[go: up one dir, main page]

WO2010075735A1 - Procédé de gestion de flux de service, dispositif et système reposant sur une ds-lite - Google Patents

Procédé de gestion de flux de service, dispositif et système reposant sur une ds-lite Download PDF

Info

Publication number
WO2010075735A1
WO2010075735A1 PCT/CN2009/075634 CN2009075634W WO2010075735A1 WO 2010075735 A1 WO2010075735 A1 WO 2010075735A1 CN 2009075634 W CN2009075634 W CN 2009075634W WO 2010075735 A1 WO2010075735 A1 WO 2010075735A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
address
ipv4 address
service
flow management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2009/075634
Other languages
English (en)
Chinese (zh)
Inventor
张伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of WO2010075735A1 publication Critical patent/WO2010075735A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/251Translation of Internet protocol [IP] addresses between different IP versions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/084Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/686Types of network addresses using dual-stack hosts, e.g. in Internet protocol version 4 [IPv4]/Internet protocol version 6 [IPv6] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/04Network layer protocols, e.g. mobile IP [Internet Protocol]
    • H04W80/045Network layer protocols, e.g. mobile IP [Internet Protocol] involving different protocol versions, e.g. MIPv4 and MIPv6

Definitions

  • the present invention claims to be submitted to the Chinese Patent Office on December 30, 2008, and the application number is 200810247597. 4.
  • the invention is entitled "Lightweight Dual Stack Based Service Flow” The priority of the Chinese Patent Application for Management Methods, Apparatus, and Systems, the entire contents of which are incorporated herein by reference.
  • TECHNICAL FIELD The present invention relates to the field of mobile communications technologies, and in particular, to a traffic flow management method, apparatus, and system based on a lightweight dual stack.
  • the lightweight dual stack (DS-Lite) is composed of the Internet Engineering Task Force (Internet Engineering Task Force,
  • the IETF proposes a solution for the shortage of IPv4 addresses in networks where IPv4-IPv6 coexists.
  • DS_Lite technology is used to deploy carrier-level Network Address Translation (NAT) devices on the network side, that is, carrier-grade NAT (carrier-grade).
  • NAT Network Address Translation
  • CGN carrier-grade NAT
  • An IPv6-based tunnel is established between the terminal and the CGN, and the terminal uses the tunnel to transmit an IPv4 data packet to the CGN.
  • the IPv4 address corresponding to the terminal in the IPv4 data packet is a specific non-routable IPv4 address, and the IPv4 address may be all terminals. Shared.
  • the NAT function is executed.
  • the translated IPv4 address is used to interact with the Application Function (AF) function on the IPv4 network.
  • AF Application Function
  • the management of traffic flows in existing wireless communication systems is mainly managed by policies and charging control (PCC) rules.
  • the PCC rule is used to allocate a service flow to an IP Connectivity Access Network (IP CAN) bearer, where one IP CAN session can include multiple IP CAN bearers.
  • IP CAN IP Connectivity Access Network
  • the functional architecture of the PCC rule mainly includes a Polic and Charging Rules Function (PCRF) and a Polic and Charging Enforcement Function (PCEF).
  • PCRF Polic and Charging Rules Function
  • PCEF Polic and Charging Enforcement Function
  • the process of the service flow management is as follows: First, the terminal and the AF exchange application layer signaling to perform negotiation of service parameters including classifier information and quality of service (QoS) parameters; after the negotiation is completed, the AF sends signaling.
  • QoS quality of service
  • the bearer is requested to establish a bearer on the PCRF of the terminal, and the signaling carries the IP address of the terminal for the PCRF to index the IP CAN session corresponding to the terminal, that is, the session binding is performed; and the PCRF then obtains the user subscription information corresponding to the IP CAN session obtained according to the index.
  • the service authorizes the PCC rules, including the authorization of non-basement information, QoS parameters, etc.; the PCRF re-sends the authorized PCC rules and indicates the establishment of the industry.
  • the traffic flow, the modified service flow, or the service flow indicating the service flow is signaled to the PCEF corresponding to the terminal, to trigger a signaling interaction between the ASN and the terminal to create/modify/delete a service flow.
  • the inventor has found that the prior art has at least the following disadvantages: If the DS-Lite technology is adopted, in the process of the service flow management described above, the IPv4 address obtained by the AF is the IPv4 address after the CGN conversion, and is used. The converted IPv4 address cannot be addressed to the PCRF corresponding to the terminal; and even if the PCRF corresponding to the terminal can be addressed, the PCRF cannot correctly address the IP CAN session corresponding to the terminal by using the converted IPv4 address. As a result, the existing PCC system cannot work in the network adopting DS-Lite technology, and thus cannot provide dynamic service flow management for the terminal. Summary of the invention
  • Embodiments of the present invention provide a traffic flow management method, apparatus, and system based on a lightweight dual stack, to provide dynamic service flow management for a terminal by using a PCC system in a network using a lightweight dual stack technology.
  • a lightweight dual-stack-based service flow management method including: receiving an authentication authorization request sent by an application function server AF, where the authentication authorization request carries a first IPv4 address Classifier information, the first IPv4 address is a routable IPv4 address;
  • mapping the first IPv4 address to the public IPv6 address of the terminal according to the mapping relationship between the IPv6 address and the first IPv4 address maintained by the carrier-grade network address translation device CGN, and adding the terminal to the classifier information Public IPv6 address;
  • a carrier-grade network address translation device including: a receiving module, configured to receive an authentication authorization request sent by an application function server AF, where the authentication authorization request carries the first IPv4 The classifier information of the address, where the first IPv4 address is a routable IPv4 address;
  • a first conversion module configured to: after the receiving module receives the authentication request, map the first IPv4 address to the public IPv6 of the terminal according to the mapping relationship between the IPv6 address and the first IPv4 address Address, adding the public IPv6 address of the terminal to the classifier information, and replacing the first IPv4 address in the classifier information with a second IPv4 address, where the second IPv4 address is a non-routable IPv4 of the terminal Address
  • a second conversion module configured to replace the second IPv4 address with the first IPv4 address in the application layer signaling interaction between the terminal and the AF before the receiving module receives the authentication authorization request address
  • a sending module configured to send the authentication authorization request processed by the first conversion module to a policy and charging rule function.
  • an application function server including:
  • a negotiation module configured to perform application layer signaling interaction with the terminal to negotiate a service parameter, where the service parameter includes at least classifier information;
  • An acquiring module configured to acquire a first IPv4 address in the classifier information that is negotiated by the negotiation module, and a sending module, configured to address, according to the first IPv4 address acquired by the acquiring module, a corresponding carrier class
  • the network address translation device CGN sends the authentication authorization request to the CGN.
  • a policy and charging rule function including:
  • a receiving module configured to receive an authentication authorization request sent by a carrier-grade network address translation device, where the authentication authorization request carries classifier information including a second IPv4 address and a public IPv6 address of the terminal, where the second IPv4 address is not available to the terminal.
  • the IPv4 address of the route ;
  • a binding module configured to perform binding of an IP bearer session according to the public IPv6 address of the terminal after the receiving module receives the authentication authorization request;
  • An indexing module configured to: according to the terminal corresponding to the identifier of the IP bearer session bound by the binding module, and find the subscription data information corresponding to the terminal;
  • an authorization module configured to authorize the service according to the authentication authorization request and the subscription data information obtained by the indexing module.
  • a policy and charging execution function including:
  • a receiving module configured to receive, after the policy and charging rule function device PCRF successfully authorizes the service
  • PCC rule sent by the PCRF, where the PCC rule includes at least classifier information
  • the execution triggering module is configured to execute the PCC rule sent by the receiving module, and trigger a service flow management process between the base station and the terminal in the access service network.
  • a policy and a charging execution function including: a first receiving module, configured to: after a base station in the ASN receives a service flow management request sent by the terminal, Receiving a trigger message sent by the base station, where the service flow management request carries classifier information;
  • a sending module configured to send a trust control request to the PCRF after receiving the trigger message sent by the base station, where the trust control request carries the classifier information
  • a second receiving module configured to: after the PCRF requests the authentication control to pass, receive a returning trust control response, where the trust control response carries a PCC rule, where the PCC rule includes at least classifier information;
  • An execution triggering module configured to: after the second receiving module receives the trust control response, execute the PCC rule, and trigger the base station to return a service flow management response to the terminal, to complete the terminal and the The service flow management process between the base stations.
  • a service flow management system based on a lightweight dual-stack including: an application function server AF, configured to send an authentication authorization request, where the authentication authorization request carries the first
  • the classifier information of the IPv4 address where the first IPv4 address is a routable IPv4 address
  • the carrier-grade network address translation device is configured to receive the authentication and authorization request sent by the AF, and map the first IPv4 address to the public IPv6 of the terminal according to the mapping relationship between the IPv6 address and the first IPv4 address.
  • An address adding a public IPv6 address of the terminal to the classifier information, and sending the authentication authorization request according to the public IPv6 address of the terminal;
  • a policy and charging rule function PCRF configured to receive and authorize the authentication authorization request sent by the CGN; and a policy and charging execution function A-PCEF, located in the access service network ASN, for the PCRF pair After the service is authorized, it receives the policy and charging control PCC rules sent by the service, and completes the service flow management process between the ASN and the terminal.
  • FIG. 1A is a schematic structural view of a DS-Lite technology applied to a wireless communication system according to the present invention
  • FIG. 1B is another schematic structural diagram of applying the DS-Lite technology to a wireless communication system according to the present invention
  • FIG. 2 is a schematic diagram of a network structure after a WiMAX network is merged with a PCC framework according to the present invention
  • FIG. 3 is a schematic flowchart of a first embodiment of a service flow management method based on a lightweight dual-stack according to the present invention
  • FIG. 4 is a signaling flowchart of a second embodiment of a service flow management method based on a lightweight dual-stack according to the present invention
  • 5 is a signaling flowchart of a third embodiment of a service flow management method based on a lightweight dual-stack in the present invention
  • FIG. 6 is a schematic structural diagram of an embodiment of a carrier-grade network address translation device according to the present invention.
  • FIG. 7 is a schematic structural diagram of an embodiment of an application function server according to the present invention.
  • FIG. 8 is a schematic structural diagram of an embodiment of a policy and charging rule function according to the present invention.
  • 9 is a schematic structural diagram of a first embodiment of a policy and charging execution function according to the present invention. 10 is a schematic structural diagram of a second embodiment of a policy and charging execution function according to the present invention.
  • FIG. 11 is a schematic structural diagram of an embodiment of a lightweight dual stack-based service flow management system according to the present invention.
  • the technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. example. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
  • IPv4 in IPv6 tunneling and IPv4 NAT technology can provide IPv4 services to users without having to assign public IPv4 addresses to them.
  • the working principle is as follows: An IPv4 in IPv6 tunnel is established between the terminal of the DS-Lite and the CGN.
  • the source address of the outer layer of the uplink data tunnel is the public IPv6 address of the terminal, and the source address of the inner layer is a well-known IPv4 address without routing meaning.
  • FIG. 1A is a schematic structural diagram of applying the DS-Lite technology to a wireless communication system according to the present invention.
  • FIG. 1B is another schematic structural diagram of applying the DS-Lite technology to a wireless communication system according to the present invention.
  • the application of DS_Lite technology to wireless communication systems is divided into terminal mode and proxy mode two DS-Lite modes.
  • the terminal mode may be adopted, that is, the terminal itself is responsible for encapsulation of the IPv4 in IPv6 tunnel.
  • the IPv4 service data is encapsulated by the terminal public IPv6 address. Then, it is sent to the network side through the access service network (ASN).
  • ASN access service network
  • the DS-Lite proxy mode can be adopted, that is, the DS-Lite proxy is deployed in the ASN ( DS-Lite Proxy), after the IPv4 data of the terminal arrives at the ASN, the DS-Lite proxy encapsulates the IPv4 in IPv6 tunnel, and the terminal does not have to perceive the adoption of the DS-Lite technology.
  • the latest QoS framework in the WiMAX Network Working Group (NGG) standard is the PCC framework.
  • the PCC framework is a generic policy and charging control functional framework defined by 3GPP R7 that is suitable for various IP connection access networks (IP CAN) and has not yet been fully completed.
  • the policy control includes Gating Control and QoS Control; charging control refers to Flow Based Charging (FBC).
  • FBC Flow Based Charging
  • PCRF Policy and Charging Rules Function
  • PCEF Policy and Charging Execution Function
  • the PCRF includes policy control decision and flow-by-flow charging control functions, and provides network control functions for PCEF related to service data flow detection, gate control, QoS control, and flow-based charging.
  • PCEF includes service data flow detection, policy enforcement, and per-flow billing.
  • the PCEF provides service data flow detection, user plane traffic processing, triggering control plane session management, QoS implementation, traffic data flow measurement, and interaction with the billing system.
  • the PCC rule in the embodiment of the present invention is used to allocate a service data flow to an IP CAN bearer.
  • PDF Policy Distribution Function
  • PDF uses PCC-R3 interface to connect to ASN's Anchor Service Flow Authorization (Anchor Service Flow Authorization, Anchor SFA), supports SFA migration; PDF is the distribution point of PCC rules, responsible for distributing PCC rules to PCEF; forwarding ASN The message between the A-PCEF and the PCRF and the message between the C-PCEF and the PCRF in the CSN.
  • the user subscription database (SPR) is used to store the subscription data information of the terminal.
  • the following is a network structure based on the WiMAX network of FIG. 2 after the PCC framework is merged. How to implement dynamic service flow management between the ASN and the terminal after adopting the DS-Lite technology.
  • Step 301 Receive an Authentication Authorization Request (AAR) sent by an AF; the AAR carries classifier information including a first IPv4 address and a corresponding quality of service (QoS) thereof.
  • the first IPv4 address is a routable IPv4 address.
  • Step 302 Map the first IPv4 address in the received AAR to the public IPv6 of the terminal according to the mapping between the IPv6 address and the first IPv4 address maintained on the CGN.
  • Step 303 Send the AAR to the PCRF for authorization according to the public IPv6 address of the terminal, and complete the service flow management process between the ASN and the terminal. Because the DS-Lite technology is adopted, the AF server cannot address the corresponding PCRF according to the first IPv4 address in the service parameters negotiated with the terminal, or cannot be indexed to the terminal even if the corresponding PCRF is addressed.
  • the IP CAN session so the CGN is treated as a PCRF, and the AAR sent by the AF server is first addressed to the CGN according to the first IPv4 address; the first IPv4 address in the AAR is converted on the CGN, and converted into the terminal public IPv6 address; CGN
  • the AAR may be sent to the PCRF for service authorization according to the public IPv6 address of the terminal.
  • the PCRF interacts with the A-PCEF in the ASN to perform the authorization result, and then removes the IPv6 parameter including the public IPv6 address of the terminal in the classifier information in the PCC rule by the A-PCEF or the terminal according to the adopted DS-Lite mode.
  • the business flow management process between the ASN and the terminal
  • the service flow management method in this embodiment can be used to route the signaling on the AF to the CGN by placing the CGN between the AF and the PCRF, and then converting the IP address of the CGN to the correct PCRF.
  • the binding of the IP bearer session is performed to implement a dynamic service management process of establishing/modifying/deleting the DS-Lite-based service flow under the PCC system architecture.
  • FIG. 4 is a signaling flowchart of a second embodiment of a lightweight dual-stack based service flow management method according to the present invention. Traffic flow management mainly includes service flow establishment, modification, deletion, etc.
  • a traffic flow management method based on a lightweight dual stack is taken as an example of a service flow establishment triggered by a network side triggered by a DS-Lite technology. Carry out detailed instructions.
  • DS-Lite technology in order to avoid assigning an IPv4 address to the terminal, DS-Lite technology is adopted, and CGN is deployed on the network side.
  • the terminal transmits the IPv4 data packet to the CGN by using the IPv6 tunnel, and the IPv4 address corresponding to the terminal in the IPv4 data packet is a specific non-routable IPv4 address, that is, the second IPv4 address in the embodiment of the present invention, and the second IPv4 address may be All terminals are shared.
  • the lightweight dual-stack-based service flow management method includes the following steps: Step 401: The AF and the terminal perform application layer signaling interaction to negotiate service parameters.
  • the service parameters mainly include the classifier information and the corresponding QoS parameters, and the classifier information mainly includes the source/destination IPv4 address and the port number.
  • the terminal uses the first IPv4.
  • the address that is, the converted routable IPv4 address, interacts with the AF in the IPv4 network; but if the application layer signaling that the terminal interacts with the AF carries the second IPv4 address, that is, the specific non-routable IPv4 address, then the application During the layer signaling interaction, CGN can To implement the function of the application layer gateway (ALG), the second IPv4 address in the application layer signaling is replaced with the first IPv4 address after the NAT, and the corresponding IPv4 port number in the application layer signaling may also be correspondingly The conversion, where the second IPv4 address is the non-routable IPv4 address of the terminal.
  • AVG application layer gateway
  • Step 402 The AF addresses the corresponding CGN according to the first IPv4 address in the classifier information acquired after the negotiation, and sends an authentication authorization request (AAR) to the CGN.
  • the AAR carries the negotiated service parameters including the classifier information and the corresponding QoS parameters, and the classifier information includes the first IPv4 address and its corresponding IPv4 parameter.
  • Step 403 After receiving the AAR sent by the AF, the CGN, according to the mapping relationship between the maintained IPv6 address and the first IPv4 address (which may also include the corresponding port number), the third in the classifier information in the AAR sent by the AF An IPv4 address maps the public IPv6 address of the terminal, and adds other IPv6 parameters corresponding to the IPv6 tunnel to the classifier information, including the IPv6 source address, the IPv6 destination address, and the IPv6 source port number and destination port number, and the classifier information.
  • the first IPv4 address in the address is replaced with the second IPv4 address.
  • the classifier information carried in the AAR includes IPv6 parameter information of the terminal public IPv6 address and IPv4 parameter information including the second IPv4 address.
  • Step 404 After completing the conversion, the CGN sends the AAR to the corresponding PCRF according to the public IPv6 address of the terminal. In this step, the PCRF information corresponding to the public IPv6 address of the terminal is pre-configured in the CGN.
  • Step 405 After receiving the AAR, the PCRF performs binding of the IP bearer (IP CAN) session according to the public IPv6 address of the terminal; searches for the terminal corresponding to the identifier of the IP CAN session, and finds the subscription data information corresponding to the terminal; and according to the subscription data Information and AAR authorize information such as parameters of the business.
  • the parameters of the service in the AAR mainly include the classifier information and the corresponding QoS parameters.
  • the PCRF can update its PCC rules by authorizing the service parameters.
  • the PCC rules mainly include the classifier information detection, the QoS policy corresponding to the classifier information, and/or Corresponding charging rules; wherein the QoS policy and the charging rule are determined according to the requirements of the AF.
  • Step 406 After the PCRF successfully authorizes the service, the PCRF sends a Re-Auth Request (RAR) to the A-PCEF, and sends the updated PCC rule and the authorized service parameter to the A_PCEF in the ASN.
  • the authorized PCC rules include information such as classifier information, corresponding QoS policies, and/or charging rules, where the classifier information mainly includes IPv6 parameter information of the terminal public IPv6 address and IPv4 parameter information including the second IPv4 address.
  • Step 407 After receiving the PCC rule, the A-PCEF removes the IPv6 parameter including the public IPv6 address of the terminal in the classifier information in the PCC rule, and only retains the second IPv4, if the current mode is the DS_Lite of the proxy mode.
  • the IPv4 parameter information of the address, and the QoS policy and/or the charging rule in the PCC rule are executed.
  • DSA Req service flow establishment request
  • Step 410 The base station returns a service flow establishment confirmation (DSA Ack) to the terminal, and the process of establishing the service flow triggered by the network side is completed.
  • the service flow can be correctly transmitted between the AF and the terminal in a negotiated manner.
  • step 407 if the terminal mode DS-Lite is adopted, after receiving the updated PCC rule, the A-PCEF can directly execute the PCC rule without updating the classifier information in the PCC rule.
  • step 409 after receiving the DSA Req, the terminal processes the DSA Req carrying the classifier information including the IPv6 parameter and the IPv4 parameter.
  • the terminal may remove the IPv6 parameter including the public IPv6 address of the terminal in the classifier information carried by the DSA Req, and retain only the IPv4 parameter including the second IPv4 address.
  • the service flow management method in this embodiment can be used to route the signaling on the AF to the CGN by placing the CGN between the AF and the PCRF, and then converting the IP address of the CGN to the correct PCRF.
  • the binding of the IP bearer session is performed to implement a dynamic service management process of establishing/modifying/deleting the DS-Lite-based service flow under the PCC system architecture.
  • the service flow management method of this embodiment describes in detail the dynamic service management process of implementing DS-Lite-based service flow establishment/modification/deletion initiated by the network side under the PCC system architecture.
  • FIG. 5 is a signaling flowchart of a third embodiment of a service flow management method based on a lightweight dual stack according to the present invention. As shown in FIG. 5, the service flow between the network and the network side triggered by the terminal using the DS-Lite technology is taken as an example for detailed description, and includes the following steps: Step 50: 505, and step 40 in the above embodiment is 405. the same.
  • Steps 506-507 after the authorization is completed, the PCRF returns AAA to the CGN; the CGN sends an AAA to the AF.
  • the classifier information carried by the DSA Req specifically includes the IPv4 address of the carrying terminal, that is, the second IPv4 address, the port number, and the IPv4 address and port number of the AF; wherein, the step 508 terminal Initiating the DSA Req may be performed concurrently with step 502 or before step 502.
  • the final purpose is to enable the PCRF to perform the authorization of the service parameters carried in the authentication authorization request in step 505 and in step 510.
  • the authorization to be performed on the business parameters carried in the Credit Control Request (CCR) is associated.
  • the IPv6 parameters include the IPv6 address of the terminal, that is, the public IPv6 address of the terminal, the IPv6 address of the CGN, and the source port and destination port number of the corresponding IPv6 tunnel.
  • Step 510 The A-PCEF sends a CCR to the PCRF, where the CCR carries the identifier of the IP CAN session established by the A-PCEF according to the classifier information of the terminal, the classifier information obtained in step 509, and the corresponding QoS parameters.
  • the authentication request is authorized by the PCRF to be directly sent to the A-PCEF, and then the service flow establishment request initiated by the A-PCEF, wherein the parameters carried in the service flow establishment request are authorized by the PCRF;
  • the service flow establishment request initiated by the terminal is required.
  • the service parameter in the service flow establishment request is carried in the CCR and sent to the PCRF to authorize the service parameter.
  • the service parameter is the IP CAN session carried in the CCR.
  • Step 511 The PCRF authorizes the service parameters in the CCR according to the result of the authorization performed in step 505. Since the present embodiment is a service flow establishment process initiated by the terminal, the PCC rule that the PCRF performs the authorization to update the service parameters in the AAR in step 505 cannot be directly sent to the A-PCEF. Therefore, the A-PCEF receives the base station. After the triggering information, the PCRF is further authorized to carry the service parameters carried in the DSA Req sent by the terminal, and Associated with the result of authorization of the service parameters carried in the AAR in step 505, to update the PCC rules. If the step 505 is completed before the step 510, the authorization result may be directly associated with the authorization result.
  • Step 505 the execution of the step 505 is also triggered in the step 510 to obtain the service parameters carried in the AAR on the PCRF.
  • Step 512 After the authorization is passed, the PCRF returns a Trust-Control Anwser (CCA) to the A-PCEF, where the CCA carries the updated PCC rule and the authorized service parameter, where the PCC rule carries the classifier information and Its corresponding QoS policy and / or charging rules.
  • CCA Trust-Control Anwser
  • Step 513 The A-PCEF performs the QoS policy and/or the charging rule in the PCC rule, and triggers the base station to return the DSA Rsp to the terminal, and triggers the base station to return the DSA Rsp to the terminal, and then carries the authorized service parameter information in the DSA Rsp.
  • step 508 if the terminal mode DS-Lite, the DSA Req sent by the terminal carries the QoS parameter and the classifier information including the second IPv4 address and the terminal shared IPv6 address.
  • Step 509 and step 510 are combined into step 509 ′.
  • the base station After receiving the DSA Req, the base station triggers the A-PCEF to directly send the CCR to the PCRF, where the CCR carries the identifier of the IP bearer session, classifier information, and QoS parameters.
  • the service flow management method of this embodiment describes in detail the dynamic service management process of implementing DS-Lite-based service flow establishment/modification/deletion by the terminal under the PCC system architecture.
  • FIG. 6 is a schematic structural diagram of an embodiment of a carrier-grade network address translation device according to the present invention.
  • the carrier-grade network address translation device includes: a receiving module 21, configured to receive an authentication authorization request sent by an AF, where the authentication authorization request carries classifier information including a first IPv4 address, where the first The IPv4 address is a routable IPv4 address.
  • the first conversion module 22 is configured to map the first IPv4 address to the terminal according to the mapping relationship between the IPv6 address and the first IPv4 address maintained by the receiving module 21 after receiving the authentication request.
  • the public IPv6 address of the terminal is added to the classifier information, and the first IPv4 address in the classifier information is replaced with a second IPv4 address, where the second IPv4 address is a non-routable IPv4 address of the terminal;
  • the conversion module 23 is configured to replace the second IPv4 address with the first IPv4 address in the application layer signaling interaction between the terminal and the AF before the receiving module 21 receives the authentication authorization request.
  • the sending module 24 is configured to send the first conversion module 22
  • the processed authentication authorization request is sent to the PCRF.
  • FIG. 7 is a schematic structural diagram of an embodiment of an application function server according to the present invention. As shown in FIG.
  • the application function server includes: the negotiation module 11 is configured to perform application layer signaling interaction with the terminal to negotiate a service parameter, where the service parameter includes at least classifier information and corresponding QoS parameters;
  • the module 12 is configured to obtain the first IPv4 address in the classifier information negotiated by the negotiation module 11;
  • the sending module 13 is configured to address the corresponding CGN according to the first IPv4 address acquired by the obtaining module 12, and send the authentication authorization request to CGN.
  • the application function server provided in this embodiment may send the authentication authorization request to the CGN through the IP address carried in the authentication authorization request, and then the CGN performs IP address conversion, and then sends the CGN to the correct PCRF, and uses the CGN as the PCRF.
  • the policy and charging rule function includes: a receiving module 31, configured to receive an authentication authorization request sent by a CGN, where the authentication authorization request carries a classifier including a second IPv4 address and a terminal public IPv6 address.
  • the second IPv4 address is a non-routable IPv4 address of the terminal;
  • the binding module 32 is configured to perform binding of the IP bearer session according to the public IPv6 address of the terminal after receiving the authentication authorization request by the receiving module 31;
  • the terminal corresponding to the identifier of the IP bearer session bound by the binding module 32, and the subscription data information corresponding to the terminal is found;
  • the authorization module 34 is configured to request the authentication authorization according to the authentication and authorization request and the subscription data information obtained by the indexing module 33.
  • Authorize The policy and charging rule function provided in this embodiment can receive the authentication authorization request sent by the AF indirectly through the CGN, that is, the CGN is regarded as the AF, thereby implementing the DS-Lite-based service flow management process.
  • the policy and charging execution function may include: the receiving module 41 is configured to receive the PCC sent by the PCRF after the PCRF successfully authorizes the service. a rule that the PCC rule includes at least the classifier information, the QoS policy and/or the charging rule corresponding to the classifier information, and the execution triggering module 42 is configured to execute the PCC rule sent by the receiving module 41, and trigger the base station and the terminal in the ASN.
  • the policy and charging execution function may include: the receiving module 41 is configured to receive the PCC sent by the PCRF after the PCRF successfully authorizes the service.
  • a rule that the PCC rule includes at least the classifier information, the QoS policy and/or the charging rule corresponding to the classifier information
  • the execution triggering module 42 is configured to execute the PCC rule sent by the receiving module 41, and trigger the base station and the terminal in the ASN.
  • the A-PCEF may further include: the determining processing module 43 is configured to remove the IPv6 parameter including the terminal public IPv6 address in the classifier information in the PCC rule.
  • the policy and the charging execution function provided by the embodiment after receiving the PCC rule, trigger a service flow management process between the base station and the terminal in the DS-Lite-based ASN, thereby implementing a DS-Lite-based service flow management process.
  • FIG. 10 is a schematic structural diagram of a second embodiment of a policy and charging execution function according to the present invention. As shown in FIG. 10, for the terminal-triggered service flow management process, the policy and charging execution function (A-PCEF) may include: the first receiving module 44 is configured to receive, by the base station in the ASN, the service flow management sent by the terminal.
  • the service flow management request After receiving the trigger message sent by the base station, the service flow management request carries the classifier information.
  • the sending module 45 is configured to send a trust control request to the PCRF3 after receiving the trigger message sent by the base station, where the trust control request carries the IP address.
  • the second receiving module 46 is configured to receive the returned trust control response after the PCRF requests the trust control to pass, and the trust control response carries the PCC rule, where the PCC rule At least the classifier information, the QoS policy and/or the charging rule corresponding to the classifier information are included;
  • the execution triggering module 47 is configured to: after the second receiving module 46 receives the trust control response, execute the PCC rule, and trigger the base station to return the service flow management.
  • the A-PCEF may further include: the determining processing module 48 is configured to: after the first receiving module 44 receives the trigger message of the base station, if it is determined that the DS-Lite is in the proxy mode, add the classifier information to the The IPv6 parameter of the terminal public IPv6 address is used to describe the information of the DS-Lite tunnel, and then the sending control module 45 sends a trust control request.
  • the policy and the charging execution function provided by the embodiment complete the service flow management process between the terminal and the base station by using the service flow management request to the PCRF authentication terminal, thereby implementing the DS-Lite-based service. Flow management process. FIG.
  • FIG. 11 is a schematic structural diagram of an embodiment of a service flow management system based on a lightweight dual stack according to the present invention. As shown in FIG. 11, the system includes: an application function server (AF) 1, a carrier-grade network address translation device (CGN) 2, a policy and charging rule function (PCRF) 3, and a policy and charging execution function (A-PCEF). ) 4.
  • AF application function server
  • CGN carrier-grade network address translation device
  • PCRF policy and charging rule function
  • A-PCEF policy and charging execution function
  • the AF1 is configured to send an authentication authorization request, where the authentication authorization request carries the classifier information including the first IPv4 address and the corresponding quality of service (QoS) parameter, where the first IPv4 address is a routable IPv4 address; CGN2 is used to receive the AF1
  • the authentication and authorization request sent according to the mapping relationship between the IPv6 address and the first IPv4 address, the first IPv4 address is mapped out of the public IPv6 address of the terminal, and the public IPv6 address of the terminal is added to the classifier information, and the public IPv6 address is obtained according to the terminal.
  • PCRF3 is used to receive an authentication authorization request sent by CGN2 and authorized
  • A-PCEF4 is located in an access service network (ASN), and is used to receive the PCC rule sent by PCRF3 after the PCRF3 authorizes the service. And complete the business flow management process between the ASN and the terminal.
  • the specific implementation of the service flow management system of the DS-Lite-based service flow management system in this embodiment is as described in the foregoing method embodiment, and details are not described herein again.
  • the service flow management system of this embodiment can route the signaling on the AF to the CGN by placing the CGN between the AF and the PCRF, and then the IP address of the CGN is converted and then routed to the correct PCRF.
  • the binding of the IP bearer session is performed to implement a dynamic service management process of establishing/modifying/deleting the DS-Lite-based service flow under the PCC system architecture.
  • a person skilled in the art can understand that all or part of the process of implementing the above embodiment method can be completed by a computer program to instruct related hardware, and the program can be stored in a computer-accessible storage medium. When executed, the flow of an embodiment of the methods as described above may be included.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé de gestion de flux de service, un dispositif et un système reposant sur une DS-Lite. Le procédé comprend les étapes suivantes : le NAT de classe transporteur (CGN) reçoit la demande d'autorisation d'authentification (AAR) envoyée par la fonction d'application (AF), l'AAR portant les informations de classifieur de la première adresse IPv4; la première adresse IPv4 dans l'AAR est corrélée avec l'adresse IPv6 publique du terminal selon la relation de corrélation entre l'adresse IPv6 et l'adresse IPv4 mise en mémoire sur le CGN; l'AAR est envoyée à la fonction de règles de politique et de facturation (PCRF) pour l'autorisation de service selon l'adresse IPv6 publique du terminal pour accomplir le processus de gestion de flux de service entre le réseau de service d'accès (ASN) et le terminal. Grâce aux modes de réalisation de la présente invention la signalisation sur l'AF est d'abord acheminée au CGN, puis acheminée au PCRF précis depuis le CGN. Le processus de gestion de service dynamique destiné à établir/modifier/supprimer le flux de service reposant sur une DS-Lite peut être réalisé dans la hiérarchie du système de contrôle de politique et de facturation (PCC).
PCT/CN2009/075634 2008-12-30 2009-12-16 Procédé de gestion de flux de service, dispositif et système reposant sur une ds-lite Ceased WO2010075735A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2008102475974A CN101771605B (zh) 2008-12-30 2008-12-30 基于轻量级双栈的业务流管理方法、装置及系统
CN200810247597.4 2008-12-30

Publications (1)

Publication Number Publication Date
WO2010075735A1 true WO2010075735A1 (fr) 2010-07-08

Family

ID=42309798

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/075634 Ceased WO2010075735A1 (fr) 2008-12-30 2009-12-16 Procédé de gestion de flux de service, dispositif et système reposant sur une ds-lite

Country Status (2)

Country Link
CN (1) CN101771605B (fr)
WO (1) WO2010075735A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102780567A (zh) * 2011-05-09 2012-11-14 中兴通讯股份有限公司 一种DS-lite网络架构承载组播业务的方法、系统和网络节点

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101951380B (zh) * 2010-09-28 2013-08-28 杭州华三通信技术有限公司 轻量级双栈组网中的访问控制方法及其装置
CN102170395A (zh) * 2011-04-21 2011-08-31 中兴通讯股份有限公司 数据的传输方法及网络设备
WO2011144083A2 (fr) * 2011-05-25 2011-11-24 华为技术有限公司 Procédé et dispositif de contrôle de règles
CN106161375B (zh) * 2015-04-13 2019-10-29 中国移动通信集团公司 业务链标识的分配方法、装置、策略控制器及分类器
CN107645385A (zh) * 2016-07-22 2018-01-30 中兴通讯股份有限公司 获取路由信息的方法及装置、路由寻址设备及系统

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1893394A (zh) * 2005-07-05 2007-01-10 华为技术有限公司 一种穿越网络地址转换的方法
CN101222343A (zh) * 2008-01-30 2008-07-16 中兴通讯股份有限公司 一种策略与计费控制系统及对媒体网关的控制方法

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1893394A (zh) * 2005-07-05 2007-01-10 华为技术有限公司 一种穿越网络地址转换的方法
CN101222343A (zh) * 2008-01-30 2008-07-16 中兴通讯股份有限公司 一种策略与计费控制系统及对媒体网关的控制方法

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102780567A (zh) * 2011-05-09 2012-11-14 中兴通讯股份有限公司 一种DS-lite网络架构承载组播业务的方法、系统和网络节点

Also Published As

Publication number Publication date
CN101771605B (zh) 2012-11-28
CN101771605A (zh) 2010-07-07

Similar Documents

Publication Publication Date Title
EP1938523B1 (fr) Contrôle de regles dans un système d'architecture évoluée
US8743812B2 (en) Method, system, and access gateway for traffic flows to share resources
CN102917356B (zh) 将用户设备接入演进的分组核心网络的方法、设备和系统
US20100048161A1 (en) Method, system and apparatuses thereof for realizing emergency communication service
WO2014048294A1 (fr) Procédé de commande de flux de données et appareil et système de communication correspondants
CN105101176B (zh) 一种漫游场景下的会话绑定方法、装置和系统
CN101414940B (zh) 以太网业务的建立方法、网元设备和网络系统
WO2015196396A1 (fr) Procédé d'établissement d'une connexion de réseau, passerelle et terminal
CN103517249A (zh) 一种策略控制的方法、装置和系统
WO2011079782A1 (fr) Procédé de commande de politique et de facturation, passerelle et terminal mobile associés
WO2009046666A1 (fr) Procédé d'adressage d'entité à fonction de décision de politique, élément de réseau et système de réseau
WO2010075735A1 (fr) Procédé de gestion de flux de service, dispositif et système reposant sur une ds-lite
US20190223013A1 (en) Method for establishing public data network connection and related device
CN102014039B (zh) 数据传输方法和接入点
CN101505296A (zh) 隧道业务数据流的控制方法和装置
CN101420792B (zh) 网关锚点分配方法、网络侧设备及用户终端
WO2011134102A1 (fr) Procédé, appareil et système de corrélation de sessions
WO2010006493A1 (fr) Procédé et système de traitement d’un flux de service dynamique
WO2007143950A1 (fr) Appareil et procédé de mise en œuvre de l'amorce du nœud en double pile d'un réseau hétérogène
CN103188657B (zh) 一种为ue分配ip地址的方法及系统
CN101848195A (zh) 轻量级双栈协商处理方法与装置、通信设备与通信系统
WO2012106984A1 (fr) Procédé et système d'accès à un réseau central mobile à travers un réseau fixe de confiance
CN100579070C (zh) 一种实现网络接入的方法及系统
CN115955716A (zh) 数据收集方法、通信装置及通信系统
WO2012097523A1 (fr) Procédé, appareil et système de traitement pour commander un flux de données

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09836022

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09836022

Country of ref document: EP

Kind code of ref document: A1