Clause 6 provides the functional description of the Network Functions and network entities and the principles for Network Function and Network Function Service discovery and selection.
NG-RAN functions and entities are described in TS 38.300 and TS 38.401.
Security functions and entities are described in TS 33.501 and TS 33.535.
5G Media streaming functions are described in TS 26.501.
The Access and Mobility Management function (AMF) includes the following functionality. Some or all of the AMF functionalities may be supported in a single instance of an AMF:
Termination of RAN CP interface (N2).
Termination of NAS (N1), NAS ciphering and integrity protection.
Lawful intercept (for AMF events and interface to LI System).
Provide transport for SM messages between UE and SMF.
Transparent proxy for routing SM messages.
Provide transport for SMS messages between UE and SMSF.
Security Anchor Functionality (SEAF) as specified in TS 33.501.
Location Services management for regulatory services.
Provide transport for Location Services messages between UE and LMF as well as between RAN and LMF.
EPS Bearer ID allocation for interworking with EPS.
UE mobility event notification.
S-NSSAIs per TA mapping notification.
Support for Control Plane CIoT 5GS Optimisation.
Support for User Plane CIoT 5GS Optimisation.
Support for restriction of use of Enhanced Coverage.
Provisioning of external parameters (Expected UE Behaviour parameters or Network Configuration parameters).
Support for Network Slice-Specific Authentication and Authorization.
Support for charging.
Controlling the 5G access stratum-based time distribution based on UE's subscription data.
In addition to the functionalities of the AMF described above, the AMF may include the following functionality to support non-3GPP access networks:
Support of N2 interface with N3IWF/TNGF. Over this interface, some information (e.g. 3GPP Cell Identification) and procedures (e.g. Handover related) defined over 3GPP access may not apply, and non-3GPP access specific information may be applied that do not apply to 3GPP accesses.
Support of NAS signalling with a UE over N3IWF/TNGF. Some procedures supported by NAS signalling over 3GPP access may be not applicable to untrusted non-3GPP (e.g. Paging) access.
Support of authentication of UEs connected over N3IWF/TNGF.
Management of mobility, authentication, and separate security context state(s) of a UE connected via a non-3GPP access or connected via a 3GPP access and a non-3GPP access simultaneously.
Support as described in clause 126.96.36.199 a co-ordinated RM management context valid over a 3GPP access and a Non 3GPP access.
Support as described in clause 188.8.131.52 dedicated CM management contexts for the UE for connectivity over non-3GPP access.
Determine whether the serving N3IWF is appropriate based on the slices supported by the N3IWFs as specified in clause 6.3.6.
In addition to the functionalities of the AMF described above, the AMF may include policy related functionalities as described in clause 6.2.8 of TS 23.503.
The AMF uses the N14 interface for AMF re-allocation and AMF to AMF information transfer. This interface may be either intra-PLMN or inter-PLMN (e.g. in the case of inter-PLMN mobility).
In addition to the functionality of the AMF described above, the AMF may include the following functionality to support monitoring in roaming scenarios:
Normalization of reports according to roaming agreements between VPLMN and HPLMN (e.g. change the location granularity in a report from cell level to a level that is appropriate for the HPLMN); and
Generation of charging/accounting information for Monitoring Event Reports that are sent to the HPLMN.
In addition to the functionality of the AMF described above, the AMF may provide support for Network Slice restriction and Network Slice instance restriction based on NWDAF analytics.
In addition to the functionalities of the AMF described above, the AMF may provide support for the Disaster Roaming as described in clause 5.40.
In addition to the functionalities of the AMF described above, the AMF may also include following functionalities to support Network Slice Admission Control:
The Session Management function (SMF) includes the following functionality. Some or all of the SMF functionalities may be supported in a single instance of a SMF:
Session Management e.g. Session Establishment, modify and release, including tunnel maintain between UPF and AN node.
UE IP address allocation & management (including optional Authorization). The UE IP address may be received from a UPF or from an external data network.
DHCPv4 (server and client) and DHCPv6 (server and client) functions.
Functionality to respond to Address Resolution Protocol (ARP) requests and / or IPv6 Neighbour Solicitation requests based on local cache information for the Ethernet PDUs. The SMF responds to the ARP and / or the IPv6 Neighbour Solicitation Request by providing the MAC address corresponding to the IP address sent in the request.
Selection and control of UP function, including controlling the UPF to proxy ARP or IPv6 Neighbour Discovery, or to forward all ARP/IPv6 Neighbour Solicitation traffic to the SMF, for Ethernet PDU Sessions.
Configures traffic steering at UPF to route traffic to proper destination.
5G VN group management, e.g. maintain the topology of the involved PSA UPFs, establish and release the N19 tunnels between PSA UPFs, configure traffic forwarding at UPF to apply local switching, N6-based forwarding or N19-based forwarding.
Termination of interfaces towards Policy control functions.
Lawful intercept (for SM events and interface to LI System).
Support for charging.
Control and coordination of charging data collection at UPF.
Termination of SM parts of NAS messages.
Downlink Data Notification.
Initiator of AN specific SM information, sent via AMF over N2 to AN.
Determine SSC mode of a session.
Support for Control Plane CIoT 5GS Optimisation.
Support of header compression.
Act as I-SMF in deployments where I-SMF can be inserted, removed and relocated.
Provisioning of external parameters (Expected UE Behaviour parameters or Network Configuration parameters).
Support P-CSCF discovery for IMS services.
Act as V-SMF with following roaming functionalities:
Handle local enforcement to apply QoS SLAs (VPLMN).
Lawful intercept (in VPLMN for SM events and interface to LI System).
Support for interaction with external DN for transport of signalling for PDU Session authentication/authorization by external DN.
Instructs UPF and NG-RAN to perform redundant transmission on N3/N9 interfaces.
In addition to the functionalities of the SMF described above, the SMF may include policy related functionalities as described in clause 6.2.2 of TS 23.503.
In addition to the functionality of the SMF described above, the SMF may include the following functionality to support monitoring in roaming scenarios:
Normalization of reports according to roaming agreements between VPLMN and HPLMN; and
Generation of charging information for Monitoring Event Reports that are sent to the HPLMN.
The SMF may also include following functionalities to support Edge Computing enhancements (further defined in TS 23.548):
Selection of EASDF and provision of its address to the UE as the DNS Server for the PDU session;
The User plane function (UPF) includes the following functionality. Some or all of the UPF functionalities may be supported in a single instance of a UPF:
Anchor point for Intra-/Inter-RAT mobility (when applicable).
Allocation of UE IP address/prefix (if supported) in response to SMF request.
External PDU Session point of interconnect to Data Network.
Packet routing & forwarding (e.g. support of Uplink classifier to route traffic flows to an instance of a data network, support of Branching point to support multi-homed PDU Session, support of traffic forwarding within a 5G VN group (UPF local switching, via N6, via N19)).
Packet inspection (e.g. Application detection based on service data flow template and the optional PFDs received from the SMF in addition).
User Plane part of policy rule enforcement, e.g. Gating, Redirection, Traffic steering).
Lawful intercept (UP collection).
Traffic usage reporting.
QoS handling for user plane, e.g. UL/DL rate enforcement, Reflective QoS marking in DL.
Uplink Traffic verification (SDF to QoS Flow mapping).
Transport level packet marking in the uplink and downlink.
Downlink packet buffering and downlink data notification triggering.
Sending and forwarding of one or more "end marker" to the source NG-RAN node.
Functionality to respond to Address Resolution Protocol (ARP) requests and / or IPv6 Neighbour Solicitation requests based on local cache information for the Ethernet PDUs. The UPF responds to the ARP and / or the IPv6 Neighbour Solicitation Request by providing the MAC address corresponding to the IP address sent in the request.
Packet duplication in downlink direction and elimination in uplink direction in GTP-U layer.
The Network Exposure Function (NEF) supports the following independent functionality:
Exposure of capabilities and events:
NF capabilities and events may be securely exposed by NEF for e.g. 3rd party, Application Functions, Edge Computing as described in clause 5.13.
NEF stores/retrieves information as structured data using a standardized interface (Nudr) to the Unified Data Repository (UDR).
Secure provision of information from external application to 3GPP network:
It provides a means for the Application Functions to securely provide information to 3GPP network, e.g. Expected UE Behaviour, 5G-VN group information, time synchronization service information and service specific information. In that case the NEF may authenticate and authorize and assist in throttling the Application Functions.
Translation of internal-external information:
It translates between information exchanged with the AF and information exchanged with the internal network function. For example, it translates between an AF-Service-Identifier and internal 5G Core information such as DNN, S-NSSAI, as described in clause 5.6.7.
In particular, NEF handles masking of network and user sensitive information to external AF's according to the network policy.
Redirecting the AF to a more suitable NEF/L-NEF e.g. when serving an AF request for local information exposure and detecting there is a more appropriate NEF instance to serve the AF's request.
The Network Exposure Function receives information from other network functions (based on exposed capabilities of other network functions). NEF stores the received information as structured data using a standardized interface to a Unified Data Repository (UDR). The stored information can be accessed and "re-exposed" by the NEF to other network functions and Application Functions, and used for other purposes such as analytics.
A NEF may also support a PFD Function: The PFD Function in the NEF may store and retrieve PFD(s) in the UDR and shall provide PFD(s) to the SMF on the request of SMF (pull mode) or on the request of PFD management from NEF (push mode), as described in TS 23.503.
A NEF may also support a 5G-VN Group Management Function: The 5G-VN Group Management Function in the NEF may store the 5G-VN group information in the UDR via UDM as described in TS 23.502.
Exposure of analytics:
Support of SBI-based MO SM transmit for MSISDN-less MO SMS:
Retrieval of data from external party by NWDAF:
Data provided by the external party may be collected by NWDAF via NEF for analytics generation purpose. NEF handles and forwards requests and notifications between NWDAF and AF, as specified in TS 23.288.
Support of Non-IP Data Delivery:
NEF provides a means for management of NIDD configuration and delivery of MO/MT unstructured data by exposing the NIDD APIs as described in TS 23.502 on the N33/Nnef reference point. See clause 5.31.5.
Charging data collection and support of charging interfaces.
Support of UAS NF functionality:
Details are defined in TS 23.256.
Support of EAS deployment functionality:
Details are defined in TS 23.548.
A specific NEF instance may support one or more of the functionalities described above and consequently an individual NEF may support a subset of the APIs specified for capability exposure.
The services provided by the NEF are specified in clause 7.2.8.
For external exposure of services related to specific UE(s), the NEF resides in the HPLMN. Depending on operator agreements, the NEF in the HPLMN may have interface(s) with NF(s) in the VPLMN.
When a UE is capable of switching between EPC and 5GC, an SCEF+NEF is used for service exposure. See clause 5.17.5 for a description of the SCEF+NEF.
When an NEF is used for external exposure, the CAPIF may be supported. When CAPIF is supported, an NEF that is used for external exposure supports the CAPIF API provider domain functions. The CAPIF and associated API provider domain functions are specified in TS 23.222.
NF profile of NF instance maintained in an NRF includes the following information:
NF instance ID.
PLMN ID in the case of PLMN, PLMN ID + NID in the case of SNPN.
Network Slice related Identifier(s) e.g. S-NSSAI, NSI ID.
FQDN or IP address of NF.
NF capacity information.
NF priority information.
NF Set ID.
NF Service Set ID of the NF service instance.
NF Specific Service authorization information.
if applicable, Names of supported services.
Endpoint Address(es) of instance(s) of each supported service.
Identification of stored data/information.
Other service parameter, e.g. DNN or DNN list, notification endpoint for each type of notification that the NF service is interested in receiving.
Location information for the NF instance.
NF load information.
Routing Indicator, Home Network Public Key identifier, for UDM and AUSF.
For UDM, AUSF and NSSAAF in the case of access to an SNPN using credentials owned by a Credentials Holder with AAA Server, identification of Credentials Holder (i.e. the realm of the Network Specific Identifier based SUPI).
For UDM and AUSF, and if UDM/AUSF is used for access to an SNPN using credentials owned by a Credentials Holder, identification of Credentials Holder (i.e. the realm if Network Specific Identifier based SUPI is used or the MCC and MNC if IMSI based SUPI is used); see clause 184.108.40.206.
For AUSF and NSSAAF in the case of SNPN Onboarding using a DCS with AAA server, identification of DCS (i.e. the realm of the Network Specific Identifier based SUPI).
For UDM and AUSF, and if UDM/AUSF is used as DCS in the case of SNPN Onboarding, identification of DCS (i.e. the realm if Network Specific Identifier based SUPI, or the MCC and MNC if IMSI based SUPI).
One or more GUAMI(s), in the case of AMF.
SMF area identity(ies) in the case of UPF.
UDM Group ID, range(s) of SUPIs, range(s) of GPSIs, range(s) of internal group identifiers, range(s) of external group identifiers for UDM.
UDR Group ID, range(s) of SUPIs, range(s) of GPSIs, range(s) of external group identifiers for UDR.
AUSF Group ID, range(s) of SUPIs for AUSF.
PCF Group ID, range(s) of SUPIs for PCF.
HSS Group ID, set(s) of IMPIs, set(s) of IMPU, set(s) of IMSIs, set(s) of PSIs, set(s) of MSISDN for HSS.
For NWDAF: Supported Analytics ID(s), possibly per service, NWDAF Serving Area information (i.e. list of TAIs for which the NWDAF can provide services and/or data), Supported Analytics Delay per Analytics ID (if available), NF types of the NF data sources, NF Set IDs of the NF data sources, if available, Analytics aggregation capability (if available), Analytics metadata provisioning capability (if available), ML model Filter information parameters S-NSSAI(s) and Area(s) of Interest for the trained ML model(s) per Analytics ID(s) (if available), FL capability type (i.e. FL server or FL client, if available), Time interval supporting FL (if available).
Event ID(s) supported by AFs, in the case of NEF.
Event Exposure service supported event ID(s) by UPF.
Application Identifier(s) supported by AFs, in the case of NEF.
Range(s) of External Identifiers, or range(s) of External Group Identifiers, or the domain names served by the NEF, in the case of NEF.
IP domain list as described in clause 220.127.116.11.21 of TS 29.510, Range(s) of (UE) IPv4 addresses or Range(s) of (UE) IPv6 prefixes, Range(s) of SUPIs or Range(s) of GPSIs or a BSF Group ID, in the case of BSF.
SCP Domain the NF belongs to.
DCCF Serving Area information, NF types of the data sources, NF Set IDs of the data sources, if available, in the case of DCCF.
Supported DNAI list, in the case of SMF.
For SNPN, capability to support SNPN Onboarding in the case of AMF and capability to support User Plane Remote Provisioning in the case of SMF.
IP address range, DNAI for UPF.
Additional V2X related NF profile parameters are defined in TS 23.287.
Additional ProSe related NF profile parameters are defined in TS 23.304.
Additional MBS related NF profile parameters are defined in TS 23.247.
Additional UAS related NF profile parameters are defined in TS 23.256.
The Unified Data Management (UDM) includes support for the following functionality:
Generation of 3GPP AKA Authentication Credentials.
User Identification Handling (e.g. storage and management of SUPI for each subscriber in the 5G system).
Support of de-concealment of privacy-protected subscription identifier (SUCI).
Access authorization based on subscription data (e.g. roaming restrictions).
UE's Serving NF Registration Management (e.g. storing serving AMF for UE, storing serving SMF for UE's PDU Session).
Support to service/session continuity e.g. by keeping SMF/DNN assignment of ongoing sessions.
MT-SMS delivery support.
Lawful Intercept Functionality (especially in outbound roaming case where UDM is the only point of contact for LI).
5G-VN group management handling.
Support of external parameter provisioning (Expected UE Behaviour parameters or Network Configuration parameters).
Support for the Disaster Roaming as described in clause 5.40.
Support for the control of time synchronization service based on subscription data as described in clause 18.104.22.168.
To provide this functionality, the UDM uses subscription data (including authentication data) that may be stored in UDR, in which case a UDM implements the application logic and does not require an internal user data storage and then several different UDMs may serve the same user in different transactions.
The functionality of N3IWF in the case of untrusted non-3GPP access includes the following:
Support of IPsec tunnel establishment with the UE: The N3IWF terminates the IKEv2/IPsec protocols with the UE over NWu and relays over N2 the information needed to authenticate the UE and authorize its access to the 5G Core Network.
Termination of N2 and N3 interfaces to 5G Core Network for control - plane and user-plane respectively.
Relaying uplink and downlink control-plane NAS (N1) signalling between the UE and AMF.
Handling of N2 signalling from SMF (relayed by AMF) related to PDU Sessions and QoS.
Establishment of IPsec Security Association (IPsec SA) to support PDU Session traffic.
Relaying uplink and downlink user-plane packets between the UE and UPF. This involves:
De-capsulation/ encapsulation of packets for IPSec and N3 tunnelling
Enforcing QoS corresponding to N3 packet marking, taking into account QoS requirements associated to such marking received over N2
N3 user-plane packet marking in the uplink.
Local mobility anchor within untrusted non-3GPP access networks using MOBIKE per RFC 4555.
Based on operator deployment, Application Functions considered to be trusted by the operator can be allowed to interact directly with relevant Network Functions.
Application Functions not allowed by the operator to access directly the Network Functions shall use the external exposure framework (see clause 7.3) via the NEF to interact with relevant Network Functions.
The functionality and purpose of Application Functions are only defined in this specification with respect to their interaction with the 3GPP Core Network.
The Security Edge Protection Proxy (SEPP) is a non-transparent proxy and supports the following functionality:
Message filtering and policing on inter-PLMN control plane interfaces.
Detailed functionality of SEPP, related flows and the N32 reference point, are specified in TS 33.501.
The SEPP applies the above functionality to every Control Plane message in inter-PLMN signalling, acting as a service relay between the actual Service Producer and the actual Service Consumer. For both Service Producer and Consumer, the result of the service relaying is equivalent to a direct service interaction. Every Control Plane message in inter-PLMN signalling between the SEPPs may pass via IPX entities. More details on SEPPs and the IPX entities are described in TS 29.500 and TS 33.501.
Message forwarding and routing to destination NF/NF service.
Message forwarding and routing to a next hop SCP.
Communication security (e.g. authorization of the NF Service Consumer to access the NF Service Producer API), load balancing, monitoring, overload control, etc.
Optionally interact with UDR, to resolve the UDM Group ID/UDR Group ID/AUSF Group ID/PCF Group ID/CHF Group ID/HSS Group ID based on UE identity, e.g. SUPI or IMPI/IMPU (see clause 6.3.1 for details).
The SCP may be deployed in a distributed manner.
SCPs can be deployed at PLMN level, shared-slice level and slice-specific level. It is left to operator deployment to ensure that SCPs can communicate with relevant NRFs.
In order to enable SCPs to route messages through several SCPs (i.e. next SCP hop discovery, see clause 6.3.16), an SCP may register its profile in the NRF. Alternatively, local configuration may be used.
The UCMF is used for storage of dictionary entries corresponding to either PLMN-assigned or Manufacturer-assigned UE Radio Capability IDs. An AMF may subscribe with the UCMF to obtain from the UCMF new values of UE Radio Capability ID that the UCMF assigns for the purpose of caching them locally.
Provisioning of Manufacturer-assigned UE Radio Capability ID entries in the UCMF is performed from an AF that interacts with the UCMF either directly or via the NEF (or via Network Management) using a procedure defined in TS 23.502. A UCMF that serves both EPS and 5GS shall require provisioning the UE Radio Capability ID with the TS 36.331 format or TS 38.331 format or both the formats of the UE radio capabilities.
The UCMF also assigns the PLMN-assigned UE Radio Capability ID values.
Each PLMN-assigned UE Radio Capability ID is also associated to the TAC of the UE model(s) that it is related to. When an AMF requests the UCMF to assign a UE Radio Capability ID for a set of UE radio capabilities, it indicates the TAC of the UE that the UE Radio Capability information is related to.
The UCMF stores a Version ID value for the PLMN assigned UE Radio Capability IDs so it is included in the PLMN assigned UE Radio Capability IDs it assigns. This shall be configured in the UCMF.
The UCMF may be provisioned with a dictionary of Manufacturer-assigned UE Radio Capability IDs which include a "Vendor ID" that applies to the Manufacturers of these UE, and a list of TACs for which the PLMN has obtained-Manufacturer-assigned UE Radio Capability IDs.
A PLMN-assigned UE Radio Capability IDs is kept in the UCMF storage as long as it is associated with at least a TAC value. When a TAC value is related to a UE model that is earmarked for operation based on Manufacturer assigned UE Radio Capability IDs, this TAC value is disassociated in the UCMF from any PLMN assigned UE Radio Capability IDs.
For the case that the PLMN is configured to store PLMN assigned IDs in the Manufacturer Assigned operation requested list defined in clause 4.4.1a, the UCMF does not remove from storage any PLMN assigned UE Radio Capability ID no longer used, and rather quarantines it to avoid any future reassignment.
A UCMF dictionary entry shall include also the related UE Radio Capability for Paging for each RAT.
The Network Slice-specific and SNPN Authentication and Authorization Function (NSSAAF) supports the following functionality:
Support for Network Slice-Specific Authentication and Authorization as specified in TS 23.502 with a AAA Server (AAA-S). If the AAA-S belongs to a third party, the NSSAAF may contact the AAA-S via a AAA proxy (AAA-P).
Support for access to SNPN using credentials from Credentials Holder using AAA server (AAA-S) as specified in clause 22.214.171.124.2 or using credentials from Default Credentials Server using AAA server (AAA-S) as specified in clause 126.96.36.199.2. If the Credentials Holder or Default Credentials Server belongs to a third party, the NSSAAF may contact the AAA server via a AAA proxy (AAA-P).
The Time Sensitive Communication and Time Synchronization Function (TSCTSF) supports the following functionality:
Associating the time synchronization service request (see clause 188.8.131.52) from the NF consumer to the AF sessions with the PCF (the session between the PCF and TSCTSF).
Controlling time synchronization service request from the NF consumer, (g)PTP-based time distribution and ASTI-based time distribution based on subscription data. The TSCTSF may be pre-configured with one or several PTP instance configurations. For each PTP instance configuration, it may contain:
a reference to the PTP instance configuration.
Managing the DS-TT and NW-TT via exchange of PMIC and UMIC as described in Annex K.
Detecting availability of 5GS Bridge information (including user plane node ID that applies also for IP type PDU Sessions) as reported by PCF for both Ethernet and IP type PDU Sessions (including the need to (un)subscribe 5GS Bridge information Notification from PCF).
Creating the TSC Assistance Container based on individual traffic pattern parameters from the NEF/AF and providing it to the PCF.
Determining the Requested PDB by subtracting the UE-DS-TT Residence Time from the Requested 5GS Delay provided by the NEF/AF and providing the determined Requested PDB to the PCF.
Discovering the AMFs serving the list of TA(s) that comprise the spatial validity condition from the NRF and subscribing to the discovered AMF(s) to receive notifications about presence of the UE in an Area of Interest events determined by the list of TA(s) served by the AMF.
Determining the spatial validity condition from the requested coverage area by the NEF/AF and enforcing time synchronization service for the requested coverage area.
The TSN AF supports control plane translator functionality for the integration of the 5GS with a TSN network, this involves e.g.:
5GS Bridge management.
Port and bridge management information exchange with DS-TT or NW-TT.
Interactions with the CNC for 5GS Bridge configuration and reporting.
determining the TSC Assistance Container and TSN QoS information by mapping TSN Stream(s) based on IEEE standards. The traffic pattern parameter determination may be based on PSFP (IEEE Std 802.1Q ) as specified in Annex I, clause I.1.
The NSWOF interfaces the WLAN access network using the SWa interface as defined in TS 23.402 and interfaces the AUSF using the Nausf SBI performing protocol translation and AUSF discovery (see clause 6.3.4).