Type) to the S-GW. The S-GW is now able to transmit downlink data towards the UE. 9 The S-GW sends a Modify Bearer Response message to the MME. Network-initiated Service Request Procedure The call flow in this section describes the process for re-connecting an idle UE when a downlink data packet is received from the PDN. The following figure and the text that follows describe the message flow for a successful network-initiated service request procedure: ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 66 Mobility Management Entity Overview How the MME Works ▀ Figure 11. Network-initiated Service Request Message Flow Table 4. Network-initiated Service Request Message Flow Description Step Description 1 A downlink data packet is received on the S-GW from PDN for the targeted UE. The S-GW checks to see if the UE is userplane connected (the S-GW context data indicates that there is no downlink user plane (TEID)). The downlink data is buffered and the S-GW identifies which MME is serving the intended UE. 2 The S-GW sends a Downlink Data Notification message to the MME for the targeted UE. 3 The MME responds with a Downlink Data Notification Acknowledgement message to the S-GW. 4 The MME send a Paging Request to the eNodeB for the targeted UE. The Paging Request contains the NAS ID for paging, TAI(s), the UE identity based DRX index, and the Paging DRX length. The Paging Request is sent to each eNodeB belonging to the tracking area(s) where the UE is registered. 5 The eNodeB broadcasts the Paging Request in its coverage area for the UE. Important: Steps 4 and 5 are skipped if the MME has a signalling connection over the S1-MME towards the UE. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 67 Mobility Management Entity Overview ▀ How the MME Works Step Description 6 Upon receipt of the Paging indication in the E-UTRAN access network, the UE initiates the UE-triggered Service Request procedure and the eNodeB starts messaging through the UE Paging Response. The MME supervises the paging procedure with a timer. If the MME receives no Paging Response from the UE, it retransmits the Paging Request. If the MME receives no response from the UE after the retransmission, it uses the Downlink Data Notification Reject message to notify the S-GW about the paging failure. 7 The S-GW sends a Stop Paging message to MME. 8 The buffered downlink data is sent to the identified UE. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 68 Mobility Management Entity Overview Supported Standards ▀ Supported Standards The MME complies with the following standards for 3GPP LTE/EPS wireless networks. 3GPP References IETF References Object Management Group (OMG) Standards 3GPP References Release 10 Supported Standards 3GPP TS 23.216 V10.5.0 (2012-12): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Single Radio Voice Call Continuity (SRVCC); Stage 2 (Release 10) 3GPP TS 23.272 V10.9.0 (2012-12): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Circuit Switched (CS) fallback in Evolved Packet System (EPS); Stage 2 (Release 10) 3GPP TS 24.301 V10.9.0 (2012-12): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Non-Access-Stratum (NAS) protocol for Evolved Packet System (EPS); Stage 3 (Release 10) 3GPP TS 29.118 V10.9.0 (2012-09): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Mobility Management Entity (MME) - Visitor Location Register (VLR) SGs interface specification (Release 10) 3GPP TS 29.172 V10.1.0 (2011-09): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Location Services (LCS); Evolved Packet Core (EPC) LCS Protocol (ELP) between the Gateway Mobile Location Centre (GMLC) and the Mobile Management Entity (MME); SLg interface (Release 10) 3GPP TS 29.272 V10.5.0 (2011-12): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; 3GPP Evolved Packet System (EPS); Mobility Management Entity (MME) and Serving GPRS Support Node (SGSN) related interfaces based on Diameter protocol (Release 10) 3GPP TS 29.274 V10.5.0 (2011-12): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; 3GPP Evolved Packet System (EPS); Evolved General Packet Radio Service (GPRS) Tunnelling Protocol for Control plane (GTPv2-C); Stage 3 (Release 10) 3GPP TS 29.280 V10.4.0 (2012-06): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; 3GPP Evolved Packet System (EPS); 3GPP Sv interface (MME to MSC, and SGSN to MSC) for SRVCC (Release 10) 3GPP TS 36.413 V10.5.0 (2012-03): 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access Network (E-UTRAN); S1 Application Protocol (S1AP) (Release 10) Release 9 Supported Standards 3GPP TS 23.216 V9.6.0 (2010-12): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Single Radio Voice Call Continuity (SRVCC); Stage 2 (Release 9) Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 69 Mobility Management Entity Overview ▀ Supported Standards 3GPP TS 23.272 V9.6.0 (2010-12): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Circuit Switched (CS) fallback in Evolved Packet System (EPS); Stage 2 (Release 9) 3GPP TS 23.401 V9.6.0 (2010-09): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access (Release 9) 3GPP TS 24.301 V9.5.0 (2010-12): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Non-Access-Stratum (NAS) protocol for Evolved Packet System (EPS); Stage 3 (Release 9) 3GPP TS 29.118 V9.4.0 (2010-12): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Mobility Management Entity (MME) - Visitor Location Register (VLR) SGs interface specification (Release 9) 3GPP TS 29.272 V9.5.0 (2010-12): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; 3GPP Evolved Packet System (EPS); Mobility Management Entity (MME) and Serving GPRS Support Node (SGSN) related interfaces based on Diameter protocol (Release 9) 3GPP TS 29.274 V 9.4.0 (2010-09): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; 3GPP Evolved Packet System (EPS); Evolved General Packet Radio Service (GPRS) Tunnelling Protocol for Control plane (GTPv2-C); Stage 3 (Release 9) 3GPP TS 29.280 V 9.5.0 (2010-12): 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; 3GPP Evolved Packet System (EPS); 3GPP Sv interface (MME to MSC, and SGSN to MSC) for SRVCC (Release 9) 3GPP TS 33.401 V9.5.0 (2010-10): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP System Architecture Evolution (SAE): Security Architecture; (Release 9) 3GPP TS 36.410 V9.2.0 (2010-06): 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Access Network (E-UTRAN); S1 General aspects and principles (Release 9) 3GPP TS 36.411 V9.0.0 (2009-12): 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Access Network (E-UTRAN); S1 layer 1 (Release 9) 3GPP TS 36.413 V9.5.0 (2010-12): 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access Network (E-UTRAN); S1 Application Protocol (S1AP) (Release 9) IETF References RFC-768, User Datagram Protocol (UPD), August 1980 RFC-791, Internet Protocol (IP), September 1982 RFC-793, Transmission Control Protocol (TCP), September 1981 RFC-894, A Standard for the Transmission of IP Datagrams over Ethernet Networks, April 1984 RFC-1089, SNMP over Ethernet, February 1989 RFC-1144, Compressing TCP/IP headers for low-speed serial links, February 1990 RFC-1155, Structure & identification of management information for TCP/IP-based internets, May 1990 RFC-1157, Simple Network Management Protocol (SNMP) Version 1, May 1990 RFC-1212, Concise MIB Definitions, March 1991 ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 70 Mobility Management Entity Overview Supported Standards ▀ RFC-1213, Management Information Base for Network Management of TCP/IP-based Internets: MIB-II, March 1991 RFC-1215, A Convention for Defining Traps for use with the SNMP, March 1991 RFC-1224, Techniques for managing asynchronously generated alerts, May 1991 RFC-1256, ICMP Router Discovery Messages, September 1991 RFC-1305, Network Time Protocol (Version 3) Specification, Implementation and Analysis, March 1992 RFC-1332, The PPP Internet Protocol Control Protocol (IPCP), May 1992 RFC-1398, Definitions of Managed Objects for the Ethernet-Like Interface Types, January 1993 RFC-1418, SNMP over OSI, March 1993 RFC-1570, PPP LCP Extensions, January 1994 RFC-1643, Definitions of Managed Objects for the Ethernet-like Interface Types, July 1994 RFC-1701, Generic Routing Encapsulation (GRE), October 1994 RFC-1850, OSPF Version 2 Management Information Base, November 1995 RFC-1901, Introduction to Community-based SNMPv2, January 1996 RFC-1902, Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2), January 1996 RFC-1903, Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2), January 1996 RFC-1904, Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2), January 1996 RFC-1905, Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2), January 1996 RFC-1906, Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2), January 1996 RFC-1907, Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2), January 1996 RFC-1908, Coexistence between Version 1 and Version 2 of the Internet-standard Network Management Framework, January 1996 RFC-1918, Address Allocation for Private Internets, February 1996 RFC-1919, Classical versus Transparent IP Proxies, March 1996 RFC-2002, IP Mobility Support, May 1995 RFC-2003, IP Encapsulation within IP, October 1996 RFC-2004, Minimal Encapsulation within IP, October 1996 RFC-2005, Applicability Statement for IP Mobility Support, October 1996 RFC-2118, Microsoft Point-to-Point Compression (MPPC) Protocol, March 1997 RFC 2131, Dynamic Host Configuration Protocol RFC-2136, Dynamic Updates in the Domain Name System (DNS UPDATE) RFC-2211, Specification of the Controlled-Load Network Element Service RFC-2246, The Transport Layer Security (TLS) Protocol Version 1.0, January 1999 Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 71 Mobility Management Entity Overview ▀ Supported Standards RFC-2328, OSPF Version 2, April 1998 RFC-2344, Reverse Tunneling for Mobile IP, May 1998 RFC-2394, IP Payload Compression Using DEFLATE, December 1998 RFC 2401, Security Architecture for the Internet Protocol RFC 2402, IP Authentication Header (AH) RFC 2406, IP Encapsulating Security Payload (ESP) RFC 2409, The Internet Key Exchange (IKE) RFC-2460, Internet Protocol Version 6 (IPv6) RFC-2461, Neighbor Discovery for IPv6 RFC-2462, IPv6 Stateless Address Autoconfiguration RFC-2486, The Network Access Identifier (NAI), January 1999 RFC-2571, An Architecture for Describing SNMP Management Frameworks, April 1999 RFC-2572, Message Processing and Dispatching for the Simple Network Management Protocol (SNMP), April 1999 RFC-2573, SNMP Applications, April 1999 RFC-2574, User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3), April 1999 RFC-2597, Assured Forwarding PHB Group, June 1999 RFC-2598, Expedited Forwarding PHB, June 1999 RFC-2618, RADIUS Authentication Client MIB, June 1999 RFC-2620, RADIUS Accounting Client MIB, June 1999 RFC-2661, Layer Two Tunneling Protocol “L2TP”, August 1999 RFC-2697, A Single Rate Three Color Marker, September 1999 RFC-2698, A Two Rate Three Color Marker, September 1999 RFC-2784, Generic Routing Encapsulation (GRE) - March 2000, IETF RFC-2794, Mobile IP Network Access Identifier Extension for IPv4, March 2000 RFC-2809, Implementation of L2TP Compulsory Tunneling via RADIUS, April 2000 RFC-2845, Secret Key Transaction Authentication for DNS (TSIG), May 2000 RFC-2865, Remote Authentication Dial In User Service (RADIUS), June 2000 RFC-2866, RADIUS Accounting, June 2000 RFC-2867, RADIUS Accounting Modifications for Tunnel Protocol Support, June 2000 RFC-2868, RADIUS Attributes for Tunnel Protocol Support, June 2000 RFC-2869, RADIUS Extensions, June 2000 RFC-3007, Secure Domain Name System (DNS) Dynamic Update, November 2000 RFC-3012, Mobile IPv4 Challenge/Response Extensions, November 2000 RFC-3056, Connection of IPv6 Domains via IPv4 Clouds, February 2001 RFC-3101 OSPF-NSSA Option, January 2003 ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 72 Mobility Management Entity Overview Supported Standards ▀ RFC-3143, Known HTTP Proxy/Caching Problems, June 2001 RFC-3193, Securing L2TP using IPSEC, November 2001 RFC-3314, Recommendations for IPv6 in Third Generation Partnership Project (3GPP) Standards, September 2002 RFC-3316, Internet Protocol Version 6 (IPv6) for Some Second and Third Generation Cellular Hosts, April 2003 RFC-3706, A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers, February 2004 RFC-3543, Registration Revocation in Mobile IPv4, August 2003 RFC 3588, Diameter Base Protocol, September 2003 RFC 4006, Diameter Credit-Control Application, August 2005 Draft, Route Optimization in Mobile IP Draft, Generalized Key Distribution Extensions for Mobile IP Draft, AAA Keys for Mobile IP Object Management Group (OMG) Standards CORBA 2.6 Specification 01-09-35, Object Management Group Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 73 Chapter 2 Mobility Management Entity Configuration This chapter provides configuration information for the Mobility Management Entity (MME). Because each wireless network is unique, the system is designed with a variety of parameters allowing it to perform in various wireless network environments. In this chapter, only the minimum set of parameters are provided to make the system operational. Optional configuration commands specific to the MME product are located in the Command Line Interface Reference. The following procedures are located in this chapter: Configuring the System as a Standalone MME (base configuration) Configuring Optional Features on the MME Important: At least one Packet Services Card (PSC/PSC2) must be made active prior to service configuration. Information and instructions for configuring PSCs/PSC2s to be active can be found in the System Settings chapter of the System Administration Guide. Caution: While configuring any base-service or enhanced feature, it is highly recommended to avoid conflicting or blocked IP addresses and port numbers when binding or assigning these to your configuration. In association with some service steering or access control features, the use of inappropriate port numbers may result in communication loss. Refer to the respective feature configuration document carefully before assigning any port number or IP address for communication with internal or external networks. Important: Information about all commands in this chapter can be found in the Command Line Interface Reference. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 75 Mobility Management Entity Configuration ▀ Configuring the System as a Standalone MME (base configuration) Configuring the System as a Standalone MME (base configuration) This section provides a high-level series of steps and associated configuration file examples for configuring the system to perform as an MME in a test environment. The configuration in this section assumes the following: A single context for all interfaces and services (excepting the Local context) static S-GW/P-GW selection (MME Policy configuration) Information provided in this section includes the following: Information Required MME Configuration Information Required The following sections describe the minimum amount of information required to configure and make the MME operational on the network. To make the process more efficient, it is recommended that this information be available prior to configuring the system. There are additional configuration parameters that are not described in this section. These parameters deal mostly with fine-tuning the operation of the S-GW in the network. Information on these parameters can be found in the appropriate sections of the Command Line Interface Reference. Required MME Context Configuration Information The following table lists the information that is required to configure the MME context. Table 5. Required Information for MME Context Configuration Required Information Description MME context name An identification string from 1 to 79 characters (alpha and/or numeric) by which the MME context is recognized by the system. S1-MME Interface Configuration (To/from eNodeB) Interface name An identification string between 1 and 79 characters (alpha and/or numeric) by which the interface is recognized by the system. Multiple names are needed if multiple interfaces will be configured. IP address and subnet IPv4 or IPv6 address assigned to the S1-MME interface. This address will be used for binding the SCTP (local bind address(es)) to communicate with the eNodeBs using S1-AP. Multiple addresses and subnets are needed if multiple interfaces will be configured. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 76 Mobility Management Entity Configuration Configuring the System as a Standalone MME (base configuration) ▀ Required Information Description Physical port number The physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides followed by the number of the physical connector on the card. For example, port 17/1 identifies connector number 1 on the card in slot 17. A single physical port can facilitate multiple interfaces. S11 Interface Configuration (To/from S-GW) Interface name An identification string between 1 and 79 characters (alpha and/or numeric) by which the interface is recognized by the system. Multiple names are needed if multiple interfaces will be configured. IP address and subnet IPv4 address assigned to the S11 interface. Multiple addresses and subnets are needed if multiple interfaces will be configured. Physical port number The physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides followed by the number of the physical connector on the card. For example, port 17/1 identifies connector number 1 on the card in slot 17. A single physical port can facilitate multiple interfaces. S6a Interface Configuration (To/from HSS) Interface name An identification string between 1 and 79 characters (alpha and/or numeric) by which the interface is recognized by the system. Multiple names are needed if multiple interfaces will be configured. IP address and subnet IPv4 or IPv6 addresses assigned to the S6a interface. Multiple addresses and subnets are needed if multiple interfaces will be configured. Physical port number The physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides followed by the number of the physical connector on the card. For example, port 17/1 identifies connector number 1 on the card in slot 17. A single physical port can facilitate multiple interfaces. S6a Diameter Endpoint Configuration End point name An identification string from 1 to 63 characters (alpha and/or numeric) by which the S6a Diameter endpoint configuration is recognized by the system. Origin realm name An identification string between 1 through 127 characters. The realm is the Diameter identity. The originator’s realm is present in all Diameter messages and is typically the company or service name. Origin host name An identification string from 1 to 255 characters (alpha and/or numeric) by which the S6a origin host is recognized by the system. Origin host address The IP address of the S6a interface. Peer name The S6a endpoint name described above. Peer realm name The S6a origin realm name described above. Peer address and port number The IP address and port number of the HSS. Route-entry peer The S6a endpoint name described above. S13 Interface Configuration (To/from EIR) Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 77 Mobility Management Entity Configuration ▀ Configuring the System as a Standalone MME (base configuration) Required Information Description Interface name An identification string between 1 and 79 characters (alpha and/or numeric) by which the interface is recognized by the system. Multiple names are needed if multiple interfaces will be configured. IP address and subnet IPv4 or IPv6 addresses assigned to the S13 interface. Multiple addresses and subnets are needed if multiple interfaces will be configured. Physical port number The physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides followed by the number of the physical connector on the card. For example, port 17/1 identifies connector number 1 on the card in slot 17. A single physical port can facilitate multiple interfaces. S13 Diameter Endpoint Configuration End point name An identification string from 1 to 63 characters (alpha and/or numeric) by which the S13 Diameter endpoint configuration is recognized by the system. Origin realm name An identification string between 1 through 127 characters. The realm is the Diameter identity. The originator’s realm is present in all Diameter messages and is typically the company or service name. Origin host name An identification string from 1 to 255 characters (alpha and/or numeric) by which the S13 origin host is recognized by the system. Origin host address The IP address of the S13 interface. Peer name The S13 endpoint name described above. Peer realm name The S13 origin realm name described above. Peer address and port number The IP address and port number of the EIR. Route-entry peer The S13 endpoint name described above. MME Service Configuration MME service name An identification string from 1 to 63 characters (alpha and/or numeric) by which the MME service can be identified on the system. It is configured in the Context configuration mode. Multiple names are needed if multiple MME services will be configured. PLMN identifier The identifier of Public Land Mobile Network (PLMN) of which MME belongs to. PLMN identifier is consisting of MCC and MNC. MME identifier The identifier of MME node. The MME Id is consisting of MME group and MME code. TAI management database name An identification string from 1 to 64 characters (alpha and/or numeric) by which the TAI management database service can be associated with the MME service. This is required for static S-GW selection. Refer to the Required MME Policy Configuration Information section below. P-GW IP address IPv4 or IPv6 address of a PDN Gateway (P-GW). This is required for static S-GW/P-GW selection. eGTP Service Configuration eGTP service name An identification string from 1 to 63 characters (alpha and/or numeric) by which the eGTP service can be associated with MME system. Multiple names are needed if multiple eGTP services will be used. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 78 Mobility Management Entity Configuration Configuring the System as a Standalone MME (base configuration) ▀ Required Information Description Interface type Identifies the type of interface to which the eGTP service is bound. This interface type is “interface-mme”. GTP-C binding IP address The IPv4 address of the S11 interface. HSS Peer Service Configuration HSS peer service name An identification string from 1 to 63 characters (alpha and/or numeric) by which the HSS peer service is recognized by the system. Multiple names are needed if multiple HSS peer services will be used. Diameter HSS peer The name for a pre-configured Diameter endpoint, configured on system to associate with this MME service to access an HSS and an EIR. This is the S6a Diameter endpoint name. Required MME Policy Configuration Information The following table lists the information that is required to configure the MME Policy on an MME. Table 6. Required Information for MME Policy Configuration Required Information Description Tracking Area Identifier (TAI) management database name An identification string from 1 to 64 characters (alpha and/or numeric) by which the TAI management database is recognized by the system. Tracking Area Identifier (TAI) management object name An identification string from 1 to 64 characters (alpha and/or numeric) by which the TAI management object is recognized by the system. MCC, MNC, and TAC The Mobile Country Code, Mobile Network Code, and Tracking Area Code for the SGW this management object represents. S-GW IP address The IPv4 or IPv6 address of the S-GW this management object represents. How This Configuration Works The following figure and supporting text describe how this configuration with a single context is used by the system to process a subscriber call originating from the GTP LTE network. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 79 Mobility Management Entity Configuration ▀ Configuring the System as a Standalone MME (base configuration) 1. The eNodeB forwards an Attach Request message from the UE to the MME containing the IMSI, last visited TAI (if available), the UE’s core network capability, the PDN Type, and the Attach Type. 2. The MME service receives the Attach Request message and references the HSS peer service for authentication and location resolution. 3. The HSS peer service configuration specifies the Diameter configuration and S6a interface to use to communicate with the HSS and the Diameter configuration and S13 interface to use to communicate with the Equipment Identity Register (EIR). 4. Assuming that the MME has no previous security context, it sends an S6a Authentication Request to the HSS and uses the authentication vectors received in the response to complete the authentication procedure with UE. 5. After authentication, the MME proceeds to do a security setup with the UE. During this procedure, the ME identity is transferred to the MME which then queries the EIR. 6. The MME then sends an Update Location Request to the HSS and obtains relevant subscription data for the IMSI in the response. 7. The MME policy is accessed to determine the S-GW and P-GW to which the UE should be attached. 8. The MME uses the S11 interface bound to the eGTP service to communicate with the S-GW specified by the MME policy configuration. 9. The MME then sends a Create Session Request to S-GW which is also forwarded to the specified P-GW (assuming GTPS5/S8) P-GW establishes the S5/S8 GTPU bearers and then responds with a Create-Session-response which is forwarded to the MME by the S-GW. The S-GW includes the relevant S1-U bearer information. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 80 Mobility Management Entity Configuration Configuring the System as a Standalone MME (base configuration) ▀ 10. The MME then sends a NAS Attach Accept embedded in the S1 Init Ctxt Setup request to the eNodeB. The Attach Accept contains the IP address allocated to the PDN and the temporary identifier (GUTI) assigned to the UE. The MME waits for positive acknowledgement from both the eNodeB (Init Ctxt Setup response) and UE (Attach Complete). The Init Ctxt Setup Response contains the S1-U bearer endpoint information. The MME then uses the S11 Modify Bearer Request to update the eNodeB endpoints with the S-GW. The receipt of the S11 Modify Bearer Response completes the end-toend bearer setup. 11. The MME then uses the S6a Notify Request to update the HSS with the APN and P-GW identity. MME Configuration To configure the system to perform as a standalone eGTP S-GW, review the following graphic and subsequent steps. Step 1 Set system configuration parameters such as activating PSCs by applying the example configurations found in the System Administration Guide. Step 2 Create the MME context, service, and all interfaces, and bind the S1-MME interface to an IP address by applying the example configuration in the Creating and Configuring the MME Context and Service section. Step 3 Create the eGTP service and associate it with the S11 interface by applying the example configuration in the Creating and Configuring the eGTP Service and Interface Association section. Step 4 Create the HSS peer service and associate it with the S6a interface and S13 interface by applying the example configuration in the Creating and Configuring the HSS Peer Service and Interface Associations section. Step 5 Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode command save configuration. For additional information on how to verify and save configuration files, refer to the System Administration Guide and the Command Line Interface Reference. Creating and Configuring the MME Context and Service Use the following example to configure the MME context and all supported interfaces: configure Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 81 Mobility Management Entity Configuration ▀ Configuring the System as a Standalone MME (base configuration) context-noconfirm interface ip address exit interface ip address exit interface ip address exit interface ip address exit mme-service -noconfirm mme-id group-id mme-code plmn-id mcc mnc network-sharing plmnid mcc mnc mme-id group-id mmecode associate egtp-service
context associate hss-peer-service context policy attach imei-query-type imei-sv verify-equipment-identity pgw-address bind s1-mme ipv4-address exit exit port ethernet no shutdown bind interface end ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 82 Mobility Management Entity Configuration Configuring the System as a Standalone MME (base configuration) ▀ Notes: All interfaces in this configuration can also be specified as IPv6 addresses using the ipv6 address command. Multi-homing is supported on the S1-MME and S6a interfaces. Refer to the Configuring SCTP Multi-homing Support section in this chapter for more information on configuring multi-homing for the S1-MME and/or S6a interface(s). A maximum of 256 services (regardless of type) can be configured per system. The bind s1-mme command can also be specified as an IPv6 address using the ipv6-address keyword. The network-sharing command is used to configure an additional PLMN ID for this MME service. The eGTP service is configured in the following section. The HSS peer service is configured in the Creating and Configuring the HSS Peer Service and Interface Associations section. In the above example, the mobile equipment identity (IMEI) is checked during the attach procedure. This is configured in the policy attach command. Another option is to check IMEI during the tracking area update (TAU). This can be accomplished instead of, or, in addition to, the EIR query during the attach procedure. To check during the TAU, use the policy tau command. The pgw-address command is used to statically configure P-GW discovery. Creating and Configuring the eGTP Service and Interface Association Use the following example to create an eGTP service and associate it with the S11 interface. configure context egtp-service interface-type interface-mme gtpc bind ipv4-address exit exit port ethernet no shutdown bind interface end Notes: The gtpc bind command can be specified as an IPv6 address using the ipv6-address keyword. The interface specified for S11 communication must also be the same IPv6 address. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 83 Mobility Management Entity Configuration ▀ Configuring the System as a Standalone MME (base configuration) Creating and Configuring the HSS Peer Service and Interface Associations Use the following example to create and configure the HSS peer service: configure context hss-peer-service hss_peer_service_name diameter hss-endpoint eir-endpoint exit exit diameter endpoint origin realm origin host address peer realm address route-entry realm peer exit diameter endpoint origin realm origin host address peer realm address route-entry realm peer exit port ethernet no shutdown bind interface exit port ethernet no shutdown bind interface end ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 84 Mobility Management Entity Configuration Configuring the System as a Standalone MME (base configuration) ▀ Notes: The origin host and peer commands can accept multiple IP addresses supporting multi-homing on each endpoint. Refer to the Configuring SCTP Multi-homing Support section for information on configuring SCTP multi-homing for the S6a interface. Configuring Dynamic Destination Realm Construction for Foreign Subscribers For a foreign subscriber, the MME does not know the HSS nodes in all the foreign PLMNs. In this case the MME routes S6a/S6d requests directed to foreign PLMNs via a Diameter Routing Agent (DRA) using only the destination realm. The DRA in turn routes the request to the correct HSS based on the destination realm. In order to accomplish this, the MME needs to dynamically construct requests to the DRA/HSS with a Destination Realm representing the foreign PLMN of the UE. The MME can be configured to derive the EPC Home Network Realm/Domain based on the user's IMSI (MNC and MCC values) and use it as the Destination Realm in all diameter messages. For home subscribers, the MME will always use the configured peer realm as destination-realm, regardless if dynamicdestination-realm is enabled. Because MNCs can be 2 or 3 digits long, to provide the ability for an operator to configure the MCC and MNC of foreign PLMNs, the operator policy of the subscriber map is used to determine the MNC value and the length of the MNC. The following steps outline how this configuration can be implemented. First, enable the dynamic destination realm functionality for the HSS Peer Service: configure context ctxt_name hss-peer-service HSS1 dynamic-destination-realm Then configure the foreign PLMNs in the LTE subscriber map. For example: configure lte-policy subscriber map SM1 precedence 10 match-criteria imsi mcc 232 mnc 11 operator-policy-name OP.HOME precedence 20 match-criteria imsi mcc 374 mnc 130 msin first 700000000 last 800000000 operator-policy-name OP.ROAMING Then associate the subscriber map to the MME Service. For example: configure context ingress mme-service mmesvc associate subscriber-map SM1 Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 85 Mobility Management Entity Configuration ▀ Configuring the System as a Standalone MME (base configuration) A static route entry must also be added in the diameter endpoint configuration for each foreign realm. For example: configure context ingress diameter endpoint s6a1 peer HSS1 realm HSS-Realm1 address sctp route-entry realm epc.mnc045.mcc123.3gppnetwork.org peer HSS1 With this sample configuration, an MNC of length 2 and value of 11 is matched with first operator policy (OP.HOME), and an MNC length of 3 and value of 130 is matched with the second operator policy (OP.ROAMING). With this configuration, the MME will find the MNC based on the operator policy for the foreign subscriber. If there is no matching entry present in the operator policy, the MME will use the global static table to decide the MNC length and pass that information to Diameter layer to construct the dynamic realm. The following list of MCCs are all considered as 3 digit MNCs. All other MCCs are considered 2 digit MNCs. 302 334 354 405 310 338 356 708 311 342 358 722 312 344 360 732 316 346 365 348 376 The show hss-peer-service service name command displays this configuration in the Destination Realm field, either Configured Peer Realm (default), or Dynamic Realm. Request Auth-vectors : 1 Notify Request Message : Enable Destination Realm : Dynamic Realm ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 86 Mobility Management Entity Configuration Configuring Optional Features on the MME ▀ Configuring Optional Features on the MME The configuration examples in this section are optional and provided to cover the most common uses of the MME in a live network. The intent of these examples is to provide a base configuration for testing. The following optional configurations are provided in this section: Configuring Circuit Switched Falllback Configuring Dual Address Bearers Configuring Dynamic Peer Selection Configuring Emergency Session Support Configuring Gn/Gp Handover Capability Configuring Inter-MME Handover Support Configuring X.509 Certificate-based Peer Authentication Configuring Dynamic Node-to-Node IP Security on the S1-MME Interface Configuring ACL-based Node-to-Node IP Security on the S1-MME Interface Configuring Load Balancing on the MME Configuring Mobility Restriction Support Configuring S4-SGSN Handover Capability Configuring SCTP Multi-homing Support Configuring Static S-GW Pools Configuring UMTS to LTE ID Mapping Configuring User Location Information Reporting Support Configuring Circuit Switched Fallback The configuration example in this section creates an SGs interface and an SGs service for communicating with a Mobile Switching Center/Visitor Location Register (MSC/VLR) for Circuit Switched Fallback capability. Important: Circuit Switched Fallback is a licensed feature and requires the purchase of the Circuit Switched Fallback feature license to enable it. Use the following configuration example to enable Circuit Switched Fallback capability on the MME: configure lte-policy tai-mgnt-db tai-mgmt-obj Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 87 Mobility Management Entity Configuration ▀ Configuring Optional Features on the MME lai mcc mnc lac tai mcc mnc tac exit exit exit context -noconfirm interface ip address exit sgs-service -noconfirm sctp port tac-to-lac-mapping tac map-to lac + vlr ipv4-address port pool-area lac + hash-value non-configured-value use-vlr hash-value range to use-vlr exit bind ipv4-address exit mme-service associate tai-mgmt-db associate sgs-service end Notes: The MME will attempt to map a TAI to LAI in the following order: If a TAI Management Database is configured, the MME will first use any TAI to LAI mapping defined within the database. If no TAI Management Database is configured or if no suitable mapping is found within the TAI Management Database, the MME will next attempt to map a specific TAC to a specific LAC as defined in the SGs service according to the tac-to-lac-mapping command. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 88 Mobility Management Entity Configuration Configuring Optional Features on the MME ▀ Lastly, the MME will attempt to use the default LAC value. This is defined using the tac-to-lacmapping command with the any-tac keyword option. For the SGs interface, the tac-to-lac-mapping command supports the configuration of multiple TAC-to LAC values in the same configuration line. The SGs IP address can also be specified as an IPv6 address. To support this, the ip address command can be changed to the ipv6 address command and the bind ipv4-address command can be changed to bind ipv6-address command. This command also allows for the configuration of a secondary IP address in support of SCTP multi-homing. The VLR interface (vlr command) also supports IPv6 addressing and SCTP multi-homing. Configuring Dual Address Bearers This example configures support for IPv4/v6 PDNs. Use the following configuration example to enable support on the MME for dual-address bearers: configure context -noconfirm mme-service policy network dual-addressing-support end Configuring Dynamic Peer Selection The configuration in this section replaces static configurations on the MME for the following peer components: MME, P-GW, S-GW, SGSN. Use the following example to configure dynamic P-GW, S-GW, and peer MME selection through a DNS interface: configure context -noconfirm interface ip address exit ip domain-lookup ip name-servers dns-client bind address Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 89 Mobility Management Entity Configuration ▀ Configuring Optional Features on the MME exit mme-service dns pgw dns sgw dns peer-mme dns peer-sgsn end Notes: For the dns pgw, dns sgw, dns peer-mme, and dns peer-sgsn commands, the DNS client service must exist in the same context as the MME service. If the DNS client resides in a different context, the contex command/variable must be added to the command(s). If you have associated a tai-mgmt-db with a call-control-profile, and DNS is to be used for S-GW lookups, the DNS configuration must be configured within the same call-control-profile using the dns-sgw command present within the call-control-profile configuration mode. Configuring Emergency Session Support The configuration example in this section enables emergency bearer session support on the MME. Use the following configuration example to enable emergency bearer services on the MME: configure lte-policy lte-emergency-profile ambr max-ul max-dl apn pdn-type pgw ip-address protocol weight qos qci arp preemption-capability vulnerability ue-validation-level exit mme-service associate lte-emergency-profile end Notes: ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 90 Mobility Management Entity Configuration Configuring Optional Features on the MME ▀ A maximum of four LTE emergency profiles can be configured on the system. In the apn command, the valid PDN types are: ipv4, ipv4v6, and ipv6. In the pgw command, the valid protocol types are: both, gtp, and pmip. A maximum of four P-GW IP addresses can be configured per profile. An FQDN can also be configured in place of the IP addresses but only one P-GW FQDN can be configured per profile. In the qos command, the valid preemption capabilities are: may and shall not. The valid vulnerability types are: not-preemptable and preemptable. The ue-validation-level types are: auth-only, full, imsi, and none. To configure the MME to ignore the IMEI validation of the equipment during the attach procedure in emergency cases, use the following command in the mme-service configuration mode: policy attach imei-query-type verify-equipmentidentity verify-emergency To configure the MME to ignore the IMEI validation of the equipment during TAU procecures in emergency cases, use the following command in the mme-service configuration mode: policy tau imei-query-type verify-equipmentidentity verify-emergency Configuring Gn/Gp Handover Capability The example configuration in this section provides 3G to 4G handover capabilities between the MME and a Gn/Gp SGSN. The configuration creates the Gn interface used for control signalling during the handover. Use the following configuration example to create a Gn interface and configure the control interface on the MME for Gn/Gp handovers: configure context -noconfirm interface ip address exit sgtp-service gtpc bind address exit mme-service associate sgtpc-service peer-sgsn rai mcc mnc rac lac address capability gn nri length plmn-id mcc mnc Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 91 Mobility Management Entity Configuration ▀ Configuring Optional Features on the MME end Notes: The peer-sgsn command is used to statically configure a peer SGSN. SGSN selection can also be performed dynamically through the DNS client. For more information about dynamic peer selection, refer to the Configuring Dynamic Peer Selection section in this chapter. If dynamic peer-SGSN selection is configured, an additional gtpc command must be added to the SGTP service: gtpc dns-sgsn contex In the absence of an NRI length configuration, the MME treats the NRI as invalid. The MME will use a plain RAI-based FQDN (and not an NRI-based FQDN) for DNS queries made to resolve the source SGSN. Configuring Inter-MME Handover Support Use the following example to configure inter-MME handover support: configure context -noconfirm interface ip address exit egtp-service interface-type interface-mme gtpc bind ipv4-address exit exit mme-service peer-mme gummei mcc mnc group-id mme-code address
exit exit port ethernet no shutdown bind interface end ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 92 Mobility Management Entity Configuration Configuring Optional Features on the MME ▀ Notes: The S10 IP address can also be specified as an IPv6 address. To support this, the ip address command can be changed to the ipv6 address command. The peer-mme command can also be configured to acquire a peer MME through the use of a TAI match as shown in this command example: peer-mme tai-match priority mcc mnc tac any address The peer-mme command is used to statically configure a peer MME. MME selection can also be performed dynamically through the DNS client. For more information about dynamic peer selection, refer to the Configuring Dynamic Peer Selection section in this chapter. The peer MME IP address can also be specified as an IPv6 address. Configuring X.509 Certificate-based Peer Authentication The configuration example in this section enables X.509 certificate-based peer authentication, which can be used as the authentication method for IP Security on the MME. Important: Use of the IP Security feature requires that a valid license key be installed. Contact your local Sales or Support representative for information on how to obtain a license. The following configuration example enables X.509 certificate-based peer authentication on the MME. In Global Configuration Mode, specify the name of the X.509 certificate and CA certificate, as follows: configure certificate name pem url private-key pem url ca-certificate name pem url end Notes: The certificate name and ca-certificate list ca-cert-name commands specify the X.509 certificate and CA certificate to be used. The PEM-formatted data for the certificate and CA certificate can be specified, or the information can be read from a file via a specified URL as shown in this example. When creating the crypto template for IPSec in the Context Configuration Mode, bind the X.509 certificate and CA certificate to the crypto template and enable X.509 certificate-based peer authentication for the local and remote nodes, as follows: configure context crypto template ikev2-dynamic Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 93 Mobility Management Entity Configuration ▀ Configuring Optional Features on the MME certificate name ca-certificate list ca-cert-name authentication local certificate authentication remote certificate end Notes: A maximum of sixteen certificates and sixteen CA certificates are supported per system. One certificate is supported per service, and a maximum of four CA certificates can be bound to one crypto template. The certificate name and ca-certificate list ca-cert-name commands bind the certificate and CA certificate to the crypto template. The authentication local certificate and authentication remote certificate commands enable X.509 certificate-based peer authentication for the local and remote nodes. Configuring Dynamic Node-to-Node IP Security on the S1-MME Interface The configuration example in this section creates an IKEv2/IPSec dynamic node-to-node tunnel endpoint on the S1MME interface. Important: Use of the IP Security feature requires that a valid license key be installed. Contact your local Sales or Support representative for information on how to obtain a license. The following configuration examples are included in this section: Creating and Configuring an IPSec Transform Set Creating and Configuring an IKEv2 Transform Set Creating and Configuring a Crypto Template Binding the S1-MME IP Address to the Crypto Template Creating and Configuring an IPSec Transform Set The following example configures an IPSec transform set which is used to define the security association that determines the protocols used to protect the data on the interface: configure context ipsec transform-set encryption aes-cbc-128 group none ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 94 Mobility Management Entity Configuration Configuring Optional Features on the MME ▀ hmac sha1-96 mode tunnel end Notes: The encryption algorithm, aes-cbc-128, or Advanced Encryption Standard Cipher Block Chaining, is the default algorithm for IPSec transform sets configured on the system. The group none command specifies that no crypto strength is included and that Perfect Forward Secrecy is disabled. This is the default setting for IPSec transform sets configured on the system. The hmac command configures the Encapsulating Security Payload (ESP) integrity algorithm. The sha1-96 keyword uses a 160-bit secret key to produce a 160-bit authenticator value. This is the default setting for IPSec transform sets configured on the system. The mode tunnel command specifies that the entire packet is to be encapsulated by the IPSec header including the IP header. This is the default setting for IPSec transform sets configured on the system. Creating and Configuring an IKEv2 Transform Set The following example configures an IKEv2 transform set: configure context ikev2-ikesa transform-set encryption aes-cbc-128 group 2 hmac sha1-96 lifetime prf sha1 end Notes: The encryption algorithm, aes-cbc-128, or Advanced Encryption Standard Cipher Block Chaining, is the default algorithm for IKEv2 transform sets configured on the system. The group 2 command specifies the Diffie-Hellman algorithm as Group 2, indicating medium security. The Diffie-Hellman algorithm controls the strength of the crypto exponentials. This is the default setting for IKEv2 transform sets configured on the system. The hmac command configures the Encapsulating Security Payload (ESP) integrity algorithm. The sha1-96 keyword uses a 160-bit secret key to produce a 160-bit authenticator value. This is the default setting for IKEv2 transform sets configured on the system. The lifetime command configures the time the security key is allowed to exist, in seconds. Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 95 Mobility Management Entity Configuration ▀ Configuring Optional Features on the MME The prf command configures the IKE Pseudo-random Function, which produces a string of bits that cannot be distinguished from a random bit string without knowledge of the secret key. The sha1 keyword uses a 160-bit secret key to produce a 160-bit authenticator value. This is the default setting for IKEv2 transform sets configured on the system. Creating and Configuring a Crypto Template The following example configures an IKEv2 crypto template: configure context crypto template ikev2-dynamic authentication local pre-shared-key key authentication remote pre-shared-key key ikev2-ikesa transform-set list . . . ikevs-ikesa rekey payload match childsa match ipv4 ipsec transform-set list . . . rekey end Notes: The ikev2-ikesa transform-set list command specifies up to six IKEv2 transform sets. The ipsec transform-set list command specifies up to four IPSec transform sets. Binding the S1-MME IP Address to the Crypto Template The following example configures the binding of the S1-MME interface to the crypto template: configure context mme-service bind s1-mme ipv4-address ipv4-address crypto-template end ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 96 Mobility Management Entity Configuration Configuring Optional Features on the MME ▀ Notes: The bind command in the MME service configuration can also be specified as an IPv6 address using the ipv6address command. This example shows the bind command using multi-homed addresses. The multi-homing feature also supports the use of IPv6 addresses. Configuring ACL-based Node-to-Node IP Security on the S1-MME Interface The configuration example in this section creates an IKEv2/IPSec ACL-based node-to-node tunnel endpoint on the S1MME interface. Important: Use of the IP Security feature requires that a valid license key be installed. Contact your local Sales or Support representative for information on how to obtain a license. The following configuration examples are included in this section: Creating and Configuring a Crypto Access Control List Creating and Configuring an IPSec Transform Set Creating and Configuring an IKEv2 Transform Set Creating and Configuring a Crypto Map Creating and Configuring a Crypto Access Control List The following example configures a crypto ACL (Access Control List), which defines the matching criteria used for routing subscriber data packets over an IPSec tunnel: configure context ip access-list permit tcp host host end Notes: The permit command in this example routes IPv4 traffic from the server with the specified source host IPv4 address to the server with the specified destination host IPv4 address. Creating and Configuring an IPSec Transform Set The following example configures an IPSec transform set which is used to define the security association that determines the protocols used to protect the data on the interface: Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 97 Mobility Management Entity Configuration ▀ Configuring Optional Features on the MME configure context ipsec transform-set encryption aes-cbc-128 group none hmac sha1-96 mode tunnel end Notes: The encryption algorithm, aes-cbc-128, or Advanced Encryption Standard Cipher Block Chaining, is the default algorithm for IPSec transform sets configured on the system. The group none command specifies that no crypto strength is included and that Perfect Forward Secrecy is disabled. This is the default setting for IPSec transform sets configured on the system. The hmac command configures the Encapsulating Security Payload (ESP) integrity algorithm. The sha1-96 keyword uses a 160-bit secret key to produce a 160-bit authenticator value. This is the default setting for IPSec transform sets configured on the system. The mode tunnel command specifies that the entire packet is to be encapsulated by the IPSec header including the IP header. This is the default setting for IPSec transform sets configured on the system. Creating and Configuring an IKEv2 Transform Set The following example configures an IKEv2 transform set: configure context ikev2-ikesa transform-set encryption aes-cbc-128 group 2 hmac sha1-96 lifetime prf sha1 end Notes: ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 98 Mobility Management Entity Configuration Configuring Optional Features on the MME ▀ The encryption algorithm, aes-cbc-128, or Advanced Encryption Standard Cipher Block Chaining, is the default algorithm for IKEv2 transform sets configured on the system. The group 2 command specifies the Diffie-Hellman algorithm as Group 2, indicating medium security. The Diffie-Hellman algorithm controls the strength of the crypto exponentials. This is the default setting for IKEv2 transform sets configured on the system. The hmac command configures the Encapsulating Security Payload (ESP) integrity algorithm. The sha1-96 keyword uses a 160-bit secret key to produce a 160-bit authenticator value. This is the default setting for IKEv2 transform sets configured on the system. The lifetime command configures the time the security key is allowed to exist, in seconds. The prf command configures the IKE Pseudo-random Function which produces a string of bits that cannot be distinguished from a random bit string without knowledge of the secret key. The sha1 keyword uses a 160-bit secret key to produce a 160-bit authenticator value. This is the default setting for IKEv2 transform sets configured on the system. Creating and Configuring a Crypto Map The following example configures an IKEv2 crypto map: configure context crypto map ikev2-ipv4 match address peer authentication local pre-shared-key key authentication remote pre-shared-key key ikev2-ikesa transform-set list . . . payload match ipv4 lifetime ipsec transform-set list . . . exit exit interface ip address crypto-map exit Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 99 Mobility Management Entity Configuration ▀ Configuring Optional Features on the MME exit port ethernet no shutdown bind interface end Notes: The type of crypto map used in this example is IKEv2-IPv4 for IPv4 addressing. An IKEv2-IPv6 crypto map can also be used for IPv6 addressing. The ipsec transform-set list command specifies up to four IPSec transform sets. Configuring Load Balancing on the MME In networks that contain multiple MMEs configured as a pool, load balancing is a necessary feature allowing UE attachments to be spread accross the pool instead of a small number of MMEs. The following example configures load balancing on an MME: configure context mme-service relative-capacity end Notes: The relative-capacity command specifies a weight factor, such that the probability of the eNodeB selecting this MME is proportional to this value in relation to other MMEs in a pool. The relative capacity is defined as an integer from 0 through 255. The default value is 255. The weight factor of the MME is sent from the MME to the eNodeB via S1-AP messages using the Relative MME Capacity S1AP IE in the S1AP S1 Setup Response. If the relative MME capacity is changed after the S1 interface is already initialized, then the MME Configuration Update message is used to update this information to the eNodeB. Configuring Mobility Restriction Support Mobility or handover restriction is performed by handover restriction lists configured on the MME. These lists restrict inter-RAT, 3G location area, and/or 4G tracking area handovers based on the configuration in the Handover Restriction List Configuration Mode. Important: Mobility restriction support is only available through the operator policy configuration. For more information on operator policy, refer to the Operator Policy chapter in this guide. ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 100 Mobility Management Entity Configuration Configuring Optional Features on the MME ▀ Configuring Inter-RAT Handover Restrictions on the MME Inter-RAT handover restriction configurations on the MME restrict subscribers from participating in handovers to defined radio access network types. Use the following example to configure this feature: configure lte-policy ho-restrict-list forbidden inter-rat cdma2000 end Notes: Other forbidden inter-RAT choices are: all, GERAN, and UNTRAN. This configuration will only become operational when it is associated with a call control profile. Only one handover restriction list can be associated with a call control profile. Configuring Location Area Handover Restrictions on the MME Location area handover restriction lists on the MME restrict subscribers from participating in handovers to specific 3G location area codes. Use the following example to configure this feature: configure lte-policy ho-restrict-list forbidden location-area plmnid lac + end Notes: Up to 16 forbidden location areas can be configured per handover restriction list. Up to 128 location area codes can be entered in a single lac command line. This configuration will only become operational when it is associated with a call control profile. Only one handover restriction list can be associated with a call control profile. Configuring Tracking Area Handover Restrictions on the MME Tracking area handover restriction lists on the MME restrict subscribers from participating in handovers to specific 4G tracking area codes. Use the following example to configure this feature: Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 101 Mobility Management Entity Configuration ▀ Configuring Optional Features on the MME configure lte-policy ho-restrict-list forbidden tracking-area plmnid tac + end Notes: Up to 16 forbidden tracking areas can be configured per handover restriction list. Up to 128 tracking area codes can be entered in a single tac command line. This configuration will only become operational when it is associated with a call control profile. Only one handover restriction list can be associated with a call control profile. Configuring S4-SGSN Handover Capability This configuration example configures an S3 interface supporting inter-RAT handovers between the MME and an S4SGSN. Use the following example to configure this feature: configure context -noconfirm interface ip address exit mme-service peer-sgsn rai mcc mnc rac lac address capability s3 nri length plmn-id mcc mnc exit exit port ethernet no shutdown bind interface end ▄ Cisco ASR 5x00 Mobility Management Entity Administration Guide 102 Mobility Management Entity Configuration Configuring Optional Features on the MME ▀ Notes: The S3 IP address can also be specified as an IPv6 address. To support this, the ip address command can be changed to the ipv6 address command. The peer-sgsn command is used to statically configure a peer SGSN. SGSN selection can also be performed dynamically through the DNS client. For more information about dynamic peer selection, refer to the Configuring Dynamic Peer Selection section in this chapter. In the absence of an NRI length configuration, the MME treats the NRI as invalid. The MME will use a plain RAI-based FQDN (and not an NRI-based FQDN) for DNS queries made to resolve the source SGSN. Configuring SCTP Multi-homing Support SCTP multi-homing can be configured on the S1-MME interface (to/from eNodeB), the S6a interface (to/from HLR/HSS), and the SGs interface (to/from the MSC/VLR). Configuring SCTP Multi-homing on the S1-MME Interface Up to two IPv4 or IPv6 addresses for the S1-MME interface can be entered to allow for SCTP multi-homing. The configuration example in this section is intended as a replacement for the S1-MME interface configuration located in the Creating and Configuring the MME Context and Service section. Use the following example to configure S1MME multi-homing between the MME and the eNodeB: configure context -noconfirm interface ip address ip address exit mme-service bind s1-mme ipv4-address ipv4-address exit exit port ethernet no shutdown bind interface end Notes: Cisco ASR 5x00 Mobility Management Entity Administration Guide ▄ 103 Mobility Management Entity Configuration ▀ Configuring Optional Features on the MME The S1-MME IP addresses can also be specified as IPv6 addresses using the ipv6 address keyword. The IP addresses in the bind s1-mme ipv4-address command can also be specified as IPv6 addresses using the ipv6-address keyword. Configuring SCTP Multi-homing on the S6a Interface Up to four IPv4 or IPv6 addresses for the S6a interface can be configured to allow for SCTP multi-homing. The configuration example in this section is intended as a replacement for the S6a interface configuration located in the Creating and Configuring the MME Context and Service section and the Diameter configuration for the S6a interface located in the Creating and Configuring the HSS Peer Service and Interface Associations section. Use the following example to configure S6a multi-homing between the MME and theHLR/HSS: configure context interface ip address ip address secondary ip address