SWu is an Internet Key Exchange version 2 (IKEv2)-based interface, used to perform authentication, session creation, and negotiate IP Security (IPSec) sessions used at the user plane level. IKEv2 is the protocol used to set up security associations (SA) in the IPsec protocol suite. IKEv2 is specified in RFC 7296.
dsTest supports VoWiFi/VoWLAN testing with the SWu interface. IPSec tunnels are established from the User Equipment (UE) and the evolved Packet Data Gateway (ePDG), allowing access to the Evolved Packet Core (EPC) from non-3GPP untrusted networks. The UE establishes separate SWu instances for each PDN connection, and transports the packets of all bearers for the same PDN Connection between the UE and the ePDG.
The functionality of SWu includes UE-initiated tunnel establishment, user data packet transmission within the IPSec tunnel, and tearing down of the tunnel.
Encapsulating Security Payload (ESP)
ESP is a protocol within the IPSec protocol suite which provides authentication, integrity and confidentially of IP packets. In a tunnel mode the entire packet is encapsulated and encrypted by ESP within another packet as a payload.
Extensible Authorization Protocol (EAP)
EAP is an authentication framework providing the transport and usage of keying material and parameters generated by EAP methods. For the SWu Interface, EAP-AKA or EAP-TLS is used. dsTest also supports Protected EAP/Tunneled TLS (PEAP/TTLS) over the SWm Interface.
Comprehensive sets of operational measurements for IPSec, EAP, and socket level are collected at configurable intervals and stored in a SQLite database on the dsTest server. Real-dime measurements may be retrieved through our dsClient CLI or graphed via our dsClient GUI.