In this blog, we will analyze how to build a Private 5G network.
Private 5G network can be implemented in two ways.
1) Isolated 5G LAN built by enterprise (Local 5G Frequency, Full Private, No-Sharing)
2) Isolated 5G LAN built by mobile operator (Licensed Frequency, Full Private, No-Sharing)
3) RAN sharing between private network and public network
4) RAN and Control Plane Sharing between private and public network
5) RAN and Core Sharing (End-to-End Network Slicing) between private and public network
6) N3 LBO (Local Breakout)
7) F1 LBO (Local Breakout)
1) Isolated 5G LAN built by the enterprises (Local 5G Frequency, Full Private, No-Sharing)
Enterprise deploys 5G Network Full Set (gNB, UPF, 5GC CP, UDM, MEC) within its premise(site/building). The 5G frequency in the enterprise is Local 5G frequency, not mobile operators' Licensed frequency. This is a constructable architecture in the case of countries where this private frequency is allocated by government(At present, advanced countries such as Japan, Germany and the United States are possible).
Who builds: In this case, usually enterprises build their own private 5G networks, but depending on the government policy of each country, third parties, including mobile network operators, may build private 5G networks for enterprises.
Enterprises can build their own 5G LAN using local 5G frequency, freeing them from the traditional wired LAN and the wireless LAN's annoyance (LAN cable wiring work of wired LAN, short distance, security concern and network stability of wireless LAN). In addition, the ultra-low latency and ultra-connectivity capabilities of 5G technology enable the creation of new enterprise applications or optimization of existing applications.
Pros: As there are independent 5G network full sets in the enterprise on premise,
2) Isolated 5G LAN built by Mobile Operators (Licensed 5G Frequency, Full Private, No-Sharing)
The private 5G network architecture is the same as 1). The only difference with 1) is that Mobile operators build and operate 5G LAN in the enterprise with their own licensed 5G Frequency.
UPF, 5GC CP, UDM, and MEC are deployed in the enterprise and physically separated from the public network.
Only 5G base stations (gNBs) located within the enterprise are shared between private and public network (RAN Sharing).
Data traffic (■) of the devices belonging to the private slice (private network) is delivered to the private UPF in the enterprise, data traffic (■) of the devices belonging to the public slice (public network) is delivered to the UPF in the mobile operator's edge cloud. In other words, private network traffic such as in-house device control data, in-house video data, etc. stays in the enterprise only, and public network service traffic such as voice and Internet are transferred to the mobile operator's network. Although the base stations are not physically but logically separated, it is almost difficult to collect the data information in the private network at the RAN level, so the security of private network data traffic in the enterprise is also confirmed.
Private and dedicated 5GC CP and UDM are built in the enterprise, so subscription information and operation information of private network devices in the enterprise are stored and managed in-house so that they do not leak outside the enterprise.
UPF and MEC are located in the enterprise, providing ultra low delay communication between device-gNB-UPF-MEC, making it suitable for companies using URLLC applications such as autonomous driving and real-time robot / drone control.
Private and dedicated UPF, MEC are built in enterprise. 5G base stations (gNBs) in enterprise and 5GC CPs, UDMs in mobile operator's edge cloud are shared between private and public networks (RAN and Control Plane Sharing). The gNB, 5GC CP, and UDM are logically separated between the private network and the public network, and the UPF and MEC are physically separated.
Data traffic (■) of the devices belonging to the private slice (private network) is delivered to the private UPF in the enterprise, data traffic (■) of the devices belonging to the public slice (public network) is delivered to the UPF on the edge of the mobile operator. In other words, private network traffic such as in-house device control data, in-house video data, etc. stays in the enterprise only, and public network service traffic such as voice and Internet are transferred to the mobile operator's network. Like 3) RAN Sharing, the security of data traffic within the enterprise is also clear.
Control plane functions (authentication, mobility, etc.) for private network devices and public network devices are performed by 5GC CP and UDM in mobile operator's networks.
That is, the private network devices, gNB and UPF in the enterprise are interworked with and managed by the mobile operator's network (via N2, N4 interface). It may be a concern for that the operation information and subscription information of the private network devices are stored in the mobile operator's server rather than in-house.
Since UPF and MEC are located in the enterprise, it provides ultra low delay communication between device-gNB-UPF-MEC and is suitable for companies using URLLC applications such as autonomous driving and real-time robot / drone control.
This is the case when only gNB is deployed inside the enterprise and UPF and MEC exist only in the mobile operator's edge cloud. Private network and public network share "logically separated 5G RAN and Core" (gNB, UPF, 5GC, MEC, UDM) (End-to-End Network Slicing).
Unlike 3, 4 where UPF and MEC are located in the enterprise, in this case there is only gNB in the enterprise. Therefore, there is no local traffic path between the private 5G devices and the intranet (LAN) devices such as PCs or local intranet servers, so the traffic must go up to the UPF in the edge cloud of the operator and then come back inside the enterprise through a leased line to communicate with the LAN devices.
In addition, MEC, which provides 5G application services to 5G devices in the enterprise, is located in the edge cloud of the mobile operator far from the devices.
In this architecture, network latency (RTT) can be a major problem, depending on the distance between the enterprise (5G devices) and the operator's edge cloud (UPF, MEC).
Since the traffic of private network devices is transferred from the enterprise to the mobile operator's network, there is a concern about data traffic security. While mobile operator will slice UPF and MEC on its edge cloud to keep our private network traffic separate from public and other private network traffic, timid CEOs are concerned about the fact that e.g., their internal CCTV video traffics are leaking outside their enterprise.
As with case 4, it is disturbing for an enterprise to have operational and subscription information stored on a mobile operator's network rather than on the company's private network.
This architecture costs the least to build a private 5G network for mobile operators compared to case 2, 3 and 4 that require the deployment of UPF and/or 5GC CP inside the enterprise.
However, the enterprise has concerns in aspect of security (data traffic generated from private network terminals, subscription information and operational information of private network devices) and network delay (between private 5G devices and MEC application servers, and between private 5G devices and intranet/LAN devices).
6) N3 LBO (Local Breakout): Case of SK Telecom in Korea
As shown in above (a), gNB is deployed in the enterprise as in case 5. N3 GTP Tunnel is created between gNB and UPF when a device is connected, whether CCTV camera or smartphone. These devices are all public network devices.
As shown in above (b), the enterprise introduces MEC Data Plane (non-3GPP equipment, ETSI MEC) and MEC Applications (MEC Applications). The Mobile Edge Platform (MEP) in the mobile operator's Orchestrator sends a traffic rule to the MEC DP via the Mp2 interface (If Destination IP address is a Local Network - private 5G devices, local wired LAN devices, local MEC application servers - then Local Breakout!).
The MEC DP looks at the destination IP addresses of the packets belonging to all GTP Tunnels coming up from the gNB (GTP Decap) and routes the User IP packet to the internal private network if it is local traffic.
Although this method is not standard method of 3GPP, it will be possible to separate private network traffic from public traffic.
(This is the ETSI MEC's Bump in the Wire method).
Compared to case 5, private network traffic is not transferred to the mobile operator's network, so the security of private network data traffic is also as clear as case 3 and 4.
Unlike case 3 and 4, the cost of building a private 5G network is greatly reduced (UPF is the most expensive equipment among the 5G standard equipments) by adding low-cost MEC DP (actually, SDN/P4 switch) without having to bring expensive UPFs into the enterprise.
In addition, because the MEC also exists in the enterprise and handles the traffic that MEC DP breakouts, it will be able to provide ultra-low delay application services.
However, since MEC DP is not 3GPP UPF, MEC DP cannot perform mobility management and charging function for private network devices.
(Of course, MEC DP can implement some of these functions since the operator can make a proprietary specification that implements these capabilities)
As with case 4 and 5, it is disturbing for an enterprise to have operational and subscription information stored on a mobile operator's network rather than on the company's private network.
7) F1 LBO (Local Breakout): Case of KT in Korea
The same as in case 6, but the difference is that only the RU/DU in the enterprise is deployed and the CU is placed in the mobile network's edge cloud, and that private network traffic is locally-breakouted from the F1 interface, not from the N3 interface.
There is always a plurality of ideas in every choice situation in any field. We want to have the prettiest and most coveted option first.
But which option to choose at the final stage of selection is "What do I need?" and "How much money do I have?"
Similarly, the architectures of the Private 5G network described above have their respective advantages and disadvantages, and one architecture is not optimal for all situations. Each enterprise can choose an architecture that is optimized for them based on their requirements and implementation/operating budget they have.