DIAMETER in the

Evolved Packet Core

A Whitepaper

November 2009

By Yogesh V. Ranade

www.intellinet-tech.com
DIAMETER in the Evolved Packet Core
Page 2

DIAMETER in the Evolved Packet Core

Mobile broadband is becoming a reality, as the Internet generation grows
accustomed to having broadband access wherever they go and not just at home or
in the office. Of the estimated 3.4 billion people who will have broadband by 2014,
about 80 percent will be mobile broadband subscribers – and the majority will be
served by High Speed Packet Access (HSPA) and Long Term Evolution (LTE)
networks.

The EPC is an all-
IP, end-to-end
architecture for
supporting mobile
access networks
LTE is the next major step in mobile radio communications and is introduced in
3GPP Release 8. LTE uses Orthogonal Frequency Division Multiplexing (OFDM) as its
radio access technology, together with advanced antenna technologies. In addition
to LTE, the 3GPP has also defined an IP-based flat network architecture. This
architecture is defined as part of the System Architecture Evolution (SAE) effort.
The key components of the Evolved Packet Core (EPC) are the evolved Universal
Mobile Telecommunications Service (UMTS) terrestrial Radio Access Network (RAN),
abbreviated as E-UTRAN, and the Evolved Packet Core (EPC). The E-UTRAN is also
known as LTE (the long-term evolution of 3G) and is based on Orthogonal Frequency
Division Multiple Access (OFDMA) radio access technology that has been highly
optimized for packet traffic. The EPC is an all-IP, end-to-end architecture for
supporting mobile access networks. The E-UTRAN consists of eNodeBs, which
provide the radio interface toward the user equipment. The eNodeBs are
interconnected with each other via the IP-based X2 interface and towards the
Evolved Packet Core (EPC) via the IP-based S1 interfaces.

The EPC (shown in Figure 1) can be broadly described as an evolution of the legacy
core network functions and procedures defined for UTRAN access with a clear
separation between control plane and user plane functions.

UTRAN

SGSN
GERAN HSS
S3
S1-MME S6a
MME
PCRF
S12 Rx
S11 Gx
S4
LTE-Uu S10
Serving S5 PDN SGi Operator's IP
UE E-UTRAN Gateway Gateway Services
S1-U (e.g. IMS, PSS etc.)

Figure 1: Non-roaming architecture for 3GPP accesses

The EPC is comprised of three core functional elements:

• Serving Gateway (SGW): From a functional perspective, the Serving GW is the

termination point of the packet data interface towards E-UTRAN. When terminals
move across eNodeB in E-UTRAN, the Serving GW serves as a local mobility anchor,
meaning that packets are routed through this point for intra E-UTRAN mobility and
mobility with other 3GPP technologies, such as 2G/GSM and 3G/UMTS.

• Mobility Management Entity (MME): The MME is the control-plane function for E-
UTRAN access. It is responsible for authentication and critical management for

www.intellinet-tech.com 2
DIAMETER in the Evolved Packet Core
Page 3

mobile devices as well as for tracking and paging procedures for mobiles in idle
mode. The MME authorizes bearer activation/deactivation including SGW and
Packet Data Network (PDN) gateway selection. The MME is in charge of all the
Control plane functions related to subscriber and session management. The MME is
linked through the S6 interface to the HSS which supports the database containing
all the user subscription information. The S6 interface to the HSS is based on the
Diameter protocol.

• Packet Data Network Gateway (PDN GW): The PDN GW is the permanent IP
point-of-attachment for access via the E-UTRAN. The PDN GW performs IP policy
and charging enforcement on packet flows to and from mobile devices. The same
access point name (APN) concepts from the UTRAN PS core network apply, allowing
a mobile device to have simultaneous connectivity to multiple PDNs. Similarly to
the Serving GW, the PDN gateway is the termination point of the packet data
interface towards the Packet Data Network. As an anchor point for sessions towards
the external Packet Data Networks, the PDN GW also supports Policy Enforcement
features (which apply operator-defined rules for resource allocation and usage) as
well as packet filtering (like deep packet inspection for virus signature detection)
and evolved charging support (like per URL charging).

HSS
SWx
Rx
hPCRF Operator's IP
S6a Gx Services
SGi (e.g. IMS, PSS
PDN etc.) 3GPP AAA
Gateway Server
HPLMN
S6b

S9
S2b SWd
S8
vPCRF

3GPP Serving
Access Gateway Gxc
Gxb
3GPP AAA
Proxy
SWm
S2a
ePDG
VPLMN

Non-3GPP
Networks Gxa SWn

Trusted Untrusted
Non-3GPP IP Non-3GPP IP
Access Access
SWa STa

Figure 2: Roaming architecture

Since this is an all-IP system, authentication and authorization based on legacy

Mobile Application Part/ Signaling System 7 (MAP/SS7) has been replaced with an
S6a interface based on the Diameter Protocol. In other words, the Home Subscriber
Server (HSS) connects to the packet core through an interface based on Diameter
and not SS7, as used in previous GSM and WCDMA networks. Network signaling for

www.intellinet-tech.com 3
DIAMETER in the Evolved Packet Core
Page 4
The Diameter Base
Protocol provides
basic mechanisms
for reliable
transport, message
delivery and error
handling
policy control and charging is already based on Diameter. This means all interfaces
in the architecture are IP interfaces.
Let us look at Diameter in more detail
Diameter is defined in terms of an Authorization, Authentication and Accounting
(AAA) base protocol and a set of applications. The base protocol provides basic
mechanisms for reliable transport, message delivery and error handling. It must be
used along with a Diameter application. A Diameter application uses the services of
base protocol in order to support a specific type of network access.
These applications include:
 NASREQ Application - AAA services for Dial-in PPP users (RADIUS replacement)
 Mobile IPv4 Application - AAA support for Mobile IP networks as specified in
CDMA2000 requirements (rfc3141) and MobileIP AAA (rfc2977)
 EAP Application - Security support for Extensible Authentication protocol
(rfc4072)
 Credit Control Application - Charging support as specified in rfc4006
 3GPP Applications
 IMS supported applications for AAA functions
 WLAN extensions to 3GPP.
The Diameter Base Protocol defines basic and standard behavior of Diameter nodes
as well-defined state machines and also provides an extensible messaging
mechanism that allows information exchange among Diameter Nodes. Diameter
Applications augment the Base Protocol state machines with application-specific
behavior to provide new AAA capabilities. The following figure depicts the different
features of the Diameter Base Protocol.
Figure 3 Diameter Base Protocol
A Diameter Base Protocol Network consists of the following Diameter nodes, each of
which is a host process that implements the Diameter protocol:
 Diameter Client - A device at the edge of the network that performs access
control. An example of a Diameter client is a Network Access Server (NAS) or a
Foreign Agent (FA).
 Diameter Agent - A Diameter node that provides relay, proxy, redirect or
translation services.
 Diameter Server - Handles authentication, authorization and accounting
requests for a particular realm. By its nature, Diameter Server must support
Diameter applications in addition to the base protocol.
Figure 4 below depicts the different kinds of Diameter entities. The Client and
Server are applicable from the IMS and LTE/EPC perspective.
www.intellinet-tech.com 4
DIAMETER in the Evolved Packet Core
Page 5

Network Edge Device Performing Access Control.

Client Eg NAS, Foreign Agent

Controlling Entity of AAA functions for a particular domain

Server Eg. HSS

Routes Diameter messages within known peers in supported

Relay Agent realms. May modify routing information (only)

Proxy Agent Also routes messages, but can modify message content to
enable policy, resource usage, admission and provisioning

Enables Routing to other domains within roaming agreements

Redirect Agent by notify the requesting peer with the routing information

Protocol translation function such as RADIUS-Diameter

Translation conversion
Agent

Figure 4 Diameter Entities

The Diameter base protocol provides following functionalities:

 Delivery of Attribute Value Pairs (AVP)
 Capabilities negotiation
 Error notification
 Extensibility through addition of new commands and AVPs
 Basic services necessary for applications such as handling of user sessions or
accounting.

The base protocol defines the basic Diameter message format. Data is carried
Interfaces within a Diameter message as a collection of Attribute Value Pairs (AVP). An AVP
supporting AAA consists of multiple fields: an AVP Code, a Length, Flags, and Data. Some AVPs are
used by the Diameter base protocol; other AVPs are intended for the Diameter
functions are application.
defined by 3GPP
The 3GPP standards defined the applications for the various interfaces supporting
Standards the AAA functions in the IMS and the EPS network. In the IMS and the EPS reference
architecture, the HSS holds all the information about the subscriber and
subscription. Access to any information regarding this profile needs to be queried
from the HSS such as the location, authorization for conferencing etc. These
messages are defined in terms of a command set identified by the various reference
points, which are the S6a, Cx/Dx, Sh, Rf/Ro, Gq, Wx. So on the subscriber related
interfaces Cx, Sh, you are likely to see requests to access and update the subscriber
profile. On the Rf/Ro charging interfaces, the requests cover the accounting
aspects, credit control etc.

In addition to defining these message sets, 3GPP also mandated the use of SCTP for
reliable transport and using methods of IPSec/TLS to secure the sensitive data
flowing on this network.

Interfaces in the EPS based on the Diameter protocol

S6a enables transfer of subscription and authentication data for

authenticating/authorizing user access to the evolved system (AAA interface)
between MME and HSS. This interface is defined between MME and HSS for
authentication and authorization. It is defined in TS 23.401.

www.intellinet-tech.com 5
DIAMETER in the Evolved Packet Core
Page 6
LTE/EPS is well
positioned to meet
the requirements of
next generation
networks
S6b is the reference point between PDN Gateway and 3GPP AAA server/proxy for
mobility related authentication if needed. This reference point may also be used to
retrieve and request storage of mobility parameters. This reference point may also
be used to retrieve static QoS profile for a UE for non-3GPP access in case dynamic
PCC is not supported.
Gx provides transfer of (QoS) policy and charging rules from PCRF to Policy and
Charging Enforcement Function (PCEF) in the PDN GW.
Gxa provides transfer of (QoS) policy information from PCRF to the Trusted Non-
3GPP accesses.
Gxc provides transfer of (QoS) policy information from PCRF to the Serving Gateway
S9 provides transfer of (QoS) policy and charging control information between the
Home PCRF and the Visited PCRF in order to support local breakout function. In all
other roaming scenarios, S9 has functionality to provide dynamic QoS control
policies from the HPLMN.
SWa connects the untrusted non-3GPP IP Access with the 3GPP AAA Server/Proxy
and transports access authentication, authorization and charging-related
information in a secure manner.
STa connects the trusted non-3GPP IP Access with the 3GPP AAA Server/Proxy and
transports access authentication, authorization, mobility parameters and charging-
related information in a secure manner.
SWd connects the 3GPP AAA Proxy, possibly via intermediate networks, to the 3GPP
AAA Server.
SWm is the reference point located between 3GPP AAA Server/Proxy and ePDG and
is used for AAA signalling (transport of mobility parameters, tunnel authentication
and authorization data). This reference point also includes the MAG-AAA interface
functionality, IETF Internet-Draft, draft-ietf-dime-pmip6-01 and Mobile IPv6 NAS-
AAA interface functionality, RFC 5447.
SWx is the reference point located between 3GPP AAA Server and HSS and is used
for transport of authentication, subscription and PDN connection related data.
In conclusion, LTE/EPS is well positioned to meet the requirements of next-
generation mobile networks. It will enable operators to offer high-performance,
mass market mobile broadband services, through a combination of high bit-rates
and system throughput, in both the uplink and downlink and with low latency. LTE
infrastructure is designed to be simple to deploy and operate, through flexible
technology that will also inter-operate with GSM, WCDMA/HSPA, TD-SCDMA and
CDMA networks. Diameter has been identified as the protocol for AAA services in
both the EPS and the IMS networks and will continue to play its part as more and
more deployments start happening.
References
3GPP TS 23.401: General Packet Radio Service (GPRS) enhancements for
Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access
3GPP TS 23.402: Architecture enhancements for non-3GPP accesses
3GPP TS 29.230: Diameter applications; 3GPP specific codes and identifiers
3GPP TS 29.272: Evolved Packet System (EPS); Mobility Management Entity
(MME)
and Serving GPRS Support Node (SGSN) related interfaces based on Diameter
protocol
3GPP TS 29.273: Evolved Packet System (EPS); 3GPP EPS AAA interfaces
www.intellinet-tech.com 6
DIAMETER in the Evolved Packet Core
Page 7

About IntelliNet Technologies

Headquartered in Melbourne, Florida with offices in Bangalore, India, IntelliNet
Technologies is a leading provider of next-generation network convergence and
application development solutions for PSTN, cellular, wireless and IP Multimedia
Subsystem (IMS) networks. Major equipment vendors, application developers and
global operators currently use IntelliNet’s products for prepaid, location services,
messaging and fixed mobile convergence. Additional solutions include: mobility,
fraud management, and network bridging applications including SS7/IN, SIGTRAN,
DIAMETER, SUPL, SIP and other emerging signaling protocols. For more information
please visit: http://www.intellinet-tech.com

rd
3 Generation Universal Mobile Telecommunication
3G/UMTS
System
AAA Authorization, Authentication and Accounting
Home eNodeB 3GPP term for an LTE femtocell
EPC Evolved Packet Core
EPS Evolved Packet System
Evolved Universal Mobile Telecommunications Service
E-UTRAN
(UMTS) terrestrial Radio Access Network (RAN)
nd
2 Generation Groupe System for Mobile
GSM
Communications
Home Node B 3GPP term for a 3G femtocell
HSPA High Speed Packet Access
HSS Home Subscriber Server
IMS IP Multimedia Subsystem
LTE Long Term Evolution
MAP/SS7 Mobile Application Part/ Signaling System 7
MME Mobility Management Entity
OFDM Orthogonal Frequency Division Multiplexing
PDN Packet Data Network
PDN GW Packet Data Network Gateway
RAN Radio Access Network
SAE System Architecture Evolution
SGW Serving Gateway
UMTS Universal Mobile Telecommunications Service

www.intellinet-tech.com 7