[go: up one dir, main page]

WO2018023213A1 - Procédé de connexion à un réseau et dispositif associé - Google Patents

Procédé de connexion à un réseau et dispositif associé Download PDF

Info

Publication number
WO2018023213A1
WO2018023213A1 PCT/CN2016/092465 CN2016092465W WO2018023213A1 WO 2018023213 A1 WO2018023213 A1 WO 2018023213A1 CN 2016092465 W CN2016092465 W CN 2016092465W WO 2018023213 A1 WO2018023213 A1 WO 2018023213A1
Authority
WO
WIPO (PCT)
Prior art keywords
gateway device
network
connection
transmission path
mode
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2016/092465
Other languages
English (en)
Chinese (zh)
Inventor
诸华林
靳维生
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to PCT/CN2016/092465 priority Critical patent/WO2018023213A1/fr
Publication of WO2018023213A1 publication Critical patent/WO2018023213A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/02Communication route or path selection, e.g. power-based or shortest path routing
    • H04W40/20Communication route or path selection, e.g. power-based or shortest path routing based on geographic position or location
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/24Connectivity information management, e.g. connectivity discovery or connectivity update

Definitions

  • the present application relates to the field of wireless network technologies, and in particular, to a network connection method and related devices.
  • the second access long term evolution (SALTE) network is a mobile network deployed by an operator or a non-operator (such as an enterprise unit).
  • the SALTE can be used to access the internal network or can be used for connection.
  • PDN Packet Data Protocol
  • FIG. 1 is a schematic diagram of a network architecture of a SALTE network.
  • the SALTE network includes an on-site network and a public network.
  • the On-site network is a locally deployed network element device, including an on-site evolved Node B (on-site eNB).
  • on-site EPC On-site Evolved Packet Core
  • on-site EPC is the core network part of the on-site network, including on-site gateway (on-site GW). And on-site Mobility Management Entity (on-site MME), etc., wherein the On-site MME is mainly responsible for access management, session management, mobility management, etc. of the On-site network.
  • the -site GW is used to transmit user data.
  • the locally deployed NE device can be a device deployed by the enterprise, a third-party organization, or the carrier.
  • the Public network is the NE device deployed by the carrier, including the Authentication Accounting Authorization Server.
  • AAA Server AAA Server
  • MME Mobility Management Entity
  • HSS Home Subscriber Server
  • GW gateway
  • FIG. 2 is a schematic diagram of a network architecture of another SALTE network.
  • On the SALTE network there is no On-site MME in the On-site EPC.
  • the AAA server/MME replaces the On-site MME to complete access management, session management, and mobility management for the On-site network.
  • the control plane network element MME can be used to transmit control plane signaling.
  • the on-site GW first needs to send the connection request message to the On-site MME, and then the On-site MME forwards the connection request message to the MME, and finally the MME forwards the connection request message to the GW, and the GW generates the session after receiving the connection request message. Create a response and return the connection request message to the on-site GW along the original path.
  • the control plane signaling method between the local gateway and the public gateway has a single mode.
  • the present application provides a network connection method and related equipment, which can solve a single technical problem of a control plane signaling method between a local gateway and a public gateway.
  • an embodiment of the present application provides a network connection method, including:
  • the management network element first obtains the network identifier of the first network; then determines the state information of the first network according to the network identifier of the first network; and secondly determines the second gateway device of the first network and the second network of the second network according to the state information a connection establishment mode between the gateway devices; finally, sending the identification information of the connection establishment mode to the first gateway device, the first gateway device receiving the identification information of the connection establishment mode, and selecting the transmission path for establishing the control signaling according to the identification information (first a transmission path mode or a second transmission path mode, wherein the first transmission path mode is a direct transmission path between the first gateway device and the second gateway device, and the second transmission path mode is the first gateway device and the second gateway device.
  • the indirect transmission path established by the signaling transmission by the management network element, the management network element may select the connection establishment mode to perform signaling transmission according to the state information of the first network, thereby increasing signaling between the local gateway and the public gateway.
  • the diversity of the method of sending methods may be used to perform signaling transmission
  • the status information is in a trusted state, determining that the connection establishment mode between the first gateway device of the first network and the second gateway device of the second network is the first transmission path mode, Thereby reducing the signaling transmission path and the transmission delay between the local gateway and the public gateway; if the status information is in an untrusted state, determining between the first gateway device of the first network and the second gateway device of the second network
  • the connection establishment mode is the second transmission path mode, and the security of the signaling is checked by the management network element, thereby ensuring secure transmission of signaling between the second gateway device and the first gateway device.
  • the management network element may search for status information of the first network corresponding to the network identifier from the preset network status list, or obtain the network information from the information storage server.
  • the network identifies the status information of the first network corresponding to the network.
  • the management network element may pre-store a network status list, where the network status list may include a correspondence between all network identifiers and status information.
  • the management network element may send the second network gateway device to the second gateway device. And a connection notification message, wherein the connection notification message includes at least one of identification information of the connection establishment mode, a network connection identifier, and a network identifier of the first network.
  • the second gateway device may verify whether the first gateway device establishes a control signaling transmission path with the second gateway device according to the connection establishment mode indicated by the identification information, when verifying that the first gateway device is configured according to the When the connection establishment mode indicated by the identifier information and the transmission path of the control signaling are established by the second gateway device, the session creation response including the connection success indication is sent to the first gateway device or the management network element, when verifying that the first gateway device does not follow the When the connection establishment mode indicated by the identifier information and the transmission path of the control signaling are established by the second gateway device, the session creation response including the mode error indication is sent to the first gateway device or the management network element.
  • the first gateway device after the first gateway device receives the identification information of the connection establishment mode sent by the management network element, if the connection establishment mode is the second transmission path mode, the first gateway device sends a connection to the management network element.
  • the management network element After receiving the connection request message sent by the first gateway device, the management network element forwards the connection request message to the second gateway device, and the second gateway device returns a session creation response after receiving the connection request message;
  • the session creation response returned by the gateway device is forwarded to the first gateway device, so that the transmission path of the first gateway device or the management network element control signaling is successfully established or the connection establishment mode is used incorrectly.
  • the management network element after the management network element receives the connection request message and forwards the connection request message to the second gateway device, the management network element checks whether the connection request message is a security signaling; when the connection request message is checked, In the case of the security signaling, the operation step of forwarding the connection request message to the second gateway device is performed. When the connection request message is detected as non-secure signaling, the management network element rejects the connection request message or requests the first gateway device to resend the connection. The message is requested to secure secure signaling between the second gateway device and the first gateway device.
  • the management network element may compare the received quality of service information with the quality of service information stored in advance or obtained from the information storage server, if the received quality of service information is stored in advance or from the information storage. If the quality of service information obtained by the server matches, then the connection is determined.
  • the request message is a security signaling; if the received quality of service information does not match the quality of service information stored in advance or obtained from the information storage server, determining that the connection request message is non-secure signaling, thereby determining whether the connection request message is determined to be The purpose of security signaling.
  • an embodiment of the present application provides a network connection method, including:
  • the first gateway device first receives the identification information of the connection establishment mode sent by the management network element, and the connection establishment mode is a connection establishment manner between the first gateway device and the second gateway device determined by the management network element according to the state information of the first network, And then selecting, according to the identification information, a transmission path (a first transmission path mode or a second transmission path mode) for establishing control signaling, and establishing a transmission path of the control signaling according to the connection establishment mode indicated by the identification information, where
  • the first transmission path mode is a direct transmission path between the first gateway device and the second gateway device, and the second transmission path mode is an indirect connection established between the first gateway device and the second gateway device by using a management network element for signaling transmission.
  • Transmission path The management network element may select a connection establishment mode for signaling transmission according to the state information of the first network, thereby increasing the diversity of the signaling method mode between the local gateway and the public gateway.
  • the first gateway device after the first gateway device receives the identification information of the connection establishment mode, the first gateway device sends a connection request message to the second gateway device, and the connection request is received, when the connection establishment mode is the first transmission path mode.
  • the message is used to establish a connection between the first core network device and the second core network device, and instruct the second gateway device to return a session creation response, where the session creation response includes a mode error indication or a connection success indication, and the mode error indication is used to notify the first gateway device Or the connection establishment mode used by the management network element is incorrect, and indicates that the first gateway device stops the connection establishment process with the second gateway device or re-initiates the connection establishment process with the second gateway device by using the correct connection establishment mode, and the connection success indication is used.
  • the connection between the first gateway device or the management network element is successfully established.
  • the connection establishment mode is the second transmission path mode
  • the first gateway device after receiving the identification information of the connection establishment mode, sends a connection request message to the management network element, and the management network element receives the After the connection request message sent by the gateway device, the connection request message is forwarded to the second gateway device, and the second gateway device returns a session creation response after receiving the connection request message; the management network element receives the session creation response returned by the second gateway device; Forwarding the session creation response to the first gateway device, where the session creation response includes a mode error indication or a connection success indication, and the mode error indication is used to notify the first gateway device or the management network element to use a connection establishment mode error, and indicates
  • a gateway device stops the connection establishment process with the second gateway device or uses the correct
  • the connection establishment mode re-initiates the connection establishment process with the second gateway device, and the connection success indication is used to notify the first gateway device or the management network element that the connection is successfully established.
  • connection request message includes at least one of a user equipment identity, a gateway address of the first gateway device, and a tunnel endpoint identity of the first gateway device.
  • the session creation response when the first gateway device or the management network element connection is successfully established, includes a gateway address of the second gateway device and/or a tunnel endpoint identifier of the second gateway device.
  • an embodiment of the present application provides a network connection method, including:
  • the second gateway device first receives the connection notification message sent by the management network element, and the connection notification message carries the identification information of the connection establishment mode, where the connection establishment mode is the first gateway device and the second determined by the management network element according to the state information of the first network. a connection establishment manner between the gateway devices; then receiving a connection request message sent by the first gateway device or the management network element; and finally verifying whether the connection request message is transmitted from the control signaling indicated by the feature identifier of the connection establishment mode Path to ensure the correctness of control signaling transmission.
  • the second gateway device when the connection request message is verified to be from the transmission path of the control signaling indicated by the identification information of the connection establishment mode, the second gateway device is to the first gateway device or the management The network element sends a session creation response including the connection success indication. After receiving the session creation response sent by the second gateway device or receiving the session creation response forwarded by the management network element, the first gateway device may determine that the transmission path of the control signaling is successfully established. .
  • the second gateway device When the verification connection request message is not the transmission path of the control signaling indicated by the identification information of the connection establishment mode, the second gateway device sends a session creation response including the mode error indication to the first gateway device or the management network element, the first gateway After receiving the session creation response sent by the second gateway device or receiving the session creation response forwarded by the management network element, the device may learn that the network establishment mode is used incorrectly, stop sending the connection request message, or send a connection request message by using another connection establishment mode.
  • an embodiment of the present application provides a management network element, where the management network element is configured to implement the method and function performed by the management network element in the foregoing first aspect, implemented by hardware/software, and the hardware/software includes The unit corresponding to the above function.
  • an embodiment of the present application provides a first gateway device, where the first gateway device is configured to implement the method and function performed by the first gateway device in the foregoing second aspect, by hardware/software.
  • the hardware/software includes units corresponding to the above functions.
  • an embodiment of the present application provides a second gateway device, where the second gateway device is configured to implement the method and function performed by the second gateway device in the foregoing third aspect, implemented by hardware/software, and hardware thereof.
  • /Software includes units corresponding to the above functions.
  • the embodiment of the present application provides a management network element, including: a processor, a network interface, a memory, and a communication bus, where the communication bus is used to implement connection communication between the processor, the network interface, and the memory. And executing, by the processor, the program stored in the memory for implementing the steps in the method for managing the network element provided by the first aspect.
  • the embodiment of the present application provides a gateway device, including: a processor, a network interface, a memory, and a communication bus, where the communication bus is used to implement connection communication between the processor, the network interface, and the memory,
  • the processor executes the steps in the method stored in the memory for implementing the gateway device provided by the second aspect above.
  • FIG. 1 is a network architecture diagram of a SALTE network provided by a prior art solution
  • FIG. 3 is a network architecture diagram of a network connection method according to an embodiment of the present application.
  • FIG. 4 is a schematic flowchart of a network connection method according to an embodiment of the present application.
  • FIG. 5 is a network architecture diagram of another network connection method according to an embodiment of the present disclosure.
  • FIG. 6 is a schematic flowchart diagram of another network connection method according to an embodiment of the present application.
  • FIG. 7 is a schematic structural diagram of a management network element according to an embodiment of the present disclosure.
  • FIG. 8 is a schematic structural diagram of a first gateway device according to an embodiment of the present disclosure.
  • FIG. 9 is a schematic structural diagram of a second gateway device according to an embodiment of the present disclosure.
  • FIG. 10 is a schematic structural diagram of another management network element according to an embodiment of the present disclosure.
  • FIG. 11 is a schematic structural diagram of another gateway device according to an embodiment of the present application.
  • the network system includes a first network and a second network, where the first network may be a local network, and the local network includes a locally deployed network element device, which may include a first gateway device, where the first gateway device may be a local gateway.
  • the second network may be a public network, and the public network includes a network element device deployed by the operator, and specifically includes a management network element and a second gateway device, where the management network element may include a mobility management network element, a authentication authorization server, and a home subscription server. At least one of the second gateway devices may be a public gateway.
  • the network system includes a user equipment (UE), an on-site network, and a public network
  • the local network includes an on-site GW and a local base station.
  • the public network includes an authentication server (AAA server) / a mobility management network element (MME), a home subscription server (HSS), and a public gateway (GW), wherein the management network element can be mobility
  • the management network element (MME) may also be a home subscription server (HSS), an authentication authorization server (AAA server), or a mobility management network element (MME) and a home subscription server (HSS).
  • FIG. 4 is a schematic flowchart diagram of a network connection method according to an embodiment of the present application. As shown in FIG. 4, the method in this embodiment of the present application includes:
  • the management network element acquires a network identifier of the first network.
  • the user equipment may send a request message to the local base station, where the request message may carry the network identifier of the first network, and then the local base station sends a request message to the management network element.
  • the local network controller may send, to the management network element, a request message or an authentication message that carries the network identifier of the first network, and after the management network element receives the request message or the authentication message, obtain the first A network identity of the network, where the local network controller is used to control the connection between the local network and the public network.
  • the management network element determines status information of the first network according to the network identifier of the first network.
  • the management network element may search, by using a preset network status list, status information of the first network corresponding to the network identifier.
  • the preset network status list includes the correspondence between all network identifiers and status information.
  • Status information includes network trusted status and network untrusted status.
  • the management network element may obtain, from the information storage server, status information of the first network corresponding to the network identifier.
  • the foregoing home subscription server HSS may also serve as an information storage server to store a network identifier.
  • the service request carrying the network identifier may be sent to the information storage server, and after receiving the service request, the information storage server returns status information of the first network corresponding to the network identifier.
  • the management network element determines, according to the status information, a connection establishment mode between the first gateway device of the first network and the second gateway device of the second network.
  • the connection establishment mode includes a first transmission path mode mode and a second transmission path mode mode, where the first transmission path mode is a direct transmission path between the first gateway device and the second gateway device,
  • the second transmission path mode is an indirect transmission path established by the first gateway device and the second gateway device by using the management network element for signaling transmission.
  • the path mode checks the security of the signaling by managing the network element, thereby ensuring secure transmission of signaling between the second gateway device and the first gateway device.
  • the management network element sends the identifier information of the connection establishment mode to the first gateway device.
  • the identifier information may include a feature identifier of a connection establishment mode, and if it is determined that the connection establishment mode between the first gateway device and the second gateway device is the first transmission path mode, the management network Transmitting the identifier information of the first transmission path mode to the first gateway device, and if the connection establishment mode between the first gateway device and the second gateway device is determined to be the second transmission path mode, managing the network element Sending the identifier information of the second transmission path mode to the first gateway device, after receiving the identifier information of the connection establishment mode, the first gateway device selects the first transmission path mode or the second transmission path mode according to the identifier information of the connection establishment mode.
  • the connection request message if the first transmission path mode is selected, S405-S406 is performed, and if the second transmission path mode is selected, S407-S411 is performed.
  • the management network element may send a connection to the second gateway device. And receiving the notification message, where the connection notification message includes the mode identification mode (mode identity, mode ID), the network connection identifier (Packet Data Protocol Identity, PDN ID), and the network identifier of the first network ( At least one of on-site network IDs.
  • the second gateway device may verify whether the connection request message is from a transmission path of control signaling indicated by the identification information of the connection establishment mode.
  • the second gateway device may verify whether the connection request message is from the first gateway device, and if not, the second gateway device may return a mode error indication to the first gateway device and reject The connection request message, or requesting the first gateway device to resend the connection request message; if the first gateway device selects to select the second transmission path mode, the second gateway device may verify whether the connection request message is from the management network element, if not, the first The second gateway device may return a mode error indication to the first gateway device and reject the connection request message, or request the first gateway device to resend the connection request message.
  • the first gateway device sends a connection request message to the second gateway device.
  • the first gateway device may establish the control signaling transmission with the second gateway device according to the connection establishment mode indicated by the identifier information. If the identification information of the connection establishment mode is the identification information of the first transmission path mode, the connection request message may be directly sent to the second gateway device.
  • the connection request message includes a User Equipment Identity (UE ID), a gateway address of the first gateway device (on-site GW address), and a tunnel endpoint identifier of the first gateway device (Tunnel Endpoint) At least one of Identifier, TEID).
  • UE ID User Equipment Identity
  • a gateway address of the first gateway device on-site GW address
  • tunnel endpoint identifier of the first gateway device At least one of Identifier, TEID
  • the second gateway device returns a session creation response to the first gateway device, where the session creation response is used to notify the first gateway device that the transmission path of the control signaling is successfully established.
  • the second gateway device after receiving the connection request message, the second gateway device first verifies whether the connection request message is from the first gateway device, and if it is verified that the connection request message is from the first gateway device, The gateway device returns a session creation response including a connection success indication, where the session creation response includes a gateway address (GW address) of the second gateway device and/or a tunnel endpoint identifier (Tunnel Endpoint Identifier of the second gateway device) , TEID); if it is verified that the connection request message is not from the first gateway device, the session creation response including the mode error indication may be returned to the first gateway device and the connection request message is rejected, and the indication is The first gateway device stops the connection establishment process with the second gateway device or re-initiates the connection establishment process with the second gateway device using the correct connection establishment mode.
  • GW address gateway address
  • Tunnel Endpoint Identifier of the second gateway device tunnel endpoint identifier
  • the S405-S406 performs the first transmission path mode, and the On-site GW can directly send a connection request message to the GW, and then the GW returns a session creation response to the On-site GW, and adopts the first transmission path mode, which can be reduced. Signaling transmission path and transmission delay between the small local gateway and the public gateway.
  • the first gateway device sends a connection request message to the management network element.
  • the first gateway device may establish the control signaling transmission with the second gateway device according to the connection establishment mode indicated by the identifier information.
  • the path if the identification information of the connection establishment mode is the identification information of the second transmission path mode, may send a connection request message to the management network element.
  • the connection request message includes a User Equipment Identity (UE ID), a gateway address of the first gateway device (on-site GW address), and a tunnel endpoint identifier of the first gateway device (Tunnel Endpoint) At least one of Identifier, TEID).
  • the connection request message carries a quality of service (QOS), and may check, according to the quality of service information, whether the connection request message is a security signaling, and if the received service quality information is Determining, or pre-storing, the service quality information obtained from the information storage server, determining that the connection request message is a security signaling; if the received quality of service information does not match the quality of service information pre-stored or acquired from the information storage server And determining that the connection request message is non-secure signaling.
  • the management network element may send an abnormal message indication to the first gateway device and refuse to receive the connection request message, or request the first gateway device. The connection request message is resent, thereby ensuring secure transmission of signaling between the second gateway device and the first gateway device.
  • the management network element forwards the connection request message to the public network element.
  • the second gateway device returns a session creation response to the management network element.
  • the second gateway device after receiving the connection request message, the second gateway device first verifies whether the connection request message is from the management network element, if the connection request message is verified from the tube.
  • the network element returns a session creation response including a connection success indication to the management network element, where the connection success indication is used to notify the first gateway device or the management network element that the connection establishment is successful, wherein the session creation response is a gateway address (GW address) of the second gateway device and/or a tunnel endpoint identifier (TEID) of the second gateway device; if the connection request message is verified not from the management network element, Then, the session creation response including the mode error indication may be returned to the first gateway device, and the connection request message is rejected, the mode error indication is used to notify the first gateway device that the wrong connection connection mode is used, and the first gateway device is instructed to stop.
  • the connection establishment process with the second gateway device re-initiates the connection establishment process with the second gateway device using the correct connection establishment mode.
  • the management network element forwards the session creation response to the first gateway device.
  • S407-S411 performs a second transmission path mode, and the On-site GW first sends a connection request message to the MME, and then forwards the connection request message to the GW through the MME. After receiving the connection request message, the GW sends the connection request message to the MME. The session creates a response, and the session creation response is forwarded to the On-site GW by the MME.
  • the embodiment of the present application is a network connection method proposed for the network architecture of the SALTE network shown in FIG. 2.
  • the local management network element On-site MME In the connection establishment execution process, only the function of forwarding signaling is played, and since the public management network element AAA server/MME in the public network public network can completely replace the local management network element On-site in the local network On-site network
  • the MME is responsible for performing access management, session management, or mobility management on the local network On-site network. Therefore, the local management network element On-site MME and the public management network element AAA server/MME can be used as a management network element to perform the foregoing network connection. method.
  • FIG. 5 is a schematic flowchart of a network connection method proposed for the network architecture of the SALTE network shown in FIG. 1, and performs the same operational steps as the network connection method described above.
  • the embodiment of the present application is not limited to the above-mentioned On-site EPC as a local network
  • the Public network is a public network architecture.
  • the network architecture that selects the connection establishment mode by judging the network state of the first network belongs to the present invention. The scope of application.
  • the management network element first obtains the network identifier of the first network; and then determines the state information of the first network according to the network identifier of the first network; and secondly, determines the status information according to the state information.
  • a connection establishment mode between the first gateway device of the first network and the second gateway device of the second network; finally, the identifier information of the connection establishment mode is sent to the first gateway device, and the first gateway device receives the identification information of the connection establishment mode.
  • a transmission path for establishing control signaling
  • the management network element may select a connection establishment mode for signaling transmission according to status information of the first network, thereby increasing The diversity of signaling method modes between the local gateway and the public gateway.
  • FIG. 6 is a schematic flowchart of another network connection method according to an embodiment of the present application.
  • the flowchart shows a complete implementation process of the foregoing network connection, where:
  • the second transmission path mode is selected to establish a network connection, and the same steps are performed in S407-S411 in the foregoing embodiment, which are not described in this embodiment;
  • the first transmission path mode is selected to establish a network connection, and the same steps are performed in S405-S406 in the foregoing embodiment, which are not described in this embodiment;
  • S612-S617 completes the establishment of the air interface connection and completes other attachment processes, and finally performs data transmission on the basis of the established network connection.
  • the management network element in this embodiment of the present application may include an MME/AAA and an HSS.
  • the MME/AAA and the HSS jointly perform the step of determining the connection establishment mode.
  • the MME/AAA sends the network identifier of the local network.
  • the HSS determines the state information of the local network according to the network identifier of the local network, and then sends the state information of the local network to the MME/AAA, and the MME/AAA selects the connection establishment mode according to the state information of the local network; second, the MME/ After obtaining the network identifier of the local network, the AAA sends the network identifier of the local network to the HSS, and the HSS determines the state information of the local network according to the network identifier of the local network, and selects a connection establishment mode according to the state information of the local network, and then connects. The establishment mode is sent to the MME/AAA, and finally the MME/AAA sends the identification information of the connection establishment mode to the local gateway.
  • FIG. 7 is a schematic structural diagram of a management network element according to an embodiment of the present application.
  • the management network element in this embodiment of the present application includes:
  • the information obtaining module 701 is configured to acquire a network identifier of the first network.
  • the user equipment may send a request message to the local base station, where the request message may carry the network identifier of the first network, and then the local base station sends a request message to the management network element.
  • the local network controller may send, to the management network element, a request message or an authentication message that carries the network identifier of the first network, and after the management network element receives the request message or the authentication message, obtain the first A network identity of the network, where the local network controller is used to control the connection between the local network and the public network.
  • the information determining module 702 is configured to determine status information of the first network according to the network identifier of the first network.
  • the status information of the first network corresponding to the network identifier may be searched from a preset network status list.
  • the preset network status list includes a correspondence between all network identifiers and status information, and the status information includes a network trusted status and a network untrusted status.
  • state information of the first network corresponding to the network identifier may be obtained from an information storage server.
  • the foregoing home subscription server HSS may also serve as an information storage server to store a network identifier.
  • the service request carrying the network identifier may be sent to the information storage server, and after receiving the service request, the information storage server returns status information of the first network corresponding to the network identifier.
  • the mode determining module 703 is configured to determine, according to the state information, a connection establishment mode between the first gateway device of the first network and the second gateway device of the second network.
  • the connection establishment mode includes a first transmission path mode and a second transmission path mode, where the first transmission path mode is a direct transmission path between the first gateway device and the second gateway device,
  • the second transmission path mode is an indirect transmission path established between the first gateway device and the second gateway device by using the management network element for signaling transmission.
  • the status information is in a trusted state, determining that a connection establishment mode between the first gateway device and the second gateway device is the first transmission path mode;
  • the untrusted state determines that the connection establishment mode between the first gateway device and the second gateway device is the second transmission path mode.
  • the information sending module 704 is configured to send the identifier information of the connection establishment mode to the first gateway device, where the identifier information is used to indicate that the first gateway device follows the connection establishment mode and the second gateway device Establish a transmission path for control signaling.
  • the identifier information of the first transmission path mode is sent to the first gateway device, If it is determined that the connection establishment mode between the first gateway device and the second gateway device is the second transmission path mode, sending, to the first gateway device, identifier information of the second transmission path mode, where the first gateway device After receiving the identification information of the connection establishment mode, the first transmission path mode or the second transmission path mode is selected to send a connection request message according to the identification information of the connection establishment mode.
  • the information sending module 704 is further configured to send a connection notification message to the second gateway device, where the connection notification message includes identifier information (mode identity, mode ID) of the connection establishment mode, and a network connection identifier ( At least one of a Packet Data Protocol Identity (PDN ID) and an on-site network ID of the first network.
  • the second gateway device may verify whether the connection request message is from a transmission path of control signaling indicated by the identification information of the connection establishment mode.
  • the second gateway device may verify whether the connection request message is from the first gateway device, and if not, the second gateway device may return a mode error indication to the first gateway device and reject The connection request message, or requesting the first gateway device to resend the connection request message; if the first gateway device selects to select the second transmission path mode, the second gateway device may verify whether the connection request message is from the management network element, if not, the first The second gateway device may return a mode error indication to the first gateway device and reject the connection request message, or request the first gateway device to resend the connection request message.
  • the first gateway device may directly send a connection request message to the second gateway device.
  • the connection request message includes at least one of a user equipment identifier, a gateway address of the first gateway device, and a tunnel endpoint identifier of the first gateway device.
  • the second gateway device After receiving the connection request message, the second gateway device first verifies whether the connection request message is from the first gateway device, and if it is verified that the connection request message is from the first gateway device, returns the inclusion to the first gateway device.
  • a session creation response indicating a successful connection, wherein the session creation response includes a gateway address of the second gateway device and/or a tunnel endpoint identifier of the second gateway device; if the connection request message is verified not from the
  • the first gateway device may return a mode error indication to the first gateway device.
  • the session creates a response and rejects the connection request message, or asks the first gateway device to resend the connection request message using another connection establishment mode.
  • the first gateway device may send a connection request message to the management network element, where the connection request message carries the quality of service information, and the management network The element may check whether the connection request message is a security signaling according to the service quality information, and when the connection request message is inspected as non-secure signaling (the QOS of the user subscription data does not match), the management network element may go to the first The gateway device sends an abnormal message indication and refuses to receive the connection request message, or requests the first gateway device to resend the connection request message; when the connection request message is checked as the security signaling, the management network element forwards the connection request to the public network element. Message.
  • the second gateway device After receiving the connection request message, the second gateway device first verifies whether the connection request message is from the management network element, and if the connection request message is verified from the management network element, returns a connection success indication to the management network element.
  • a session creation response the connection success indication is used to notify the first gateway device or the management network element that the connection is successfully established, wherein the session creation response includes a gateway address and/or a location of the second gateway device a tunnel endpoint identifier of the second gateway device; if it is verified that the connection request message is not from the management network element, the session creation response including the mode error indication may be returned to the first gateway device and the connection request message is rejected,
  • the mode error indication is used to notify the first gateway device that the wrong connection connection mode is used, and instructs the first gateway device to stop the connection establishment process with the second gateway device or re-initiate the connection with the second gateway device using the correct connection establishment mode.
  • the establishment process the connection success indication is used to notify the first gateway device or the management network element that the
  • the management network element selects the second transmission path mode, after the management network element receives the connection request message sent by the first gateway device, because the management network element The control plane signaling can be checked, thereby improving the security of signaling transmission.
  • FIG. 8 is a schematic structural diagram of a first gateway device according to an embodiment of the present application.
  • the first gateway device in this embodiment of the present application includes:
  • the information receiving module 801 is configured to receive the identifier information of the connection establishment mode sent by the management network element, where the connection establishment mode is determined by the first gateway device and the second gateway device determined by the management network element according to the state information of the first network. The way the connection is established.
  • the connection establishment mode includes a transmission path mode and a second transmission path mode, where the first transmission path mode is a direct transmission path between the first gateway device and the second gateway device, and the second transmission path mode is the An indirect transmission path established between the gateway device and the second gateway device by using the management network element for signaling transmission.
  • the user equipment may send a request message to the local base station, where the request message may carry the network identifier of the first network, and then the local base station sends a request message to the management network element, or the local network controller may send the request message to the management network.
  • the element sends a request message or an authentication message carrying the network identifier of the first network, and after receiving the request message or the authentication message, the management network element acquires the network identifier of the first network.
  • the management network element may search for status information of the first network corresponding to the network identifier from a preset network status list or obtain the first network corresponding to the network identifier from the information storage server.
  • Status information where the preset network status list includes a correspondence between all network identifiers and status information, and the status information includes a network trusted status and a network untrusted status. If the status information is in a trusted state, determining that the connection establishment mode between the first gateway device and the second gateway device is the first transmission path mode; if the status information is an untrusted state, Then determining that the connection establishment mode between the first gateway device and the second gateway device is the second transmission path mode.
  • the management network element may send a connection notification message to the second gateway device, the connection The notification message includes the identification information of the connection establishment mode, the connection establishment mode of the network, and the transmission path of the second gateway device to establish control signaling.
  • the path establishing module 802 is configured to establish a transmission path of the control signaling with the second gateway device according to the connection establishment mode indicated by the identifier information.
  • the first gateway device may directly send a connection request message to the second gateway device.
  • the connection request message includes a User Equipment Identity (UE ID), a gateway address of the first gateway device (on-site GW address), and a Tunnel Endpoint Identifier (TEID) of the first gateway device. At least one of them.
  • UE ID User Equipment Identity
  • TEID Tunnel Endpoint Identifier
  • the second gateway device After receiving the connection request message, the second gateway device first verifies whether the connection request message is from the first gateway device, and if it is verified that the connection request message is from the first gateway device, returns the inclusion to the first gateway device.
  • the session creation response includes a gateway address (GW address) of the second gateway device and/or a Tunnel Endpoint Identifier (TEID) of the second gateway device; If it is verified that the connection request message is not from the first gateway device, the session creation response including the mode error indication may be returned to the first gateway device and the connection request message is rejected, or the first gateway device is required to establish using another connection. The mode resends the connection request message.
  • GW address gateway address
  • TEID Tunnel Endpoint Identifier
  • the first gateway device may send a connection request message to the management network element, where the connection request message carries the quality of service information, and the management network
  • the element may check whether the connection request message is a security signaling according to the service quality information, and when the connection request message is inspected as non-secure signaling (the QOS of the user subscription data does not match), the management network element may go to the first
  • the gateway device sends an abnormal message indication and refuses to receive the connection request message, or requests the first gateway device to resend the connection request message; when the connection request message is checked as the security signaling, the management network element forwards the connection request to the public network element. Message.
  • the second gateway device After receiving the connection request message, the second gateway device first verifies whether the connection request message is from the management network element, and if the connection request message is verified from the management network element, returns a connection success indication to the management network element.
  • the session creation response is used to notify the first gateway device or the management network element that the connection is successfully established, wherein the session creation response includes a gateway address (GW address) of the second gateway device. And/or a Tunnel Endpoint Identifier (TEID) of the second gateway device; if it is verified that the connection request message is not from the management network element, the session including the mode error indication may be returned to the first gateway device.
  • GW address gateway address
  • TEID Tunnel Endpoint Identifier
  • the mode error indication is used to notify the first gateway device that the wrong connection connection mode is used, and instructing the first gateway device to stop the connection establishment process with the second gateway device or to use the correct connection
  • the setup mode re-initiates the connection establishment process with the second gateway device.
  • the management network element selects the second transmission path mode, after the management network element receives the connection request message sent by the first gateway device, because the management network element The control plane signaling can be checked, thereby improving the security of signaling transmission.
  • FIG. 9 is a schematic structural diagram of a second gateway device according to an embodiment of the present application.
  • the second gateway device in this embodiment of the present application includes:
  • the information receiving module 901 is configured to receive a connection notification message sent by the management network element, where the connection notification message carries the identification information of the connection establishment mode, where the connection establishment mode is determined by the management network element according to the state information of the first network.
  • the user equipment may send a request message to the local base station, where the request message may carry the network identifier of the first network, and then the local base station sends a request message to the management network element, or the local network controller may send the request message to the management network.
  • the element sends a request message or an authentication message carrying the network identifier of the first network, and after receiving the request message or the authentication message, the management network element acquires the network identifier of the first network.
  • the management network element may search for status information of the first network corresponding to the network identifier from a preset network status list or obtain the first network corresponding to the network identifier from the information storage server.
  • Status information where the preset network status list includes a correspondence between all network identifiers and status information, and the status information includes a network trusted status and a network untrusted status.
  • the management network element may send a connection notification message to the second gateway device, where the connection notification message includes the identification information of the connection establishment mode (mode At least one of an Identity, Mode ID, a Packet Data Protocol Identity (PDN ID), and an on-site network ID of the first network.
  • mode At least one of an Identity, Mode ID, a Packet Data Protocol Identity (PDN ID), and an on-site network ID of the first network.
  • the information receiving module 901 is further configured to receive a connection request message sent by the first gateway device or the management network element.
  • the first gateway device may directly send a connection request message to the second gateway device.
  • the connection request message includes a User Equipment Identity (UE ID), a gateway address of the first gateway device (on-site GW address), and a tunnel endpoint identifier of the first gateway device (Tunnel Endpoint) At least one of Identifier, TEID).
  • UE ID User Equipment Identity
  • On-site GW address gateway address of the first gateway device
  • Tunnel Endpoint tunnel endpoint identifier of the first gateway device
  • TEID tunnel endpoint identifier of the first gateway device
  • the first gateway device may send a connection request message to the management network element, where the connection request message carries the quality of service information, and the management network element may The service quality information is checked whether the connection request message is a security signaling.
  • the management network element may send the non-secret to the first gateway device.
  • the normal message indicates and refuses to receive the connection request message, or requests the first gateway device to resend the connection request message; when the connection request message is checked as the security signaling, the management network element forwards the connection request message to the public network element.
  • the information verification module 902 is configured to verify whether the connection request message is from a transmission path of control signaling indicated by the identification information of the connection establishment mode.
  • the second gateway device first verifies whether the connection request message is from the first gateway device, if the connection request message is verified to come from Returning, to the first gateway device, a session creation response including a connection success indication to the first gateway device, where the session creation response includes a gateway address (GW address) of the second gateway device and/or the a Tunnel Endpoint Identifier (TEID) of the second gateway device; if it is verified that the connection request message is not from the first gateway device, the session creation response including the mode error indication may be returned to the first gateway device and rejected This connection request message, or the first gateway device is required to resend the connection request message using another connection establishment mode.
  • GW address gateway address
  • TEID Tunnel Endpoint Identifier
  • the second gateway device first verifies whether the connection request message is from the management network element, if the verification And the connection request message is sent from the management network element, and the session creation response is sent to the management network element, where the connection success indication is used to notify the first gateway device or the management network element that the connection is successfully established.
  • the session creation response includes a gateway address (GW address) of the second gateway device and/or a tunnel endpoint identifier (TEID) of the second gateway device; if the connection request message is verified not to be From the management network element, the session creation response including the mode error indication may be returned to the first gateway device and the connection request message is rejected, the mode error indication is used to notify the first gateway device that the wrong connection connection mode is used. And instructing the first gateway device to stop the connection establishment process with the second gateway device or re-initiating the connection establishment process with the second gateway device using the correct connection establishment mode.
  • GW address gateway address
  • TEID tunnel endpoint identifier
  • FIG. 10 is a schematic structural diagram of a management network element proposed by the present application.
  • the management network element can include at least one processor 1001, such as a CPU, at least one network interface 1002, at least one memory 1003, and at least one communication bus 1004.
  • the communication bus 1004 is used to implement connection communication between these components.
  • the network interface 1002 of the device in this embodiment may be a wired sending port, or may be a wireless device, for example, including an antenna device, for performing signaling or data communication with other node devices.
  • the memory 1003 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
  • the memory 1003 can also optionally be at least one storage device located remotely from the aforementioned processor 1001.
  • the memory 1003 may also be located in the processor 1001.
  • a set of program codes is stored in the memory 1003, and the processor 1001 executes a program executed by the above-described management network element stored in the memory 1003.
  • the processor is configured to invoke the program code and perform the following operations:
  • the identifier information is used to indicate that the first gateway device establishes a transmission path of control signaling with the second gateway device according to the connection establishment mode.
  • the processor can also cooperate with the memory and the network interface to perform the operation of managing the network element in the embodiment 3-6 of the present application.
  • FIG. 11 is a schematic structural diagram of a gateway device proposed by the present application.
  • the gateway device can include at least one processor 1101, such as a CPU, at least one network interface 1102, at least one memory 1103, and at least one communication bus 1104.
  • the communication bus 1104 is used to implement connection communication between these components.
  • the network interface 1102 of the device in this embodiment may be a wired sending port, or may be a wireless device, for example, including an antenna device, for performing signaling or data communication with other node devices.
  • the memory 1103 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
  • the memory 1103 can also optionally be at least one storage device located remotely from the aforementioned processor 1101.
  • the memory 1103 may also be located in the processor 1101.
  • a set of program codes is stored in the memory 1103, and the processor 1101 executes a program executed by the above-described gateway device stored in the memory 1103.
  • the processor calls the program code and performs the following operations:
  • the processor may also cooperate with the memory and the network interface to perform the operation of the first gateway device in the embodiment 3-6 of the present application.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Les modes de réalisation de la présente invention concernent un procédé de connexion à un réseau et un dispositif associé. Le procédé comporte les étapes suivantes : une entité de gestion acquiert l'identifiant de réseau d'un premier réseau ; l'entité de gestion, selon l'identifiant de réseau du premier réseau, détermine des informations d'état du premier réseau ; l'entité de gestion, selon les informations d'état, détermine un mode d'établissement de connexion entre un premier dispositif de passerelle du premier réseau et un deuxième dispositif de passerelle d'un deuxième réseau ; l'entité de gestion envoie des informations d'identification du mode d'établissement de connexion au premier dispositif de passerelle, les informations d'identification étant utilisées pour donner l'instruction au premier dispositif de passerelle d'établir un trajet de transmission afin de commander une signalisation avec le deuxième dispositif de passerelle selon le mode d'établissement de connexion. La présente invention permet de diversifier les modes de transmission de signalisation entre une passerelle sur site et une passerelle publique.
PCT/CN2016/092465 2016-07-30 2016-07-30 Procédé de connexion à un réseau et dispositif associé Ceased WO2018023213A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/092465 WO2018023213A1 (fr) 2016-07-30 2016-07-30 Procédé de connexion à un réseau et dispositif associé

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/092465 WO2018023213A1 (fr) 2016-07-30 2016-07-30 Procédé de connexion à un réseau et dispositif associé

Publications (1)

Publication Number Publication Date
WO2018023213A1 true WO2018023213A1 (fr) 2018-02-08

Family

ID=61072154

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/092465 Ceased WO2018023213A1 (fr) 2016-07-30 2016-07-30 Procédé de connexion à un réseau et dispositif associé

Country Status (1)

Country Link
WO (1) WO2018023213A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114039946A (zh) * 2020-07-21 2022-02-11 阿里巴巴集团控股有限公司 消息传输方法和装置、电子装置及存储介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102014452A (zh) * 2009-09-08 2011-04-13 中兴通讯股份有限公司 一种本地ip访问连接实现移动性的方法和系统
CN102256329A (zh) * 2010-05-19 2011-11-23 中兴通讯股份有限公司 一种实现路由选择的方法和装置
CN104780586A (zh) * 2014-01-13 2015-07-15 中兴通讯股份有限公司 数据路径处理方法、系统及设备

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102014452A (zh) * 2009-09-08 2011-04-13 中兴通讯股份有限公司 一种本地ip访问连接实现移动性的方法和系统
CN102256329A (zh) * 2010-05-19 2011-11-23 中兴通讯股份有限公司 一种实现路由选择的方法和装置
CN104780586A (zh) * 2014-01-13 2015-07-15 中兴通讯股份有限公司 数据路径处理方法、系统及设备

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"3GPP; TSGSSA; General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access", 3GPP TS 23.401 V14.0.0, 30 June 2016 (2016-06-30), XP051123221 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114039946A (zh) * 2020-07-21 2022-02-11 阿里巴巴集团控股有限公司 消息传输方法和装置、电子装置及存储介质

Similar Documents

Publication Publication Date Title
CN116074990B (zh) Pdu会话管理
CN104767715B (zh) 网络接入控制方法和设备
US10856143B2 (en) Method and apparatus for IP address assignment
US20230024999A1 (en) Communication system, method, and apparatus
WO2013082984A1 (fr) Procédé pour le rattachement à un réseau e-utran et entité de gestion de la mobilité correspondante
CN108702624A (zh) 移动通信方法、装置及设备
US10531363B2 (en) Wireless internet access
US11864149B2 (en) Systems and methods for user equipment (UE) registration
CN102014459A (zh) 无线接入控制方法和装置
WO2019196000A1 (fr) Procédés et système pour réaliser une communication par chemin rapide de petites données
CN109246769A (zh) 一种pdu会话建立方法及装置
CN113873680A (zh) 会话管理方法、会话管理功能网元和存储介质
WO2018049959A1 (fr) Procédé et appareil de radio-recherche d'une application sur un équipement utilisateur
WO2012130048A1 (fr) Procédé et appareil pour initialiser une passerelle dans un système de gestion de dispositifs
US20240098583A1 (en) PDU session continuity for a UE moving between a telecommunications network and a gateway device
WO2015100564A1 (fr) Procédé de gestion des défaillances, réseau de données par paquets, entité de gestion de mobilité et système de réseau
CN117413554A (zh) 密钥管理方法、装置、设备及存储介质
WO2018023213A1 (fr) Procédé de connexion à un réseau et dispositif associé
WO2015135278A1 (fr) Procédé et système d'authentification, entité fonctionnelle prose et ue
JP2017127025A (ja) リンク失敗原因を分析する方法及び装置
CN1947455B (zh) 支持无线台站之后的网络
WO2017129101A1 (fr) Procédé, appareil et système de commande de routage
CN105992313B (zh) Wi-fi管理方法及装置
CN102573106A (zh) 部分失效的报文发送
CN106688259B (zh) 一种对用户设备的鉴权方法及装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16910811

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16910811

Country of ref document: EP

Kind code of ref document: A1