5G UPF traffic distribution technology and deployment methods

Labs Guide

The User Plane Function (UPF) is an important part of the 3GPP 5G core network system architecture, and is mainly responsible for the routing and forwarding functions of the 5G core network user plane data packets. UPF plays a pivotal role in 5G edge computing and network slicing technologies for low latency and large bandwidth. This article will introduce the UPF network element of the 5G core network. First, the evolution history of UPF and the functional requirements and interface design of UPF at the standard level of 3GPP will be introduced; then, combined with the differentiated requirements of different business scenarios for latency, bandwidth, reliability, etc., the diversion technology and deployment method of UPF in edge computing will be introduced.

1. Background of UPF

The User Plane Function (UPF) represents the evolution of the Control and User Plane Separation (CUPS) strategy in the data plane.

Around 2016, 3GPP introduced the CUPS strategy in Release 14 as an extension of the 4G core network (EPC), decoupling the functions of the packet gateway (PGW) and the service gateway (SGW), splitting them into the control plane (PGW-C and SGW-C) and the user plane (PGW-U and SGW-U). PGW-U can be deployed in a decentralized manner, increasing the flexibility of traffic forwarding, allowing devices closer to the edge of the network to perform packet processing and traffic aggregation, reducing the burden on the core network while improving bandwidth efficiency.

The CUPS strategy allows the user plane of the core network to be moved downward, which can support business scenarios with strong demands for large bandwidth and low latency. However, the design of CUPS itself has a strong impact on the evolution of 4G EPC. Although the user plane can be separated and moved downward, there are still huge limitations on the interaction between it and other functional entities of the core network. As 5G abandons the design of traditional equipment functional entities, white-boxes and virtualizes the core network, and adopts the design concept of microservices based on service-based software architecture (SBA), the user plane network functions separated in the CUPS strategy have gradually evolved into the UPF network element in the current 5G core network architecture. The evolution process is shown in Figure 1 [1].

UPF covers the functions of SGW-U and PGW-U after CUPS policy, and is mainly used for traffic transmission and receives control information of forwarding policy through the northbound interface (N4). In addition, the functions of authentication, session control, user data management in 4G EPC have gradually evolved into network elements responsible for the control plane in 5G core network.

2. UPF Function Introduction

UPF Function Overview

As a user plane network element of the 5GC network, UPF mainly supports the routing and forwarding of UE service data, data and service identification, action and policy execution, etc. UPF interacts with the session management function (SMF) through the N4 interface, is directly controlled and managed by SMF, and processes service flows according to various policies issued by SMF. According to 3GPP TS 23.501 V16.7.0, the main functions of UPF involved in this article are as follows:

• The interconnection point between the wireless access network and the data network (DN) is used for encapsulation and decapsulation of the GTP tunneling protocol (GTP-U, GPRS Tunneling Protocol for User Plane);
• Protocol Data Unit Session Anchor (PSA, PDU Session Anchor), used to provide mobility during wireless access;
• Routing and local diversion of 5G SA data packets, acting as an intermediate UPF (I-UPF) acting as an uplink classifier (UL-CL) or branching point UPF (Branching Point UPF).

In addition to the above functions, UPF also has application monitoring, data flow QoS processing, traffic usage reporting, IP management, mobility adaptation, policy control and charging functions, which can be found in 3GPP TS 23.501 specification [2]. In addition to network functional requirements, UPF also needs to consider indicators such as data security, physical environment requirements and deployment power consumption.

UPF interface design

UPF is the connection point between the mobile network and the data network (DN). Important interfaces include N3, N4, N6, N9, N19, Gi/SGi, S5/S8-U, S1-U, etc. Interfaces starting with N are the interfaces for UPF to interact with the 5G core network control plane network elements or external networks, as shown in Figure 2 [2]. The remaining interfaces can meet the compatibility with existing network facilities in the existing network. UPF still needs to be compatible with existing network facilities in the 5G network construction. In actual deployment, UPF will integrate the functions of SGW-U and PGW-U and be compatible with the existing core network. At the physical level, there will be a converged network element of UPF + PGW-U.

• The N3 interface is the interface between NG RAN and UPF, and uses the GTP-U protocol for tunnel transmission of user data.
• The N4 interface is the interface between SMF and UPF. The control plane is used to transmit node messages and session messages using the PFCP protocol. The user plane is used to transmit messages that the SMF needs to receive or send through the UPF using the GTP-U protocol.
• The N6 interface is the interface between the UPF and the external DN. In certain scenarios (such as enterprise-specific MEC access), the N6 interface is required to support dedicated lines or L2/L3 layer tunnels and can communicate with the DN network based on IP.
• The N9 interface is the interface between UPFs. In the mobile scenario, an I-UPF is inserted between the UE and the PSA UPF for traffic forwarding. The GTP-U protocol is used between the two UPFs to transmit user plane messages.
• The N19 interface is the user plane interface between two PSA UPFs when using 5G LAN services. It directly routes traffic between different PDU sessions without using the N6 interface, as shown in Figure 3.

The Gi interface is the interface between 2/3G access users through the GGSN and the external DN; the SGi interface is the interface between the PGW-U and the external DN, and needs to support IPv6/IPv4 dual stack and tunnel protocols such as IPSEC, L2TP and GRE.

The S5/S8-U interface is the user plane interface between the converged network element UPF/PGW-U and SGW-U. The S5-U interface is the interface between the SGW and PGW-U within the network, providing the function of connecting to the cross-region SGW and transmitting data during user mobility. The S8-U is the user plane interface between the SGW-U and PGW-U across PLMNs, and should have the S5-U interface function in roaming situations.

The S1-U interface is the interface between the eNodeB and SGW-U, and uses the GTP-U protocol to tunnel user data between the eNodeB and SGW-U.

3. UPF diversion technology

UPF is the connection anchor between 5G network and multi-access edge computing (MEC). All core network data must be forwarded by UPF before flowing to the external network. MEC is the hallmark capability of 5G business applications. Based on the C/U separation architecture of 5GC, the control plane NF is centrally deployed in the central DC, and UPF is deployed at the edge of the network. This can reduce transmission delay, realize local diversion of data traffic, and alleviate the data transmission pressure of the core network, thereby improving network data processing efficiency and meeting the vertical industry's demands for ultra-low latency, ultra-high bandwidth and security.

How UPF diverts user data flows to the MEC platform is the first step to truly achieve deep integration of networks and services and their implementation, and is also a key step in realizing the commercial deployment of 5G edge computing.

5G users will give priority to the central UPF (refer to Section 4.1 for the central UPF) when establishing a session connection. When users need to access MEC applications, they will select or insert the edge UPF. Edge resources are provided to users on demand to avoid performance bottlenecks caused by a large number of users. The 5G network needs to cooperate with MEC to do a good job of local diversion of user data. There are three main mainstream 5GC edge deployment diversion technologies: uplink classifier (UL CL, Uplink Classifier) ​​solution, IPv6 multi-homing (Multi-homing) solution, local data network (LADN, Local Area Data Network) solution and data network identification (DNN, Data Network Name) solution. UL CL and IPv6 Multi-homing belong to the local diversion of single PDU sessions, and user data diversion is performed on the network side; DNN and LADN belong to the local diversion of multi-PDU sessions, and user data diversion starts from the terminal.

UL CL Solution

For PDU sessions of IPv4, IPv6 or IPv4v6 type, the UL CL solution can be used. During or after the establishment of a user PDU session, SMF can insert or delete one or more UL CLs in the data path of the PDU session. UL CL supports forwarding uplink service flows to different PDU session anchor points UPF based on the traffic detection and traffic forwarding rules provided by SMF, and diverts them to the MEC platform; and merges downlink service flows from different PDU session anchor points UPF on the link to the 5G terminal, which is a bit like the role of a routing table. UL CL uses flow filtering rules (such as checking the destination IP address/prefix of the uplink IP data packet sent by the UE) to determine how the data packet is routed.

The UE is not aware of the offloading of UL CL and does not participate in the insertion and deletion of UL CL. The UE associates a single IPv4 address or a single IP prefix or both assigned by the network to the PDU session.

Figure 4 shows a scenario where a PDU session has two anchor points. The UL CL is inserted into the UPF at the N3 port termination point, anchor points 1 and 2 terminate the N6 interface, and the uplink classifier UPF and anchor point UPF are transmitted through the N9 interface.

Based on different trigger conditions, UL CL solutions can be divided into the following categories:

Specific location UL CL solution: The diversion strategy is configured in SMF. When the user moves to the MEC area, SMF triggers the UL CL insertion process according to the configuration policy and the user location information reported by AMF. The specific location triggering UL CL is similar to the LADN scenario. Both trigger diversion when the user moves to a specific location. The triggering conditions are simple and easy to implement, and are suitable for MEC scenarios open to public users. Since all users in the MEC area (even if they do not use MEC services) will access the edge UPF, it may put pressure on the edge UPF.

UL CL solution based on location and user subscription: The diversion strategy is configured on PCF, and users need to sign up on PCF to support the use of MEC services. When a user moves to the MEC area, AMF reports the user location information to PCF through SMF. PCF triggers the UL CL insertion process based on the user location information and subscription information, adds a new edge UPF anchor point, and inserts UL CL. When user groups need to be distinguished in the MEC area, the UL CL solution triggered by location and user subscription can be used to avoid all users in the MEC area occupying edge UPF resources.

Location and application detection UL CL solution: The diversion strategy is configured in PCF, and the application-related information (five-tuple information, application URL) needs to be configured in PCF. When the user moves to the MEC area and uses a specific application, UPF detects the service flow according to the filter corresponding to the application identifier and reports it to PCF through SMF. PCF triggers the UL CL insertion process based on the user location information and application flow detection results. The location and application detection UL CL solution can trigger the diversion strategy according to the application, and the controllable granularity is finer; the disadvantage is the lack of a suitable UL CL deletion trigger mechanism.

Capability exposure UL CL solution: The diversion strategy is configured in MEC/APP. When the user moves to the MEC area, AMF notifies MEC/APP of the user location information through NEF. MEC/APP interacts with PCF/NEF through the N5/N33 interface to inform PCF of the diversion rules. PCF triggers the UL CL insertion process based on the user location information and application flow detection results. Capability exposure UL CL is a solution that is tightly coupled with applications. Applications can dynamically trigger UL CL policies based on business needs, which is more flexible. However, the call request of the capability exposure interface needs to provide a user identifier (private IP address assigned by 5GC), and the application also needs to perceive the user location information, which has a certain development threshold.

IPv6 Multi-homing Solution

The IPv6 multi-homing solution can only be applied to IPv6 type PDU sessions.

When the UE requests to establish a PDU session of type IPv6 or IPv4v6, it must inform the network whether it supports IPv6 Multi-homing PDU sessions. In actual deployment, the network will allocate multiple IPv6 prefix addresses to the terminal, and use different IPv6 prefix addresses for different services. One IP address can be used for remote services and one IP address can be used for local MEC services, and traffic can be diverted through branch points.

During or after the establishment of a PDU session, SMF can insert or delete a multi-homing session branching point in the data path of the PDU session. In the multi-homing scenario, a PDU session can be associated with multiple IPv6 prefixes. The branching point UPF checks the source IP address of the data packet according to the filtering rules sent by the SMF, forwards the upstream service flows of different IPv6 prefixes to different PDU session anchor points UPF, and then accesses the data network, and merges the downstream service flows from different PDU session anchor points UPF on the link to the 5G terminal. UPF can serve as a branch point and PDU session anchor point for IPv6 multi-homing at the same time. IPv6 Multi-homing diversion is shown in Figure 5.

DNN Solution

In the Data Network Name (DNN) solution, the terminal needs to configure a dedicated DNN and sign a contract for the dedicated DNN on the core network unified data management function (UDM). The user initiates a session establishment request through the dedicated DNN. When the SMF selects the UPF, it selects the destination edge UPF based on the dedicated DNN provided by the 5G terminal and the TA it is in, completes the establishment of the edge PDU session, and then accesses the MEC platform connected to the edge UPF.

The DNN solution has relatively low requirements for terminals and networks, and can be selected in the early stage of 5G commercialization to quickly launch MEC services. However, as 5G services develop, if an independent DNN is assigned to each MEC customer, it will be a great challenge for the number of DNNs supported by core network devices, especially UPF.

LADN Solution

In the local area data network (LADN) solution, users sign up for LADN DNN, and the relationship between the LADN service area (Tracking Area, TA) and LADN DNN is configured on AMF. When a 5G terminal registers with the network, it can obtain LADN information (such as LADN service area and LADN DNN) from the core network. When a 5G terminal moves to the LADN service area, it will request to establish a PDU session for this LADN DNN. AMF determines that the 5G terminal appears in the LADN area, and the requested DNN is configured as LADN DNN in AMF, and then forwards it to SMF; SMF selects the appropriate local edge UPF to establish a local PDU session to achieve local network access and local application access. At this time, a 5G user may have two PDU sessions: Internet session and LADN session as shown in Figure 6.

AMF tracks the location information of the terminal and notifies SMF of the relationship between the terminal location and the LADN service area, including: in the service area, out of the service area, and uncertain whether in the service area. When the user's location is not in the LADN service area, the LADN cannot be accessed. The LAND service area is identified by a group of TAs. When LADN is used for edge computing traffic diversion, the LADN TA and the service area applied on the edge computing usually correspond.

Figure 6. LDAN solution

LADN is only used in non-roaming scenarios or local service offload roaming scenarios. In actual deployment, users access MEC services through LADN sessions, and other services through Internet sessions.

✦ Summary

The 5G network offloads business flows to the MEC platform, mainly using the UL CL solution. The UL CL solution is suitable for scenarios where public users in commercial complexes, museums, stadiums, hotels, etc. use mobile terminals to access MEC applications, such as live video broadcasting and cloud gaming, and can also support public access to Internet applications.

The IPv6 Multi-homing solution is suitable for scenarios such as the Internet of Things and high-reliability private networks. However, due to the use of IPv6, its implementation is currently difficult.

LADN is a new feature introduced by 5G, and it has new functional requirements for terminals, including supporting the initiation or release of LADN sessions in a specific TA area, and supporting URSP (UE Route Selection Policy) for configuring LADN DNN and binding application flows to LADN DNN. According to the survey of the industry chain, 5G core network equipment already supports LADN functions, and the support of terminals for this function depends on business needs. Therefore, the maturity of end-to-end LADN solutions still requires a period of development, testing and verification.

4. UPF deployment method

In actual deployment, UPF needs to be flexibly deployed according to the differentiated requirements of different business scenarios for latency, bandwidth, reliability, etc. Typical deployment locations include: center, region, edge, and enterprise park.

Center-level UPF

Center-level UPF is suitable for services that are not sensitive to latency but have high and relatively concentrated throughput requirements, such as ordinary Internet access, VoNR, NB-IoT and other services. Center-level UPF needs to have the following characteristics.

• First, it meets the functional requirements of 2G/3G/4G/5G/Fixed full converged access, message identification, content billing, etc. of the ToC network. In actual network deployment, there will be multiple access networks coexisting within a certain period of time. UPF must support multiple wireless access at the same time to meet the requirements of full converged access; when users move across access networks, the same session IP address remains unchanged to ensure business continuity.
• Second, it has the ability to share virtual operator networks. Through network technologies such as network slicing and Gateway Core Network (GWCN), it supports multiple UPF instances, multiple tenants, and decentralized and domain-based operations and maintenance to meet the differentiated business needs of different virtual operators.
• Third, in response to the high-bandwidth forwarding capability requirements brought about by centralized construction, the forwarding efficiency can be improved by expanding the scale of computing resources and superimposing single root I/O virtualization (SR-IOV) + ​​vector forwarding technology, or by using heterogeneous hardware based on smart network cards to improve forwarding capabilities.
• Fourth, it provides security protection and network address translation (NAT) functions for N6/Gi/SGi interface traffic, which can be deployed by external hardware firewalls, virtualized firewalls, and UPF built-in firewall functions. Firewalls and NAT exist as business function components of UPF to improve integration and reduce deployment costs.

Regional UPF

Regional UPF is usually deployed in prefecture-level areas, mainly carrying user-plane services within the prefecture-level area, including Internet access, audio and video, and local enterprise services. Regional UPF implements user-plane sinking deployment, which helps reduce the transmission pressure of data traffic backhaul on the bearer network; it can also realize the sinking of local data services and reduce service latency. A typical application scenario is large video services. In order to improve user experience, it is necessary to deploy regional UPFs in various cities and access local video service servers nearby. The transmission path can also be shortened by jointly deploying UPFs and CDN/Cache nodes in regional data centers, as shown in Figure 7.

Regional UPF deployment brings complexity to operation and maintenance management, and there is a need for centralized operation and maintenance management. The regional UPF can be accessed remotely through the Element Management System (EMS) or by expanding the N4/Sx interface to implement configuration delivery and operation and maintenance data reporting. Considering the need for decoupling of the N4/Sx interface in the future, the industry currently prefers the former implementation method.

Edge-level UPF

Edge-level UPF is usually deployed at the edge of counties and districts to handle services with high bandwidth, latency sensitivity, and strong data confidentiality. By sinking UPF to mobile edge nodes, users can be identified based on data network identifiers (DNN, Data Network Name) or IP addresses, and user traffic can be diverted according to the diversion strategy. Data flows that need to be processed locally are forwarded and routed locally to avoid traffic detours, reduce data forwarding latency, and improve user experience. The edge service diversion scenario is shown in Figure 8.

The traffic diversion strategies used are divided into the following categories, among which the network element level and session level diversion have been explained in the previous chapters:

In terms of deployment and operation, edge-level UPF can achieve plug-and-play of equipment through pre-installation of software and hardware, automatic management, and automatic configuration distribution. In normal operation and maintenance, centralized configuration distribution and operation and maintenance management can be performed through EMS.

The edge-level UPF is deployed downward and connected to the SMF in the center through the N4 interface. The security of the N4 interface needs to be considered. Generally, the security policy can be enhanced by dividing the N4 interface into independent network planes or by deploying firewalls/IPSEC.

Enterprise-level UPF

Enterprise-level UPF is deployed in the enterprise computer room to improve the efficiency and automation level of industrial control through ultra-high bandwidth, ultra-low latency and ultra-high reliability connections. At the same time, production data can be terminated within the park and securely isolated from public network data to ensure safe and reliable production.

Industry applications and industrial environments are very different from the public network. In addition to meeting basic traffic forwarding and local traffic diversion, enterprise-level UPF also needs to focus on meeting the following requirements:

Private network access and management capabilities based on 5G LAN. Through local switching within UPF and N19 tunnel technology between UPFs, an enterprise-specific "local area network" is built, as shown in Figure 9.

Based on the Time Sensitive Networking (TSN) technology, deterministic networks are realized by controlling transmission delay and jitter. For TSN scenarios, enhanced support for high-precision clocks, as well as message queuing and scheduling mechanisms under high-precision clock management, is provided; UPF is deployed at the enterprise site to achieve nanosecond-level timing accuracy, millisecond-level end-to-end delay, and 99.9999% reliability.

Ultra-high transmission reliability based on uRLLC technology. By establishing dual GTP-U tunnels on the N3/N9 interface, redundant user plane transmission is achieved; or an end-to-end dual PDU session is established to transmit the same message in two sessions to ensure connection reliability, as shown in Figure 10.

Enterprise-level UPF needs to solve problems such as high start-up costs, complex equipment functions, and high difficulty in deployment and operation and maintenance. It is necessary to introduce a lightweight and simplest UPF solution with more targeted functions that can be flexibly matched according to scenario requirements, and can be pre-installed at the factory and ready to use on site, while supporting local and remote operation and maintenance.

Enterprise-level UPF is usually deployed outside the operator network and needs to consider the dual security of the operator network and the enterprise network. It needs to provide security filtering, two-way digital authentication, data encryption, and anti-malicious attack capabilities.

Full-scenario UPF deployment

Under the guidance of "5G New Infrastructure", China Mobile adopts a regional construction solution for the 5G core network to meet the needs of distributed network construction and intensive operation and maintenance, and provides full-scenario UPF. Because ToC and ToB networks have large differences in industry maturity, network functions, and market applications, two networks are built independently, and UPF is also built separately. In order to meet the needs of business differences and fragmentation in various industries, UPF adopts distributed multi-level deployment, as shown in Figure 11.

Figure 11. China Mobile's full-scenario UPF description

ToC UPF is deployed at the center and regional levels, taking into account service latency and transmission costs to meet large bandwidth and low latency requirements. From the perspective of cost and long-term evolution, it uses 100G smart network card acceleration and is configured in one step, which is more in line with the long-term business development needs of 5G.

ToB UPF is deployed at the center, regional, edge, and enterprise campus levels. The selection of ToB UPF mainly considers the following four aspects:

✦ Summary

The requirements of UPF for throughput, latency, functions, application scenarios, and forms at each level of typical deployment of UPF (center, region, edge, and enterprise park) are shown in Table 1.

Table 1. UPF deployment requirements

5. Conclusion

5G changes society and serves all walks of life, with very high requirements for user experience. UPF is one of the most important network elements in the core network and must have telecom-grade product quality.

As the core function of 5G data processing and forwarding, UPF has gradually become a bridgehead for operators to serve vertical industries, and is gradually moving from the "core" to the industrial user's park. As an important network node to promote the integration of 5G with various industries, UPF should achieve a combination of large-scale deployment and deployment closer to the customer side to meet customer needs and serve various industries.

The sinking of UPF requires the joint support of the transmission network and the IP bearer network, which also means the sinking of the edge cloud. The edge UPF not only needs to be interoperable with the operator's communication network cloud, but also needs to collaborate with the operator's IT cloud and third-party public cloud to fully promote the cloud-network integration capability and cloud-edge collaboration capability.

Currently, the N4 interface between UPF and SMF is not fully open, and the service-oriented capabilities are not fully realized. In order to meet the needs of lightweight, low-cost, and flexible deployment in vertical industries, China Mobile has proposed the OpenUPF Partner Program, which defines open UPF from four aspects: open interface, equipment, service, and intelligence, improves network capabilities and business flexibility, and helps 5G integrate into various industries and serve the public.

References

[1] 5G Network Architecture and FMC. Joe Wilke, Ericsson, July 2017.

[2] System architecture for the 5G System (5GS). 3GPP R-16.

[3] “Discussion on 5G MEC Traffic Offload Scheme”, He Yufeng, Lin Yilin, Shan Yuwei,

https://www.sohu.com/a/426534368_354885

[4] “Edge UPF Device Specification for Vertical Industries”, 1.0.0, China Mobile.

[5] “White Paper on Full-Scenario UPF Deployment”, ZTE Corporation, October 2020.

[This article is an original article by 51CTO columnist "Mobile Labs". Please contact the original author for reprinting.]

Click here to read more articles by this author