[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2012013103A1 - 一种网关标识上报的方法及系统 - Google Patents

一种网关标识上报的方法及系统 Download PDF

Info

Publication number
WO2012013103A1
WO2012013103A1 PCT/CN2011/076149 CN2011076149W WO2012013103A1 WO 2012013103 A1 WO2012013103 A1 WO 2012013103A1 CN 2011076149 W CN2011076149 W CN 2011076149W WO 2012013103 A1 WO2012013103 A1 WO 2012013103A1
Authority
WO
WIPO (PCT)
Prior art keywords
epdg
aaa
hss
identity
identifier
Prior art date
Application number
PCT/CN2011/076149
Other languages
English (en)
French (fr)
Inventor
毕以峰
朱春晖
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012013103A1 publication Critical patent/WO2012013103A1/zh

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/16Gateway arrangements

Definitions

  • the present invention relates to an evolved packet system, and more particularly to a method and system for gateway identification in a communication network. Background technique
  • EPS 3rd Generation Partnership Project
  • E-UTRAN Evolved Universal Mobile Telecommunications System Terrestrial Radio Access Network
  • MME Mobility Management Entity
  • S-GW Serving Gateway
  • P-GW Packet Data Network Gateway
  • HSS Home Subscriber Server
  • AAA 3GPP Authentication and Authorization Accounting Server
  • PCRF Policy and Charging Rules Function
  • the MME is responsible for control plane related work such as mobility management, non-access stratum signaling processing, and user mobility management context management;
  • S-GW is an access gateway device connected to E-UTRAN, in E-UTRAN and P - The GW forwards data and is responsible for caching the paging wait data.
  • P-GW is the border gateway of 3GPP EPS and Packet Data Network (PDN), which is responsible for PDN access and forwarding data between EPS and PDN.
  • An S6a interface is used between the MME and the HSS. The interface is used for user access authentication, subscription information acquisition, and context storage.
  • UE User equipment
  • 3GPP 3GPP
  • Non-3GPP access networks can be classified into trusted non-3GPP access and untrusted non-3GPP Access, when non-trusted non-3GPP access, must be transferred to the P-GW through the network element, evolved Packet Data Gateway (ePDG), where the interface between the ePDG and the P-GW is called the S2b interface. Protocols that can be used for this interface include Proxy Mobile IP Version 6 ( ⁇ , Proxy Mobile IP version 6) protocol, or General Packet Radio Service Tunnel Protocol (GTP).
  • Proxy Mobile IP Version 6 ⁇ , Proxy Mobile IP version 6
  • GTP General Packet Radio Service Tunnel Protocol
  • the P-GW and the AAA server (Server) / AAA proxy (Proxy) are S6b interfaces, and the S6b interface is used for the P-GW to obtain context information from the AAA/AAA Proxy; between the ePDG and the AAA Server/AAA Proxy It is a SWm interface, which is used for user access authentication and other operations.
  • the terminal accesses the EPS through the 3GPP access network (such as EUTRAN) or the untrusted non-3GPP access network, and the terminal first establishes a PDN connection by attaching, and the PDN connection is called a default PDN connection. It is also possible to establish a Additional PDN connection later. For each PDN connection, the terminal obtains one or a pair of Internet Protocol Version 4 (IPv4)/Internet Protocol Version 6 (IPv6) addresses, and the terminal accesses the specific PDN through the acquired IP address. For example, the terminal uses an untrusted non-3GPP access EPS as an example. The following procedure is used to describe the establishment of an attach/PDN connection. As shown in FIG. 2, the process includes the following steps:
  • Step 201 The user (UE) accesses the authentication and authorization.
  • the ePDG and the 3GPP HSS/AAA complete the authentication of the UE, and an IPsec tunnel is established between the UE and the ePDG, and the tunnel is used to protect signaling and data between the UE and the ePDG.
  • step 201 the UE has completed the access operation of the non-3GPP access network through the existing steps of the untrusted non-3GPP access network.
  • Step 202 The ePDG sends a "GTP: Create Session Request" message to the P-GW to request to establish a GTP tunnel.
  • the ePDG and the P-GW are tunneled by using GTP, as mentioned in the description of FIG. 1:
  • the tunnel can also be established by using the PMIPv6 protocol between the ePDG and the P-GW.
  • the message used to create the session request in step 202 is a PBU, ⁇ Binding Update message.
  • Step 203 If the policy and charging control (PCC, Policy and Charging Control) technology is used in the network to uniformly manage resources and charging, the P-GW establishes an IP-CAN session with the PCRF, and obtains the PCC from the PCRF. Strategy.
  • PCC Policy and Charging Control
  • Step 204 The P-GW reports the P-GW identity update message to the 3GPP HSS/AAA.
  • the P-GW identifier update message carries the "APN+P-GW identifier" corresponding to the PDN connection, and the HSS/AAA stores the APN+P-GW identifier.
  • the "APN+P-GW identifier" in this document indicates that: the APN and the P-GW identifier are stored in pairs in the HSS/AAA, and it can also be understood that the selected P-GW identifier and the APN are correspondingly stored in In HSS/AAA, it will not be described.
  • Step 205 In response to requesting signaling in step 202, the P-GW sends a "GTP: Create Session Reply" message to the ePDG to notify the ePDG that the GTP tunnel is successfully established.
  • the message replied in step 205 is a proxy binding acknowledgement (PBA, ⁇ Binding Ack) message.
  • PBA proxy binding acknowledgement
  • Step 206 The establishment of an Internet Protocol Security (IPsec) tunnel between the UE and the ePDG is completed.
  • IPsec Internet Protocol Security
  • Step 207 After the P-GW accepts the tunnel establishment request of the ePDG, the P-GW allocates an IP address to the UE, and carries the message to the ePDG through the message in step 205. In this step 207, the ePDG brings the IP address to the UE through an Internet Key Exchange Version 2 (IKEv2, Internet Key Exchange version 2) message.
  • IKEv2 Internet Key Exchange version 2
  • the UE may establish one or more PDN connections and visit different PDNs.
  • the P-GW selected by the Ecore is different. That is, in the process of establishing a PDN connection, the ePDG is required. Selecting a different P-GW according to the access point name (APN, Access Point Name) sent by the UE or the APN returned by the HSS/AAA (the selection mechanism is prior art), so when performing step 202 in FIG. 2
  • the ePDG sends a tunnel binding message to the selected P-GW.
  • the identifier of the P-GW and the APN need to be correspondingly stored in the HSS/AAA, that is:
  • the APN+P-GW identifier is implemented in the HSS/AAA by step 204.
  • Storage The purpose of storing the APN+P-GW identifier is to keep the P-GW unchanged during the handover process. For example, when the UE is switched from the non-3GPP access network to the EUTRAN access, the EUTRAN access network does not know which P-GW to use because the EUTRAN access network does not know which P-GW the UE selects when it is not the 3GPP access.
  • the P-GW establishes a tunnel binding relationship.
  • the UE needs to store the correspondence between the selected P-GW identifier and the APN to the HSS/AAA when the UE is initially accessed through the non-3GPP.
  • the EUTRAN accesses the access profile through the user.
  • the right operation obtains the stored APN+P-GW identification information from the HSS/AAA, so that the EUTRAN knows to establish a tunnel binding relationship with the P-GW, so as to ensure that the P-GW selected before and after the handover is the same P-GW.
  • the anchor gateway P-GW is guaranteed to be unchanged during the handover process, which ensures the continuity of the service.
  • the flow of the APN+P-GW identifier is reported by the P-GW to the HSS/AAA through the S6b interface.
  • the P-GW does not need to perform the operation when the EUTRAN is accessed, and the storage of the APN+P-GW identifier is reported by other network elements, such as the MME, to the HSS/AAA. That is to say, in different scenarios of 3GPP access and non-3GPP access, different requirements are imposed on the behavior of the P-GW.
  • the APN+P-GW identifier is reported to the HSS/AAA storage, different networks are used. The execution of the meta-reports makes the operation process seem confusing and non-uniform.
  • a gateway identification reporting solution is urgently needed, which can unify the operation process and simplify operations. Summary of the invention
  • the main purpose of the present invention is to provide a method and system for reporting a gateway identity, which can unify the operation flow and simplify operations in different scenarios of 3GPP access and non-3GPP access.
  • the technical solution of the present invention is achieved as follows:
  • a method for verifying a gateway on a gateway comprising:
  • the evolved packet data gateway reports the packet data network gateway (P-GW) to the Home Subscriber Server (HSS) / Authentication Authorization Accounting Server (AAA).
  • P-GW packet data network gateway
  • HSS Home Subscriber Server
  • AAA Authentication Authorization Accounting Server
  • the method further includes: the ePDG reporting a P-GW identifier update message to the HSS/AAA, and the HSS/AAA receiving the P-GW identifier after the user initiates an attach/packet data network (PDN) connection establishment. And storing the P-GW identifier, where the P-GW identifier update message carries the P-GW identifier.
  • PDN attach/packet data network
  • the condition for triggering the ePDG to report includes any one of the following:
  • Condition 1 After the user equipment (UE) access authentication and authorization, the UE access authentication and authorization process, or the UE access authentication and authorization is completed, the ePDG uploads the P-GW identity update message;
  • Condition 2 After the initiating P-GW notifies the ePDG General Packet Radio Service Tunneling Protocol (GTP) tunnel establishment, the P-GW notifies the ePDG GTP tunnel establishment process, or the P-GW notifies that the ePDG GTP tunnel is established, the ePDG reports the P-GW identification update message;
  • GTP General Packet Radio Service Tunneling Protocol
  • IPsec Internet Protocol Security
  • the method further includes: when the ePDG performs a user access authentication operation, requesting to obtain, from the HSS/AAA, the P- stored by the HSS/AAA before the handover. GW logo.
  • the method further includes: the ePDG reports a P-GW identifier update message to the HSS/AAA, and the HSS/AAA receives the P-GW identifier update message, and deletes the location. Stored P-GW identity.
  • the ePDG is triggered.
  • the conditions for reporting include any of the following:
  • Condition 1 After the release of the Internet Key Exchange Version 2 (IKEv2) tunnel, the release of the IKEv2 tunnel, or the release of the KEv2 tunnel, the ePDG updates the P-GW identifier message;
  • IKEv2 Internet Key Exchange Version 2
  • Condition 2 After the initiating P-GW notifies the ePDG to release the GTP tunnel, the P-GW notifies the ePDG to release the GTP tunnel, or the P-GW notifies the ePDG to release the GTP tunnel, the P-GW identity update message is sent on the ePDG. ;
  • Condition 3 Initiating a non-3GPP access network to release resources through an existing resource release operation, a non-3GPP access network releasing resources through an existing resource release operation, or a non-3GPP access network releasing through an existing resource release operation After the resource is completed, the ePDG reports the P-GW identity update message.
  • the P-GW identity update message includes: a P-GW identity storage request message, a P-GW identity acquisition request message, or a P-GW identity deletion request message.
  • a system for identifying a gateway on a gateway includes an ePDG and an HSS/AAA; wherein, the ePDG is configured to report the P-GW identifier to the HSS/AAA;
  • the HSS/AAA is used to receive the P-GW identifier reported by the ePDG.
  • the ePDG is further configured to: when the initial connection/PDN connection is established, the P-GW identifier update message is sent to the HSS/AAA, where the P-GW identifier update message carries the P-GW identifier;
  • the HSS/AAA is further configured to store the P-GW identifier after receiving the P-GW identifier.
  • the ePDG is further configured to perform a user access authentication operation when the user switches to the access network where the ePDG is located, and request to obtain, from the HSS/AAA, the P-GW identifier stored by the HSS/AAA before the handover. .
  • the ePDG is further used to report the P-GW when the user detaches/PDN connection is released. Identifying an update message to the HSS/AAA;
  • the HSS/AAA is further configured to delete the P-GW identifier stored by the HSS/AAA after receiving the P-GW identifier update message.
  • the P-GW identifier is reported by the MME to the HSS/AAA; when the non-3GPP is accessed, the P-GW identifier is reported by the P-GW to the HSS/AAA, and the process and the network element function are MME and P-GW do not have uniformity.
  • the P-GW identity is uniformly reported by the ePDG to the HSS/AAA. Since the ePDG and the MME have similar functions in the terminal access process, the present invention is in 3GPP access and non-3GPP access. The different process scenarios unify the operation process and simplify the operation.
  • FIG. 1 is a schematic diagram of an untrusted non-3GPP access network accessing an EPS in the prior art
  • FIG. 2 is a schematic diagram of an attachment process of a P-GW identity storage in the prior art
  • Embodiment 3 is a schematic flowchart of an implementation process of Embodiment 1 of the method according to the present invention.
  • FIG. 5 is a schematic diagram of an implementation process of Embodiment 3 of the method according to the present invention. detailed description
  • the basic idea of the present invention is: The ePDG reports the P-GW identity to the HSS/AAA.
  • the solution of the present invention is applicable to the non-3GPP access scenario, and the ePDG reports the P-GW to the HSS/AAA.
  • the subsequent HSS/AAA stores the received P-GW identifier
  • the ePDG obtains the stored P-GW identifier from the HSS/AAA
  • the HSS/AAA deletes the stored P-GW identifier at the request of the ePDG.
  • a method for identifying a ⁇ on a gateway the method mainly includes the following contents:
  • the ePDG may report the P-GW identity update message to the HSS/AAA through the SWm interface, and request the HSS/AAA to store the P-GW identifier, and the HSS/AAA may be in the lifetime of the PDN connection.
  • the received P-GW identifier is stored.
  • the P-GW identifier update message carries the P-GW identifier.
  • the ePDG obtains the P-GW identifier stored in the HSS/AAA before the handover from the HSS/AAA through the user access authentication operation.
  • the ePDG requests the HSS/AAA to delete the P-GW identifier, and the HSS/AAA deletes the P-GW identifier.
  • the ePDG does not request the HSS/AAA to delete the P-GW identity.
  • the invention is illustrated by way of example below.
  • the P-GW identification update message used in the following embodiments is a generalized message name, and may specifically include: a P-GW identifier storage request message, a P-GW identifier acquisition request message, or a P-GW. Identifies the delete request message.
  • the message may be carried by the Diameter signaling carrying a special indication, as long as the HSS/AAA can parse the parameters carried by the message and can perform the operation indicated by the message (storing/deleting/acquiring the P-GW identifier), the message name is not made. Specifically limited.
  • Method Embodiment 1 The P-GW identifies the stored attach/PDN connection establishment process.
  • This embodiment is a process in which a terminal attaches to an EPS core network through an untrusted non-3GPP access network according to the present invention; or, after attaching, an additional PDN connection process is established, and in the process of attaching/PDN connection establishment, ePDG is directed to
  • the HSS/AAA sends a P-GW identity update message, which carries the P-GW identity, and the HSS/AAA stores the P-GW identity, as shown in FIG. Figure 3 shows a non-roaming scenario.
  • the roaming scenario differs from that of Figure 3 in that: the P-GW interacts with the home policy and charging rule function (hPCRF) by visiting the visited policy and charging rules of the network. (vPCRF) Transfer;
  • the interaction between ePDG and home HSS/AAA is transferred via the AAA Proxy of the visited network.
  • the difference here does not affect the invention.
  • the process shown in Figure 3 includes the following steps:
  • Step 301 The user (UE) accesses the authentication and authorization.
  • the ePDG and the 3GPP HSS/AAA complete the authentication of the UE, and an IPsec tunnel is established between the UE and the ePDG, and the tunnel is used to protect signaling and data between the UE and the ePDG.
  • step 301 the UE has completed the access operation to the non-3GPP access network through the existing steps of the untrusted non-3GPP access network.
  • Step 302 During the establishment of the IPsec tunnel, the UE will carry the APN to the ePDG, or the AAA will send the signed APN to the ePDG. Based on the APN, the ePDG selects the P-GW that needs to be connected to establish the PDN connection through an existing mechanism (such as a DNS query). The ePDG sends a P-GW identity update message to the HSS/AAA through the SWm interface, requesting the HSS/AAA to store the P-GW identity.
  • an existing mechanism such as a DNS query
  • the P-GW identification update message triggering condition of step 302 or the execution timing may be any one as shown below:
  • Condition 1 is triggered by step 301, that is, step 302 occurs after step 301, as shown in FIG. 3;
  • Condition 2 triggered by step 305, that is, step 302 occurs after step 305, which is not disclosed in FIG. 3;
  • Condition 3 Triggered by step 306, step 302 occurs after step 306, which is not disclosed in FIG.
  • the P-GW identifies the update, and the subsequent attach/PDN connection establishment fails.
  • the ePDG sends a P-GW identity update request to the HSS/AAA, requesting the HSS/AAA to delete the stored P-GW identity.
  • the ePDG sends a P-GW identifier to the HSS/AAA.
  • the APN and P-GW identifiers are sent in pairs, HSS/AAA
  • the storage of this message is also stored in pairs.
  • Step 303 The ePDG sends a "GTP: Create Session Request" message to the selected P-GW to request to establish a GTP tunnel.
  • the ePDG and the P-GW are tunneled by using the GTP protocol, as mentioned in the description of FIG. 1:
  • the tunnel can also be established by using the PMIPv6 protocol between the ePDG and the P-GW.
  • the message used to create the session request in step 303 is a PBU message.
  • Step 304 If the PCC technology is used in the network to uniformly manage resources and charging, the P-GW establishes an IP-CAN session with the PCRF and obtains a PCC policy from the PCRF.
  • Step 305 In response to the request signaling in step 303, the P-GW sends a "GTP: Create Session Response" message to the ePDG to notify the ePDG that the GTP tunnel is successfully established.
  • the message replied in step 305 is a PBA message.
  • Step 306 The establishment of the IPsec tunnel between the UE and the ePDG is completed.
  • Step 307 After the P-GW accepts the tunnel establishment request of the ePDG, the P-GW allocates an IP address to the UE, and carries the message to the ePDG through the message in step 305. In this step 307, the ePDG brings the IP address to the UE through the IKEv2 message.
  • Method Embodiment 2 PDN connection release/de-attachment procedure initiated by the UE/ePDG/non-3GPP access network deleted by the P-GW.
  • This embodiment is based on the present invention, after the terminal is attached to the EPS core network through the untrusted non-3GPP access network (one or several additional PDN connections may or may not be established after the attachment, UE or ePDG or non-3GPP connection)
  • Incoming network initiates de-attach/PDN connection release stream Cheng.
  • the "PDN connection release" means that the UE has multiple PDN connections, and one or several PDN connections need to be disconnected, but the UE also maintains the remaining PDN connections, so the UE does not attach from the network side. .
  • the ePDG sends a P-GW identity update message to the HSS/AAA.
  • the HSS/AAA After receiving the message, the HSS/AAA deletes the P-GW identity, as shown in FIG. Figure 4 shows a non-roaming scenario.
  • the roaming scenario differs from that of Figure 4 in that: the interaction between the P-GW and the hPCRF is transferred through the vPCRF of the visited network; the interaction between the ePDG and the home HSS/AAA is through the AAA Proxy of the visited network. Transferred. The difference here does not affect the invention.
  • Step 401 The user (UE) or the non-3GPP access network or the ePDG initiates a detach operation, triggering the release of the IKEv2 tunnel.
  • Step 402 In this embodiment, the ePDG sends a P-GW identifier update message to the HSS/AAA through the SWm interface, requesting the HSS/AAA to delete the P-GW identifier, and the HSS/AAA is triggered to delete the P-GW identifier.
  • the trigger condition of step 402 or the execution timing may be any one of the following: Condition 1 : Triggered by step 401, that is, step 402 occurs after step 401, as shown in FIG. 4;
  • Condition 2 triggered by step 405, that is, step 402 occurs after step 405, which is not disclosed in FIG. 4;
  • Condition 3 Triggered by step 406, step 402 occurs after step 406, which is not disclosed in FIG.
  • the ePDG will resend the P-GW identity update to the HSS/AAA ( Store) request, request HSS/AAA to re-store the P-GW Step 403:
  • the ePDG sends a "GTP: Delete Session Request" message to the selected P-GW to request to tear down the GTP tunnel.
  • the ePDG and the P-GW are tunneled by using the GTP protocol, as mentioned in the description of FIG. 1:
  • the tunnel can also be established by using the PMIPv6 protocol between the ePDG and the P-GW.
  • Step 404 If the PCC technology is used in the network to uniformly manage resources and charging, the P-GW terminates the IP-CAN session with the PCRF.
  • Step 405 In response to the request signaling in step 403, the P-GW sends a "GTP: Delete Session Reply" message to the ePDG, informing the ePDG to release the GTP tunnel.
  • the message replied in step 405 is a PBA message.
  • Step 406 The non-3GPP access network releases the resource by using an existing resource release operation step.
  • Method Embodiment 3 The PDN connection release/resource deactivation process initiated by the P-GW/PCRF deleted by the P-GW identifier.
  • the terminal attaches to the EPS core network through the untrusted non-3GPP access network
  • one or more additional PDN connections are established, and the PCRF or P-GW initiates the process of resource deactivation/PDN connection release.
  • the ePDG sends a P-GW identity update message to the HSS/AAA.
  • the HSS/AAA deletes the P-GW identity, as shown in FIG. 5.
  • Figure 5 shows a non-roaming scenario.
  • the roaming scenario differs from that of Figure 5 in that: the interaction between the P-GW and the hPCRF is transferred through the vPCRF of the visited network; the interaction between the ePDG and the home HSS/AAA is through the AAA Proxy of the visited network. Transferred. The difference here does not affect the invention.
  • the process shown in Figure 5 includes the following steps:
  • Step 501 The PCRF initiates an termination/modification operation of the IP-CAN session, and notifies the P-GW to delete a PDN connection/deactivate resource of a PDN connection.
  • this step is an optional step.
  • Step 502 The P-GW sends a "GTP: Delete Bearer Request" message to the ePDG, requesting to remove the related bearer.
  • the ePDG and the P-GW are tunneled using the GTP protocol, as mentioned in the description of Figure 1:
  • the tunnel can also be established between the ePDG and the P-GW using the PMIPv6 protocol, when using PMIPv6.
  • the message used to delete the bearer request in step 502 is a Binding Revocation Indication (BRI) message.
  • BBI Binding Revocation Indication
  • Step 503 The non-3GPP access network releases the related resources. If all the resources connected to the PDN are triggered to be released, the IKEv2 tunnel release between the UE and the ePDG is also triggered to be released.
  • Step 504 When the resource is deactivated and the PDN connection is released, the ePDG sends a P-GW identity update message to the HSS/AAA through the SWm interface, requesting the HSS/AAA to delete the P-GW identifier, and the HSS/AAA is triggered. P-GW logo.
  • the triggering condition of step 504 or the timing of execution may be any of the following: Condition 1 : triggered by step 502, ie step 504 occurs after step 502, which is not disclosed in FIG. 5;
  • Condition 2 Triggered by step 503, that is, step 504 occurs after step 503, as shown in FIG.
  • the ePDG sends the P-GW identity to the HSS/AAA again. Update (storage) the request, requesting the HSS/AAA to re-store the P-GW identity.
  • Step 505 In response to the 502 step request signaling, the ePDG sends "GTP:" to the P-GW: Delete bearer reply" message.
  • the message used to delete the bearer response in step 505 is a Binding Revocation Ack (BRA) message.
  • BRA Binding Revocation Ack
  • Step 506 The IP-CAN session terminates/modifies the response.
  • the present invention further provides a system for reporting a gateway identity, the system includes an ePDG and an HSS/AAA; wherein the ePDG is used to report the P-GW identity to the HSS/AAA; and the HSS/AAA is configured to receive the ePDG report. P-GW logo.
  • the ePDG is further configured to report the P-GW identity update message to the HSS/AAA when the user initiates the attach/PDN connection establishment, and request the HSS/AAA to store the P-GW identity; wherein, P The GW identity update message carries the P-GW identity.
  • the HSS/AAA is further configured to store the P-GW identity after receiving the P-GW identity.
  • the ePDG is further configured to perform a user access authentication operation when the user switches to the access network where the ePDG is located, and request to obtain the P- stored by the HSS/AAA before the handover from the HSS/AAA.
  • GW logo the logo.
  • the ePDG further reports the P-GW identity update message to the HSS/AAA when the user detaches/PDN connection is released, and requests the HSS/AAA to delete the stored P-GW identity.
  • the HSS/AAA is further configured to delete the P-GW identifier stored in the HSS/AAA after receiving the P-GW identifier update message.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明公开了一种网关标识上报的方法及系统。方法包括:ePDG上报P-GW标识给HSS/AAA。采用本发明能在3GPP接入和非3GPP接入的不同场景下统一操作流程和简化操作。

Description

一种网关标识上报的方法及系统 技术领域
本发明涉及演进的分组系统, 尤其涉及一种通信网络中网关标识上才艮 的方法及系统。 背景技术
第三代合作伙伴计划 ( 3GPP, 3rd Generation Partnership Project )演进 的分组系统(EPS , Evolved Packet System )如图 1所示, 由演进的通用移 动通信系统陆地无线接入网(E-UTRAN, Evolved Universal Terrestrial Radio Access Network )、 移动管理单元(MME, Mobility Management Entity )、 月良 务网关( S-GW , Serving Gateway )、 分组数据网络网关( P-GW或称为 PDN GW, Packet Data Network Gateway )、归属用户服务器( HSS, Home Subscriber Server )、 3GPP认证授权计费服务器( AAA ) , 策略和计费规则功能( PCRF, Policy and Charging Rules Function ) 实体及其他支撑节点组成。 其中 MME 负责移动性管理、 非接入层信令的处理、 用户的移动管理上下文的管理等 控制面相关工作; S-GW是与 E-UTRAN相连的接入网关设备,在 E-UTRAN 和 P-GW之间转发数据, 并且负责对寻呼等待数据进行緩存。 P-GW则是 3GPP EPS与分组数据网 ( PDN, Packet Data Network ) 的边界网关, 负责 PDN的接入、在 EPS与 PDN间转发数据等功能。 MME与 HSS之间为 S6a 接口, 该接口用于用户接入认证、 签约信息获取以及上下文存储等操作。
用户设备 (UE ) 除了可以通过 3GPP 定义的接入网 (例如上述的
E-UTRAN )接入到 EPS的 P-GW夕卜, 还可以通过非 3GPP接入网接入, 也 就是说 P-GW是 3GPP接入与非 3GPP接入的共用网关, 是 UE在网间切换 的锚点。 非 3GPP接入网可以分为可信任非 3GPP接入和不可信任非 3GPP 接入, 当不可信任非 3GPP接入时, 必须通过网元——演进的分组数据网关 ( ePDG, Evolved Packet Data Gateway )转接到 P-GW,其中 ePDG和 P-GW 的接口称作 S2b接口, 该接口可以釆用的协议包括代理移动 IP 版本 6 ( ΡΜΙΡνό, Proxy Mobile IP version 6 )协议、 或者通用分组无线服务隧道 协议 ( GTP, General Packet Radio Service Tunnel Protocol )。 P-GW和 AAA 服务器( Server ) /AAA代理( Proxy )之间为 S6b接口, 该 S6b接口用于 P-GW 从 AAA/AAA Proxy 处获取上下文信息等操作; ePDG 和 AAA Server/AAA Proxy之间为 SWm接口,该接口用于用户接入认证及其他操作。
根据现有技术, 终端无论通过 3GPP接入网 (如 EUTRAN )或者是不 可信任的非 3GPP接入网接入到 EPS,终端都会首先通过附着操作建立一个 PDN 连接, 该 PDN 连接称作默认 PDN 连接, 之后还可能建立附加 ( Additional ) 的 PDN连接。 每一个 PDN连接, 终端都获取一个或一对互 联网协议第四版(IPv4 ) /互联网协议第六版(IPv6 )地址, 终端通过获取 的 IP地址拜访特定的 PDN。以终端通过不可信任的非 3GPP接入 EPS为例 , 下面用流程来说明附着 /PDN连接的建立操作, 如图 2所示, 该流程包括以 下步骤:
步骤 201 : 用户 (UE )接入认证和授权。
这里, ePDG、 3GPP HSS/AAA完成对 UE的认证, UE和 ePDG之间建 立 IPsec隧道, 该隧道用于保护 UE和 ePDG之间的信令和数据。
这里需要指出的是: 在步骤 201之前, UE已经通过不可信任非 3GPP 接入网的现有步骤完成了非 3GPP接入网的接入操作。
步骤 202: ePDG向 P-GW发送 "GTP: 创建会话请求" 消息, 请求建 立 GTP隧道。
这里, 图 2中, ePDG和 P-GW之间是釆用 GTP建立隧道的, 如针对 图 1描述中所提到的: ePDG和 P-GW之间也可以釆用 PMIPv6协议建立隧 道, 当釆用 PMIPv6协议时, 步骤 202用于创建会话请求的消息是代理绑定 更新 (PBU, ΡΜΙΡνό Binding Update ) 消息。
步骤 203:如果网络中釆用了策略和计费控制( PCC, Policy and Charging Control )技术来统一管理资源和计费, 则 P-GW会与 PCRF建立 IP-CAN 会话, 并从 PCRF处获取 PCC策略。
步骤 204: P-GW向 3GPP HSS/AAA上报 P-GW标识更新消息。
这里, 该 P-GW标识更新消息中携带该 PDN连接对应的 "APN+P-GW 标识", HSS/AAA存储 APN+P-GW标识。 本文中的所述 "APN+P-GW标 识" 表示: APN和 P-GW标识是成对绑定存储于 HSS/AAA中的, 也可以 理解为选定的 P-GW标识和 APN对应存储于 HSS/AAA中, 不作赘述。
步骤 205:作为对步骤 202请求信令的响应, P-GW向 ePDG发送" GTP: 创建会话应答" 消息, 通知 ePDG GTP隧道建立成功。
这里 , 当 ePDG和 P-GW之间釆用 PMIPv6协议建立隧道时 , 步骤 205 应答的消息是代理绑定确认(PBA, ΡΜΙΡνό Binding Ack ) 消息。
步骤 206: UE与 ePDG之间的网际协议安全( IPsec ) 隧道建立完成。 步骤 207: 在 P-GW接受 ePDG的隧道建立请求后, P-GW为 UE分配 了 IP地址, 并通过步骤 205的消息携带给了 ePDG。 在本步骤 207, ePDG 通过互联网密钥交换版本 2 ( IKEv2, Internet Key Exchange version 2 )消息 把 IP地址带给 UE。
用户附着完成。 当完成附着后, UE如果想建立附加的 PDN连接, 则 可以再次执行上述步骤 201~207 , 以建立第二、 第三 ... ...等附加的 PDN连 接。
综上所述, UE可以建立一个或者多个 PDN连接, 拜访不同的 PDN。 但是拜访不同的 PDN时, EPS核心网( EPC, Evolved Packet Core network ) 选择的 P-GW是不同的, 也就是说, 在建立 PDN连接的过程中, ePDG要 根据 UE发送上来的接入点名( APN, Access Point Name )、或者由 HSS/AAA 返回的 APN, 选择不同的 P-GW (选择机制为现有技术), 这样在执行图 2 中的步骤 202时, ePDG将隧道绑定消息发向该选定的 P-GW。 一旦选定该 P-GW, 该 P-GW的标识和该 APN需要对应存储在 HSS/AAA中, 即为: 在 图 2中, 通过步骤 204来实现 APN+P-GW标识的在 HSS/AAA的存储。 其 中, 存储 APN+P-GW标识的目的是: 为了切换过程中保持 P-GW不改变。 举例来说,当 UE由非 3GPP接入网切换到 EUTRAN接入后,因为 EUTRAN 接入网不知道 UE在非 3GPP接入时选择的是哪个 P-GW, 所以 EUTRAN 接入不知道该与哪个 P-GW建立隧道绑定关系。这就需要 UE在通过非 3GPP 初始接入时, 把选定的 P-GW标识和 APN的对应关系存储到 HSS/AAA, 当 UE切换到 EUTRAN接入后, EUTRAN接入通过用户的接入鉴权操作从 HSS/AAA处获取到存储的 APN+P-GW标识信息,这样 EUTRAN就知道和 该 P-GW 建立隧道绑定关系, 从而保证切换前后选择的 P-GW是同一个 P-GW, 保证了切换过程中锚点网关 P-GW的不变, 保证了业务的连续性。
分析上述图 2的流程, 非 3GPP接入时, APN+P-GW标识的存储, 是 通过 S6b接口由 P-GW上报给 HSS/AAA的。 与 UE通过 EUTRAN接入的 操作不同, EUTRAN接入时 P-GW无需执行该操作, APN+P-GW标识的存 储是由其他网元, 比如 MME上报给 HSS/AAA的。 也就是说, 在 3GPP接 入和非 3GPP接入的不同场景下,对 P-GW的行为提出了不同的要求,在上 报 APN+P-GW标识给 HSS/AAA存储时, 釆用不同的网元执行上报, 从而 使得操作流程显得混乱、 不统一, 目前迫切需要一种网关标识上报方案, 能统一操作流程和简化操作。 发明内容
有鉴于此, 本发明的主要目的在于提供一种网关标识上报的方法及系 统,能在 3GPP接入和非 3GPP接入的不同场景下统一操作流程和简化操作。 为达到上述目的, 本发明的技术方案是这样实现的:
一种网关标识上 ^艮的方法, 该方法包括:
演进的分组数据网关 (ePDG )上报分组数据网络网关 (P-GW )标识 给归属用户服务器 (HSS ) /认证授权计费服务器 (AAA )。
其中, 用户初始附着 /分组数据网 (PDN )连接建立时, 该方法还包括: 所述 ePDG上报 P-GW标识更新消息给所述 HSS/AAA,所述 HSS/AAA 收到 P-GW标识后存储所述 P-GW标识; 其中, 所述 P-GW标识更新消息 中携带有所述 P—GW标识。
其中, 触发所述 ePDG上报的条件包括以下任意一种:
条件 1 : 发起用户设备(UE )接入认证和授权、 UE接入认证和授权过 程中、或 UE接入认证和授权完成后, 所述 ePDG上艮所述 P-GW标识更新 消息;
条件 2: 发起 P-GW通知 ePDG通用分组无线服务隧道协议( GTP )隧 道建立、 P-GW通知 ePDG GTP隧道建立过程中、或 P-GW通知 ePDG GTP 隧道建立完成后, 所述 ePDG上报所述 P-GW标识更新消息;
条件 3:发起 UE与所述 ePDG之间的网际协议安全( IPsec )隧道建立、 UE与所述 ePDG之间的 IPsec隧道建立过程中、 或 UE与所述 ePDG之间 的 IPsec隧道建立完成后, 所述 ePDG上^艮所述 P-GW标识更新消息。
其中, 用户向所述 ePDG所在的接入网切换时, 该方法还包括: 所述 ePDG执行用户接入认证操作时, 请求从所述 HSS/AAA 处获取切换之前 HSS/AAA所存储的 P-GW标识。
其中, 用户去附着 /PDN连接释放时, 该方法还包括: 所述 ePDG上报 P-GW标识更新消息给所述 HSS/AAA, 所述 HSS/AAA收到 P-GW标识更 新消息后, 删除所存储的 P-GW标识。
其中,由 UE/非 3GPP接入网 /ePDG发起所述去附着时,触发所述 ePDG 上报的条件包括以下任意一种:
条件 1 : 发起互联网密钥交换版本 2 ( IKEv2 ) 隧道的释放、 IKEv2隧 道的释放过程中、 或 KEv2隧道的释放完成后, 所述 ePDG上^艮所述 P-GW 标识更新消息;
条件 2:发起 P-GW通知 ePDG释放 GTP隧道、 P-GW通知 ePDG释放 GTP隧道过程中、 或 P-GW通知 ePDG释放 GTP隧道完成后 , 所述 ePDG 上才艮所述 P-GW标识更新消息;
条件 3: 发起非 3GPP接入网通过现有的资源释放操作释放资源、 非 3GPP接入网通过现有的资源释放操作释放资源过程中、 或非 3GPP接入网 通过现有的资源释放操作释放资源完成后, 所述 ePDG上报所述 P-GW标 识更新消息。
其中,所述 P-GW标识更新消息包括: P-GW标识存储请求消息、 P-GW 标识获取请求消息、 或 P-GW标识删除请求消息。
一种网关标识上 4艮的系统, 该系统包括 ePDG和 HSS/AAA; 其中, ePDG, 用于上报 P-GW标识给 HSS/AAA;
HSS/AAA, 用于接收 ePDG上报的 P-GW标识。
其中, 所述 ePDG, 进一步用于在用户初始附着 /PDN连接建立时, 上 报 P-GW标识更新消息给所述 HSS/AAA ,所述 P-GW标识更新消息中携带 有 P-GW标识;
其中, 所述 HSS/AAA, 进一步用于在收到所述 P-GW标识后存储所述 P-GW标识。
其中,所述 ePDG,进一步用于用户切换到所述 ePDG所在的接入网时, 执行用户接入认证操作, 请求从所述 HSS/AAA处获取切换之前 HSS/AAA 所存储的 P-GW标识。
其中,所述 ePDG,进一步用于用户去附着 /PDN连接释放时,上报 P-GW 标识更新消息给所述 HSS/AAA;
所述 HSS/AAA, 进一步用于在收到 P-GW 标识更新消息后, 删除 HSS/AAA所存储的 P-GW标识。
现有技术中, 3GPP接入时, P-GW标识由 MME上报给 HSS/AAA; 非 3GPP接入时, P-GW标识由 P-GW上报给 HSS/AAA, 从流程和网元功能 上来说, MME和 P-GW不具备统一性。 本发明中, 非 3GPP接入时, P-GW 标识统一由 ePDG上报给 HSS/AAA, 由于 ePDG和 MME在终端接入过程 中具有相似的功能,所以本发明在 3GPP接入和非 3GPP接入的不同场景下 统一了操作流程和简化了操作。 附图说明
图 1为现有技术中不可信任非 3GPP接入网接入 EPS的示意图; 图 2为现有技术中 P-GW标识存储的附着流程示意图;
图 3为本发明方法实施例一的实现流程示意图;
图 4为本发明方法实施例二的实现流程示意图;
图 5为本发明方法实施例三的实现流程示意图。 具体实施方式
本发明的基本思想是: ePDG上报 P-GW标识给 HSS/AAA。
下面结合附图对技术方案的实施作进一步的详细描述。
本发明的方案适用于非 3GPP接入的场景,由 ePDG上报 P-GW标识给 HSS/AAA。 后续 HSS/AAA存储收到的 P-GW标识、 ePDG从 HSS/AAA获 取存储的 P-GW标识、 或者在 ePDG的请求下, HSS/AAA会删除所存储的 P-GW标识。
一种网关标识上 ^的方法, 该方法主要包括以下内容:
统一由 ePDG上报 P-GW标识给 HSS/AAA。 进一步地, 用户初始附着 /PDN连接建立时, ePDG可以通过 SWm接 口上报 P-GW标识更新消息给 HSS/AAA, 向 HSS/AAA请求存储 P-GW标 识, HSS/AAA可以在该 PDN连接生命期存储收到的该 P-GW标识。 其中, P-GW标识更新消息中携带有该 P-GW标识。
进一步地, 用户切换时, ePDG通过用户接入认证操作, 从 HSS/AAA 处获取切换前 HSS/AAA存储的 P-GW标识。
进一步地, 用户去附着 /PDN连接释放时, ePDG向 HSS/AAA请求删 除 P-GW标识, HSS/AAA删除 P-GW标识。
这里需要指出的是: P-GW因为切换原因发起的 PDN连接删除 /资源去 活时, ePDG不向 HSS/AAA请求删除 P-GW标识。
以下对本发明进行举例阐述。
说明: 以下实施例中, 所用到的 "P-GW标识更新消息"是一个概括性 的消息名称, 具体可以包括: P-GW标识存储请求消息、 P-GW标识获取请 求消息、 或 P-GW标识删除请求消息。 消息可以是由 Diameter信令携带特 殊的指示承担,只要 HSS/AAA能够解析该消息携带的参数并能按消息指示 的操作 (存储 /删除 /获取 P-GW标识)执行即可, 消息名称不做具体限定。
方法实施例一: P-GW标识存储的附着 /PDN连接建立流程。
本实施例是根据本发明, 终端通过不可信任非 3GPP接入网, 附着到 EPS核心网的流程; 或者, 附着之后, 又建立附加 PDN连接的流程, 在附 着 /PDN连接建立过程中, ePDG向 HSS/AAA发送 P-GW标识更新消息, 该消息中携带有 P-GW标识, HSS/AAA存储该 P-GW标识, 如图 3所示。 图 3给出的是非漫游场景, 漫游场景与图 3的不同在于: P-GW与归属地的 策略和计费规则功能 ( hPCRF ) 的交互是通过拜访网络的拜访地的策略和 计费规则功能 (vPCRF )转接的; ePDG和家乡 HSS/AAA的交互是通过拜 访网络的 AAA Proxy转接的。 此处不同不影响本发明。 图 3所示的流程包括以下步骤:
步骤 301 : 用户 (UE )接入认证和授权。
这里, ePDG、 3GPP HSS/AAA完成对 UE的认证, UE和 ePDG之间建 立 IPsec隧道, 该隧道用于保护 UE和 ePDG之间的信令和数据。
这里需要指出的是: 在步骤 301之前, UE已经通过不可信任非 3GPP 接入网的现有步骤完成了到非 3GPP接入网的接入操作。
步骤 302: 在 IPsec隧道建立过程中, UE会将 APN携带给 ePDG、 或 者在鉴权时, AAA会将签约的 APN下发给 ePDG。 ePDG根据该 APN, 通 过现有机制 (如 DNS查询等), 选择建立该 PDN连接需要接入的 P-GW。 ePDG 通过 SWm接口向 HSS/AAA 发送 P-GW 标识更新消息, 请求 HSS/AAA存储该 P-GW标识。
步骤 302的 P-GW标识更新消息触发条件或称为执行时机可以是如下 所示的任意一种:
条件 1 : 受步骤 301触发, 即步骤 302发生在步骤 301之后, 如图 3中 所示;
条件 2: 受步骤 305触发, 即步骤 302发生在步骤 305之后, 图 3中未 揭示;
条件 3: 受步骤 306触发, 即步骤 302发生在步骤 306之后, 图 3中未 揭示。
当然作为失败异常的处理, 如果是在步骤 301和步骤 305之后执行了
P-GW标识更新,而后续的附着 /PDN连接建立失败了, ePDG会向 HSS/AAA 发送 P-GW标识更新请求, 请求 HSS/AAA删除已经存储过的 P-GW标识。
因为不同的 APN标识了不同的 PDN, 而不同的 PDN需要通过不同的 P-GW接入(某些场景下可能会是相同的 P-GW ),所以 ePDG在向 HSS/AAA 发送 P-GW标识更新消息时, APN与 P-GW标识是成对发送的, HSS/AAA 存储该消息也是成对存储的。
步骤 303: ePDG向选定的 P-GW发送 "GTP: 创建会话请求" 消息, 请求建立 GTP隧道。
这里, 图 3中 ePDG和 P-GW之间是釆用 GTP协议建立隧道的, 如针 对图 1描述中所提到的: ePDG和 P-GW之间也可以釆用 PMIPv6协议建立 隧道, 当釆用 PMIPv6协议时, 步骤 303用于创建会话请求的消息是 PBU 消息。
步骤 304: 如果网络中釆用了 PCC技术来统一管理资源和计费, P-GW 会与 PCRF建立 IP-CAN会话, 并从 PCRF处获取 PCC策略。
步骤 305:作为对步骤 303请求信令的响应, P-GW向 ePDG发送" GTP: 创建会话应答" 消息, 通知 ePDG GTP隧道建立成功。
这里 , 当 ePDG和 P-GW之间釆用 PMIPv6协议建立隧道时 , 步骤 305 应答的消息是 PBA消息。
步骤 306: UE与 ePDG之间的 IPsec隧道建立完成。
步骤 307: 在 P-GW接受 ePDG的隧道建立请求后, P-GW为 UE分配 了 IP地址, 并通过步骤 305的消息携带给了 ePDG。 在本步骤 307, ePDG 通过 IKEv2消息把 IP地址带给 UE。
用户附着完成。 同样, 当用户完成附着后, 如果需要建立附加的 PDN 连接, 则可以再次执行上述步骤 301~307, 以建立第二、 第三 ... ...等附加的 PDN连接。
方法实施例二: P-GW标识删除的 UE/ePDG/非 3GPP接入网发起的 PDN 连接释放 /去附着流程。
本实施例是根据本发明,终端通过不可信任非 3GPP接入网附着到 EPS 核心网之后(附着之后可能又建立了一个或者几个附加 PDN连接, 也可能 没有), UE或者 ePDG或者非 3GPP接入网发起去附着 /PDN连接释放的流 程。 其中 "PDN连接释放" 是指 UE在拥有多个 PDN连接的前提下, 其中 的一个或者几个 PDN连接需要断开,但 UE还维护着剩余的 PDN连接, 因 此 UE并没有从网络侧去附着。 在去附着 /PDN连接释放过程中, ePDG向 HSS/AAA发送 P-GW标识更新消息, HSS/AAA收到该消息后,删除该 P-GW 标识, 如图 4所示。 图 4给出的是非漫游场景, 漫游场景与图 4的不同在 于: P-GW与 hPCRF的交互是通过拜访网络的 vPCRF转接的; ePDG和家 乡 HSS/AAA的交互是通过拜访网络的 AAA Proxy转接的。 此处不同不影 响本发明。
图 4所示的流程包括以下步骤:
步骤 401 :用户(UE )或者非 3GPP接入网或者 ePDG发起去附着操作, 触发 IKEv2隧道的释放。
步骤 402:在本实施例中 , ePDG通过 SWm接口向 HSS/AAA发送 P-GW 标识更新消息, 请求 HSS/AAA删除该 P-GW标识, HSS/AAA受到触发, 删除该 P-GW标识。
步骤 402的触发条件或称为执行时机可以是如下所示的任意一种: 条件 1 : 受步骤 401步触发, 即步骤 402发生在步骤 401之后, 如图 4 中所示;
条件 2: 受步骤 405步触发, 即步骤 402发生在步骤 405之后, 图 4中 未揭示;
条件 3: 受步骤 406步触发, 即步骤 402发生在步骤 406之后, 图 4中 未揭示。
当然作为失败异常的处理, 如果是在步骤 401和步骤 405之后执行了 P-GW标识更新(删除),而后续的去附着操作失败了, ePDG会向 HSS/AAA 再次发送 P-GW标识更新(存储)请求, 请求 HSS/AAA重新存储该 P-GW 步骤 403: ePDG向选定的 P-GW发送 "GTP: 删除会话请求" 消息, 请求拆除 GTP隧道。
这里, 图 4中 ePDG和 P-GW之间是釆用 GTP协议建立隧道的, 如针 对图 1描述中所提到的: ePDG和 P-GW之间也可以釆用 PMIPv6协议建立 隧道, 当釆用 PMIPv6协议时,步骤 402的消息是用于创建会话请求的 PBU 消息, 且生命期置零, 具体为 "PMIPv6 Binding Update ( lifetime=0 )"。
步骤 404: 如果网络中釆用了 PCC技术来统一管理资源和计费, P-GW 会与 PCRF终止 IP-CAN会话。
步骤 405:作为对步骤 403请求信令的响应, P-GW向 ePDG发送" GTP: 删除会话应答" 消息, 通知 ePDG释放 GTP隧道。
这里 , 当 ePDG和 P-GW之间釆用 PMIPv6协议建立隧道时 , 步骤 405 应答的消息是 PBA消息。
步骤 406: 非 3GPP接入网通过现有资源释放操作步骤释放资源。
以上操作为去附着, 同样, 当用户发起的是 PDN连接释放时, 步骤类 似上述步骤 401~406。
方法实施例三: P-GW标识删除的 P-GW/PCRF发起的 PDN连接释放 / 资源去激活流程。
本实施例是根据本发明,终端通过不可信任非 3GPP接入网附着到 EPS 核心网之后, 又建立了一个或者几个附加 PDN连接, PCRF或者 P-GW发 起资源去激活 /PDN连接释放的流程。 在资源去激活 /PDN连接释放过程中, ePDG向 HSS/AAA发送 P-GW标识更新消息, HSS/AAA收到该消息后, 删除该 P-GW标识, 如图 5所示。 图 5给出的是非漫游场景, 漫游场景与 图 5的不同在于: P-GW与 hPCRF的交互是通过拜访网络的 vPCRF转接的; ePDG和家乡 HSS/AAA的交互是通过拜访网络的 AAA Proxy转接的。此处 不同不影响本发明。 图 5所示的流程包括以下步骤:
步骤 501 : PCRF发起 IP-CAN会话的终止 /修改操作, 通知 P-GW删除 某个 PDN连接 /去活某个 PDN连接的资源。
这里, 本步骤是可选步骤。
步骤 502: P-GW向 ePDG发送 "GTP: 删除承载请求" 消息, 请求拆 除相关的承载。
图 5中 ePDG和 P-GW之间是釆用 GTP协议建立隧道的, 如针对图 1 描述中所提到的: ePDG和 P-GW之间也可以釆用 PMIPv6协议建立隧道, 当釆用 PMIPv6协议时,步骤 502用于删除承载请求的消息是绑定撤除指示 ( BRI, Binding Revocation Indication ) 消息。
步骤 503: 非 3GPP接入网释放相关资源, 如果该 PDN连接的所有资 源都被触发释放了 , UE和 ePDG之间的 IKEv2隧道释放也会被触发释放。
步骤 504: 当资源去激活导致该 PDN连接释放时, ePDG会通过 SWm 接口向 HSS/AAA发送 P-GW标识更新消息, 请求 HSS/AAA删除该 P-GW 标识, HSS/AAA受到触发, 删除该 P-GW标识。
步骤 504的触发条件或称为执行时机可以是如下所示的任意一种: 条件 1 : 受步骤 502触发, 即步骤 504发生在步骤 502之后, 图 5中未 揭示;
条件 2: 受步骤 503触发, 即步骤 504发生在步骤 503之后, 如图 5中 所示。
当然作为失败异常的处理, 如果是在步骤 502之后执行了 P-GW标识 更新(删除), 而后续的资源去激活 /PDN连接释放操作失败了, ePDG会向 HSS/AAA再次发送 P-GW标识更新 (存储)请求, 请求 HSS/AAA重新存 储该 P-GW标识。
步骤 505:作为对 502步请求信令的响应, ePDG向 P-GW发送 "GTP: 删除承载应答" 消息。
这里 , 当 ePDG和 P-GW之间釆用 PMIPv6协议建立隧道时 , 步骤 505 用于删除承载应答的消息是绑定撤除确认( BRA, Binding Revocation Ack ) 消息。
步骤 506: IP-CAN会话终止 /修改响应。
为实现上述方法, 本发明还提供一种网关标识上报的系统, 该系统包 括 ePDG和 HSS/AAA; 其中, ePDG用于上报 P-GW标识给 HSS/AAA; HSS/AAA, 用于接收 ePDG上报的 P-GW标识。
这里,请求存储 P-GW标识情况下, ePDG进一步用于在用户初始附着 /PDN连接建立时, 上报 P-GW标识更新消息给 HSS/AAA, 请求 HSS/AAA 存储 P-GW标识; 其中, P-GW标识更新消息中携带有 P-GW标识。
HSS/AAA进一步用于在收到 P-GW标识后, 存储 P-GW标识。
这里,请求获取 P-GW标识情况下, ePDG进一步用于用户切换到 ePDG 所在的接入网时,执行用户接入认证操作,请求从 HSS/AAA处获取切换之 前 HSS/AAA所存储的 P-GW标识。
这里,请求删除 P-GW标识情况下, ePDG进一步用于用户去附着 /PDN 连接释放时, 上报 P-GW标识更新消息给 HSS/AAA, 请求 HSS/AAA删除 所存储的 P-GW标识。
HSS/AAA进一步用于在收到 P-GW标识更新消息后, 删除 HSS/AAA 所存储的 P-GW标识。
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。

Claims

权利要求书
1、 一种网关标识上 ^的方法, 其特征在于, 该方法包括:
演进的分组数据网关 (ePDG )上报分组数据网络网关 (P-GW )标识 给归属用户服务器 (HSS ) /认证授权计费服务器 (AAA )。
2、 根据权利要求 1所述的方法, 其特征在于, 用户初始附着 /分组数据 网 (PDN )连接建立时, 该方法还包括:
所述 ePDG上报 P-GW标识更新消息给所述 HSS/AAA,所述 HSS/AAA 收到 P-GW标识后存储所述 P-GW标识; 其中, 所述 P-GW标识更新消息 中携带有所述 P—GW标识。
3、 根据权利要求 2所述的方法, 其特征在于, 触发所述 ePDG上报的 条件包括以下任意一种:
条件 1: 发起用户设备( UE )接入认证和授权、 UE接入认证和授权过 程中、或 UE接入认证和授权完成后, 所述 ePDG上艮所述 P-GW标识更新 消息;
条件 2: 发起 P-GW通知 ePDG通用分组无线服务隧道协议 ( GTP )隧 道建立、 P-GW通知 ePDG GTP隧道建立过程中、或 P-GW通知 ePDG GTP 隧道建立完成后, 所述 ePDG上"¾所述 P-GW标识更新消息;
条件 3:发起 UE与所述 ePDG之间的网际协议安全( IPsec )隧道建立、 UE与所述 ePDG之间的 IPsec隧道建立过程中、 或 UE与所述 ePDG之间 的 IPsec隧道建立完成后, 所述 ePDG上^艮所述 P-GW标识更新消息。
4、 根据权利要求 1所述的方法, 其特征在于, 用户向所述 ePDG所在 的接入网切换时, 该方法还包括: 所述 ePDG执行用户接入认证操作时, 请求从所述 HSS/AAA处获取切换之前 HSS/AAA所存储的 P-GW标识。
5、 根据权利要求 1所述的方法, 其特征在于, 用户去附着 /PDN连接 释放时, 该方法还包括: 所述 ePDG 上^艮 P-GW 标识更新消息给所述 HSS/AAA,所述 HSS/AAA收到 P-GW标识更新消息后,删除所存储的 P-GW 标识。
6、 根据权利要求 5所述的方法, 其特征在于, 由 UE/非 3GPP接入网 /ePDG发起所述去附着时, 触发所述 ePDG上报的条件包括以下任意一种: 条件 1 : 发起互联网密钥交换版本 2 ( IKEv2 ) 隧道的释放、 IKEv2隧 道的释放过程中、 或 KEv2隧道的释放完成后, 所述 ePDG上^艮所述 P-GW 标识更新消息;
条件 2:发起 P-GW通知 ePDG释放 GTP隧道、 P-GW通知 ePDG释放 GTP隧道过程中、 或 P-GW通知 ePDG释放 GTP隧道完成后 , 所述 ePDG 上才艮所述 P-GW标识更新消息;
条件 3: 发起非 3GPP接入网通过现有的资源释放操作释放资源、 非 3GPP接入网通过现有的资源释放操作释放资源过程中、 或非 3GPP接入网 通过现有的资源释放操作释放资源完成后, 所述 ePDG上报所述 P-GW标 识更新消息。
7、 根据权利要求 2、 3、 5或 6所述的方法, 其特征在于, 所述 P-GW 标识更新消息包括: P-GW标识存储请求消息、 P-GW标识获取请求消息、 或 P-GW标识删除请求消息。
8、 一种网关标识上 4艮的系统, 其特征在于, 该系统包括 ePDG 和 HSS/AAA; 其中
ePDG, 用于上报 P-GW标识给 HSS/AAA;
HSS/AAA, 用于接收 ePDG上报的 P-GW标识。
9、 根据权利要求 8所述的系统, 其特征在于, 所述 ePDG, 进一步用 于在用户初始附着 /PDN 连接建立时, 上报 P-GW 标识更新消息给所述 HSS/AAA , 所述 P-GW标识更新消息中携带有 P-GW标识;
所述 HSS/AAA, 进一步用于在收到所述 P-GW标识后存储所述 P-GW 标识。
10、 根据权利要求 8所述的系统, 其特征在于, 所述 ePDG, 进一步用 于用户切换到所述 ePDG所在的接入网时, 执行用户接入认证操作, 请求 从所述 HSS/AAA处获取切换之前 HSS/AAA所存储的 P-GW标识。
11、 根据权利要求 8所述的系统, 其特征在于, 所述 ePDG, 进一步用 于用户去附着 /PDN 连接释放时, 上报 P-GW 标识更新消息给所述 HSS/AAA;
所述 HSS/AAA, 进一步用于在收到 P-GW 标识更新消息后, 删除 HSS/AAA所存储的 P-GW标识。
PCT/CN2011/076149 2010-07-28 2011-06-22 一种网关标识上报的方法及系统 WO2012013103A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010242073.3A CN102348193B (zh) 2010-07-28 2010-07-28 一种网关标识上报的方法及系统
CN201010242073.3 2010-07-28

Publications (1)

Publication Number Publication Date
WO2012013103A1 true WO2012013103A1 (zh) 2012-02-02

Family

ID=45529406

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/076149 WO2012013103A1 (zh) 2010-07-28 2011-06-22 一种网关标识上报的方法及系统

Country Status (2)

Country Link
CN (1) CN102348193B (zh)
WO (1) WO2012013103A1 (zh)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103428684A (zh) * 2012-05-18 2013-12-04 中兴通讯股份有限公司 一种网关地址信息的传递方法及系统

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103458390B (zh) * 2012-06-04 2016-12-14 电信科学技术研究院 一种ip地址传输方法及装置
CN103517252A (zh) * 2012-06-21 2014-01-15 中兴通讯股份有限公司 分组网关标识信息的更新方法、aaa服务器和分组网关
CN103582160B (zh) * 2012-07-25 2019-05-24 中兴通讯股份有限公司 数据传输方法及装置
EP3582531B1 (en) 2017-03-18 2021-02-17 Huawei Technologies Co., Ltd. Network access authentication method based on non-3gpp network, and related device and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101500290A (zh) * 2008-01-28 2009-08-05 大唐移动通信设备有限公司 一种保留分组数据网网关地址信息的方法和系统
WO2010013953A2 (en) * 2008-07-30 2010-02-04 Samsung Electronics Co., Ltd. Method and system for managing core network information
CN101730997A (zh) * 2007-06-26 2010-06-09 法国电信公司 用于将互联网协议地址请求传送至受访服务网关的装置和方法
CN101730072A (zh) * 2009-04-30 2010-06-09 中兴通讯股份有限公司 在多接入场景下分组数据网络网关标识的保存方法及系统

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102695294B (zh) * 2007-05-28 2015-01-21 华为技术有限公司 网络锚点的地址删除方法及通信系统
EP2166724A1 (en) * 2008-09-23 2010-03-24 Panasonic Corporation Optimization of handovers to untrusted non-3GPP networks

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101730997A (zh) * 2007-06-26 2010-06-09 法国电信公司 用于将互联网协议地址请求传送至受访服务网关的装置和方法
CN101500290A (zh) * 2008-01-28 2009-08-05 大唐移动通信设备有限公司 一种保留分组数据网网关地址信息的方法和系统
WO2010013953A2 (en) * 2008-07-30 2010-02-04 Samsung Electronics Co., Ltd. Method and system for managing core network information
CN101730072A (zh) * 2009-04-30 2010-06-09 中兴通讯股份有限公司 在多接入场景下分组数据网络网关标识的保存方法及系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103428684A (zh) * 2012-05-18 2013-12-04 中兴通讯股份有限公司 一种网关地址信息的传递方法及系统
CN103428684B (zh) * 2012-05-18 2018-05-18 中兴通讯股份有限公司 一种网关地址信息的传递方法及系统

Also Published As

Publication number Publication date
CN102348193B (zh) 2016-06-15
CN102348193A (zh) 2012-02-08

Similar Documents

Publication Publication Date Title
US8335512B2 (en) Method and device of network resource release processing
CN101431797B (zh) 一种注册处理方法、系统及装置
KR101044685B1 (ko) 리소스를 구축하고 삭제하기 위한 방법 및 네트워크 장비
US8964697B2 (en) Connection management method, connection management system, mobile terminal, packet data gateway and mobile management gateway
JP5964442B2 (ja) Iratハンドオーバ中ipコンテキストのロスを最小化するためのシステムおよび方法
US8855045B2 (en) Method and system for controlling establishment of local IP access
CN101730072B (zh) 在多接入场景下分组数据网络网关标识的保存方法及系统
US8463889B2 (en) Method for provisioning and installing event triggers
JP2013255292A (ja) マルチネットワークアクセス制御の方法、通信システム、および関連するデバイス
WO2014056445A1 (zh) 一种路由转发的方法、系统及控制器
WO2010081329A1 (zh) 业务流迁移过程中对网络资源进行控制的方法和系统
WO2009124436A1 (zh) 一种承载绑定和事件报告功能策略控制的方法及系统
WO2009059544A1 (fr) Procédé, dispositif et système permettant de mettre en œuvre la commutation entre des réseaux
EP2557729A1 (en) Method and system for information transmission
WO2014048397A1 (zh) 通信路径的切换方法、系统及装置
WO2009117879A1 (zh) 一种指示服务网关承载管理的方法
EP2209279B1 (en) Method and system for processing a radio bearer under the idle mode signaling reduction (isr) mechanism
CN103024931A (zh) 一种释放承载资源的方法及设备
WO2013047200A1 (ja) 通信システム、通信方法及び通信プログラム
WO2010069272A1 (zh) 一种网络切换的资源处理方法及装置
CN101909275B (zh) 一种信息同步方法及通讯系统以及相关设备
WO2012013103A1 (zh) 一种网关标识上报的方法及系统
JP6446546B2 (ja) データ処理方法、装置、端末、モビリティ管理エンティティ、およびシステム
CN102572783B (zh) 一种注册处理方法、系统及装置
WO2011044816A1 (zh) 用户设备的监控方法及监控装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11811805

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11811805

Country of ref document: EP

Kind code of ref document: A1