How UPF allocates the UE IP through DHCP server
These stages show the process in which the UPF allocates the UE IP address through external DHCP server:
-
Session establishment request: The SMF sends the UE IP Address IE in PDI IE within the PFCP Session Establishment Request message to the UPF, if the SMF is configured to obtain UE IP addresses from the UPF.
This message contains the VLAN ID(s) in the Create PDR IE in UE IP Address Pool Identity IE and either or both of these message bits are set to one:
-
CHOOSE IPV4 (CHV4): SMF requests the UPF for IPv4 address allocation.
-
CHOOSE IPV6 (CHV6): SMF requests the UPF for IPv6 address allocation.
-
-
DHCP subnet selection: UPF uses the received VLAN ID(s) for selecting the subnet for UE IP based on some conditions.
Learn more about the conditions in the DHCP subnet selection criteria topic.
-
DHCP configuration validation: UPF validates if the DHCP service is configured and running by checking the configuration validation criteria.
To know more about the DHCP configuration, see the Enabling DHCP-based IP allocation section.
If the DHCP configuration validation is successful, UPF accepts the PFCP Establishment Request and initiates a DHCP Discovery handshake toward DHCP server in the given subnet using the received VLAN ID. If the configuration validation fails based on the criteria, the UPF rejects the Establishment Request.
To know more about the configuration validation, see the Criteria for DHCP configuration validation section.
-
DORA or SARR handshake process initiation: UPF initiates the Discovery-Offer-Request-Acknowledge (DORA) or Solicit-Advertise-Request-Reply (SARR) handshake process for IPv4 or IPv6 address allocation respectively.
UPF broadcasts a Discovery message in case of DHCPv4 and multicasts a Solicit message in case of DHCPv6 in the subnet. UPF acts as the DHCP client Relay and uses the received VLAN information for sending the Discovery or Solicit messages.
Note
-
The UPF receives the unicast response from the DHCP server on the destination port 67.
-
UPF acts as client when it sends the broadcast DHCPDISCOVER message in the VLANs source port—68 and the dst port—67.
-
For IPv6 prefix allocation, all the messages from UPF to the DHCPv6 server include the IA_PD option, with a requested prefix length of 64.
-
-
Offer or Advertise messages: In case of IPv4, UPF receives the Offer message from the DHCPv4 server with an IPv4 address, lease time, and the server identifier.
In case of IPv6, the UPF receives a unicast Advertise message from the DHCPv6 server along with client IPv6 address, lease time, and server identifer.
-
IPv4 and IPv6 validation: UPF validates the IP addresses received from the DHCP server. The validation process differs based on the requested type of IP address, that is, IPv4 or IPv6.
-
IPv4 validation: If the CLI [ no ] skip-validation is configured, UPF validates the received IPv4 address with the SMF allocated IP chunks.
If the IPv4 validation is successful, UPF sends a Request message to the DHCP server. If the IPv4 validation fails, UPF does not send the Request message to the DHCPv4 server and the IPv4 address allocation process fails.
For an IPv4v6 Session, if IPv4 validation fails, UPF sends Sx Session Establishment Response with cause code Partial Success with IPv6 address allocated to the UE.
-
IPv6 validation: If the CLI enable ipv6-validation is configured, UPF sends a Request message to the DHCPv6 server. The DHCPv6 server sends a Reply message to the UPF.
For IPv6, prefix validation is done after receiving the Reply message in the SARR handshake.
If the IPv6 validation is unsuccessful, UPF will send a DHCP DECLINE message to DHCPv6 server to indicate that the UPF will not use the IPv6 address given by DHCPv6 server.
For an IPv4v6 Session, if IPv6 validation fails, UPF sends Sx Session Establishment Response with cause code Partial Success with IPv4 address allocated to the UE.
Know more about the criteria and process of IPv4 and IPv6 validation addresses in the Validation of IP addresses from DHCP server and SMF section.
-
-
Renew and rebind:
-
Renew request: UPF tries to renew the lease when the allocated lease time is about to expire. In this case, UPF unicasts a renew request to the DHCP server at 50% (T1 threshold) of the allocated lease time.
If the DHCP server does not respond to the renew request, the UPF retries the renew request until the maximum retries exhaust.
If the server replies with NAK (Negative Acknowledgement), it implies that the lease cannot be extended. The UPF then purges the call and informes the SMF.
For the IPv6 address, the renew request goes at the T1 timer value in the Reply packet.
-
Rebind request: If the DHCP server does not respond to the renew request even after the maximum retries exhaust, the DHCP server broadcasts the rebind request when the allocated lease is at 88% (T2 threshold) of the allocated lease time.
If the DHCP server does not respond to the rebind request, the UPF retries the rebind request until the maximum retries are exhausted. If the DHCP server does not respond even after maximum retries are exhausted, and the allocated lease gets expired, the call gets purged. The UPF notifies about the call deletion to the SMF.
If the server replies with NAK, it implies that the lease cannot be extended. The UPF then purges the call and informs the SMF.
For IPv6 address, the rebind packet goes at the T2 timer values in the Reply packet.
The values of the T1 and T2 thresholds are configurable.
To know more about configuring T1 and T2 thresholds, see the DHCP Service Configuration Mode Commands chapter in the Command Line Interface Reference, Modes C - D, StarOS Release 21.28 guide.
Note
EPFAR configuration is mandatory to handle renew/rebind failure, and if not configured UPF will do a local purge leading to mismatch between SMF and UPF.
-
-
Session deletion: UPF locally purges the session and sends an indicationtion to SMF that UPF has deleted the call in session report request, once the lease time is expired.
SMF sends a PFCP session Deletion request over the N4 interface to UPF. Upon receiving the PFCP Session Deletion Request message from SMF, the UPF initiates a fire-and-forget DHCP release request toward the DHCP server.
DHCP subnet selection criteria
The UPF interprets the UE IP Address Pool Identity IE as the VLAN ID for selecting IPv4 subnet according to these conditions:
When N4 session establishment contains... |
And Create PDR IE contains ... |
Then ... |
---|---|---|
only CHOOSE IPV4 bit |
single UE IP Address Pool Identity IE |
UPF interprets as VLAN to identify the subnet for IPv4 IP address allocation. |
only CHOOSE IPV4 bit |
more than one UE IP Address Pool Identity IEs |
UPF ignores additional occurrences of the UE IP Address Pool Identity IE. |
only CHOOSE IPV6 bit |
single UE IP Address Pool Identity IE |
UPF interprets as VLAN to identify the subnet for IPv6 IP address allocation. |
only CHOOSE IPV6 bit |
more than one UE IP Address Pool Identity IEs |
UPF ignores additional occurrences of the UE IP Address Pool Identity IE. |
both CHOOSE IPV4 and CHOOSE IPV6 bits |
single UE IP Address Pool Identity IE |
UPF rejects the Session Establishment Request with a cause code- Mandatory IE incorrect. |
both CHOOSE IPV4 and CHOOSE IPV6 bits |
two UE IP Address Pool Identity IE |
UPF interprets the first and second UE IP Address Pool Identity IEs as the VLANs to identify the subnets for IPv4 and IPv6 IP address allocations respectively. |
both CHOOSE IPV4 and CHOOSE IPV6 bits |
more than two UE IP Address Pool Identity IE |
UPF ignores the additional occurrences of the UE IP Address Pool Identity IE. |
Criteria for DHCP configuration validation
Before initiating the DORA or SARR process, UPF performs these validations:
-
If either or both CHOOSE IPV4 and CHOOSE IPV6 bits are set, then the DHCP configuration for both IPv4 and IPv6 should not be present. Otherwise, UPF sends the cause code "Mandatory IE Incorrect" to SMF.
-
If either or both CHOOSE IPV4 and CHOOSE IPV6 bits are set and IPv4 or IPv6 addresses are not present, local APN level configurations ip address alloc-method dhcp-proxy and ipv6 address alloc-method dhcpv6-proxy should be present for DHCPv4 and DHCPv6, respectively. Otherwise, UPF sends the cause code "IP Allocation Failure" to UPF.
-
The received VLAN ID should be present for either or both IPv4 and IPv6 in the configuration on UPF.
If the received VLAN ID is not present in the UPF configuration, then the UPF sends the cause code “NO RESOURCES AVAILABLE” to SMF.
-
If the DHCP server discovery is disabled and the DHCP server IP address is not configured, but the DHCPv4 service is running, then UPF sends the cause code “NO RESOURCES AVAILABLE” to SMF.
-
When unicast is enabled and the DHCP server IP addresses are also not configured, but the DHCPv6 service is running, then the UPF sends the cause code “NO RESOURCES AVAILABLE” to SMF.
-
The Slot/Port should be present and linked to the correct interfaces for IPv4 or IPv6 in the configuration. Otherwise, UPF sends the cause code “IP Allocation Failure” to SMF.
-
If either or both CHOOSE IPV4 and CHOOSE IPV6 bits are set, then the DHCP configuration for both v4 and v6 must be valid. It is required to start DHCPv4 and DHCPv6 services. Otherwise, the call gets rejected and UPF sends the cause code "IP Allocation Failure" to UPF.
Validation of IPv4 and IPv6 addresses
The UPF compares the IPv4 or IPv6 address received from the DHCP server with the chunks allocated by SMF during the DORA or SARR process.
IPv4 validation during DORA process
These stages show the IPv4 validation process during the DORA handshake process:
-
UPF sends the DHCP Discover message to the DHCPv4 server.
-
UPF receives the DHCP Offer message from the DHCPv4 server along with a client IP address, lease time, and server identifier.
UPF accepts the first Offer message it receives and ignores all the subsequent Offer messages from other DHCPv4 servers.
-
UPF validates the received IP address with the IP pool chunks sent by SMF.
If the IP validation is ...
then...
successful
UPF sends a DHCP Request message to the DHCPv4 server and receives the DHCP Acknowledgement message from the DHCPv4 server.
unsuccessful
UPF discards the Offer message and does not send a DHCP Request message to the DHCPv4 server. The UPF then rejects the session.
-
The UPF receives an Acknowledgment message from the DHCP server. The UPF validates if the IP received in the Offer and the Acknowledge messages are the same. UPF also performs other validations like lease validation, chaddr validation, server identifier validation, etc.
If the IP values received in the Offer and Acknowledgment messages are the same, UPF considers the IP validation as successful. In this case, the UPF forwards the UE IP to the SMF.
If there is a mismatch between the IP addresses received in the Offer and Acknowledgment messages, UPF considers the IP validation process as unsuccessful. In this case, the UPF sends a DHCP decline message to the DHCPv4 server and the deletes the session.
If there is a mismatch in the values of Offer packet and Acknowledgment packet except the IP address validation, then the UPF sends a DHCP release message to the DHCPv4 server.
IPv6 validation during SARR process
For IPv6 sessions, UPF performs IPv6 validation after the SARR process when the enable ipv6-validation is configured. These stages show the IPv6 validation process:
-
UPF sends the Solicit message to the DHCPv6 server.
-
UPF receives the Advertise message from the DHCPv6 server.
-
UPF sends the Request message to the DHCPv6 server.
-
UPF receives the Reply message from the DHCPv6 server.
-
UPF validates the received IPv6 address with the IPv6 pool chunks sent by SMF.
If the IP validation is ...
then...
successful
UPF sends the successful establishment response with the received IPv6 address.
unsuccessful
UPF sends DHCP DECLINE message to DHCPv6 server to indicate that the UPF will not use the IPv6 given by DHCPv6 server.
Establishment Request is rejected for IPv6 only PDN session. Establishment Request is accepted with cause code partial success for IPv4v6 PDN session.