16 Usage of RADIUS on Gi interface

09.613GPPGeneral Packet Radio Service (GPRS)Interworking between the Public Land Mobile Network (PLMN) supporting GPRS and Packet Data Networks (PDN)TS

A GGSN may, on a per APN basis, use RADIUS authentication to authenticate a user and RADIUS accounting to provide information to an AAA (Authentication, Authorization and Accounting) server.

16.1 RADIUS Authentication

RADIUS Authentication shall be used according to RFC2865 [21].

The RADIUS client function may reside in a GGSN. When the GGSN receives a Create PDP Context request message the RADIUS client function may send the authentication information to an authentication server, which is identified during the APN provisioning.

The authentication server checks that the user can be accepted. The response (when positive) may contain network information, such as an IP address for the user.

The information delivered during the Radius authentication can be used to automatically correlate the users identity (the MSISDN or IMSI) to the IP-address, assigned/confirmed by the GGSN or the authentication server respectively. The same procedure applies, in case of sending the authentication to a ‘proxy’ authentication server.

RADIUS Authentication is only applicable to the primary PDP context. When the GGSN receives an Access-Accept message from the authentication server it shall complete the PDP context activation procedure. If Access-Reject or no response is received, the GGSN shall reject the PDP Context Activation attempt with a suitable cause code, e.g. User Authentication failed.

16.2 RADIUS Accounting

RADIUS Accounting shall be used according to RFC 2866 [22].

The RADIUS accounting client function may reside in a GGSN. The RADIUS accounting client may send information to an accounting server, which is identified during the APN provisioning. The accounting server may store this information and use it to automatically identify the user. This information can be trusted because the GPRS network has authenticated the subscriber (i.e. SIM card and possibly other authentication methods).

RADIUS Accounting-Request Start and Stop messages may be used during both primary and secondary PDP context activation and deactivation procedures respectively.

The use of Accounting-Request STOP and in addition the Accounting ON and Accounting OFF messages may be used to ensure that information stored in the accounting server is synchronised with the GGSN information.

If the AAA server is used for IP address assignment, then, upon reception of a RADIUS Accounting-Request STOP message for all PDP contexts associated to a session defined by APN and IMSI or MSISDN, the AAA server may make the associated IP address available for assignment.

In order to avoid race conditions, the GGSN shall include a 3GPP Vendor-Specific sub-attribute "Session Stop indicator" when it sends the Accounting-Request STOP for the last PDP context of a PDP session and the PDP session is terminated (i.e. the IP address and all GTP tunnels can be released). The AAA server shall not assume the PDP session terminated until an Accounting-Request STOP with the Session Stop indicator is received.

16.3 Authentication and accounting message flows

16.3.1 IP PDP type

Figure 22 represents the RADIUS message flows between a GGSN and an Authentication, Authorization and Accounting (AAA) server.

NOTE 1: If some external applications require RADIUS Accounting request (Start) information before they can process user packets, then the selected APN (GGSN) may be configured in such a way that the GGSN drops user data until the Accounting Response (START) is received from the AAA server. The GGSN may wait for the Accounting Response (START) before sending the CreatePDPContextResponse. The GGSN may reject the PDP context if the Accounting Response (START) is not received.

NOTE 2: Separate accounting and authentication servers may be used.

NOTE 3: The Access-Request message shall be used for primary PDP context only.

Figure 22: RADIUS message flow for PDP type IP (successful user authentication case)

When a GGSN receives a Create PDP Context Request message for a given APN, the GGSN may (depending on the configuration for this APN) send a RADIUS Access-Request to an AAA server. The AAA server authenticates and authorizes the user. If RADIUS is also responsible for IP address allocation the AAA server shall return the allocated IP address in the Access-Accept message.

Even if the GGSN was not involved in user authentication (e.g. transparent network access mode), it may send a RADIUS Accounting-Request START message to an AAA server. This message contains parameters, e.g. the tuple which includes the user-id and IP address, to be used by application servers (e.g. WAP gateway) in order to identify the user. This message also indicates to the AAA server that the user session has started.

If some external applications require RADIUS Accounting request (Start) information before they can process user packets, then the selected APN (GGSN) may be configured in such a way that the GGSN drops user data until the Accounting Response (START) is received from the AAA server. The GGSN may wait for the Accounting Response (START) before sending the CreatePDPContextResponse. The GGSN may reject the PDP context if the Accounting Response (START) is not received. The authentication and accounting servers may be separately configured for each APN.

When the GGSN receives a Delete PDP Context Request message and providing a RADIUS Accounting-Request START message was sent previously, the GGSN shall send a RADIUS Accounting-Request STOP message to the AAA server, which indicates the termination of this particular user session. The GGSN shall immediately send a Delete PDP context response, without waiting for an Accounting-Response STOP message from the AAA server.

The AAA server shall deallocate the IP address (if any) initially allocated to the subscriber, if there is no session for the subscriber.

Accounting-Request ON and Accounting-Request OFF messages may be sent from the GGSN to the AAA server to ensure the correct synchronization of the session information in the GGSN and the AAA server.

The GGSN may send an Accounting-Request ON message to the AAA server to indicate that a restart has occurred. The AAA server may then release the associated resources.

Prior to a scheduled restart, the GGSN may send Accounting-Request OFF message to the AAA server. The AAA server may then release the associated resources.

If an Access-Challenge is sent to the GGSN when an Access-Request message is pending and when IP PDP type is used, the GGSN shall silently discard the Access-Challenge message and it shall treat an Access-Challenge as though it had received an Access-Reject instead RFC 2865 [21].

16.3.2 Void

Figure 23: Void

16.3.3 Accounting Update

During the life of a PDP context some information related to this PDP context may change (i.e. SGSN address if a Inter‑SGSN RA update occurs). Upon reception of an UpdatePDPContextRequest from the SGSN, the GGSN may send an Accounting Request Interim-Update to the AAA server to update the necessary information related to this PDP context (see figure 24). In such a case, the GGSN need not wait for the RADIUS AccountingResponse from the AAA server message before sending the UpdatePDPContextResponse to the SGSN. The GGSN may delete the PDP context if the AccountingResponse is not received from the AAA.

NOTE: As shown the GGSN need not wait for the RADIUS AccountingResponse from the AAA server message to send the UpdatePDPContextResponse to the SGSN. The GGSN may delete the PDP context if the AccountingResponse is not received from the AAA.

Figure 24: RADIUS for PDP context Update

16.3.4 AAA-Initiated PDP context termination

RADIUS is used as the protocol between the GGSN and a AAA server or proxy for applications (e.g. MMS) to deliver information related to GPRS user session. However some IP applications could need to interwork with the GGSN to terminate a particular PDP context. For this purpose, the AAA server or proxy may send a RADIUS Disconnect Request to the GGSN. As depicted in figure 25, the GGSN may react by deleting the corresponding PDP context or silently discard the Disconnect Request message. For more information on RADIUS Disconnect, see RFC 2882 [24]. If the GGSN deletes the corresponding PDP context, it need not wait for the DeletePDPContextResponse from the SGSN before sending the RADIUS DisconnectResponse to the AAA server.

NOTE: As showed on figure 25, the GGSN need not wait for the DeletePDPContextResponse from the SGSN to send the RADIUS DisconnectResponse to the AAA server.

Figure 25: PDP Context deletion with RADIUS

16.4 List of RADIUS attributes

The following tables describe the actual content of the RADIUS messages exchanged between the GGSN and the AAA server. Other RADIUS attributes may be used as defined in RADIUS rfc(s). Unless otherwise stated, when the encoding scheme of an attribute is specified as UTF-8 encoding, this shall be interpreted as UTF-8 hexadecimal encoding.

16.4.1 Access-Request message (sent from the GGSN to AAA server)

The table 1 describes the attributes of the Access-Request message.

Table 1: The attributes of the Access-Request message

Attr #

Attribute Name

Description

Content

Presence Requirement

1

User-Name

Username is provided by the user (extracted from the Protocol Configuration Options (PCO) field of the Create PDP Context Request message). If no username is available a generic username, configurable on a per APN basis, shall be present.

String

Mandatory

2

User-Password

User password provided by the user if PAP is used (extracted from the PCO field of the Create PDP Context Request message). If no password is available a generic password, configurable on a per APN basis, shall be present.

String

Conditional

Note 1

3

CHAP-Password

User password provided by the user if CHAP is used (extracted from the PCO field of the Create PDP Context Request message).

String

Conditional

Note 2

4

NAS-IP-Address

IP address of the GGSN for communication with the AAA server.

IPv4

Conditional

Note 3

32

NAS-Identifier

Hostname of the GGSN for communication with the AAA server.

String

Conditional

Note 3

6

Service-Type

Indicates the type of service for this user

Framed

Optional

7

Framed-Protocol

Indicates the type of protocol for this user

7 (GPRS PDP Context)

Optional

8

Framed-IP-Address

IP address allocated for this user

IPv4

Conditional

9

Framed-IP-Netmask

Netmask for the user IP address

IPv4

Conditional

30

Called-Station-Id

Identifier for the target network

APN (UTF-8 encoded)

Mandatory

31

Calling-Station-Id

This attribute is the identifier for the MS, and it shall be configurable on a per APN basis.

MSISDN in international format according to 3GPP TS 03.03 [23], UTF-8 encoded decimal. Note that there are no leading characters in front of the country code.

Optional

60

CHAP-Challenge

Challenge if CHAP is used (extracted from the PCO field of the Create PDP Context Request message).

String

Conditional

Note 2

61

NAS-Port-Type

Port type for the GGSN

As per RFC 2865 [21]

Optional

26/10415

3GPP Vendor-Specific

Sub-attributes according subclause 16.4.7

See subclause 16.4.7

Optional except sub-attribute 3 which is conditional

NOTE 1: Shall be present if PAP is used.

NOTE 2: Shall be present if CHAP is used.

NOTE 3: Either NAS-IP-Address or NAS-Identifier shall be present.

16.4.2 Access-Accept (sent from AAA server to GGSN)

Table 2 describes the attributes of the Access-Accept message.

Table 2: The attributes of the Access-Accept message

Attr #

Attribute Name

Description

Content

Presence Requirement

1

User-Name

Username received in the Access-Request message or a substitute username provided by the AAA server. If the User-Name has been received in the Access-Accept message, this user-name shall be used in preference to the above

String

Optional

6

Service-Type

Indicates the type of service for this user

Framed

Optional

7

Framed-Protocol

Indicates the type of protocol for this user

7 (GPRS PDP Context)

Optional

8

Framed-IP-Address

IP address allocated for this user, if the AAA server is used to allocate IP address.

IPv4

Conditional

9

Framed-IP-Netmask

Netmask for the user IP address, if the AAA server is used to allocate IP netmask.

IPv4

Conditional

12

Framed-IP-MTU

MTU for the user towards this particular APN, MTU shall be less or equal to 1500

String

Optional

25

Class

Identifier to be used in all subsequent accounting messages.

String

Optional (Note)

27

Session-Timeout

Indicates the timeout value (in seconds) for the user session

32 bit unsigned Integer

Optional

28

Idle-Timeout

Indicates the timeout value (in seconds) for idle user session

32 bit unsigned Integer

Optional

26/311

MS- primary-DNS-server

Contains the primary DNS server address for this APN

Ipv4

Optional

26/311

MS-Secondary-DNS-Server

Contains the secondary DNS server address for this APN

IPv4

Optional

26/311

MS-Primary-NBNS-Server

Contains the primary NetBios name server address for this APN

IPv4

Optional

26/311

MS-Secondary-NBNS-Server

Contains the secondary NetBios server address for this APN

IPv4

Optional

NOTE: The presence of this attribute is conditional upon this attribute being received in the Access-Accept message.

16.4.3 Accounting-Request START (sent from GGSN to AAA server)

Table 3 describes the attributes of the Accounting-Request START message.

Table 3: The attributes of the Accounting-Request START message

Attr #

Attribute Name

Description

Content

Presence Requirement

1

User-Name

Username provided by the user (extracted from the PCO field of the Create PDP Context Request message). If no username is available a generic username, configurable on a per APN basis, shall be present. If the User-Name has been received in the Access-Accept message, this user-name shall be used in preference to the above

String

Optional

4

NAS-IP-Address

GGSN IP address for communication with the AAA server.

IPv4

Conditional

Note 1

32

NAS-Identifier

Hostname of the GGSN for communication with the AAA server.

String

Conditional

Note 1

6

Service-Type

Indicates the type of service for this user

Framed

Optional

7

Framed Protocol

Indicates the type of protocol for this user

7 (GPRS PDP Context)

Optional

8

Framed-IP-Address

User IP address

IPv4

Mandatory

25

Class

Received in the access accept

String

Conditional (Note 2)

30

Called-Station-Id

Identifier for the target network

APN (UTF-8 encoded)

Mandatory

31

Calling-Station-Id

This attribute is the identifier for the MS, and it shall be configurable on a per APN basis.

MSISDN in international format according to 3GPP TS 03.03 [23], UTF-8 encoded decimal. Note that there are no leading characters in front of the country code.

Optional

40

Acct-Status-Type

Type of accounting message

START

Mandatory

41

Acct-Delay-Time

Indicates how many seconds the GGSN has been trying to send this record for, and can be subtracted from the time of arrival on the AAA server to find the approximate time (in seconds) of the event generating this Accounting-Request.

32 unsigned integer

Optional

44

Acct-Session-Id

User session identifier.

GGSN IP address and Charging-ID concatenated in a UTF-8 encoded hexadecimal.

(Note 3)

Mandatory

45

Acct-Authentic

Authentication method

RADIUS or LOCAL

Optional

61

NAS-Port-Type

Port type for the GGSN

As per RFC 2865 [21]

Optional

26/10415

3GPP Vendor-Specific

Sub-attributes according subclause 16.4.7.

See subclause 16.4.7

Optional except sub-attribute 3 which is conditional

NOTE 1: Either NAS-IP-Address or NAS-Identifier shall be present.

NOTE 2: The presence of this attribute is conditional upon this attribute being received in the Access-Accept message.

NOTE 3: The GGSN IP address is the same as that used in the GCDRs.

16.4.4 Accounting Request STOP (sent from GGSN to AAA server)

Table 4 describes the attributes of the Accounting-Request STOP message.

Table 4: The attributes of the Accounting-Request STOP message

Attr #

Attribute Name

Description

Content

Presence Requirement

1

User-Name

Username provided by the user (extracted from the PCO field of the Create PDP Context Request message). If no username is available a generic username, configurable on a per APN basis, shall be present. If the User-Name has been received in the Access-Accept message, this user-name shall be used in preference to the above

String

Optional

4

NAS-IP-Address

IP address of the GGSN for communication with the AAA server.

IPv4

Conditional

Note 1

32

NAS-Identifier

Hostname of the GGSN for communication with the AAA server.

String

Conditional

Note 1

6

Service-Type

Indicates the type of service for this user

Framed

Optional

7

Framed Protocol

Indicates the type of protocol for this user

7 (GPRS PDP Context)

Optional

8

Framed-IP-Address

User IP address

IPv4

Mandatory

25

Class

Received in the access accept

String

Optional (Note 2)

30

Called-Station-Id

Identifier for the target network

APN (UTF-8 encoded)

Mandatory

31

Calling-Station-Id

This attribute is the identifier for the MS, and it shall be configurable on a per APN basis.

MSISDN in international format according to 3GPP TS 03.03 [23], UTF-8 encoded. Note that there are no leading characters in front of the country code.

Optional

40

Acct-Status-Type

Indicates the type of accounting request

STOP

Mandatory

41

Acct-Delay-Time

Indicates how many seconds the GGSN has been trying to send this record for, and can be subtracted from the time of arrival on the AAA server to find the approximate time of the event generating this Accounting-Request

Second

Optional

42

Acct-Input-Octets

GGSN counted number of octets sent by the user for the PDP context

32 bit unsigned integer

Optional

43

Acct-Output-Octets

GGSN counted number of octets received by the user for the PDP context

32 bit unsigned integer

Optional

44

Acct-Session-Id

User session identifier.

GGSN IP address and Charging-ID concatenated in a UTF-8 encoded hexadecimal.

(Note 3)

Mandatory

45

Acct-Authentic

Authentication method

RADIUS or LOCAL

Optional

46

Acct-Session-Time

Duration of the session

Second

Optional

47

Acct-Input-Packets

GGSN counted number of packets sent by the user

Packet

Optional

48

Acct-Output-Packets

GGSN counted number of packets received by the user

Packet

Optional

49

Acct-Terminate-Cause

Indicate how the session was terminated

See RFC 2866 [22]

Optional

61

NAS-Port-Type

Port type for the GGSN

As per RFC 2865 [21]

Optional

26/10415

3GPP Vendor-Specific

Sub-attributes according to subclause 16.4.7.

See subclause 16.4.7

Optional except sub-attribute 3 which is conditional

NOTE 1: Either NAS-IP-Address or NAS-Identifier shall be present.

NOTE 2: The presence of this attribute is conditional upon this attribute being received in the Access-Accept message.

NOTE 3: The GGSN IP address is the same as that used in the GCDRs.

16.4.5 Accounting Request ON (optionally sent from GGSN to AAA server)

Table 5 describes the attributes of the Accounting-Request ON message.

Table 5: The attributes of the Accounting-Request ON message

Attr #

Attribute Name

Description

Content

Presence Requirement

4

NAS-IP-Address

IP address of the GGSN for communication with the AAA server.

IPv4

Conditional

Note

30

Called-Station-ID

Identifier for the target network.

APN (UTF-8 encoded)

Optional

32

NAS-Identifier

Hostname of the GGSN for communication with the AAA server.

String

Conditional

Note

NOTE: Either NAS-IP-Address or NAS-Identifier shall be present.

16.4.6 Accounting Request OFF (optionally sent from GGSN to AAA server)

Table 6 describes the attributes of the Accounting-Request OFF message.

Table 6: The attributes of the Accounting-Request OFF message

Attr #

Attribute Name

Description

Content

Presence Requirement

4

NAS-IP-Address

IP address of the GGSN for communication with the AAA server.

IPv4

Conditional

Note

30

Called-Station-ID

Identifier for the target network.

APN (UTF-8 encoded)

Optional

32

NAS-Identifier

Hostname of the GGSN for communication with the AAA server.

String

Conditional

Note

NOTE: Either NAS-IP-Address or NAS-Identifier shall be present.

16.4.7 Sub-attributes of the 3GPP Vendor-Specific attribute

Table 7 describes the sub-attributes of the 3GPP Vendor-Specific attribute of the Access-Request, Accounting-Request START, Accounting-Request STOP and Accounting-Request Interim-Update messages.

Table 7: The sub-attributes of the 3GPP Vendor-Specific attribute of the Access-Request,
Accounting-Request START, Accounting-Request STOP and
Accounting-Request Interim-Update messages

Sub-attr #

Sub-attribute Name

Description

Presence Requirement

Associated attribute

(Location of Sub-attr)

1

3GPP-IMSI

IMSI for this user

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

2

3GPP-Charging-Id

Charging ID for this PDP Context (this together with the GGSN-Address constitutes a unique identifier for the PDP context).

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

3

3GPP-PDP Type

Type of PDP context, i.e. IP

Conditional

(mandatory if attribute 7 is present)

Access-Request,

Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

4

3GPP-CG-Address

Charging Gateway IP address

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

5

3GPP-GPRS-Negotiated-QoS-Profile

QoS profile applied by GGSN

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

6

3GPP-SGSN-Address

SGSN IP address that is used by the GTP control plane for the handling of control messages. It may be used to identify the PLMN to which the user is attached.

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

7

3GPP-GGSN-Address

GGSN IP address that is used by the GTP control plane for the context establishment. It is the same as the GGSN IP address used in the GCDRs.

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

8

3GPP-IMSI-MCC-MNC

MCC and MNC extracted from the user’s IMSI (first 5 or 6 digits, as applicable from the presented IMSI).

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

9

3GPP-GGSN- MCC-MNC

MCC-MNC of the network the GGSN belongs to.

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

10

3GPP-NSAPI

Identifies a particular PDP context for the associated PDN and MSISDN/IMSI from creation to deletion.

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP Accounting-Request Interim-Update

11

3GPP- Session-Stop-Indicator

Indicates to the AAA server that the last PDP context of a session is released and that the PDP session has been terminated.

Optional

Accounting Request STOP

12

3GPP- Selection-Mode

Contains the Selection mode for this PDP Context received in the Create PDP Context Request Message

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

18

3GPP-SGSN-MCC-MNC

MCC and MNC extracted from the RAI within the Create PDP Context Request or Update PDP Context Request message.

Optional

Access-Request, Accounting-Request START, Accounting-Request STOP, Accounting-Request Interim-Update

The RADIUS vendor Attribute is encoded as follows (as per RFC 2865 [21])

Bits

Octets

8

7

6

5

4

3

2

1

1

Type = 26

2

Length = n

3

Vendor id octet 1

4

Vendor id octet 2

5

Vendor id octet 3

6

Vendor id octet 4

7-n

String

n  7

3GPP Vendor Id = 10415

The string part is encoded as follows:

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type =

2

3GPP Length = m

3 –m

3GPP value

m  2 and m  248

The 3GPP specific attributes encoding is clarified below.

1 – 3GPP-IMSI

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 1

2

3GPP Length= m

3-m

IMSI digits 1-n (UTF-8 encoded)

3GPP Type: 1

n  15

Length: m  17

IMSI value: Text:

This is the UTF-8 encoded IMSI; The definition of IMSI shall be in accordance with 3GPP TS 03.03 [23] and 3GPP TS 09.60 [31]. There shall be no padding characters between the MCC and MNC, and between the MNC and MSIN. If the IMSI is less than 15 digits, the padding in the GTP information element shall be removed by the GGSN and not encoded in this sub-attribute.

2 – 3GPP-Charging ID

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 2

2

3GPP Length= 6

3

Charging ID value Octet 1

4

Charging ID value Octet 2

5

Charging ID value Octet 3

6

Charging ID value Octet 4

3GPP Type: 2

Length: 6

Charging ID value: 32 bits unsigned integer

3 – 3GPP-PDP type

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 3

2

3GPP Length= 6

3

PDP type octet 1

4

PDP type octet 2

5

PDP type octet 3

6

PDP type octet 4

3GPP Type: 3

Length: 6

PDP type value: Unsigned 32 bits integer

PDP type octet possible values:

0 = IP

4 – 3GPP-Charging Gateway address

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 4

2

3GPP Length= 6

3

Charging GW addr Octet 1

4

Charging GW addr Octet 2

5

Charging GW addr Octet 3

6

Charging GW addr Octet 4

3GPP Type: 4

Length: 6

Charging GW address value: Address

5 – 3GPP-GPRS Negotiated QoS profile

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 5

2

3GPP Length= L

3 -L

UTF-8 encoded QoS profile

3GPP Type: 5

Length: 27 (release 99) or 11 (release 98)

QoS profile value: Text

UTF-8 encoded QoS profile syntax:

"<Release indicator> – <release specific QoS IE UTF-8 encoding>"

<Release indicator> = UTF-8 encoded number :

"98" = Release 98

"99"= Release 99

<release specific QoS profile UTF-8 encoding> = UTF-8 encoded QoS profile for the release indicated by the release indicator.

The UTF-8 encoding of a QoS IE is defined as follows: each octet is described by 2 UTF-8 encoded digits, defining its hexadecimal representation. The QoS profile definition is in 3GPP TS 04.08 [30].

The release 98 QoS profile data is 3 octets long, which then results in a 6 octets UTF-8 encoded string,

The release 99 QoS profile data is 11 octets long, which results in a 22 octets UTF-8 encoded string.

6 – 3GPP-SGSN address

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 6

2

3GPP Length= 6

3

SGSN addr Octet 1

4

SGSN addr Octet 2

5

SGSN addr Octet 3

6

SGSN addr Octet 4

3GPP Type: 6

Length: 6

SGSN address value: Address

7 – 3GPP-GGSN address

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 7

2

3GPP Length= 6

3

GGSN addr Octet 1

4

GGSN addr Octet 2

5

GGSN addr Octet 3

6

GGSN addr Octet 4

3GPP Type: 7

Length: 6

GGSN address value: Address

8 – 3GPP-IMSI MCC-MNC

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 8

2

3GPP Length= n

3

MCC digit1 (UTF-8 encoded)

4

MCC digit2 (UTF-8 encoded)

5

MCC digit3 (UTF-8 encoded)

6

MNC digit1 (UTF-8 encoded)

7

MNC digit2 (UTF-8 encoded)

8

MNC digit3 if present (UTF-8 encoded)

3GPP Type: 8

Length: n shall be 7 or 8 octets depending on the presence of MNC digit 3

MS address value: text

This is the UTF-8 encoding of the MS MCC-MNC values. In accordance with 3GPP TS 03.03 [23] and 3GPP TS 09.60 [31] the MCC shall be 3 digits and the MNC shall be either 2 or 3 digits. There shall be no padding characters between the MCC and MNC.

9 – 3GPP-GGSN MCC-MNC

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 9

2

3GPP Length= n

3

MCC digit1 (UTF-8 encoded)

4

MCC digit2 (UTF-8 encoded)

5

MCC digit3 (UTF-8 encoded)

6

MNC digit1 (UTF-8 encoded)

7

MNC digit2 (UTF-8 encoded)

8

MNC digit3 if present (UTF-8 encoded)

3GPP Type: 9

Length: n shall be 7 or 8 octets depending on the presence of MNC digit 3

GGSN address value: text

This is the UTF-8 encoding of the GGSN MCC-MNC values. In accordance with 3GPP TS 03.03 [23] and 3GPP TS 09.60 [31] the MCC shall be 3 digits and the MNC shall be either 2 or 3 digits. There shall be no padding characters between the MCC and MNC.

10 – 3GPP-NSAPI

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 10

2

3GPP Length= 3

3

NSAPI

3GPP Type: 10

Length: 3

NSAPI value: text

It is the value of the NSAPI of the PDP context the RADIUS message is related to. It is encoded as its hexadecimal representation, using 1UTF-8 encoded digit.

11 – 3GPP-Session Stop Indicator

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 11

2

3GPP Length= 3

3

1 1 1 1 1 1 1 1

3GPP Type: 11

Length: 3

Value is set to all 1.

12 – 3GPP-Selection-Mode

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 12

2

3GPP Length= 1

3

UTF-8 encoded Selection mode string

3GPP Type: 12

Length: 3

Selection mode value: Text

The format of this attribute shall be a character string consisting of a single digit, mapping from the binary value of the selection mode in the Create PDP Context message (3GPP TS 09.60 [31]). Where 3GPP TS 09.60 [31] provides for interpretation of the value, e.g. map ‘3’ to ‘2’, this shall be done by the GGSN.

18 – 3GPP-SGSN MCC-MNC

Bits

Octets

8

7

6

5

4

3

2

1

1

3GPP type = 18

2

3GPP Length= n

3

MCC digit1 (UTF-8 encoded)

4

MCC digit2 (UTF-8 encoded)

5

MCC digit3 (UTF-8 encoded)

6

MNC digit1 (UTF-8 encoded)

7

MNC digit2 (UTF-8 encoded)

8

MNC digit3 if present (UTF-8 encoded)

3GPP Type: 18

Length: n shall be 7 or 8 octets depending on the presence of MNC digit 3

SGSN address value: text

This is the UTF-8 encoding of the RAI MCC-MNC values. In accordance with 3GPP TS 03.03 [23] and 3GPP TS 09.60 [31]the MCC shall be 3 digits and the MNC shall be either 2 or 3 digits. There shall be no padding characters between the MCC and MNC.

16.4.8 Accounting Request Interim-Update (sent from GGSN to AAA server)

Table 8 describes the attributes of the Accounting-Request Interim-Update message.

Table 8: The attributes of the Accounting-Request Interim-Update message

Attr #

Attribute Name

Description

Content

Presence Requirement

1

User-Name

Username provided by the user (extracted from the PCO field of the Create PDP Context Request message). If no username is available a generic username, configurable on a per APN basis, shall be present. If the User-Name has been received in the Access-Accept message, this user-name shall be used in preference to the above

String

Optional

4

NAS-IP-Address

IP address of the GGSN for communication with the AAA server.

IPv4

Conditional

Note 1

32

NAS-Identifier

Hostname of the GGSN for communication with the AAA server.

String

Conditional

Note 1

6

Service-Type

Indicates the type of service for this user

Framed

Optional

7

Framed Protocol

Indicates the type of protocol for this user

7 (GPRS PDP Context)

Optional

8

Framed-IP-Address

User IP address

IPv4

Mandatory

25

Class

Received in the access accept

String

Optional (Note 2)

30

Called-Station-Id

Identifier for the target network

APN (UTF-8 encoded)

Mandatory

31

Calling-Station-Id

This attribute is the identifier for the MS, and it shall be configurable on a per APN basis.

MSISDN in international format according to 3GPP TS 03.03 [23], UTF-8 encoded. Note that there are no leading characters in front of the country code.

Optional

40

Acct-Status-Type

Indicates the type of accounting request

Interim-Update

Mandatory

41

Acct-Delay-Time

Indicates how many seconds the GGSN has been trying to send this record for, and can be subtracted from the time of arrival on the AAA server to find the approximate time of the event generating this Accounting-Request

Second

Optional

42

Acct-Input-Octets

GGSN counted number of octets sent by the user for the PDP context

32 bit unsigned integer

Optional

43

Acct-Output-Octets

GGSN counted number of octets received by the user for the PDP context

32 bit unsigned integer

Optional

44

Acct-Session-Id

User session identifier.

GGSN IP address and Charging-ID concatenated in a UTF-8 encoded hexadecimal.

(Note 3)

Mandatory

45

Acct-Authentic

Authentication method

RADIUS or LOCAL

Optional

46

Acct-Session-Time

Duration of the session

Second

Optional

47

Acct-Input-Packets

GGSN counted number of packets sent by the user

Packet

Optional

48

Acct-Output-Packets

GGSN counted number of packets received by the user

Packet

Optional

61

NAS-Port-Type

Port type for the GGSN

As per RFC 2865 [21]

Optional

26/10415

3GPP Vendor-Specific

Sub-attributes according to subclause 16.4.7.

See subclause 16.4.7

Optional except sub-attribute 3 which is conditional

NOTE 3: Either NAS-IP-Address or NAS-Identifier shall be present.

NOTE 4: The presence of this attribute is conditional upon this attribute being received in the Access-Accept message.

NOTE 3: The GGSN IP address is the same as that used in the GCDRs.

16.4.9 Disconnect Request (optionally sent from AAA server to GGSN)

Table 9 describes the attributes of the Disconnect-Request message.

Table 9: The attributes of the Disconnect-Request message

Attr #

Attribute Name

Description

Content

Presence Requirement

1

User-Name

Username provided by the user (extracted from the PCO field of the Create PDP Context Request message). If no username is available a generic username, configurable on a per APN basis, shall be present. If the User-Name has been sent in the Access-Accept message, this user-name shall be used in preference to the above

String

Optional

8

Framed-IP-Address

User IP address

IPv4

Mandatory

44

Acct-Session-Id

User session identifier.

GGSN IP address and Charging-ID concatenated in a UTF-8 encoded hexadecimal.

NOTE: The GGSN IP address is the same as that used in the GCDRs.

Mandatory

Annex A (informative):
Change history

Change history

Date

TSG #

TSG Doc.

CR

Rev

Subject/Comment

Old

New

s25

98-0101

A001

Access to an Intranet or ISP through GPRS

5.0.0

6.0.0

s26

98-0292

A002

Authentication protocol when accessing an intranet or ISP through GPRS

6.0.0

6.1.0

s26

98-0292

A003

Clarifications to Intranet/ISP Interworking section

6.0.0

6.1.0

s26

98-0292

A004

Architecture Diagrams

6.0.0

6.1.0

s26

98-0292

A005

Editorial review of 09.61

6.0.0

6.1.0

s26

Correction of Word 95/97 problem (incomplete incorporation of CR A003 into V6.1.0)

6.1.0

6.2.0

s27

98-0735

A006

Protocol Configuration Options at PDP context activation failure

6.2.0

6.3.0

TSG#06

NP-99431

A015

Approved CR from TSG#6 incorporated:A012 IPCP negotiation at the GGSN for non-transparent IP

6.3.0

6.4.0

09-2001

Conversion to 3GPP layout and number

6.4.0

6.5.0

09-2001

TSG#13

NP-010530

A017

2

Standard method for information delivery (MSISDN; IP address…) between GPRS and external PDN using RADIUS

6.4.0

6.5.0

12-2001

TSG#14

NP-010572

A021

1

Correction to calling station id

6.5.0

6.6.0

12-2001

TSG#14

NP-010572

A023

1

Correction to 3GPP Vendor specify attribute 3GPP-IMSI

6.5.0

6.6.0

12-2001

TSG#14

NP-010572

A025

Correction to 3GPP vendor specific attributes containing MCC-MNC

6.5.0

6.6.0

12-2001

TSG#14

NP-010672

A027

Standard method for information update between GPRS and external PDN using RADIUS

6.5.0

6.6.0

12-2001

TSG#14

NP-010672

A030

Standard method for interworking between GPRS and external PDN using RADIUS

6.5.0

6.6.0

03-2002

TSG#15

NP-020080

A031

Change of associated attribute for 3GPP-NSAPI

6.6.0

6.7.0

06-2002

TSG#16

NP-020295

A035

Corrections to the 3GPP RADIUS attributes

6.7.0

6.8.0

06-2002

TSG#16

NP-020295

A037

1

Clarification on the Radius Flows

6.7.0

6.8.0

12-2002

TSG#18

NP-020613

A039

1

RADIUS enhancement for identification of VPLMN

6.8.0

6.9.0

03-2003

TSG#19

NP-030074

A047

1

Correction of References and specification Corrections

6.9.0

6.10.0

06-2005

Removal of company specific header of figure 22

6.10.0

6.10.1