Description
Network Slice Admission Control (NSAC) is a fundamental control plane function introduced in 3GPP Release 17 to manage the scale and capacity of network slices. It operates by enforcing a maximum allowed number of User Equipments (UEs) that can be simultaneously registered to a given network slice instance (NSI). This is not a resource admission control for data traffic, but rather a registration-level admission control. The primary goal is to prevent a slice from becoming overloaded with registered UEs, which could degrade the quality of service for all users of that slice and potentially impact other slices sharing the same underlying infrastructure. NSAC is a policy-based mechanism, where the maximum number of UEs per slice is a key policy parameter defined by the network operator, often aligned with commercial or technical service level agreements (SLAs).
The NSAC function is typically implemented within the core network's control plane, interacting with key network functions like the Access and Mobility Management Function (AMF) and the Network Slice Admission Control Function (NSACF). When a UE initiates a registration procedure and requests a network slice, the AMF consults the NSAC mechanism to check if the UE can be admitted to the requested slice. This check involves verifying whether the current registration count for that slice is below the configured maximum limit. If the limit has not been reached, the registration is allowed, and the counter is incremented. If the limit is reached, the registration request for that specific slice may be rejected, or the UE may be directed to an alternative slice, depending on network policies and UE capabilities.
NSAC works in conjunction with the Network Slice Admission Control Function (NSACF), which is the entity responsible for maintaining the registration counts and enforcing the admission policies. The AMF communicates with the NSACF via service-based interfaces (e.g., Namf_Communication) to report registration and deregistration events. The NSACF maintains per-slice counters, updates them based on these events, and provides admission decisions to the AMF. This architecture centralizes the admission control logic, allowing for consistent policy enforcement across the network. NSAC also supports monitoring and reporting capabilities, enabling operators to track slice usage and make informed decisions about capacity planning and slice lifecycle management.
Purpose & Motivation
NSAC was created to address a critical gap in the initial 3GPP network slicing architecture defined in Release 15. While early releases provided the mechanisms to create and manage slices, they lacked robust controls to limit the scale of a slice in terms of connected users. Without such control, a popular slice (e.g., for a massive IoT service or a popular enterprise application) could experience an uncontrolled influx of UEs, leading to signaling storms, resource exhaustion, and performance degradation for all users on that slice and potentially on shared network functions. This posed a significant risk to network stability and the ability to guarantee isolated performance as promised by slicing.
The introduction of NSAC in Release 17 was motivated by the need for operators to offer reliable and predictable slice-based services with enforceable SLAs. It allows operators to define a 'capacity' for a slice not just in bandwidth, but in terms of supported devices, which is essential for commercial models (e.g., selling a slice to an enterprise for up to 10,000 devices). It solves the problem of slice overload by providing a hard limit, protecting the slice from being overwhelmed. Furthermore, it enables more efficient resource planning and prevents one slice from monopolizing common control plane resources, thereby upholding the principle of resource isolation that is foundational to network slicing.
Key Features
- Enforces a maximum limit on the number of UEs simultaneously registered to a network slice instance.
- Provides slice-level admission control during UE registration and mobility procedures.
- Centralized policy enforcement through interaction with the NSACF.
- Maintains dynamic counters for UE registrations and deregistrations per slice.
- Supports rejection of registration requests when slice capacity is reached.
- Enables network operators to implement commercial and technical slice capacity SLAs.
Evolution Across Releases
Introduced the NSAC concept and architecture. Defined the fundamental procedure where the AMF interacts with the NSACF to check slice availability during UE registration. Established the service-based interfaces for communication and the core policy of enforcing a maximum number of registered UEs per slice.
Enhanced NSAC procedures for more complex scenarios, including interworking and roaming. Introduced refinements for handling slice-specific authentication and authorization in conjunction with admission control. Improved support for network slicing in non-public networks (NPNs).
Further optimizations for signaling efficiency between AMF and NSACF. Enhanced support for network slicing in integrated access and backhaul (IAB) scenarios. Introduced more granular reporting and monitoring capabilities for slice usage analytics.
Continued evolution to support advanced network slicing paradigms, including AI/ML-driven slice lifecycle management. Enhanced NSAC for dynamic slice capacity adjustments and integration with network data analytics function (NWDAF) for predictive admission control.
Defining Specifications
| Specification | Title |
|---|---|
| TS 23.501 | 3GPP TS 23.501 |
| TS 24.501 | 3GPP TS 24.501 |
| TS 28.203 | 3GPP TS 28.203 |
| TS 29.122 | 3GPP TS 29.122 |
| TS 29.522 | 3GPP TS 29.522 |
| TS 29.536 | 3GPP TS 29.536 |