TelcomIQ

Navigate

BrowseSecurityCoverageQuizContact

Graph

Full GraphBuilder

SMF

Session Management Function β€” PDU session control and UPF orchestration

Type

node

Generations

5G

Threat level

medium
🧩

Quiz coming soon for this topic.

Questions & comments

Join the discussion

Overview

The SMF β€” Session Management Function β€” is responsible for the full lifecycle of PDU sessions in a 5G SA core: establishment, modification, and release. When a UE requests a data connection, the AMF selects an SMF and hands off the session management completely. From that point, the SMF owns the session: it selects the UPF, installs forwarding rules via PFCP, allocates an IP address, retrieves policy from the PCF, and reports usage to the charging function.

The SMF replaced the control plane components of two separate 4G nodes: the Serving Gateway (SGW-C) and the PDN Gateway (PGW-C). In EPC, the separation of SGW and PGW served a specific purpose β€” the SGW was the local anchor for mobility within the home PLMN, while the PGW was the PDN anchor and policy enforcement point. In 5G, these functions are merged into a single SMF with cleaner PFCP-based control of one or more UPFs, which may be distributed across the network for edge deployments.

The SMF participates in the Service Based Architecture through its Nsmf API, but it also has non-SBA interfaces. The N4 interface to the UPF uses PFCP (Packet Forwarding Control Protocol), a purpose-built UDP-based protocol that predates the 5G SBA and was originally designed for the CUPS (Control and User Plane Separation) split in 4G. This means the SMF operates simultaneously in two interface paradigms: RESTful HTTP/2 toward other 5G NFs, and PFCP toward the user plane.

For roaming, the SMF can operate in two modes. In Home Routed (HR) roaming, the home SMF controls the UPF in the home network directly. In Local Breakout (LBO), a visited SMF may be involved. In both cases, the SMF is the function that decides how subscriber traffic enters and exits the mobile core.

How it works

PDU session establishment

PDU session establishment begins when the UE sends a NAS PDU Session Establishment Request. The AMF receives this via N1/N2 and immediately delegates it.

  1. The AMF selects an SMF using NRF discovery β€” querying for an SMF that supports the requested DNN (Data Network Name) and S-NSSAI (slice).
  2. The AMF invokes Nsmf_PDUSession_CreateSMContext on the selected SMF via N11, forwarding the SM NAS container from the UE.
  3. The SMF queries the UDM on N10 (Nudm_SDM_Get) to retrieve session management subscription data β€” default QoS, allowed DNNs, and session continuity modes.
  4. The SMF invokes the PCF on N7 (Npcf_SMPolicyControl_Create) to retrieve PCC (Policy and Charging Control) rules for the session.
  5. The SMF selects a UPF using NRF discovery β€” choosing based on topology, DNN, and slice constraints β€” and creates a PFCP session on N4.
  6. The PFCP Session Establishment Request installs Packet Detection Rules (PDRs), Forwarding Action Rules (FARs), and QoS Enforcement Rules (QERs) on the UPF.
  7. The UPF allocates the N3 TEID (Tunnel Endpoint ID) and returns it to the SMF.
  8. The SMF allocates a UE IP address (from its local pool or via DHCPv4/v6 to the DN) and returns the PDU Session Establishment Accept via the AMF to the UE.
  9. The gNB receives the N2 PDU Session Resource Setup Request (forwarded by AMF) containing the UPF's N3 address and TEID, and establishes the GTP-U tunnel.

PDU session modification

QoS updates β€” triggered by a PCF policy change, UE request, or network-initiated modification β€” follow a similar flow:

  1. The PCF sends Npcf_SMPolicyControl_UpdateNotify to the SMF with new PCC rules.
  2. The SMF translates PCC rules into PFCP rule updates and sends a PFCP Session Modification Request to the UPF on N4.
  3. The UPF applies the updated QERs and FARs, acknowledges via PFCP Session Modification Response.
  4. If the QoS change requires RAN reconfiguration, the SMF triggers AMF via N11 (Nsmf_PDUSession_UpdateSMContext), which propagates the N2 QoS update to the gNB.

UPF selection and the N9 multi-UPF case

The SMF is not limited to a single UPF per session. For edge deployments or traffic offload, the SMF can chain multiple UPFs: an Intermediate UPF (I-UPF) close to the RAN for local breakout, forwarding selected traffic to an Anchor UPF (A-UPF) in the central core for the remainder. The SMF installs separate PFCP sessions on each UPF and orchestrates the N9 tunnel between them.

Architecture role

In the 5G SA reference architecture, the SMF occupies the boundary between the control plane and the user plane. It is the only control plane function that directly programs UPF forwarding behaviour. Nothing enters the UPF's packet processing pipeline without the SMF having installed the appropriate PFCP rules first.

In 5G SA: The SMF controls one or more UPF instances via PFCP on N4. It receives session requests from the AMF on N11, retrieves subscriber data from UDM on N10, and enforces policy from PCF on N7.

Compared to 4G EPC: The 4G equivalents were the SGW-C (local mobility anchor, GTP-C toward MME) and PGW-C (PDN anchor, Gx toward PCRF, Gy toward OCS). The SMF merges both control planes into a single function with a cleaner PFCP southbound interface toward the UPF.

The SMF is typically stateful β€” it maintains a PFCP session context per PDU session, including the allocated IP address, current QoS parameters, and UPF TEID bindings. This state must survive SMF restarts in production deployments, which requires either persistent storage or a session redundancy mechanism (active/standby or distributed session state via a session database).

Key interfaces

InterfaceBetweenDirectionPurpose
N4SMF ↔ UPFBidirectionalPFCP β€” install and manage forwarding rules on UPF
N7SMF ↔ PCFBidirectionalPCC policy retrieval and update notification
N10SMF ↔ UDMRequest/responseSession management subscription data retrieval
N11SMF ↔ AMFBidirectionalPDU session lifecycle management
N16SMF ↔ SMFBidirectionalInter-SMF session transfer (home routed roaming)
N40SMF ↔ CHFBidirectionalOnline and offline charging β€” usage reporting

Security posture

The SMF's threat model is defined by what it controls: every packet forwarding rule in the user plane. A compromised or manipulated SMF can install PFCP rules that redirect subscriber traffic to an attacker-controlled endpoint, bypass QoS enforcement, suppress charging records, or silently intercept traffic before forwarding it. The SMF is the most direct path to user plane manipulation short of physically compromising a UPF.

Unlike the AMF, the SMF is not typically exposed to the radio access network directly. Its attack surface is almost entirely within the core: the N4 interface to UPFs, the N7 interface to the PCF, and the N11 interface from the AMF. This means the SMF is protected from direct external access, but it inherits the risk of any compromised peer NF β€” a rogue AMF claiming to establish a session, or a PCF returning malicious policy, can both result in incorrect PFCP rules.

The N4/PFCP interface is particularly sensitive because it is not an SBA interface β€” it is a binary UDP protocol with its own authentication model (PFCP node-level procedures, optionally with IPsec). Many deployments rely on network segmentation rather than per-message authentication on N4, which means SMF-UPF communication security depends on the integrity of the routing fabric between them.

Attack surface

PFCP rule injection via N4

PFCP is a UDP-based protocol with optional IPsec protection. If the N4 interface between SMF and UPF is not secured with IPsec, or if a rogue node can reach the UPF's PFCP port, it can send PFCP Session Establishment Requests that install malicious forwarding rules β€” redirecting subscriber traffic to attacker-controlled addresses, or creating GTP-U tunnels that exfiltrate traffic without the SMF's knowledge.

Impact: Full user plane traffic interception or redirection for affected subscribers.
Difficulty: Medium. Requires network access to the N4 segment and knowledge of PFCP message formats. If IPsec is absent, no cryptographic capability needed.

N7 policy response spoofing

The SMF trusts the PCF's responses on N7 to determine QoS rules and charging parameters. If an attacker can intercept or impersonate the PCF on N7 β€” for example, by registering a rogue NF in the NRF with a PCF profile β€” they can return policy responses that grant the attacker's subscriber sessions unlimited bandwidth, suppress charging triggers, or install traffic steering rules that redirect sessions to a specific UPF for interception.

Impact: Charging bypass, QoS manipulation, or targeted traffic redirection.
Difficulty: Medium. Requires a valid NF certificate to register in the NRF and sufficient knowledge of Npcf API responses.

IP address pool exhaustion

The SMF allocates IP addresses for PDU sessions, either from a local pool or via DHCP delegation. If an attacker can trigger session establishment at high rate β€” using a compromised device, a rogue gNB, or API-level access β€” they can exhaust the SMF's IP address pool for a given DNN, preventing legitimate subscribers from obtaining sessions.

Impact: Denial of service for all subscribers attempting to establish data sessions on the affected DNN.
Difficulty: Low given a compromised device or gNB; Medium from the SBI layer.

N11 session context manipulation

The AMF-SMF N11 interface carries PDU session create, update, and release requests. If a rogue NF presents itself to the SMF as a legitimate AMF β€” by obtaining an NRF-issued access token with the AMF NF type β€” it can send Nsmf_PDUSession_ReleaseSMContext requests to tear down active sessions for arbitrary subscribers, causing a targeted denial of service.

Impact: Forced session termination for targeted subscribers.
Difficulty: Medium. Requires a valid NF certificate and NRF token.

Mitigations

The SMF requires a layered defence: cryptographic protection on each interface, strict NF authentication, and operational monitoring of PFCP behaviour.

  • N4 IPsec enforcement: Deploy IPsec with mutual authentication (IKEv2 with X.509 certificates) on all N4 paths between SMF and UPF instances. Do not rely on network segmentation alone. Validate this during vendor integration testing β€” some PFCP implementations default to no transport security.

  • NRF token validation on all Nsmf consumers: The SMF must validate the OAuth2 access token on every incoming API request. The NF type, NF instance ID, and scope claims must all match what is expected for the requested operation. Reject tokens from unknown NF instances even if the type is correct.

  • PCF endpoint pinning: Configure the SMF to only accept N7 connections from PCF instances registered in the NRF with a known NF instance ID. Do not accept policy responses from any address not associated with a registered PCF.

  • PFCP session anomaly detection: Monitor PFCP session establishment rates per SMF instance and per DNN. Alert on sudden spikes in session creation, unusual FAR destinations, or PFCP messages arriving from unexpected source addresses on the N4 segment.

  • Per-DNN session rate limiting: Apply session establishment rate limits per SUPI and per DNN to prevent IP pool exhaustion. Limit the rate at which a single subscriber can cycle through PDU session create/release.

  • Charging record integrity: Ensure all CDR (Charging Data Record) output from the SMF is signed or hash-chained to detect post-hoc manipulation of usage records.

Spec references

  • 3GPP TS 23.501 β€” 5G system architecture. Section 6.2.2 defines the SMF's role; Section 5.7 covers the CUPS architecture that the SMF/UPF split is based on.

  • 3GPP TS 29.502 β€” Nsmf service specification. Defines the Nsmf_PDUSession and Nsmf_NIDD (Non-IP Data Delivery) API endpoints, OpenAPI schemas, and procedures.

  • 3GPP TS 29.244 β€” The PFCP protocol specification for the N4 interface. Defines Session Establishment, Modification, Deletion procedures and all PDR/FAR/QER/URR rule types. Essential reading for SMF-UPF integration.

  • 3GPP TS 29.512 β€” Session Management Policy Control Service (N7). Defines how the SMF requests and receives PCC rules from the PCF, including QoS parameters, charging triggers, and traffic steering rules.

  • 3GPP TS 33.501 β€” 5G security architecture. Section 6.8 covers SMF security requirements including N4 protection and NF authentication requirements.

Related topics

The SMF is paired with the UPF, which it controls via PFCP on the N4 interface. The two functions are complementary halves of the 5G packet core β€” the SMF holds all session state and logic; the UPF performs all packet processing at line rate. Neither is useful without the other.

The SMF superseded the control plane components of two 4G nodes: the SGW (local mobility anchor and GTP-C peer to the MME) and the PGW (PDN anchor, Gx/Gy policy enforcement point). The SMF consolidates both into a single function with PFCP as the southbound interface.

Policy is provided by the PCF on N7. The SMF translates PCF PCC rules directly into PFCP QoS Enforcement Rules and Forwarding Action Rules on the UPF β€” the PCF determines what QoS a session should have; the SMF enforces it in the user plane.

The AMF is the SMF's only northbound peer β€” all session requests arrive via N11. The UDM provides subscription data on N10. The NRF enables dynamic UPF selection and PCF discovery.

For the full context of how SMF fits into the 5G core, see 5G SA.

Relationships