S-NSSAI lifecycle, NSSF selection logic, 5QI table, end-to-end QoS enforcement, RAN slicing reality, enterprise slice design
1. What Is Network Slicing — The Simple Version
Network slicing is the ability to run multiple independent logical networks on a single physical 5G infrastructure. Each slice has its own QoS profile, security boundary, and optionally dedicated NF instances. A slice for factory automation runs alongside a slice for consumer broadband on the same gNBs and the same 5GC hardware — but with guaranteed, isolated resources.
The reality: core slicing works as advertised and is deployed in production today. RAN slicing — actually guaranteeing radio resources per slice at the gNB level — is harder, requires vendor-specific features, and is where most enterprise slice SLAs get quietly compromised. This article covers both layers honestly.
| 3GPP Reference |
| 3GPP TS 23.501 Section 5.15 — Network Slicing architecture and S-NSSAI definition |
| 3GPP TS 23.502 Section 4.2.2 — Registration with slice selection |
| 3GPP TS 28.530 — Management and orchestration of networks and network slicing |
| GSMA NG.116 — Generic Network Slice Template (standardised slice parameters for operators) |
2. Architecture — The Slicing Framework
S-NSSAI — The Slice Identifier
The S-NSSAI (Single Network Slice Selection Assistance Information) is the identifier that tags every PDU session with a specific slice. It has two parts: SST (Slice/Service Type, 8-bit — defines the slice category) and SD (Slice Differentiator, 24-bit, optional — distinguishes multiple slices of the same type). Together they route the session to the correct NF pool, UPF, and RAN resources.
| SST Value | Slice Type | Typical Enterprise Use Case |
| 1 | eMBB — Enhanced Mobile Broadband | Consumer smartphones, home broadband, video streaming |
| 2 | URLLC — Ultra-Reliable Low Latency | Factory automation, autonomous vehicles, remote surgery |
| 3 | MIoT — Massive IoT | Smart meters, logistics tracking, agriculture sensors |
| 4 | V2X — Vehicle to Everything | Connected vehicle collision avoidance, infrastructure signalling |
| 1 + custom SD | Operator-defined eMBB variant | Enterprise office broadband, managed business connectivity |
| 2 + custom SD | Operator-defined URLLC variant | Port automation, oil & gas SCADA, smart grid protection |
Table 1 — Standardised SST values (3GPP TS 23.501 Table 5.15.2.2-1). Custom SD allows operators to differentiate multiple enterprise customers on the same SST.
NSSF — The Slice Selector
The NSSF (Network Slice Selection Function) determines which slices a UE is allowed to use in a given Tracking Area. When a UE registers, the AMF queries NSSF with the UE’s Requested NSSAI, the UE’s subscription (from UDM), and the current TA. NSSF checks operator policy and returns: Allowed NSSAI (slices the UE can use right now), and optionally a target AMF set if the current AMF cannot serve the allowed slices.
A misconfigured NSSF is one of the most common causes of slice-related PDU session failures. If NSSF returns an Allowed NSSAI that does not include the slice the UE needs, the subsequent PDU Session Establishment Request for that S-NSSAI will be rejected at the AMF. The UE keeps retrying. No obvious alarm.
End-to-End Slice Architecture
| Layer | Component | Slice Enforcement Mechanism |
| UDM — Subscription | Subscriber S-NSSAI subscription list | Only slices in subscription can appear in Allowed NSSAI. Gate 1. |
| NSSF — Selection | Allowed NSSAI per TA | Only slices available in this TA returned. Gate 2. |
| AMF — Access | NAS Registration Accept | Allowed NSSAI delivered to UE. UE can only request these slices. |
| SMF — Session | UPF pool selection by S-NSSAI | Slice-specific UPF pool ensures traffic isolation. Gate 3. |
| UPF — User Plane | Dedicated or shared UPF per slice | Shared UPF = logical isolation via VRF. Dedicated = full isolation. |
| PCF — Policy | Per-slice PCC rules | Different QoS profiles, charging rules, priority per S-NSSAI. |
| gNB — RAN | Per-slice scheduler / PRB reservation | Hardest layer. Requires vendor feature. Often implemented as QoS prioritisation, not hard PRB guarantee. |
Table 2 — End-to-end slice enforcement gates. Core slicing (Gates 1-3) works reliably. RAN slice enforcement is vendor-dependent and often weaker than the core layer.
3. Step-by-Step — Slice Selection and Session Flow
Here is what happens when an enterprise IoT device tries to connect to a URLLC slice (SST=2) on an SA network:
Step 1 — UE powers on and sends NAS Registration Request with Requested NSSAI: [SST=2, SD=0xABCDEF]. The AMF receives this on N1/N2.
Step 2 — AMF invokes NSSF: Nnssf_NSSelection_Get. Sends: UE Requested NSSAI, PLMN, TA. NSSF checks: is SST=2/SD=0xABCDEF in this UE’s subscription (UDM)? Is this S-NSSAI available in this TA? Is the current AMF in the correct AMF set for this slice? Returns Allowed NSSAI and target AMF set.
Step 3 — If the current AMF can serve the slice, registration proceeds. AMF retrieves AM policy from PCF (N15) and subscription from UDM (N8). Sends Registration Accept with Allowed NSSAI to UE. The UE now knows exactly which slices it can use.
Step 4 — UE sends PDU Session Establishment Request with S-NSSAI=SST:2/SD:0xABCDEF and DNN=factory.enterprise.local. AMF selects an SMF from the enterprise slice SMF pool (NRF discovery filtered by S-NSSAI).
Step 5 — SMF runs UPF selection filtered first by DNN (enterprise pool), then by S-NSSAI (URLLC slice UPF pool), then by UE TAI (on-premises UPF at factory). If the factory TAI is correctly mapped, the on-premises UPF is selected. PFCP session is established with URLLC QoS rules (5QI=2, GBR=guaranteed bitrate, QER=URLLC MBR).
Step 6 — gNB receives N2 PDU Session Resource Setup Request with QoS profile including 5QI=2 (GBR, Priority 40, PDB 150ms). The gNB allocates a DRB with guaranteed scheduling priority for this flow. In a properly configured RAN slice, the URLLC DRB gets PRB pre-allocation. In most deployed networks, it gets scheduler priority — better than best-effort but not a hard guarantee.
4. Key Parameters and Technical Terms
| Term | Definition | Configuration Impact |
| S-NSSAI | SST (8-bit) + SD (24-bit optional). Identifies a slice end-to-end across UE, RAN, core, and transport. | Must match in UE config, UDM subscription, NSSF policy, SMF UPF mapping, gNB slice config. One mismatch = session rejected. |
| Allowed NSSAI | The subset of S-NSSAIs the NSSF permits for this UE in this TA. Delivered in Registration Accept. | Drives every subsequent PDU session S-NSSAI request. NSSF policy error = UE cannot access enterprise slice. |
| Configured NSSAI | All S-NSSAIs the operator offers in the home PLMN. Stored in UE for future registrations. | Used by UE when roaming to decide which slices to request in visited PLMN. |
| Network Slice Instance (NSI) | A deployed instance of a network slice, including all NF instances and transport resources assigned to it. | One S-NSSAI can map to one NSI, or multiple NSIs (for load balancing across enterprise customers). |
| NSMF | Network Slice Management Function. Provisions and manages NSIs. Part of OSS/MANO layer. | Responsible for NSI lifecycle: create, modify, scale, terminate. Not a 5GC NF — part of management plane. |
| RFSP Index | RAT/Frequency Selection Priority. AM policy parameter from PCF delivered to gNB via AMF. | Tells gNB which frequency bands/RAT to prioritise for this UE. Used for slice-based RAN steering. |
| PRB Reservation | Physical Resource Block pre-allocation per slice at gNB scheduler. | Vendor-specific feature. Provides hard RAN slice guarantee. Most deployments use QoS priority instead. |
| 5QI | Standardised QoS class. Defines: Resource Type (GBR/Non-GBR), Priority Level, Packet Delay Budget, Packet Error Rate. | Drives gNB DRB scheduling. Must match between PCF PCC rules, SMF QER, and gNB RRM config. |
| GSMA NG.116 | Generic Network Slice Template. Standardises slice parameters across operators for interoperability. | Defines: eMBB, URLLC, MIoT, V2X, Emergency slice templates with reference SLA parameters. |
Table 3 — Slicing key parameters. The most commonly misconfigured: S-NSSAI SD value mismatch between UDM subscription and SMF mapping, and NSSF TA policy coverage gaps.
5. Common Issues in the Field
RAN Slicing Does Not Always Mean What It Sounds Like
Core slicing is real: dedicated UPF, dedicated SMF, isolated PDR/FAR rules, separate charging streams. RAN slicing as commonly deployed is often QoS priority, not resource reservation. A gNB with 100 MHz of NR bandwidth does not split it into 60 MHz for eMBB and 40 MHz for URLLC by default — it prioritises URLLC DRBs in the scheduler. Under low load, URLLC gets excellent latency. Under congestion, URLLC DRBs compete for radio resources with eMBB, just with higher scheduling priority. Hard PRB reservation requires explicit vendor configuration and often a licence feature.
| Field Note: Enterprise URLLC Slice — Latency SLA Breached Under Load |
| Smart port deployed URLLC slice (SST=2) for crane control. Core slice correct: dedicated on-prem UPF, 5QI=2. |
| SLA: P99 round-trip < 5 ms. During normal operations: P99 = 2.8 ms. Good. |
| During shift change (200 workers connecting smartphones on eMBB slice simultaneously): P99 = 23 ms. |
| Root cause: gNB PRB reservation not configured. URLLC DRBs competing with eMBB DRBs for scheduler slots. |
| Fix: configure minimum PRB reservation (15% of NR bandwidth) for URLLC slice on all port-area gNBs. |
| P99 under load: 3.1 ms. SLA maintained. Requires vendor slice licence on affected gNB software. |
S-NSSAI Mismatch — Session Rejected with No Clear Error
S-NSSAI must be consistent end-to-end: UE SIM provisioning, UDM subscription, NSSF policy, SMF UPF pool mapping, and gNB slice configuration. A single byte mismatch in the SD value between any two of these causes session rejection. The AMF rejects with “S-NSSAI not available” and the UE keeps retrying. The operations team checks the core and declares it healthy — because the core is healthy. The problem is a provisioning mismatch.
| Field Note: SD Hex Value Case Mismatch — Enterprise Customer Cannot Connect for 48 Hours |
| Enterprise slice SD provisioned as “0xabcdef” in UDM (lowercase hex), “0xABCDEF” in NSSF policy (uppercase). |
| NSSF string comparison failed. Allowed NSSAI returned without enterprise S-NSSAI. |
| UE could not establish PDU session for enterprise DNN. Took 48 hours to diagnose — core logs showed |
| “S-NSSAI not permitted” which pointed to NSSF, but NSSF team insisted config was correct. |
| Fix: standardise all S-NSSAI SD values as uppercase hex across all NF configurations. Automate validation. |
6. Troubleshooting
| Symptom | Root Cause | Check | Fix |
| Enterprise device cannot establish PDU session on enterprise slice | S-NSSAI not in Allowed NSSAI — NSSF rejection or UDM subscription missing | NSSF logs: Nnssf_NSSelection response; UDM: subscriber S-NSSAI subscription list | Add S-NSSAI to UDM subscription; check NSSF TA policy |
| Slice PDU sessions going to wrong UPF | SMF UPF pool misconfigured for this S-NSSAI | SMF session table: which UPF pool serving this S-NSSAI+DNN combo | Map S-NSSAI to correct UPF pool in SMF configuration |
| URLLC latency good at low load, degrades at high load | No PRB reservation at gNB — URLLC competes with eMBB | gNB RRM metrics: PRB utilisation per slice; URLLC DRB scheduling delay | Configure PRB minimum reservation per slice; may require licence |
| All PDU sessions fail for S-NSSAI after config change | S-NSSAI SD value mismatch introduced during config update | Compare S-NSSAI SD values across: UDM, NSSF, SMF UPF mapping, NRF profiles | Standardise SD format (uppercase hex); validate all NF configs match |
| New enterprise site: devices cannot access slice | New TAI not in NSSF TA policy coverage for this S-NSSAI | NSSF policy: TA list for enterprise S-NSSAI | Add new TAI to NSSF slice TA coverage before site goes live |
Table 4 — Slicing troubleshooting. Most slice failures are provisioning mismatches, not NF software bugs.
7. Design Recommendations
Standardise S-NSSAI SD values as uppercase hex across every system that stores or processes them: UDM, NSSF, SMF, NRF, OSS/BSS, and gNB SON. Build an automated validation check that compares S-NSSAI values across all NF configuration exports before any deployment. A 5-minute script run prevents 48-hour troubleshooting sessions.
Always include RAN PRB reservation in the enterprise slice design — not just core slice isolation. Core slice without RAN slice is marketing. Validate with the gNB vendor that per-slice PRB reservation is supported on the deployed software version and understand what licence it requires. Include this in the enterprise slice SLA wording: “Core-layer isolation guaranteed. RAN-layer priority guaranteed. Hard PRB reservation subject to gNB feature availability.”
Design the NSSF TA coverage map before any site goes live. Every TAI in the enterprise coverage area must be explicitly listed in the NSSF policy for the enterprise S-NSSAI. Automate this: new gNB commissioning workflow should include a step that validates the new TAI is in all relevant NSSF policies.
For GCC enterprise customers: use SST=1 with a custom SD for eMBB-grade enterprise (office connectivity, business broadband). Use SST=2 with custom SD only for URLLC requirements. Do not default all enterprise customers to SST=2 — URLLC requires dedicated UPFs, dedicated radio resources, and more complex SLA management. Reserve it for use cases that genuinely need it.
8. Summary — Key Takeaways
| Topic | Key Takeaway |
| S-NSSAI | SST + SD is the end-to-end slice tag. One mismatch anywhere (UDM, NSSF, SMF, gNB) = session rejected. Standardise SD format and automate validation. |
| NSSF | Computes Allowed NSSAI per UE per TA. Must have correct TA coverage for every enterprise site. New site TAIs not in NSSF = enterprise devices cannot connect. |
| Core slicing | Works as advertised: dedicated UPF, dedicated SMF, isolated PFCP rules, separate charging. Reliable in production. |
| RAN slicing | Often QoS priority in practice, not hard PRB reservation. Latency SLAs hold at low load, degrade under congestion without PRB reservation configuration. |
| 5QI | Standardised QoS class. Drives gNB scheduler, UPF QER enforcement. 5QI=1 for VoNR (GBR). 5QI=9 for default internet. 5QI=2 for URLLC. Must match PCF rules and gNB DRB config. |
| Enterprise slice design | Match SST to actual latency requirement. SST=1+SD for enterprise broadband. SST=2+SD only for genuine URLLC. Always include PRB reservation in SLA discussion. |
Table 5 — Post 03 summary. Core slicing is production-ready. RAN slicing requires explicit vendor configuration to deliver hard guarantees.
Next: Post 04 — MEC & Edge Computing
Muhammad Tahir Riaz
Data Analytics & Automation Consultant | 17+ years telecom | trmtelcocloudai.com