The 5G Core Network (5GC) – Part 1 – Network Entities

When network operators are ready to go beyond 5G EN-DC, which basically means that a mobile device camps on a 4G cell and a 5G cell is added for additional speed, they require a 5G core network. To find out more about the 5GC, a good starting points are 3GPP TS 23.501 (System Architecture – Stage 2), followed by 23.502 (5G Procedures – Stage 2) and 24.501 (5G NAS Protocol – Stage 3). That’s quite a lot of ground to cover and while going over them I took some notes of things that I found of particular interest. This and the following blog posts are based on these notes and perhaps invite to investigate further.

The Same But Virtual

Like in LTE before, all network entities in the 5GC have received new names and abbreviations. Like the 4G core network, the architecture is split into the signaling plane and the user data plane. Different entities are responsible for the two planes to cleanly separate them. This is the same as in LTE. From a logical point of view the big difference to LTE is that in the 5G core, network entities have been defined in a way so that they can be easily virtualized. This is different to LTE where it was assumed that a logical network element would be implemented on a physical piece of hardware. These days there are also virtualized LTE core network components but it has come more of as an afterthought rather than something that was specified from the beginning.

New Names!

Having said all of this the similarities of many things in the 4G EPC and the 5GC are still striking. The 4G Mobility Management Entity (MME) has been split into two individual functional boxes in 5G, the Access Management Function (AMF) and the Session Management Function (SMF). The Mobile, i.e. the UE (User Equipment) sends connection, mobility and session related information to the AMF over the N1 interface. The AMF then handles connection and mobility management tasks while all messages related to session management are forwarded to the SMF over the N11 interface. Whether the AMF and SMF are running in virtual machines on the same physical server, on different servers in the network or even bare metal (unlikely) has been left open in the standard and network operators can choose for themselves.

The 4G HSS has also been split into several different entities that can run in virtual machines or bare metal on the same or different physical machines. The front-end to the AMF is the Authentication Server Function (AUSF), e.g. as shown in 24.501,, while the subscription data is managed via the Universal Data Management (UDM) function and may be stored in the Unified Data Repository (UDR). I guess a further blog post is necessary to describe the relationship between those three entities. In short, these three entities combined are what would be called the HSS in 4G and the HLR in 2G/3G.

The User Plane

On the user plane, i.e. components that forward user data packets between a mobile device and an external network (e.g. the Internet), things have also slightly changed: The 4G Serving-Gateway (S-GW) and PDN-Gateway (P-GW) have been collapsed into a single entity, the User Plane Function (UPF). This perhaps addresses the fact that even in LTE, Serving- and PDN-gateways are often combined nodes anyway and it looks like UPFs can be daisy chained anyway for cases in which a separation of tasks might be beneficial. Again, I have to look up further details on how this daisy-chaining works to get a better understanding.

Nodes Become Functions

Note that all entities are now referred to as ‘functions’ and no longer as ‘nodes’, probably to emphasize their ‘virtualness’ rather than being physical entities. In addition, many parts of the core spec do not describe interfaces between two entities as in all other 3GPP specs before but describe ‘service based interfaces’, which I guess can be compared to ‘APIs’ of programming libraries in the widest sense. I haven’t yet taken a closer look at how these ‘service based interfaces’ are described in detail so I will have to come back to this point in a future post.

Two more functions I’d like to quickly mention today is the Policy Control Function (PCF), responsible for Quality of Service, similar to the PCRF in 4G. And the final function I’d like to mention today, because for German speakers it’s a funny abbreviation, is the SEPP, the Security Edge Protection Proxy of which one each sits on the link between two networks for roaming interconnect.

So much for part 1, in part 2 I’ll look at what became of the IMSI and other identifiers in the 5G system.