Tech-invite3GPPspecsSIPRFCs
Overview21222324252627282931323334353637384‑5x

Content for  TS 33.107  Word version:  16.0.0

Top   Top   Up   Prev   Next
0…   4   5…   5A…   6…   7…   7A…   8…   9…   10…   11…   12…   12.2…   12.3…   12.4…   12.5…   13…   14…   15…   16…   17…   18…   19…   20…   21…   22…   23…   A…   B…   C…   D…   E…   F…   G…   H…   I…   J…   L…

 

12.3  Functional requirements for LI in case of E-UTRAN access and PMIP based S5/S8 interfaces

12.3.0  General |R12|

Functional requirements for LI in the MME, S-GW, LI LCS Client and HSS do not differ from the ones applicable to the case of GTP based S5-S8 interfaces, as specified in clause 12.2 and subclauses.
LI in the PDN-GW is a national option.
Interception in the PDN-GW and in the LI LCS Client shall be based on one or more of NAI, MSISDN, IMEI.
For the delivery of the CC and IRI, the PDN-GW provides correlation number and target identity to the DF2 and DF3 which is used there in order to select the different LEAs where the product shall be delivered.
The correlation number is unique in the whole PLMN and is used to correlate CC with IRI and the different IRI's of one IP-CAN session. However, when different protocols (i.e. GTP and PMIP) are used in the network, different values can be generated by different nodes.
The correlation number shall be generated by using existing parameters related to the IP-CAN session.
If interception has been activated for both parties of the Packet Data communication both CC and IRI shall be delivered for each party as separate intercept activity.
Up

12.3.1  Provision of intercept related informationWord‑p. 132

12.3.1.0  General |R12|

Intercept Related Information (Events) shall be sent at attach/tunnel activation, detach/tunnel deactivation, start of interception with active PMIP tunnel, PMIP session modification, PDN-GW initiated PDN-disconnection, UE requested PDN connectivity, Serving Evolved Packet System, subscriber record change, registration termination, location information request , and LALS Location Report.
LI based on HSS reporting is a national option. Requirements on the HSS specified in section 12.2 and subsections apply also to the case in which S5/S8 interfaces are PMIP based.
Up

12.3.1.1  X2 interface

The following information needs to be transferred from the PDN-GW to the DF2 in order to allow a DF2 to perform its functionality:
  • target identity;
  • events and associated parameters as defined in clause 12.3.1.2 and 12.3.3 may be provided;
  • the target location (if available) or the IAs in case of location dependent interception; (FFS);
  • date/time of Location (if target location provided);
  • correlation number;
  • Quality of Service (QoS) information, if available;
  • encryption parameters (keys and associated parameters for decrypting CC), if available and necessary.
The PDN-GW detect packets containing packet data header information in the communications path but the information needed for Packet Data Header Information reporting may need to be transferred from the PDN-GW either directly to the DF2 or via another network entity in order to allow the DF2 to perform its functionality.
The IRI should be sent to DF2 using a reliable transport mechanism.
For the LALS Reports the following information needs to be transferred from the LI LCS Client to the DF2 in order to allow a DF2 to perform its functionality:
  • target identities;
  • the target location (if available);
  • date/time of Location (if target location provided);
  • error code (if positioning fails);
  • Correlation Identifier (in the case of report for Enhanced Location for IRI).
The IRI should be sent to DF2 using a reliable transport mechanism.
Up

12.3.1.2  Structure of the eventsWord‑p. 133
There are several different events in which the information is sent to the DF2 if this is required. The events for interception are configurable (if they are sent to DF2) in the PDN-GW, LI LCS Client and can be suppressed in the DF2. The network procedures for which the events are generated are defined in TS 23.402.
The following events are applicable to the PDN-GW:
  • PMIP Attach/tunnel activation;
  • PMIP Detach/tunnel deactivation;
  • PMIP session modification
  • Start of interception with active PMIP tunnel;
  • PMIP PDN-GW initiated PDN-disconnection;
  • Packet Data Header Information.
A set of elements as shown below can be associated with the events. The events trigger the transmission of the information from the nodes to DF2. Available IEs from this set of elements as shown below can be extended in the nodes, if this is necessary as a national option. DF2 can extend available information if this is necessary as a national option.
Observed MN NAI
The Network Access Identifier of the Mobile Node (target identity).
Observed MSISDN
MSISDN of the target.
Observed IMEI
IMEI of the target
Event type
Indicates which type of event is delivered: PMIP attach/tunnel activation, PMIP detach/tunnel deactivation, PMIP Session modification, Start of interception with active PMIP tunnel, PMIP PDN-GW initiated PDN disconnection, , Packet Data Header Information.
Event time
Time of the event generation in the ICE. Time stamp shall be generated relative to ICE internal clock.
Event date
Date of the event generation in the ICE.
Correlation number
The correlation number is used to correlate CC and IRI.
Network Element Identifier
Unique identifier for the ICE reporting the event.
Logical Function Information
Used to distinguish between multiple logical functions operating in a single physical network element.
Lifetime
Indicates the lifetime of the tunnel; it is set to a nonzero value in the case of registration; is set to zero in case of deregistration.
Failed attach reason
Reason for the failed attach/tunnel deactivation of the target.
Access technology type
Indicates the Radio Access Type.
Handover indicator
Provides information on whether the procedure is triggered as part of a handover.
APN
The Access Point Name used for the connection.
UE address info
Includes one or more IP addresses allocated to the UE.
Additional Parameters
Additional information provided by the UE, such as protocol configuration options.
PDN address(es)
The UE IP address(es) for the PDN connection.
Revocation trigger
Indicates the reason which triggered the PDN-GW initiated PDN-disconnection procedure
Serving Network
Identifies the serving network the UE is attached to
DHCP v4 Address Allocation Indication
Indicates that DHCPv4 is to be used to allocate the IPv4 address to the UE
Location Information
Provides, if received from the PCRF, and/ or from the LI LCS Client, location information of the target.
Time of Location
Date/Time of location. The time when location was obtained by the location source node.
Destination IP Address
The IP address, including type IPv4 or IPv6, of the destination of the IP packet.
Destination Port Number
The port number of the destination of the IP packet.
Flow Label (IPv6 only)
The field in the IPv6 header that is used by a source to label packets of a flow (see RFC 3697 [41]).
Packet Count
The number of packets detected and reported (for a particular summary period).
Packet Data Summary Reason
The reason for a Packet Data Summary message being sent to the LEMF (e.g., timed out, counter expiration, end of session)
Packet Size
The size of the packet. (i.e., Total Length Field in IPv4 or Payload Length field in IPv6)
Source IP Address
The IP address, including type IPv4 or IPv6, of the source of the IP packet.
Source Port Number
The port number of the source of the IP packet.
Sum of Packet Sizes (for a particular summary period)
The sum of values contained in the Total Length fields of the IPv4 packets or the sum of the values contained in the Payload Length fields of the IPv6 packets.
Summary Period
Includes the dates and times of the first and last packets in a particular packet data interval.
Transport Protocol (e.g., TCP)
The identification of the transport protocol of the packet or packet flow being reported.
Up

12.3.2  X3-interfaceWord‑p. 135
The access method for the delivering of PDN-GW Intercept Product is based on duplication of packets without modification at the PDN-GW. The duplicated packets with additional information in a header are sent to DF3 for further delivery to the LEA.
[not reproduced yet]
Figure 12.3.2.1: Configuration for interception of PDN-GW product data
Up
In addition to the intercepted content of communication, the following information needs to be transferred from the PDN-GW to the DF3 to perform its functionality:
  • target identity;
  • correlation number;
  • time stamp (optional);
  • direction (indicates whether T-PDU is MO or MT) - optional;
  • the target location (if available) or the IAs in case of location dependent interception;
  • date/time of Location (if target location provided).

12.3.3  LI events for E-UTRAN access with PMIP-based S5 or S8

12.3.3.1  Initial E-UTRAN Attach and UE PDN requested connectivity with PMIP-based S5 or S8

When the E-UTRAN Attach or UE requested PDN connectivity is detected at the PMIP based PDN-GW, a PMIP attach/tunnel activation event shall be generated by the PDN-GW. The following elements will be delivered to the DF2 if available:
  • Observed MN NAI
  • Observed MSISDN
  • Observed IMEI
  • Event Type
  • Event Time
  • Event Date
  • Correlation number
  • Network Element Identifier
  • Logical Function Information
  • Lifetime
  • Failed attach reason
  • Access Technology Type
  • Handover Indicator
  • APN
  • UE Address Info
  • Additional Parameters
  • Serving Network
  • DHCPv4 Address Allocation Indication
  • Location information
  • Time of Location
Up

12.3.3.2  Detach and PDN disconnection for PMIP-based S5/S8Word‑p. 136
When the Detach or PDN disconnection is detected at the PMIP based PDN-GW, a PMIP detach/tunnel deactivation event shall be generated by the PDN-GW. The following elements will be delivered to the DF2 if available:
  • Observed MN NAI
  • Observed MSISDN
  • Observed IMEI
  • Event Type
  • Event Time
  • Event Date
  • Network Element Identifier
  • Logical Function Information
  • Correlation number
  • APN
  • Additional Parameters
  • Failed reason
  • Location information
  • Time of Location

12.3.3.3  Start of interception with active tunnel for PMIP based S5/S8

This event shall be generated by the PDN-GW if interception for a target is started and if the target has an active PMIP tunnel. If more than one connection is active, for each of them an event record is generated. The parameters which are defined for PMIP attach/tunnel activation (see related section) will be sent, if available, by the PDN-GW to the DF2.

12.3.3.4  Dedicated Bearer Procedures for E-UTRAN Access with PMIP-based S5/S8

All the procedures can be intercepted at the S-GW according to the requirements specified for LI in case of GTP based S5/S8.
PDN-GW is not involved in these procedures, except for the case of PDN-GW initiated PDN-disconnection Procedure.

12.3.3.5  PDN-GW initiated PDN-disconnection Procedure

When a PDN-GW initiated PDN-disconnection procedure is detected, a PMIP PDN-GW initiated PDN-disconnection event shall be generated by the PDN-GW. The following elements will be delivered to the DF2:
  • Observed MN NAI
  • Observed MSISDN
  • Observed IMEI
  • Event Type
  • Event Time
  • Event Date
  • Network Element Identifier
  • Logical Function Information
  • Correlation number
  • PDN Address(es)
  • Revocation trigger
  • Location information
  • Time of Location

12.3.3.6  PMIP Session modificationWord‑p. 137
When a session modification is detected at the PDN-GW, a PMIP Session modification event shall be generated by the PDN-GW. The following elements will be delivered to the DF2:
  • Observed MN NAI
  • Observed MSISDN
  • Observed IMEI
  • Event Type
  • Event Time
  • Event Date
  • Network Element Identifier
  • Logical Function Information
  • Correlation number
  • Lifetime
  • UE Address Info
  • Access Technology Type
  • Additional Parameters
  • Failed reason
  • Serving Network
  • Handover indicator
  • DHCPv4 Address Allocation Indication
  • Location information
  • Time of Location
Up

12.3.3.7  Packet Data Header Information |R12|

12.3.3.7.0  Introduction
Packet Data Header Information reporting can be done either on a per-packet (i.e., non-summarized) basis or in a summary report.
12.3.3.7.1  Packet Data Header Report
This event is used to provide packet header reports on a per packet basis (non-summarized reporting) and is triggered by each packet sent or received by the target. These elements will be delivered by the PDN-GW either directly to DF2 or via another network entity if available:
  • Observed MN NAI
  • Observed MSISDN
  • Observed IMEI
  • Event Type
  • Event Time
  • Event Date
  • Network Element Identifier
  • Logical Function Information
  • Correlation number
  • Lifetime
  • UE Address Info
  • Access Technology Type
  • Additional Parameters
  • Serving Network
  • Handover indicator
  • DHCPv4 Address Allocation Indication
  • Location information
  • Time of Location
  • Source IP Address
  • Destination IP Address
  • Destination Port Number
  • Transport Protocol (e.g., TCP)
  • Packet Size
  • Flow Label (IPv6 only)
Up
12.3.3.7.2  Packet Data Summary ReportWord‑p. 138
This event is used to report:
  1. the source and destination information derived from the packet headers, including:
    1. source and destination IP Addresses,
    2. IP next-layer protocol,
    3. Layer-4 ports, and
    4. Flow label, if the packet is IPv6
  2. summary information for the number of packets and bytes transmitted or received by the target for each unique packet flow within an EPS bearer, and
  3. the date and the time of the first and last packets associated with that packet flow. A packet flow is defined as the 6-tuple of source/destination IP address/port number and the layer 4 protocol and EPS bearer.
    IP addresses and the IP next-layer protocol are always reported, the flow label is reported if the packet is IPv6, and the layer-4 ports are reported.
The event provides packet summary reports for each unique packet data session (EPS bearer) and packet flow, and is triggered by one of the following:
  • start of a packet flow associated with an EPS bearer
  • an interim report for a packet flow associated with an EPS bearer is to be reported
  • end of a packet flow associated with an EPS bearer (including end of the EPS bearer itself).
An interim report can be triggered by
  • The expiration of a configurable timer per intercept (called a Summary Timer). The Summary Timer is configurable in units of seconds;
  • A per-intercept configurable count threshold is reached.
These elements will be delivered either directly to DF2 or via DF3 for each packet flow if available:
  • Observed MN NAI
  • Observed MSISDN
  • Observed IMEI
  • Event Type
  • Event Time
  • Event Date
  • Network Element Identifier
  • Logical Function Information
  • Correlation number
  • Lifetime
  • UE Address Info
  • Access Technology Type
  • Additional Parameters
  • Serving Network
  • Handover indicator
  • DHCPv4 Address Allocation Indication
  • Location information
  • Time of Location
  • Source IP Address
  • Source Port Number
  • Destination IP Address
  • Destination Port Number
  • Transport Protocol (e.g., TCP)
  • Flow Label (IPv6 only)
  • Summary Period
  • Packet Count (for this summary period)
  • Sum of Packet Sizes (for this summary period)
  • Packet Summary Reason \endnl
    If the packets are IPv4, the sum of all observed packet sizes is the sum of the values contained in the Total Length field of each packet as specified in IETF RFC 791[39].
    If the packet is IPv6, the sum of all observed packet sizes is the sum of the values contained in the Payload Length field for each packet as specified in IETF RFC 2460 [40].
    If no packets were detected for the duration of the Summary Timer, then the Packet Data Summary Report shall not be sent.
Up

Up   Top   ToC