A Long Term Evolution (LTE) wireless network includes an Evolved Universal Terrestrial Radio Access Network (E-UTRAN) (also sometimes referred to simply as the “radio access network” or “RAN”) and an Evolved Packet Core (EPC) network (also sometime referred to simply as the “core network”).
The E-UTRAN comprises a set of base stations that wirelessly communicate with user equipment (such as smartphones) using licensed radio frequency spectrum. Each base station is also generally referred to as an “eNodeB” or “eNB.”
One type of eNodeB is a “small cell” or “femtocell,” which is a lower-power base station that is typically used to provide base station capacity within a home or enterprise (such as a business or public venue such as a hospital, arena, airport, shopping center, or the like). Such small cells or femtocells are also sometimes referred to as “Home eNodeBs” or “HeNBs.”
Each eNB communicates with entities in the core network (such as, a Serving Gateway (S-GW) and a Mobility Management Entity (MME)) using the “51 interface” defined by the 3rd Generation Partnership Project (3GPP). Each eNB also communicates with other eNBs using the “X2 interface” defined by the 3GPP. These protocols are Internet Protocol (IP) based and often use public networks such as the Internet. As a result, traffic for the S1 and X2 interfaces is typically secured using one or more Internet Protocol Security (IPSec) tunnels.
A central security gateway (SeGW) function is typically implemented between an operator's core network and each eNB to secure communications between the core network and the eNB. The central SeGW function can be implemented as a separate physical entity or can be implemented as a part of another node.
In one configuration, both S1-interface traffic and X2-interface traffic for an eNodeB pass through the central security gateway. That is, even though the X2-interface traffic is communicated to another eNodeB and not to an entity in the core network, the X2-interface traffic is communicated back to the security gateway used for S1-interface traffic. This configuration is also referred to here as an “X2 Star” architecture. In the X2 Star architecture, IPSec Tunnel Mode (defined by the relevant IPSec standard) is used for X2-interface communications between two eNodeBs. A first IPSec tunnel is established between a first eNodeB and the central SeGW, and a second IPSec tunnel is established between a second eNodeB and the central SeGW. The central SeGW assigns a respective tunnel inner address (TIA) to the first and second eNodeBs, which are used as the transport network layer (TNL) addresses for communications that occur over the IPSec tunnels.
In another configuration, X2-interface traffic is not communicated back to the central security gateway used for S1-interface traffic but instead is communicated directly between the eNodeBs. This configuration is also referred to here as an “X2 Mesh” architecture. In the X2 Mesh architecture, IPSec Transport Mode (defined by the relevant IPSec standard) is used for X2-interface communications between two eNodeBs.
The 3GPP LTE technical specifications (specifically 3GPP TS 36.300) describe a procedure for TNL address discovery that can be used to determine a suitable TNL address for X2-interface communications. However, this TNL address discovery procedure does not support the X2 Mesh architecture, since it is configured to discover the central SeGW-assigned TIA address of a target eNodeB. The TIA address, by itself, is not sufficient to use IPSec Transport Mode for X2-interface communications with the X2 Mesh architecture.