A technical breakdown of how data access is provisioned, managed, and terminated in mobile networks โ covering APN and DNN configuration, bearer and QoS flow architecture, DSCP packet marking, the role of data gateways, and the complete lifecycle of a mobile data session from activation to termination.
Mobile data access is the technical process by which a subscriber's device is authorised to send and receive IP packets through a mobile operator's network infrastructure. While the concept appears simple from a user perspective โ connecting to the internet from a smartphone โ the underlying process involves a sophisticated interplay of authentication, session management, policy enforcement, and real-time charging across multiple network functions.
Understanding mobile data access requires an appreciation of both the control plane โ the signalling infrastructure that establishes, modifies, and releases data sessions โ and the user plane โ the data path through which actual IP packets flow. In 5G, these two planes are explicitly separated through the Control and User Plane Separation (CUPS) architecture, providing greater flexibility in network deployment and scaling.
The control plane carries signalling messages that set up, manage, and tear down data sessions โ involving the AMF, SMF, PCF, and UDM. The user plane carries actual data packets โ managed entirely by the UPF in 5G. CUPS allows these to scale independently: a single SMF can manage thousands of UPF instances processing user traffic.
The Access Point Name (APN) in 4G/LTE and its 5G equivalent the Data Network Name (DNN) serve as the primary configuration parameter that connects a subscriber's data session to a specific external data network. When a device requests data connectivity, it specifies the desired APN/DNN, and the network uses this identifier to determine the appropriate User Plane Function (UPF), IP address pool, and policy rules for the session.
When a device attaches to a mobile network and requests a default PDU session, the following resolution process occurs. The device sends a PDU Session Establishment Request containing the desired DNN (or APN). The Session Management Function (SMF) receives this request via the AMF and validates it against the subscriber's subscription data stored in the UDM. If the subscriber is not authorised for the requested DNN, the request is rejected. If authorised, the SMF selects the appropriate UPF instance based on the DNN, the subscriber's location, and the network's UPF selection criteria (topology, capacity, and any local breakout requirements).
| DNN / APN | Session Type | IP Version | Typical AMBR | Use Case |
|---|---|---|---|---|
| internet | PDU (IPv4v6) | Dual-stack | Subscription-defined | General internet access โ default consumer DNN |
| ims | PDU (IPv6) | IPv6 only | System-defined | IMS registration for VoLTE/VoNR voice services |
| mms | PDU (IPv4) | IPv4 | Low fixed rate | MMS messaging centre connectivity |
| enterprise.corp | PDU (IPv4) | Private IPv4 | Corporate-defined | Enterprise VPN breakout to private data network |
| sos | Emergency PDU | IPv4v6 | System-defined | Emergency services โ available without subscription |
The concept of a "bearer" โ a logical data channel with defined QoS characteristics โ is central to understanding how data access is structured in LTE networks. In 5G, the bearer concept has been superseded by the more flexible QoS flow architecture, but understanding bearers remains important because much of the world's mobile data traffic still flows over 4G LTE infrastructure.
In 4G LTE, an Evolved Packet System (EPS) bearer provides a logical connection between the UE and a P-GW (Packet Data Network Gateway), carrying data with specific QoS characteristics. Two types of bearer exist: the Default Bearer, established automatically when the PDN connection is created and which provides basic internet connectivity; and Dedicated Bearers, established on demand for specific traffic flows (such as voice calls) that require different QoS treatment from the default traffic.
Each bearer is characterised by a QoS Class Identifier (QCI) value (the 4G equivalent of 5QI), and for GBR bearers, by guaranteed bitrate (GBR) and maximum bitrate (MBR) parameters. Traffic is mapped to the appropriate bearer using Traffic Flow Templates (TFTs) โ packet filters that match IP packets based on source/destination address, protocol, and port number.
5G replaces the rigid bearer model with a more flexible QoS flow architecture. Within a single PDU session, multiple QoS flows can coexist, each identified by a QoS Flow Identifier (QFI). Traffic is mapped to QoS flows using Packet Detection Rules (PDRs) configured in the UPF by the SMF. This architecture allows much finer-grained QoS differentiation โ for example, a single PDU session could simultaneously carry best-effort internet traffic, a high-priority video call, and latency-sensitive gaming traffic, each as a separate QoS flow with independent scheduling treatment in the radio scheduler.
4G bearer model vs 5G QoS flow model โ 5G provides greater flexibility with multiple differentiated flows per session
Differentiated Services Code Point (DSCP) is a 6-bit field in the IP header's DSCP field (part of the former TOS/Traffic Class octet) used to classify packets for QoS treatment at IP routers. In mobile networks, DSCP marking plays a role in both the UE-to-UPF path (within the operator's network) and in the interconnection between the operator's network and the public internet or CDN providers.
The DSCP value determines the Per-Hop Behaviour (PHB) applied to a packet at each router along its path. The most commonly used PHBs in mobile network backhaul and interconnect are Expedited Forwarding (EF, DSCP 46) for high-priority low-latency traffic such as VoIP; Assured Forwarding classes (AF11โAF43, DSCP 10โ38) for traffic with different levels of drop precedence; and Best Effort (BE, DSCP 0) for general internet traffic that can tolerate delays and packet loss.
| DSCP Value | DSCP Name | PHB | Typical Mobile Use |
|---|---|---|---|
| 46 (101110) | EF | Expedited Forwarding | VoLTE/VoNR voice, emergency services |
| 34 (100010) | AF41 | Assured Forwarding | Real-time video (e.g., video calling) |
| 26 (011010) | AF31 | Assured Forwarding | Streaming video, interactive applications |
| 18 (010010) | AF21 | Assured Forwarding | Transactional data, signalling |
| 10 (001010) | AF11 | Assured Forwarding | Bulk data transfer, background updates |
| 0 (000000) | BE | Best Effort | General internet access (default) |
In 5G networks, there is a defined mapping between 5QI values (which govern treatment within the 5G RAN and core) and DSCP values (which govern treatment in IP networks). This mapping ensures that QoS intent is preserved end-to-end as traffic crosses different network domains. The SMF configures the UPF with the appropriate DSCP marking rules as part of the QoS flow setup, ensuring that packets entering the external IP network carry the correct DSCP value for their traffic class.
Data gateways are the pivotal network functions that anchor mobile data sessions and connect the mobile operator's network to the public internet or private data networks. Understanding their role is essential to understanding how mobile data access actually works at a packet level.
The Packet Data Network Gateway (P-GW) in 4G LTE is the network function responsible for IP address allocation, packet routing between the LTE core and external data networks, policy enforcement (via the PCEF โ Policy and Charging Enforcement Function, embedded in the P-GW), and charging data record generation. The P-GW is the last hop within the operator's network before traffic enters the public internet, and it performs several critical functions: GTP tunnel termination from the S-GW, IP packet routing and forwarding, deep packet inspection (DPI) for policy enforcement, uplink and downlink traffic policing, and usage reporting to the OCS via the Gy interface.
The User Plane Function (UPF) in 5G fulfils the same fundamental role as the P-GW but within the cloud-native Service-Based Architecture. The UPF is a software-defined network function that can be deployed at multiple points in the network โ centrally for most traffic, or at the edge (as a local UPF) for applications requiring local breakout and low latency. Multiple UPF instances can be chained in an I-UPF (Intermediate UPF) and PSA-UPF (PDU Session Anchor UPF) configuration for flexible traffic steering.
The UPF is controlled entirely by the SMF via the N4 interface using the PFCP (Packet Forwarding Control Protocol). The SMF pushes Packet Detection Rules (PDRs), Forwarding Action Rules (FARs), Usage Reporting Rules (URRs), and QoS Enforcement Rules (QERs) to the UPF, which enforces them on live traffic in the data plane. This separation allows the SMF to update traffic policies dynamically without interrupting data sessions โ for example, to apply throttling when a subscriber's quota is exhausted.
UPF interfaces and functions โ controlled by SMF via N4/PFCP, anchoring the data path between gNB and internet
A mobile data session has a well-defined lifecycle โ from initial establishment through active data exchange to eventual termination. Understanding each phase of this lifecycle provides insight into how mobile data access is governed and how different events (such as quota exhaustion or recharge) affect the session state.
Session establishment begins when the device's modem triggers a PDU Session Establishment Request, either immediately after network registration (for always-on default sessions) or on demand when an application requests data connectivity. The request flows from the device through the gNB to the AMF, which routes it to the appropriate SMF based on the requested DNN and network slice. The SMF then orchestrates a series of interactions with the UDM (subscription verification), PCF (policy retrieval), and OCS (initial quota grant) before selecting and configuring the UPF and instructing the AMF and gNB to establish the radio bearer. The complete setup process typically takes between 100ms and 500ms in a 5G SA network.
During the active session phase, data flows bidirectionally through the established path: uplink data from the device travels through the NR air interface to the gNB, is encapsulated in GTP-U tunnels through the N3 interface to the UPF, which decapsulates it and forwards it to the internet via the N6 interface. Downlink data follows the reverse path. The UPF continuously tracks usage against the OCS quota grant, sending CCR-Update messages to the OCS as quota thresholds are approached. The gNB scheduler manages the radio resources, continuously adapting modulation, coding, and MIMO configuration to the current channel conditions reported by the device's CQI feedback.
Sessions can be modified without termination in response to various events. A recharge event triggers a quota update from the OCS and a policy update from the PCF, both of which are applied to the existing session without interruption. Handover events cause the session anchor to shift from one gNB to another (while the UPF anchor remains stable in most cases). Mobility events may trigger UPF relocation in some operator configurations, using the N9 interface between I-UPF and PSA-UPF to maintain session continuity.
Sessions are released when the subscriber's device explicitly requests termination (e.g., when an application closes and the modem releases the PDN connection), when the network releases the session due to inactivity timeout, when the subscriber's quota is exhausted and the operator's policy specifies session termination rather than throttling, or when the subscriber's subscription expires. Upon release, the SMF sends a PFCP Session Deletion Request to the UPF, which removes all PDRs/FARs for the session and generates a final usage report. The OCS processes the final report, and all allocated resources (IP address, radio bearers) are returned to their respective pools.
Many mobile operators deploy Deep Packet Inspection (DPI) capability within or alongside the UPF to classify application traffic for policy enforcement purposes. DPI examines the content of IP packets (beyond the IP and TCP/UDP headers) to identify the application generating the traffic โ for example, distinguishing between video streaming, social media, VoIP, and peer-to-peer file sharing.
DPI-based traffic classification enables several operator capabilities: application-aware QoS (applying different QoS treatment to video streaming vs. background app updates), fair usage policy enforcement (throttling specific high-consumption applications rather than all traffic), zero-rating (excluding specific services from data quota consumption as defined in a subscriber's plan), and traffic analytics for network planning purposes. The application of these policies varies between operators and is subject to regulatory net neutrality requirements in different jurisdictions.
The Packet Forwarding Control Protocol (PFCP), defined in 3GPP TS 29.244, is the interface between the SMF and UPF in 5G (and between the SGW-C/PGW-C and SGW-U/PGW-U in 4G CUPS). PFCP uses UDP port 8805 and defines a session-based model where the SMF creates, modifies, and deletes PFCP sessions corresponding to subscriber PDU sessions, pushing all the packet processing rules to the UPF.
| Aspect | 4G LTE | 5G NR |
|---|---|---|
| Session concept | PDN Connection / EPS Bearer | PDU Session / QoS Flow |
| Data gateway | P-GW (monolithic) | UPF (cloud-native, scalable) |
| Control protocol | GTP-C (S5/S8) | PFCP (N4 interface) |
| Policy interface | Gx (Diameter, PCRF) | N7 HTTP/2 (PCF) |
| Charging interface | Gy (Diameter, OCS) | Nchf HTTP/2 (CHF) |
| Session types | IPv4, IPv6, IPv4v6 | IPv4, IPv6, IPv4v6, Ethernet, Unstructured |
| User plane separation | Optional (CUPS from Release 14) | Mandatory (architectural principle) |
| Edge deployment | Limited (PGW-U at edge) | Native (I-UPF + PSA-UPF chain) |
Build on your data access knowledge with the complete internet access flow โ from authentication to content delivery.
See how the OCS, PCF, and UPF systems you've studied here respond to a subscriber recharge event.
Review the foundational protocol layers and network generations that underpin the data access concepts covered here.