CN116867028A

CN116867028A - Method for determining access network equipment

Info

Publication number: CN116867028A
Application number: CN202210957861.3A
Authority: CN
Inventors: 徐艺珊; 朱方园; 黄康
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2022-03-28
Filing date: 2022-08-10
Publication date: 2023-10-10

Abstract

The application provides a method and a device for determining access network equipment, relates to the technical field of communication, and solves the problem that in the prior art, terminal equipment cannot know network slices supported by non-3 GPP access network equipment, so that when the terminal equipment requests to access a network through the non-3 GPP access network equipment, the terminal equipment possibly cannot access the network slices which are requested to be accessed by the terminal equipment. The method comprises the following steps: the terminal equipment sends a first message to the mobile management equipment through the first access network equipment, wherein the first message comprises an identifier of at least one network slice, and the first message indicates a request for accessing the network slice; receiving, by the first access network device or the second access network device, a second message, the second message including information of the second access network device, the second message indicating that the second access network device supports one or more of the at least one network slice; and establishing a connection with the second access network device.

Description

Method for determining access network equipment

The present application claims priority from the national intellectual property agency, application number 202210317331.2, application name "determination method for access network device", filed 28 at 2022, 03, the entire contents of which are incorporated herein by reference.

Technical Field

The present application relates to the field of communications technologies, and in particular, to a method and an apparatus for determining an access network device.

Background

A fifth generation (5G) mobile communication Network (abbreviated as 5G Network) proposes a Network Slice (Network Slice) concept to meet the differentiated requirements of various types of services. The network slicing refers to dividing a plurality of virtual networks composed of specific network functions, network topologies and network resources on a physical network, and is used for meeting the service functions and service quality requirements corresponding to different network slices. Through network slicing, operators can construct a plurality of special, virtualized and isolated logic subnets on a general physical platform, so that different requirements of different services of users on network capacity can be met in a targeted manner.

The network slices supported by the access network device may be configured based on granularity of a Tracking Area (TA), that is, the TA corresponds to at least one network slice, and the network slices corresponding to different TAs may be different; thus, the network slices supported by the access network devices corresponding to the same TA are the same, and the network slices supported by the access network devices corresponding to different TAs are different. The TA may be divided based on a location or other parameters.

Currently, for a non-third generation partnership project (3rd generation partnership project,3GPP) access type, a terminal device cannot know a TA of a non-3 GPP access network device, that is, cannot know a network slice supported by the non-3 GPP access network device, and when the terminal device accesses a core network through the non-3 GPP access network device and requests to acquire a slice service corresponding to a certain network slice, the terminal device may not acquire the slice service and fail communication due to the non-3 GPP access network device not supporting the network slice requested by the terminal device.

Disclosure of Invention

The application provides a method and a device for determining access network equipment, which solve the problems that in the prior art, terminal equipment cannot acquire network slices supported by non-3 GPP access network equipment, so that when the terminal equipment accesses a network through the non-3 GPP access network equipment and requests to access a certain network slice, the terminal equipment possibly cannot acquire requested slice service and communication fails.

In order to achieve the above purpose, the application adopts the following technical scheme:

in a first aspect, a method for determining an access network device is provided, and the method is applied to a terminal device, and includes: transmitting, by a first access network device, a first message to a mobility management device, the first message including an identification of at least one network slice, the first message indicating a request to access the network slice; receiving, by the first access network device or a second access network device, a second message including information of a second access network device, the second message indicating that the second access network device supports one or more of the at least one network slice; and establishing connection with the second access network equipment.

According to the embodiment, when the mobile management device determines that the access network device currently connected with the terminal device does not support the network slice requested by the terminal device according to the slice information supported by the access network device, the target access network device supporting the network slice requested by the terminal device can be determined, so that the terminal device can be connected with the target access network device according to the target access network device information by sending the target access network device information to the terminal device, and access the core network through the target access network device, and the problem that the access network device cannot be accurately connected under the non-3 GPP access type to acquire the network slice service is effectively solved.

In one possible implementation, the second message indicates that the first access network device does not support one or more of the at least one network slice.

In one possible implementation, the first message includes first indication information indicating acquisition of access network device information supporting the at least one network slice, or indicating matching of corresponding access network devices according to the first message.

In one possible implementation, the information of the second access network device includes at least one of an identification of the second access network device or an address of the second access network device.

In one possible implementation, the second message further includes an identification of one or more of the at least one network slice included in the first message.

In one possible implementation manner, the first access network device is any one of a trusted non-3 GPP gateway function TNGF network element corresponding to a trusted non-3 GPP access technology, a non-3 GPP interworking function N3IWF network element corresponding to a non-trusted non-3 GPP access technology, a trusted WLAN interworking function TWIF network element corresponding to a trusted wireless local area network WLAN access technology, an access network device corresponding to a wired access technology, a related gateway function W-AGF, an access network device corresponding to a non-3 GPP access technology, or an access network device corresponding to a 3GPP access technology.

In one possible implementation, if the second message is a registration accept message, before receiving the second message, the method further includes: and the terminal equipment completes authentication and security flow and establishes an internet security protocol IPsec SA communication tunnel.

In one possible implementation, after receiving the second message, the method further includes: and the terminal equipment executes a deregistration process through the first access network equipment.

In a possible implementation manner, the second message includes second indication information, where the second indication information indicates that the terminal device changes access network devices.

In one possible implementation, the method further includes: and acquiring third information, wherein the third information is used for indicating to release the connection between the terminal equipment and the first access network equipment.

In one possible implementation, the third information comprises information of the second access network device.

In one possible implementation, the third information is a second message.

In one possible implementation, the third information comprises the second message, or the second message comprises the third information.

That is, through the implementation manner, when the mobile management device determines that the access network device currently connected with the terminal device does not support the network slice requested by the terminal device, the mobile management device determines the target access network device supporting the network slice for the terminal device, and under the condition that no registration procedure is required to be executed, the connection between the access network device and the terminal device is released, or the connection between the terminal device and the access network device is indicated, so that the subsequent terminal device can establish connection with the target access network device and access the core network.

In one possible implementation, the method further includes: and acquiring allowed slice information, wherein the allowed slice information comprises first slice information supported by the second access network equipment, and the first slice information comprises identification of at least one network slice. The method comprises the steps of updating the allowed slice information corresponding to the terminal equipment to enable the slice information to comprise the slice information requested by the terminal equipment and supported by the second access network equipment, so that an interaction flow is simplified, and the problem that the access network equipment cannot be accurately connected to acquire network slice services is effectively solved.

In one possible implementation, the method further includes: and acquiring allowable slice information through the first access network equipment.

In one possible implementation, the method further includes: the first slice information comprises second slice information which is accessed by the terminal equipment, and the second slice information comprises identification of at least one network slice.

In a possible implementation, the allowed slice information includes second slice information that the terminal device requests access to, the second slice information including an identification of at least one network slice, the first slice information being the same as or different from the second slice information.

In one possible implementation, the allowed slice information comprises an identification of at least one network slice not supported by the first access network device. The method comprises the steps of updating the allowed slice information corresponding to the terminal equipment to enable the slice information to comprise the slice information which is requested by the terminal equipment and is not supported by the first access network equipment, so that an interaction flow is simplified, and the problem that the access network equipment cannot be accurately connected to acquire network slice services is effectively solved.

In one possible implementation, the allowed slice information includes an identification of at least one network slice that is not supported by the first access network device and that is supported by the second access network.

In one possible implementation, the method further includes: fourth information is acquired, wherein the fourth information is used for indicating that the terminal equipment is allowed to establish connection and comprises slice information and/or executed flow. By the implementation manner, in the partial execution flow of establishing connection with the target access network device, the terminal device can carry the slice information requested by the terminal device in the access layer message or the non-access layer message according to the fourth information.

In a possible implementation manner, the connection between the terminal device and the second access network device specifically includes: and transmitting fifth information, wherein the fifth information comprises third slice information which is requested to be accessed by the terminal equipment, the third slice information comprises at least one identifier of a network slice, and the third slice information is the same as or different from the first slice information or the second slice information.

In one possible implementation, the fifth information may be sent by a service request, a periodic registration update, a mobility registration update, or a registration procedure for updating the capabilities of the terminal device. That is, the terminal device may carry slice information requested by the terminal device in the above procedure of establishing connection with the second terminal device or establishing connection with the mobile management device through the second terminal device, so that the terminal device may obtain, through the second access network device, a service corresponding to the requested slice, thereby improving efficiency of successful access of the terminal.

In one possible implementation, the method further includes: the terminal device sends to said second access network device indication information indicating that the establishment cause is for updating, reselecting or redirecting the access network device.

In a second aspect, a method for determining an access network device is provided, and the method is applied to a mobile management device, and includes: receiving, by a first access network device, a first message from a terminal device, the first message including an identification of at least one network slice, the first message indicating that the terminal device requests access to the network slice; if it is determined that the first access network device does not support one or more of the at least one network slice, and it is determined that a second access network device supports one or more of the at least one network slice; a second message is sent to the terminal device via the first access network device, the second message comprising information of a second access network device, the second message indicating that the second access network device supports one or more of the at least one network slice.

In one possible implementation manner, at least one network slice is a first network slice, and if the mobile management device determines that the first access network device does not support the first network slice, and determines that a second access network device supports the first network slice; a second message is sent to the terminal device via the first access network device.

In one possible implementation, the first message includes first indication information indicating that access network device information supporting the at least one network slice is acquired, or indicating that a corresponding access network device is matched according to the first message.

In one possible implementation, the second message is a registration reject message.

In a possible implementation manner, the second message includes second indication information, where the second indication information indicates that the terminal device changes a corresponding access network device.

In one possible implementation, the method further includes: the mobile management device receives the identifier of the terminal device, and the identifier of the terminal device is used for the access network device to determine the terminal device.

In one possible implementation, after determining that the second access network device supports one or more of the at least one network slice, the method further comprises: sending a first request message to the second access network device, wherein the first request message comprises an identifier of the terminal device, and the first request message is used for requesting to replace the access network device for the terminal device; a first response message is received from the second access network device, the first response message including an address of the second access network device.

In one possible implementation, the method further includes: and storing fourth slice information which is requested to be accessed by the terminal equipment, wherein the fourth slice information comprises the identification of at least one network slice. According to the implementation mode, the mobile management device stores, saves or records the network slice information which the terminal device requests to access, so that when the subsequent terminal device establishes connection through the target access network device, the mobile management device can update or determine slice information which the terminal device is allowed to use according to the stored, saved or recorded slice information which the terminal device requests, and the slice information comprises the requested slice information. Therefore, when the currently connected access network equipment does not support requested slicing, the terminal equipment can establish connection with the target access network equipment to access the core network without executing a registration removal process, and the problem that the access network equipment cannot be accurately connected to acquire network slicing service is effectively solved.

In one possible implementation, the identification of the network slice to which the terminal device requests access includes an identification of at least one network slice not supported by the first access network.

In one possible implementation, the fourth slice information includes an identification of at least one network slice not supported by the first access network.

In one possible implementation, the fourth slice information includes an identification of at least one network slice supported by the second access network.

In one possible implementation, the fourth slice information includes an identification of at least one network slice that is not supported by the first access network device and that is supported by the second access network.

In one possible implementation, the method further includes: and transmitting allowed slice information to the terminal equipment, wherein the allowed slice information comprises first slice information supported by the second access network equipment, and the first slice information comprises identification of at least one network slice.

In one possible implementation, the allowed slice information comprises an identification of at least one network slice not supported by the first access network device.

In one possible implementation, the method further includes: and sending third information, wherein the third information is used for indicating to release the connection between the terminal equipment and the first access network equipment.

That is, through the implementation manner, when the mobile management device determines that the access network device currently connected to the terminal device does not support the network slice requested by the terminal device, the mobile management device determines the target access network device supporting the network slice for the terminal device, and under the condition that no registration procedure is required to be executed, instructs the first access network device to release the connection with the terminal device, or instructs the terminal device to release the connection with the first access network device, so that the subsequent terminal device can establish a connection with the target access network device or the second access network device and access the core network.

In one possible implementation, the method further includes: and sending fourth information to the terminal equipment, wherein the fourth information is used for indicating that slice information is included and/or executed flow is executed when the terminal equipment is allowed to establish connection.

In one possible implementation, the method further includes: and sending fourth information to the terminal equipment through the first access network equipment, wherein the fourth information is used for indicating that the connection establishment of the terminal equipment is allowed to comprise slice information and/or executed flow.

In one possible implementation, the executed procedures include a mobility registration update procedure, an initial access procedure, a service request procedure, a periodic registration update procedure, or a registration procedure for updating the capabilities of the terminal device.

In one possible implementation, the method further includes: and acquiring fifth information, wherein the fifth information comprises third slice information which is requested to be accessed by the terminal equipment, the third slice information comprises at least one identifier of a network slice, and the third slice information is the same as or different from the first slice information or the second slice information.

In one possible implementation, the method further includes: and receiving fifth information from terminal equipment, wherein the fifth information comprises third slice information which is requested to be accessed by the terminal equipment, the third slice information comprises identification of at least one network slice, and the third slice information is the same as or different from the first slice information or the second slice information.

In one possible implementation, the fifth information includes an identification of at least one network slice that is not supported by the first access network device and that is supported by the second access network.

In one possible implementation, the fifth information may be sent by a service request, a periodic registration update, a mobility registration update, or a registration procedure for updating the capabilities of the terminal device.

In one possible implementation, the method further includes: and updating the allowed slice information according to the fourth slice information or the third slice information.

In one possible implementation, the method further includes: and updating the allowed slice information corresponding to the terminal equipment according to the fourth slice information or the third slice information.

In one possible implementation, the method further includes: transmitting the allowed slice information corresponding to the terminal equipment to the second access network equipment; and/or transmitting the allowed slice information to the terminal equipment through the second access network equipment.

In a third aspect, a method for determining an access network device is provided, and the method is applied to a mobile management device, and includes: receiving, by a first access network device, a first message from a terminal device, the first message including an identification of at least one network slice, the first message indicating that the terminal device requests access to the network slice; if it is determined that the first access network device does not support one or more of the at least one network slice, and it is determined that a second access network device supports one or more of the at least one network slice; and sending a second message to the second access network device, wherein the second message indicates the second access network device to send information of the second access network device to the terminal device, and the information of the second access network device is used for establishing connection between the terminal device and the second access network device.

In one possible implementation, after determining that the first access network device does not support one or more of the at least one network slice, the method further comprises: sending a second request message to the first access network equipment, wherein the second request message requests to acquire the identifier of a non-3 GPP access point connected with the terminal equipment; an identification of a non-3 GPP access point to which the terminal device is connected from the first access network device is received.

In one possible implementation, after determining that the first access network device does not support one or more of the at least one network slice, the method further comprises: and sending a third request message to the second access network equipment, wherein the third request message comprises the identification of the non-3 GPP access point.

In a possible implementation manner, the third request message further includes third indication information, where the third indication information indicates that the terminal device changes access network devices, or indicates that the terminal device is migrated from another access network device, or indicates that the terminal device is previously connected to another access network device.

In one possible implementation, the third request message is used to establish context information of the terminal device.

In a fourth aspect, a method for determining an access network device is provided, where the method is applied to a first access network device, and the method includes: receiving a first message from a terminal device, the first message comprising an identification of at least one network slice, the first request indicating that the terminal device requests access to the network slice; sending the first message to a mobile management device; receiving a second message from the mobility management device, the second message including information of a second access network device, the second message indicating that the second access network device supports one or more of the at least one network slice; and sending the second message to the terminal equipment.

By the above embodiment, the mobile management device may further change the access network device for the terminal device when determining that the access network device currently connected to the terminal device does not support the network slice requested by the terminal device according to the network slice requested by the terminal device in the registration flow of the terminal device, specifically, may send information of the target access network device to the terminal device through the source access network device, so that the terminal device may be connected to the target access network according to the information of the target access network device, so that the changed target access network device may support the network slice requested by the terminal device, and communication efficiency is improved. In addition, the access network equipment is replaced for the terminal equipment, so that the terminal equipment does not need to execute the registration process again, and signaling overhead and time delay overhead can be effectively reduced.

In one possible implementation manner, if the second message is a registration rejection message, after sending the second message to the terminal device, the method further includes: and the first access network equipment is connected with the terminal equipment in a release way.

In one possible implementation, the method further includes: and receiving the identification of the terminal equipment, wherein the identification of the terminal equipment is used for the access network equipment to determine the terminal equipment.

In a fifth aspect, a method for determining an access network device is provided, where a terminal device obtains configuration information; and the terminal equipment selects access network equipment supporting the requested network slice according to the configuration information.

Through the embodiment, the terminal equipment can select the access network equipment supporting the network slice requested by the terminal equipment according to the acquired configuration information, so that the problem that the access network equipment cannot be accurately connected under the non-3GPP access type to acquire the network slice service is effectively solved.

In one possible implementation, the configuration information is one or more of WLAN selection policy (e.g., WLAN selection policy, WLANSP), N3IWF identification configuration information (e.g., N3IWF identifier configuration), or non-3GPP access node selection information (e.g., non-3GPP access node selection information).

In a possible implementation manner, the configuration information includes at least one access network device information and information of a network slice corresponding to the access network device.

In a possible implementation manner, the terminal device selects an access network device supporting the requested network slice according to the configuration information, and specifically includes: the terminal device may select an access network device from the selectable access network devices that matches the at least one network slice requested by the terminal device based on the configuration information.

In one possible implementation, the configuration information includes information of at least one network slice and access network device information of one or more access network devices supporting the network slice.

In a possible implementation manner, the terminal device selects an access network device supporting the requested network slice according to the configuration information, and specifically includes: the terminal device may select one of the access network devices from one or more access network devices supporting the network slice requested by the terminal device according to the configuration information.

In a possible embodiment, the configuration information includes at least one network slice including a network slice requested by the terminal device.

In one possible implementation, the configuration information includes at least one network slice that is one or more slices supported by the network; or, the configuration information includes at least one network slice that is a network slice that the terminal device is allowed to use or subscribe to.

In one possible embodiment, the terminal device is preconfigured with the configuration information; or the terminal equipment acquires the configuration information through the core network equipment.

In one possible implementation, the core network device is a policy control device, a mobility management device, a session management device, a user plane device, a unified data management device, a network storage device, or a network open function device.

In one possible implementation, the terminal device obtains the configuration information through a configuration update procedure.

In a possible implementation, the access network device is a TNAN, TNGF, TNAP, N3IWF or WLAN access node (e.g., access point, AP).

In a sixth aspect, a communication apparatus is provided, where the communication apparatus includes a sending module, a receiving module, and a processing module, where the sending module is configured to send a first message to a mobility management device through a first access network device, where the first message includes an identifier of at least one network slice, and the first message indicates a request to access the network slice; the receiving module is configured to receive, through the first access network device or a second access network device, a second message, where the second message includes information of the second access network device, and the second message indicates that the second access network device supports one or more of the at least one network slice; and the processing module is used for establishing connection with the second access network equipment.

In one possible implementation, if the second message is a registration accept message, the processing module is further configured to, before receiving the second message: and the terminal equipment completes authentication and security flow and establishes an internet security protocol IPsec SA communication tunnel.

In one possible implementation, the processing module is further configured to: and the terminal equipment executes a deregistration process through the first access network equipment.

In a possible implementation manner, the receiving module is further configured to receive third information, where the third information is used to indicate that the connection between the terminal device and the first access network device is released.

In one possible implementation, the receiving module is further configured to receive allowed slice information, where the allowed slice information includes first slice information supported by the second access network device, and the first slice information includes an identification of at least one network slice. The method comprises the steps of updating the allowed slice information corresponding to the terminal equipment to enable the slice information to comprise the slice information requested by the terminal equipment and supported by the second access network equipment, so that the interaction flow is simplified, and the problem that the access network equipment cannot be accurately connected to acquire network slice services is effectively solved

In a possible implementation manner, the receiving module is further configured to obtain fourth information, where the fourth information is used to indicate that the terminal device is allowed to establish a connection, and the fourth information includes slice information and/or a procedure executed.

In a possible implementation manner, the sending module is further configured to send fifth information, where the fifth information includes third slice information, where the third slice information includes an identifier of at least one network slice, and the third slice information is the same as or different from the first slice information or the second slice information.

In a possible implementation, the sending module is further configured to send, to the second access network device, indication information indicating that the establishment cause is for updating, reselecting or redirecting the access network device.

In a seventh aspect, a communication apparatus is provided, where the communication apparatus includes a sending module, a receiving module, and a processing module, where the receiving module is configured to receive, by a first access network device, a first message from a terminal device, where the first message includes an identifier of at least one network slice, and the first message indicates that the terminal device requests access to the network slice; the processing module is configured to determine that if the first access network device does not support one or more of the at least one network slice, and determine that a second access network device supports one or more of the at least one network slice; the sending module is configured to send a second message to the terminal device through the first access network device, where the second message includes information of a second access network device, and the second message indicates that the second access network device supports one or more of the at least one network slice.

In one possible implementation, at least one network slice is a first network slice, if the processing module determines that the first access network device does not support the first network slice, and determines that a second access network device supports the first network slice; the sending module is configured to send a second message to the terminal device through the first access network device.

In a possible implementation manner, the receiving module is further configured to receive an identifier of the terminal device, where the identifier of the terminal device is used by the access network device to determine the terminal device.

In a possible implementation manner, the sending module is further configured to send a first request message to the second access network device, where the first request message includes an identifier of the terminal device, and the first request message is used to request to replace an access network device for the terminal device; the receiving module is further configured to receive a first response message from the second access network device, where the first response message includes an address of the second access network device.

In a possible implementation manner, the processing module is further configured to store fourth slice information that the terminal device requests to access, where the fourth slice information includes an identification of at least one network slice.

In a possible implementation manner, the sending module is further configured to send allowed slice information to the terminal device, where the allowed slice information includes first slice information, and the first slice information includes an identification of at least one network slice.

In a possible implementation manner, the sending module is further configured to send third information, where the third information is used to instruct to release the connection between the terminal device and the first access network device.

In a possible implementation manner, the sending module is further configured to send fourth information to the terminal device through the first access network device, where the fourth information is used to indicate that slice information is included and/or a procedure is executed when the terminal device is allowed to establish a connection.

In a possible implementation manner, the receiving module is further configured to receive, by the second access network device, fifth information from a terminal device, where the fifth information includes third slice information that the terminal device requests to access, where the third slice information includes an identifier of at least one network slice, and the third slice information is the same as or different from the first slice information or the second slice information.

In a possible implementation, the processing module is further configured to update the allowed slice information according to the fourth slice information or the third slice information.

In a possible implementation manner, the sending module is further configured to send the allowed slice information corresponding to the terminal device to the second access network device; and/or transmitting the allowed slice information to the terminal equipment through the second access network equipment.

An eighth aspect provides a communication apparatus, the communication apparatus comprising a sending module, a receiving module and a processing module, the receiving module configured to receive, by a first access network device, a first message from a terminal device, the first message including an identification of at least one network slice, the first message indicating that the terminal device requests access to the network slice; if the processing module determines that the first access network device does not support one or more of the at least one network slice, and determines that the second access network device supports one or more of the at least one network slice; the sending module is configured to send a second message to the second access network device, where the second message indicates the second access network device to send information of the second access network device to the terminal device, and the information of the second access network device is used for establishing connection between the terminal device and the second access network device.

In a possible implementation manner, the sending module is further configured to send a second request message to the first access network device, where the second request message requests to obtain an identifier of a non-3 GPP access point to which the terminal device is connected; the receiving module is further configured to receive an identification of a non-3 GPP access point to which the terminal device of the first access network device is connected.

In one possible implementation, the sending module is further configured to send a third request message to the second access network device, where the third request message includes an identification of the non-3 GPP access point.

A ninth aspect provides a communication apparatus, the communication apparatus comprising a sending module, a receiving module and a processing module, the receiving module being configured to receive a first message from a terminal device, the first message comprising an identification of at least one network slice, the first request indicating that the terminal device requests access to the network slice; the sending module is used for sending the first message to the mobile management equipment; the receiving module is further configured to receive a second message from the mobility management device, the second message including information of a second access network device, the second message indicating that the second access network device supports one or more of the at least one network slice; the sending module is further configured to send the second message to the terminal device.

In one possible implementation manner, if the second message is a registration rejection message, the processing module is configured to release the connection between the first access network device and the terminal device.

In a possible implementation manner, the receiving module is configured to receive an identifier of the terminal device, where the identifier of the terminal device is used by the access network device to determine the terminal device.

In a tenth aspect, a communication apparatus is provided, the communication apparatus including a processing module configured to obtain configuration information; and selecting access network equipment supporting the requested network slice according to the configuration information.

In a possible embodiment, the processing module is configured to select, from the alternative access network devices, an access network device matching the at least one network slice requested by the terminal device according to the configuration information.

In a possible embodiment, the processing module is configured to select one of the access network devices from the one or more access network devices supporting the network slice requested by the terminal device according to the configuration information.

In one possible implementation, the communication device is preconfigured with the configuration information; or the processing module is used for acquiring the configuration information through the core network equipment.

In a possible implementation manner, the core network device is a policy control device, a mobility management device, a session management device, a user plane device, a unified data management device, a network storage device, or a network open function device.

In one possible implementation, the processing module is configured to obtain the configuration information through a configuration update procedure.

In an eleventh aspect, a communication device is provided, the communication device comprising a processor and a transmission interface; wherein the processor is configured to execute instructions stored in a memory to cause the apparatus to perform the method of any one of the first aspects above.

In a twelfth aspect, a communication device is provided, the communication device comprising a processor and a transmission interface; wherein the processor is configured to execute instructions stored in a memory to cause the apparatus to perform the method of any one of the second aspects above.

In a thirteenth aspect, a communication device is provided, the communication device comprising a processor and a transmission interface; wherein the processor is configured to execute instructions stored in a memory to cause the apparatus to perform the method according to any one of the third aspects above.

In a fourteenth aspect, a communication device is provided, the communication device comprising a processor and a transmission interface; wherein the processor is configured to execute instructions stored in a memory to cause the apparatus to perform the method of any one of the fourth aspects above.

A fifteenth aspect provides a communications device comprising a processor and a transmission interface; wherein the processor is configured to execute instructions stored in a memory to cause the apparatus to perform the method of any one of the fifth aspects above.

In a sixteenth aspect, there is provided a computer readable storage medium comprising a program or instructions which, when executed by a processor, is adapted to carry out the method of any one of the first aspects above.

A seventeenth aspect provides a computer readable storage medium comprising a program or instructions which, when executed by a processor, is adapted to carry out the method of any of the second aspects above.

In an eighteenth aspect, there is provided a computer readable storage medium comprising a program or instructions which, when executed by a processor, is adapted to carry out the method of any of the third aspects above.

In a nineteenth aspect, there is provided a computer readable storage medium comprising a program or instructions which, when executed by a processor, performs the method of any of the fourth aspects above.

In a twentieth aspect, there is provided a computer readable storage medium comprising a program or instructions which, when executed by a processor, performs the method of any of the fifth aspects above.

In a twenty-first aspect, there is provided a computer program product which, when run on a computer or processor, causes the computer or processor to perform the method of any of the first aspects above.

In a twenty-second aspect, there is provided a computer program product which, when run on a computer or processor, causes the computer or processor to perform the method of any of the second aspects above.

In a twenty-third aspect, there is provided a computer program product which, when run on a computer or processor, causes the computer or processor to perform the method of any of the above third aspects.

In a twenty-fourth aspect, there is provided a computer program product which, when run on a computer or processor, causes the computer or processor to perform the method of any of the above fourth aspects.

In a twenty-fifth aspect, there is provided a computer program product which, when run on a computer or processor, causes the computer or processor to perform the method of any of the fifth aspects above.

A twenty-sixth aspect provides a communication system comprising an apparatus as claimed in any one of the sixth aspects and an apparatus as claimed in any one of the seventh aspects.

In a possible implementation form, the communication system comprises an apparatus as claimed in any of the above ninth aspects.

A twenty-seventh aspect provides a communication system comprising an apparatus as claimed in any one of the sixth aspects and an apparatus as claimed in any one of the eighth aspects.

It should be appreciated that any of the above-mentioned communication methods, communication apparatuses, communication systems, computer-readable storage media or computer program products, etc. may be implemented by the corresponding methods provided above, and thus, the advantages achieved by the above-mentioned methods may be referred to as advantages in the corresponding methods provided above, and are not described herein.

Drawings

Fig. 1 to fig. 3 are architecture diagrams of a communication system according to an embodiment of the present application;

fig. 4 is a schematic diagram of a registration flow of a terminal device in a 3GPP access manner according to an embodiment of the present application;

fig. 5 is a schematic diagram of an acquisition mode of supporting network slices by an access network device according to an embodiment of the present application;

fig. 6 is a schematic diagram of another communication system according to an embodiment of the present application;

fig. 7 is a schematic structural diagram of a communication device according to an embodiment of the present application;

fig. 8-13 are schematic flow diagrams of a communication method according to an embodiment of the present application;

fig. 14 is a schematic structural diagram of another communication device according to an embodiment of the present application;

fig. 15 is a flow chart of another communication method according to an embodiment of the present application;

fig. 16 is a flow chart of another communication method according to an embodiment of the present application.

Detailed Description

The terms "first" and "second" are used below for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature. In the description of the present embodiment, unless otherwise specified, the meaning of "plurality" is two or more.

In the present application, the words "exemplary" or "such as" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" or "for example" should not be construed as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.

The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.

First, the related art to which the present application relates will be briefly described.

Network slice: the slicing is called as dividing a plurality of virtual networks composed of specific network functions, network topologies and network resources on a physical network, and is used for meeting the service functions and service quality requirements of different network slicing users. Through network slicing, operators can construct a plurality of special, virtualized and mutually isolated logic subnets on a general physical platform, so that different requirements of different services of users on network capacity can be met in a targeted manner. An end-to-end (E2E) logical network is provided that meets specific traffic demands.

The identity of the network slice may be represented by network slice selection assistance information (network slice selection assistance information, NSSAI).

Where NSSAI may include one or more single NSSAI (S-NSSAI), which is a collection of S-NSSAI.

The S-NSSAI is composed of slice type/service type (SST) and slice differentiation symbol (slice differentiator, SD). Wherein SST includes characteristics of standardized or operator-customized network slices in terms of characteristics and traffic; SD is optional information supplementing SST for distinguishing between different network slices with the same SST.

The type and effect of NSSAI includes the following.

Subscription NSSAI (Subscribed NSSAI) belongs to a network slice corresponding to subscription data of a user.

Default NSSAI (Default NSSAI), i.e., depending on the operator policy, there may be one or more network slices in the subscriber's subscription nsai set to the default nsai. When a default nsai is set, if the user equipment does not carry the requested nsai in the registration request message (Registration Request), the network will use the default nsai to provide services to the user equipment.

The NSSAI identification information of the network slice carried in the registration request message (Registration Request) is requested NSSAI (Requested NSSAI), i.e., by the user. Specifically, when the ue requests a service for the first time, the registration request message may carry a Configured nsai, i.e. Configured nsai, and when the ue requests the service again, the registration request message may carry an allowed nsai as a requested nsai.

The grant NSSAI (Allowed NSSAI) indicates one or more S-nsais allowed by the network device among the nsais requested by the user device. Specifically, the network device may inform the user device of the NSSAI Allowed information by carrying an Allowed NSSAI network element in a registration accept message (Registration Accept).

Reject NSSAI (Rejected NSSAI), represents one or more S-nsais rejected by the network device among the nsais requested by the terminal. Illustratively, the network device may inform the terminal of the rejection of NSSAI by carrying a reject NSSAI network element in a registration accept message (Registration Accept).

The network configures NSSAI (Configured NSSAI) a usable nsai for the terminal configuration. The terminal receives an indication message from the network device to configure NSSAI to determine NSSAI available under the network. Specifically, the network may inform the terminal of the information of configuring nsai by carrying Configured nsai network elements in a registration accept message (Registration Accept). The terminal may store Configured NSSAIs of different network configurations in the nonvolatile memory, one Configured NSSAI per public land mobile network (Public Land Mobile Network, PLMN). In addition, if the network changes the configuration nsai of the terminal after registration is completed, the network may inform the terminal of updating the information of the configuration nsai through an update configuration command (Configuration Update Command).

Tracking area TA: is a basic unit of the core network for UE location updating and paging, for example, the coverage area of a 4G or 5G mobile network is divided into a plurality of tracking areas TAs, so that the core network can determine the location of the UE according to the TAs. One TA may comprise one or more cells, that is, one or more cells correspond to one TA. Tracking area identity (Tracking Area Identity, TAI) may be used as a unique identity of the TA, which consists of a mobile country code (Mobile Country Code, MC), a mobile network number (Mobile Network Code, MNC) and a TA code (Tracking Area Code, TAC), which may be broadcasted in SIB1 (System Information Block, SIB, system information block) messages.

The network slices supported by the access network device may be configured based on TAs, i.e., the network slices supported by the access network device (e.g., base station, N3IWF, TNGF, TWIF, or W-AGF, etc.) of the same TA are the same, and the network slices supported by the access network devices of different TAs may be different.

Next, the implementation environment and application scenario of the embodiment of the present application will be briefly described.

The communication method provided by the embodiment of the application can be applied to a communication system of a third generation partnership project (the 3rd generation partnership project,3GPP) access type and a communication system of a non-3 GPP access type.

Among other things, 3GPP access types can include the following access technologies: long term evolution (Long Term Evolution, LTE) technology corresponding to 4G cellular networks, new Radio (NR) technology corresponding to 5G cellular networks, and satellite access manners defined by 3GPP (including low-orbit satellites, medium-orbit satellites, and geostationary satellites).

Fig. 1 illustrates an example of a network service architecture of a 5G mobile communication system, which shows an interaction relationship between a Network Function (NF) and an entity and a corresponding interface.

The service-based network architecture (service-based architecture, SBA) of the 5G system includes network functions and entities mainly including: a terminal device, AN Access Network (AN) or radio access network (radio access network, RAN), a user plane function (user plane function, UPF), a Data Network (DN), AN access and mobility management function (access and mobility management function, AMF), a session management function (session managent function, SMF), AN authentication service function (authentication server function, AUSF), a policy control function (policy control function, PCF), AN application function (application function, AF), a network slice selection function (network slice selection function, NSSF), a unified data management (unified data management, UDM), a network slice selection function (network slice selection function, NSSF), a network slice admission control function (network slice admission control function, NSACF), a network slice selected authentication and authorization function (network slice-specific authentication and authorization function, nsaf), a network opening function (network exposure function, NEF), and a network storage function (NF repository function, NRF).

The UEs, (R) AN, UPF, and DN are generally referred to as user plane network functions and entities (or user plane network elements or user plane channels), and the other parts are generally referred to as control plane network functions and entities (or control plane network elements). The control plane network element is defined by 3GPP as a processing function in a network, and has 3GPP defined functional behavior and 3GPP defined interfaces, and NF can be implemented as a network element running on proprietary hardware, or as a software instance running on proprietary hardware, or as a virtual function instantiated on a suitable platform, such as a cloud infrastructure.

The main functions of each network element are specifically described below.

A terminal device may also be referred to as a User Equipment (UE), a mobile station, a mobile terminal, etc. The terminal is represented by UE in fig. 1. The terminal may be widely applied to various scenes, for example, device-to-device (D2D), vehicle-to-device (vehicle to everything, V2X) communication, machine-type communication (MTC), internet of things (internet of things, IOT), virtual reality, augmented reality, industrial control, autopilot, telemedicine, smart grid, smart furniture, smart office, smart wear, smart transportation, smart city, and the like. The terminal can be a mobile phone, a tablet personal computer, a computer with a wireless receiving and transmitting function, a wearable device, a vehicle, an unmanned aerial vehicle, a helicopter, an airplane, a ship, a robot, a mechanical arm, intelligent household equipment and the like. The embodiment of the application does not limit the specific technology and the specific equipment form adopted by the terminal.

(R) AN: the (R) AN may be AN or RAN. In particular, the RAN may be a radio access network device of various forms, such as: a base station, a macro base station, a micro base station, a distributed unit-control unit (DU-CU), and the like. In addition, the base station may be a wireless controller in a cloud wireless access network (cloud radio access network, CRAN) scenario, or a relay station, an access point, an in-vehicle device, a wearable device, or a network device in a future evolved public land mobile network (public land mobile network, PLMN), or the like. The (R) AN is mainly responsible for radio resource management, quality of service management, data compression, encryption, etc. on the air interface side. The AN may be a non-3GPP access network, such as a trusted non-3GPP access network (trusted non-3GPP access network,TNAN), a trusted WLAN access network (trusted WLAN access network, TWAN) non-trusted non-3GPP radio access network, a wired access network (wireline access network, WAN) or a wired 5G access network (wired-5G access network,W-5 GAN). The access network device corresponding to the trusted non-3GPP access network can be a trusted non-3GPP gateway function (trusted non-3GPP gateway function,TNGF); the access network device to which the trusted WLAN access network corresponds may be a trusted WLAN interworking function (trusted WLAN interworking function, TWIF); the access network device corresponding to the non-trusted non-3GPP access network can be a non-3GPP interworking function (non-3GPP interworking function,N3IWF); the access network device corresponding to the wired access network or the wired 5G access network may be a wired access gateway function (W-AGF).

User plane device: may be referred to as a user plane function (user plane function, UPF) or user plane network element, and is primarily responsible for forwarding and receiving user data. The UPF may receive downstream data from the DN and then transmit the downstream data to the UE through the (R) AN. The UPF may also receive received uplink data from the UE through the (R) AN and then forward the uplink data to the DN.

A mobile management device: may also be referred to as access and mobility management function (access and mobility management function, AMF) or as mobility management function, mobility management entity, access and mobility management device, access and mobility management entity. The AMF entity may also be referred to as an access and mobility management function, an access and mobility management device, an access and mobility management network element, an access management device, a mobility management device, etc., which are one of core network devices and are mainly used for mobility management and access management, etc., and may be used for implementing functions other than session management in the mobility management entity (mobility management entity, MME) function, such as legal interception, or access authorization (or authentication), registration of a user equipment, mobility management, tracking area update procedure, reachability detection, selection of a session management network element, mobility state transition management, etc. For example, in 5G, the access and mobility management element may be an access and mobility management function AMF element, and in future communications, such as 6G, the access and mobility management element may still be an AMF element, or have other names, which is not limited by the present application. When the access and mobility management network element is an AMF network element, the AMF may provide Namf services.

Session management apparatus: may also be referred to as session management function (session management function, SMF) or session management entity, for performing session management, execution of control policies, selection of user plane function network elements, internet protocol (internet protocol, IP) address assignment of the terminal, etc.

Network storage device: may also be referred to as a network storage function (network repository function, NRF), and the NRF network element may also be referred to as a network storage function device or a network warehousing function network element. This network element function may support a service discovery function. A network element discovery request is received from a network element function or Service Communication Proxy (SCP) and the discovered network element function information may be fed back. At the same time, this network element function is also responsible for maintaining information of available network functions and services they each support. The so-called discovery procedure is a procedure in which a demand network element function (NF) implements a specific NF or specific service addressing by means of an NRF, which provides the IP address or full address domain name (full qualified domain name, FQDN) or URI of the respective NF instance or NF service instance. NRF may also implement a discovery procedure across PLMNs by providing network identifications (e.g., public land mobile network identifications, PLMN IDs). In order to achieve addressing discovery of network element functions, each network element needs to be registered in the NRF, and some network element functions may be registered in the NRF at the first run. The network storage function device may be a core network device.

Authentication service equipment: may also be referred to as an authentication service function (authentication server function, AUSF), an authentication service network element for performing a primary authentication, i.e. an authentication between a terminal device and an operator network. After receiving the authentication request initiated by the subscriber, the authentication service network element can authenticate and/or authorize the subscriber through the authentication information and/or authorization information stored in the unified data management network element, or generate the authentication and/or authorization information of the subscriber through the unified data management network element. The authentication service network element may feed back authentication information and/or authorization information to the subscriber. In one implementation, the authentication service network element may also be co-located with the unified data management network element. In a 5G communication system, the authentication service network element may be an authentication service function (authentication server function, AUSF) network element. In future communication systems, the unified data management may still be an AUSF network element, or may have other names, which is not limited by the present application.

Unified data management device: may also be referred to as unified data management (unified data management, UDM): the data management network element is used for processing the terminal equipment identification, access authentication, registration, mobility management and the like. In a 5G communication system, the data management network element may be a unified data management (unified data management, UDM) network element or a unified data management device. In future communication systems, the unified data management may still be a UDM network element, or may have other names, which is not limited by the present application. The unified data management device may be a core network device.

The functions of other network elements included in fig. 1 may refer to related descriptions in the conventional technology, and are not described herein.

In addition, the communication method provided by the embodiment of the application can be applied to a communication system of a non-3GPP access type, wherein the non-3GPP access type comprises non-trusted non-3GPP access (untrusted non-3GPP access) (for example, wireless access node for personal purchase is used for accessing a core network), trusted non-3GPP access network (trusted non-3GPP access Network,TNAN) (for example, wireless access node for deploying through an operator is used for accessing the core network), wire line access technology (wire line access) and the like. Among other access technologies, non-3GPP access can include wireless communication technology (WiFi), bluetooth, purple peak (ZigBee), and the like.

The non-3GPP access network devices can be, in particular, a non-3GPP interworking function (non-3GPP interworking function,N3IWF), a trusted non-3GPP gateway function (trusted non-3GPP gateway function,TNGF), a trusted WLAN interworking function (trusted WLAN interworking function, TWIF), a wired access gateway function (wireline access gateway function, W-AGF), and the like. Wherein W-AGF may also be referred to as AGF. If the access technology is an untrusted non-3GPP access technology, the corresponding non-3GPP access network device may include an N3IWF, where the network topology corresponds to the RAN of the 3GPP access network in fig. 1, and may support N2 and N3 interfaces. If the access technology is a trusted non-3GPP access technology, the corresponding non-3GPP access network device may include a TNGF, and the network topology corresponds to the RAN of the 3GPP access network in fig. 1, and may support N2 and N3 interfaces.

The communication system shown in fig. 2 is a schematic diagram of an untrusted non-3 GPP access system according to an embodiment of the present application. The terminal equipment firstly establishes connection with a non-trusted non-3 GPP access point, acquires an Internet protocol (internet protocol, IP) address, and then acquires IP identification information, such as address information, of the N3IWF through a DNS server according to the discovery and selection criteria of the N3 IWF. The terminal device then establishes an internet protocol security (internet protocol security, IPSec) tunnel with the N3IWF and accesses the core network through the N3 IWF.

The communication system shown in fig. 3 is a schematic diagram of a trusted non-3 GPP access system according to an embodiment of the present application. For example, a WiFi AP deployed in public places, etc. The terminal device first selects a PLMN and selects a non-3 GPP access network within the PLMN that provides a trusted connection. The terminal device then reselects the connection type.

The functions of the respective devices shown in fig. 2 and 3 are described below.

The untrusted non-3 GPP access point may be a non-operator deployed access node, such as a WiFi Access Point (AP) deployed at home or by a merchant.

The N3IWF may be used to allow interworking between the terminal device and the 3GPP core network using non-3 GPP technology. The N3IWF supports the N2 interface for communication with the mobility management device and the N3 interface for communication with the user plane device.

The trusted non-3 GPP Access Point can be an operator deployed Access node, and can be referred to as a trusted N3GPP Access Point (TNAP).

TNAP, which may be used to send authentication, authorization, and accounting (AAA) messages, for example, encapsulates authentication protocol (extensible authentication protocol, EAP) packets in AAA messages and interacts with the TNGF, may be used to forward EAP messages.

TNGF, which may be used to support N2 and N3 interfaces, may be used to terminate EAP-5G signaling, may implement AMF selection, handle N2 signaling with SMF (relayed by AMF) to support session and quality of service (quality of service, qoS), transparent relay protocol data units (protocol data unit, PDU) between terminal device and user plane device, and the like.

The 3GPP access point may be an operator deployed access node.

Currently, for 3GPP access types, the UE may acquire Allowed slice information (Allowed nsai) through a registration procedure. As in fig. 4, the registration process may include the following steps.

401: the UE sends a registration request message to the RAN.

Specifically, the UE may send AN message to the RAN, where the AN message carries a registration request message (Registration Request). The AN message may further include AN AN parameter, where the AN parameter may be used by the RAN to perform AMF selection. The registration request message may include registration type (Registration Type) and UE identification information, and may also include requested network slice information, such as request NSSAI (Requested NSSAI).

402: the RAN sends the registration request message sent by the UE to the AMF.

The RAN may select AN appropriate AMF for the UE according to the AN message and send a registration request message for the UE to the AMF.

403: and carrying out authentication and security procedures.

The UE interacts with the AMF, AUSF and UDM to complete the authentication and security procedures. The detailed interaction process of authentication and security procedures may be described with reference to the existing related art, which will not be described in detail in the present application.

404: the AMF interacts with the UDM to obtain subscription data for the UE.

After the mutual authentication between the UE and the network side is successful, the AMF interacts with the UDM to acquire the subscription data of the UE. The subscription data may include information such as subscription NSSAI (Subscribed NSSAI) of the UE, default NSSAI (Default NSSAI), and a slice (S-NSSAIs subject to Network Slice-Specific Authentication and Authorization) in which a network slice authentication process needs to be performed.

405: the AMF determines the allowable slice information of the UE according to the subscription data.

The AMF determines slice information that the UE is permitted to use, i.e., slice information such as permission NSSAI (Allowed NSSAI), from the subscription data. Specifically, the network device may inform the terminal device of the NSSAI permission information by carrying an Allowed NSSAI network element in a registration accept message (Registration Accept).

406: the AMF sends a registration accept message to the RAN.

Specifically, the AMF sends an N2 message to the RAN, where the N2 message may include a NAS message that needs to be forwarded by the RAN to the UE. The NAS message comprises a registration acceptance message sent by the AMF to the UE; the registration acceptance message includes the information of the NSSAI allowed by the UE, which is determined by the AMF according to the subscription data.

407: the RAN forwards the registration acceptance message sent by the AMF to the UE.

The RAN forwards the registration accept message to the UE via the NAS message.

It should be noted that, the access network device may report the information of the network slice supported by itself to the AMF. For example, as shown in fig. 5, the RAN may send a supported tracking area LIST (TA LIST) to the AMF through an NG SETUP REQUEST message or a RAN CONFIGURATION UPDATE message, where the TA LIST includes supported TA items, and the TA items include TACs and a supported slice LIST corresponding to the tracking area (TAI Slice Support List). Thus, the AMF may learn which slices the access network device supports.

However, for a non-3 GPP access network, the terminal device cannot learn the TA of the non-3 GPP access network device, that is, cannot learn the network slice supported by the non-3 GPP access network device, and when the terminal device accesses the core network through the non-3 GPP access network device and requests to acquire a slice service corresponding to a certain network slice, the terminal device may not acquire the slice service and fail communication due to the non-3 GPP access network device not supporting the network slice requested by the terminal device.

Based on the above problems, the present application provides a method and apparatus for determining an access network device, where when a mobile management device determines that an access network device currently connected to a terminal device does not support network slicing requested by the terminal device, the mobile management device may determine a target access network device according to network slicing information supported by the access network device, and send information of the target access network device to a UE, so that the terminal device may connect with the target access network device according to the information of the target access network device, and access a core network through the target access network device, so as to obtain slicing services, thereby improving communication efficiency.

Based on this, as shown in fig. 6, the embodiment of the present application provides a communication system, and the method for determining the access network device provided in the embodiment of the present application may be applied to any one of the communication systems shown in fig. 1 to 3 and fig. 6. The communication system 60 as shown in fig. 6 may comprise a first access network device 601, a mobility management device 602 and a terminal device 603.

The first access network device 601 may be specifically an access network device under a 3GPP access type, such as a base station, a RAN, or an N3IWF, TNGF, TWIF, W-AGF under a non-3 GPP access type, etc.

Optionally, in an embodiment, the communication system 60 may further comprise a second access network device 604. Wherein the first access network device 601 and the second access network device 604 may be the same type of access network device, e.g. the first access network device 601 is an N3IWF-1, the second access network device 604 may be another N3IWF such as N3IWF-2.

In one embodiment, in the communication system 60 shown in fig. 6, the terminal device 603 may send a first message to the mobility management device 602 via the first access network device 601, the first message comprising an identification of at least one network slice, the first message indicating a request to access the network slice.

The terminal device 603 may receive a second message via the first access network device 601 or the second access network device 604, the second message comprising information of the second access network device 604, the second message indicating that the second access network device 604 supports one or more of the at least one network slice.

The terminal device 603 establishes a connection with the second access network device 604.

It will be appreciated that the devices or network elements in the communication system 60 may communicate directly or may communicate via forwarding from other devices, which is not particularly limited in the embodiments of the present application.

It can be understood that fig. 6 is only a schematic diagram, and does not limit the applicable scenario of the technical solution provided by the present application. Those skilled in the art will appreciate that in a particular implementation, communication system 60 may include fewer devices or network elements than those shown in fig. 6, or that communication system 60 may include other devices or other network elements, and that the number of devices or network elements in communication system 60 may be determined according to particular needs.

It should be noted that the communication systems shown in fig. 1 to 3 and fig. 6 are only used as examples, and are not intended to limit the technical solution of the present application. Those skilled in the art will appreciate that in a particular implementation, the communication system may include other devices or network elements, and that the number of individual network elements may be determined according to particular needs.

Alternatively, each network element in fig. 1 to 3 and fig. 6 may be a functional module in a device, and it is understood that the above functions may be network elements in a hardware device, such as a communication chip in a mobile phone, a software function running on dedicated hardware, or a virtualized function instantiated on a platform (for example, a cloud platform).

For example, each network element in fig. 1 to 3 and 6 may be implemented by the communication device 700 in fig. 7. Fig. 7 is a schematic diagram of a hardware configuration of a communication device applicable to an embodiment of the present application. The communication device 700 comprises at least one processor 701, communication lines 702, a memory 703 and at least one communication interface 704.

The processor 701 may be a general purpose central processing unit (central processing unit, CPU), microprocessor, application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of the program of the present application.

Communication line 702 may include a pathway to transfer information between the aforementioned components, such as a bus.

Communication interface 704 uses any transceiver-like device for communicating with other devices or communication networks, such as an ethernet interface, a RAN interface, a wireless local area network (wireless local area networks, WLAN) interface, etc.

The memory 703 may be, but is not limited to, a read-only memory (ROM) or other type of static storage device that can store static information and instructions, a random access memory (random access memory, RAM) or other type of dynamic storage device that can store information and instructions, an electrically erasable programmable read-only memory (EEPROM), a compact disc-only memory (compact disc read-only memory) or other optical disk storage, a compact disc storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory may be self-contained and coupled to the processor via communication line 702. The memory may also be integrated with the processor. The memory provided by embodiments of the present application may generally have non-volatility. The memory 703 is used for storing computer-executable instructions related to executing the present application, and is controlled by the processor 701. The processor 701 is configured to execute computer-executable instructions stored in the memory 703, thereby implementing the method provided by the embodiment of the present application.

Alternatively, the computer-executable instructions in the embodiments of the present application may be referred to as application program codes, which are not particularly limited in the embodiments of the present application.

In a particular implementation, as one embodiment, the processor 701 may include one or more CPUs, such as CPU0 and CPU1 in FIG. 7.

In a particular implementation, as one embodiment, the communications apparatus 700 can include a plurality of processors, such as the processor 701 and the processor 707 in fig. 7. Each of these processors may be a single-core (single-CPU) processor or may be a multi-core (multi-CPU) processor. A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data (e.g., computer program instructions).

In a specific implementation, as an embodiment, the communication apparatus 700 may further include an output device 705 and an input device 706. The output device 705 communicates with the processor 701 and may display information in a variety of ways. For example, the output device 705 may be a liquid crystal display (liquid crystal display, LCD), a light emitting diode (light emitting diode, LED) display device, a Cathode Ray Tube (CRT) display device, or a projector (projector), or the like. The input device 706 is in communication with the processor 701 and may receive input from a user in a variety of ways. For example, the input device 706 may be a mouse, keyboard, touch screen device, or sensing device, among others.

The communication apparatus 700 may be a general-purpose device or a special-purpose device. In particular implementations, the communications apparatus 700 may be a portable computer, a web server, a palm top computer (personal digital assistant, PDA), a mobile handset, a tablet computer, a wireless terminal, an embedded device, or a device having a similar structure as in fig. 7. The embodiments of the present application are not limited to the type of communication device 700.

The method for determining the access network device provided by the embodiment of the application is specifically described below.

It should be noted that, in the following embodiments of the present application, a name of a message between each network element or a name of each parameter in a message is only an example, and in specific implementations, other names may also be used, which is not limited in particular by the embodiments of the present application.

It is to be understood that some or all of the steps in the embodiments of the present application are merely examples, and that other steps or variations of the various steps may also be performed in the embodiments of the present application. Furthermore, the various steps may be performed in a different order presented in accordance with embodiments of the application, and it is possible that not all of the steps in an embodiment of the application may be performed.

As shown in fig. 8, a method for determining an access network device according to an embodiment of the present application, where a terminal device is taken as a UE as an example, may include the following steps.

801: the terminal device sends a first message to the mobile management device through the first access network device.

The first message includes an identification of at least one network slice, such as Requested NSSAI or S-NSSAIs, and indicates that the UE requests access to the network slice, thereby acquiring traffic corresponding to the at least one network slice.

In one embodiment, the first message may specifically be a registration request message (Registration Request), and the registration request message sent by the UE may be carried in a NAS message and transmitted by the first access network device to the mobility management device. Among other things, registration Request may include a request NSSAI (Requested NSSAI).

In an embodiment, the first access network device may be any one of a trusted non-3 GPP gateway function TNGF corresponding to a trusted non-3 GPP access technology, a non-3 GPP interworking function N3IWF corresponding to a non-trusted non-3 GPP access technology, a trusted WLAN interworking function TWIF corresponding to a trusted wireless local area network WLAN access technology, an access network device corresponding to a wired access technology, an access network device corresponding to a non-3 GPP access technology such as a wired gateway function W-AGF, or an access network device corresponding to a 3GPP access technology.

Correspondingly, the second access network device may be any one of an access network device under a 3GPP access type, such as a base station, RAN, or an N3IWF, TNGF, TWIF, W-AGF under a non-3 GPP access type, etc. Wherein the second access network device is of the same type as the first access network device. If the first access network device is an N3IWF-1, the second access network device may be another N3IWF such as N3IWF-2.

In addition, in an embodiment, the first message may further include first indication information, where the first indication information is used to indicate that access network device information supporting at least one network slice is acquired, or indicate that a corresponding access network device is matched or selected according to the first message. One possible implementation, matching or selecting the corresponding access network device may be understood as matching or selecting an access network device supporting the terminal device requesting a connection or a required slice.

That is, the UE may indicate that the UE may acquire access network device information supporting the network slice requested by the UE in the registration procedure currently by carrying specific first indication information in the first message, or may indicate that the access network device supporting the requested network slice may be matched or selected for the UE. Thus, when the first indication information is not carried in the first message, the registration can be completed according to the existing registration flow; when the first indication information is carried in the first message, matching or selecting a proper access network device for the UE according to the embodiment of the application, and sending the proper access network device information to the UE.

802: the mobile management device sends a second message to the terminal device.

When the mobile management device determines that the first access network device currently connected with the UE does not support part or all of the network slices requested by the UE, the mobile management device may determine, according to the network slice information supported by the access network device, a target access network device, such as a second access network device, and send information of the second access network device to the UE through a second message, so that the UE may be connected with the second access network device according to the information of the second access network device.

Wherein the second message may comprise information of the second access network device. Illustratively, the information of the second access network device includes at least one of identification information, domain name information, identification number (Identifier), service set identification (Service Set Identifier, SSID) or port number of the second access network device, address of the second access network device.

The second message may indicate that the second access network device supports one or more of the at least one network slice. That is, the second message is used to indicate to the UE that the second access network device may support some or all of the network slices requested by the UE.

In one embodiment, the second message may also indicate that the first access network device does not support one or more of the at least one network slice.

That is, the second message may be used to indicate to the UE that the first access network device does not support some or all of the network slices requested by the UE, while the second access network device may support some or all of the network slices requested by the UE but not supported by the first access network device.

For example, the mobility management device may be an AMF, where the network slice identifier carried in the first message sent by the UE includes S-nsai-1 and S-nsai-2, and if the AMF determines that the first access network device does not support S-nsai-1 and supports only S-nsai-2, and the second access network device supports S-nsai-1 and S-nsai-2, the second message sent by the AMF to the UE may be used to indicate to the UE that the second access network device supports all network slices requested by the UE.

In addition, in one embodiment, when the first message of the UE includes a plurality of network slices and the second access network device supports only a portion of the plurality of network slices requested by the UE, the second message may further include an identification of one or more of the at least one network slice included in the first message in such an embodiment.

Illustratively, the network slice identifiers carried in the first message sent by the UE include S-NSSAI-1 and S-NSSAI-2. If the AMF determines that the first access network device does not support S-nsai-1 and S-nsai-2, and the second access network device supports S-nsai-1, the second message sent by the AMF to the UE may include an identification of one or more network slices of the at least one network slice requested by the UE supported by the second access network device, that is, include S-nsai-1.

For another example, the network slice identifier carried in the first message sent by the UE includes S-nsai-1 and S-nsai-2. If the AMF determines that the first access network device does not support S-NSSAI-1 and S-NSSAI-2 and the second access network device supports S-NSSAI-1 and S-NSSAI-2, the second message sent by the AMF to the UE may include S-NSSAI-1 and S-NSSAI-2.

In one embodiment, the mobility management device may send the second message to the UE through the first access network device, or the mobility management device may also send the second message to the UE through the second access network device.

In one possible implementation, the second message may be a response message that is responsive to the first message. For example, the first message may be a registration request message and the second message may be a registration accept message or a registration reject message. In another possible implementation, the second message may not be responsive to the first message. For example, the first message may be a registration request message and the second message may not be a registration accept message or a registration reject message. The second message may be other messages, the name may not be a response message (response), and may be other messages or signaling such as an extensible protocol (Extensible Authentication Protocol, EAP) or signaling; the second message may be another request message such as an EAP-Req/5G-Notification message or signaling.

Correspondingly, the UE may receive the second message through the first access network device or the second access network device. Specific embodiments will be described in detail below by combining corresponding scenes and flowcharts, and will not be repeated here.

803: the terminal device establishes a connection with the second access network device.

The UE can be connected with the second access network equipment according to the second access network equipment information, and access the core network through the second access network equipment to complete the registration process and acquire the requested network slicing service. Specific procedures may be referred to in the related description of the prior art, which is not specifically limited by the present application.

By the method, when the mobile management device determines that the access network device currently connected with the UE does not support the network slice requested by the UE according to the slice information supported by the access network device, the target access network device supporting part or all of the network slice requested by the UE can be determined, so that the UE can be connected with the target access network device according to the target access network device information by sending the target access network device information to the UE, and access the core network through the target access network device, and the problem that the access network device cannot be accurately connected under the non-3 GPP access type to acquire the network slice service is effectively solved.

In one embodiment, the second message may be specifically a registration rejection message or a registration acceptance message, or be carried by the registration rejection message or the registration acceptance message, that is, the mobile management device may carry information of the second access network device in the registration rejection message (Registration Reject) or the registration acceptance message (Registration Accept) to send the information of the second access network device to the UE, so that the UE may connect with the second access network device according to the information of the second access network device, and access the core network through the second access network device.

If the second message is a registration acceptance message, the UE may complete authentication and security procedures, and establish an internet security protocol IPsec SA communication tunnel with the first access network device; then after the UE receives the registration accept message, the UE may perform a deregistration procedure or perform the deregistration procedure through the first access network device, and then establish a connection with the second access network device according to the information of the second access network device in the registration accept message. If the second message is a registration rejection message, the UE may establish a connection with the second access network device according to information of the second access network device in the registration rejection message.

The following embodiments of the present application take an example of an untrusted non-3GPP access network device in a UE access non-3GPP access type, and a specific flow of an access network device determining method is described in conjunction with fig. 9. The embodiment is applicable to any of access network devices such as a base station, RAN, micro base station, macro base station, and the like in a 3GPP access type, or access network devices such as N3IWF, TNGF, TWIF, W-AGF, and the like in a non-3GPP access type.

901: the UE connects to an untrusted non-3GPP access point.

In particular, the non-trusted non-3GPP access point may specifically be a non-operator deployed access node, such as a WiFi access point AP deployed at home or at a merchant.

When the UE requests connection from the untrusted non-3GPP access point, the untrusted non-3GPP access point may assign an intranet IP address to the UE.

902: the UE selects N3IWF-1 and acquires address information of the N3 IWF-1.

The UE selects the untrusted non-3GPP access network equipment such as N3IWF-1 through the untrusted non-3GPP access point, and acquires address information of the N3 IWF-1.

In one possible implementation manner, the terminal device obtains configuration information; the terminal device selects an access network device supporting the requested slice (or supporting the required slice) according to the configuration information. The configuration information may be one or more of WLAN selection policies (e.g., WLAN selection policy, WLANSP), N3IWF identification configuration information (e.g., N3IWF identifier configuration), or non-3GPP access node selection information (e.g., non-3GPP access node selection information).

One possible implementation manner, the configuration information includes one or more pieces of access network device information and slice information corresponding to or supported by the one or more pieces of access network devices. The access network device information may be one or more of identification information (e.g., identifier or SSID), domain name information (e.g., domain name or FQDN), address information (e.g., IP address), and port number information, among others. The slice information may be one or more NSSAIs or one or more S-NSSAIs, etc. The terminal device may select an access network device from one or more access network devices (which may be referred to as alternative access network devices) supporting the slice requested or required by the terminal device according to slice information corresponding to or supported by one or more access network device information in the configuration information.

In one possible implementation, the access network device may be an N3IWF, a WLAN access node (e.g., access point, AP), a TNAN, a TNAP, or a TNGF. In a possible implementation manner, the slice corresponding to the slice information included in the configuration information may be a slice supported by the access network device, or may be a slice in the slice supported by the access network device and allowed to be used by the terminal device, or may be a slice subscribed by the terminal device in the slice supported by the access network device.

In another possible implementation manner, the configuration information includes one or more slice information and access network device information corresponding to the one or more slice information. The access network device corresponding to the slice information may be understood as access network device information of the access network device supporting the slice. The access network device information may be one or more of identification information, domain name information (e.g., domain name or FQDN), address information (e.g., IP address), and port number information, among others. The slice information may be one or more NSSAIs or one or more S-NSSAIs, etc. The terminal device may determine, according to the access network device information corresponding to the slice information in the configuration information, one or more access network device information supporting the slice requested or required by the terminal device, and select one access network device from the access network devices corresponding to the one or more access network device information. In one possible implementation, the access network device may be an N3IWF, a WLAN access node (e.g., access point, AP), a TNAN, a TNGF, or a TNAP. In a possible implementation manner, the slice corresponding to the one or more slices included in the configuration information may be a slice supported by the network, or may be a slice allowed to be used by the terminal device, or may be a slice subscribed to by the terminal device.

One possible implementation manner, the terminal device may be preconfigured with the configuration information, or may be acquired through the core network device. The core network device may be a policy control device, a mobility management device, a session management device, a user plane device, a unified data management device, a network storage device, or a network open function device, etc. In a possible implementation, the terminal device may obtain the configuration information through a registration procedure, or obtain the configuration information through a configuration update procedure (e.g., terminal configuration update procedure UE configuration update procedure).

In one possible implementation, when the terminal device does not acquire the configuration information, or the configuration information acquired by the terminal device does not include slice information, the terminal device may select an access network device that does not support the slice requested or required by the terminal device.

903: the UE establishes a communication tunnel with the N3 IWF-1.

Specifically, the UE may establish an internet security protocol (IPsec Security Association, IPSec SA) with N3IWF-1 by initiating an initial exchange of internet key exchange protocols (Internet Key Exchange, IKE).

904: the UE sends an ike_auth request message to N3 IWF-1.

The ike_auth request message does not include a data payload (payload) of AUTH, and is used for indicating that the ike_auth request message is used for EAP signaling interaction.

905: the N3IWF-1 transmits an ike_auth response message to the UE.

The ike_auth response message includes an EAP-Request (Request)/5G-Start (Start) packet. The EAP-Request/5G-Start packet may be used to inform the UE to initiate an EAP-5G session, e.g., to inform the UE to begin sending NAS messages by encapsulating the NAS messages in the EAP-5G packet.

906: the UE sends an ike_auth request message to N3IWF-1, including the first message.

The ike_auth request message may include AN EAP-Response (Response)/5G-NAS packet, where the 5G-NAS packet includes AN parameter and a first message.

Specifically, referring to step 801 shown in fig. 8, the ike_auth request message sent by the UE to the N3IWF-1 carries a first message sent by the UE to the AMF, and the first message is forwarded to the AMF by the N3 IWF-1. Illustratively, the first message may be Registration Request, carrying the request NSSAI (Requested NSSAI).

The AN parameters include parameter information for the N3IWF-1 to select AN AMF, such as a guim, a selected PLMN ID (or PLMN ID and NID), etc.

In one embodiment, the first message may include first indication information, which is used to indicate that access network device information supporting at least one network slice is acquired, or indicate that a corresponding access network device is matched according to the first message.

907: the N3IWF-1 forwards the first message to the AMF.

The N3IWF-1 performs AMF selection and forwards the first message to the AMF. Specifically, the N2 message that the N3IWF-1 may send to the AMF through the N2 interface carries the first message.

908: the AMF determines that N3IWF-1 does not support the network slice requested by the UE and determines the information of N3IWF-2.

In one possible implementation, the AMF determines the network slice information supported by N3IWF-1 based on the configuration update flow (e.g., ran configuration update procedure) of N3IWF-1 and the AMF. When some or all of the requested network slices transmitted by the UE do not belong to the slices supported by the N3IWF-1, the AMF determines that the N3IWF-1 does not support the network slices requested by the UE.

Specifically, when the AMF determines that the N3IWF-1 currently connected to the UE does not support some or all of the network slices requested by the UE, the AMF may obtain access network device information, such as N3IWF-2, supporting the network slices (some or all) requested by the UE according to the network slice information respectively supported by the N3IWF network elements.

In one possible implementation, among the one or more network slices requested by the UE, the number of network slices supported by N3IWF-2 is greater than the number of network slices supported by N3IWF-1, and the AMF determines to replace or reselect the access network device N3IWF for the UE.

In one possible implementation, the AMF may determine, according to the first indication information included in the received first message, to select a matching or suitable access network device for the UE, or to select a matching or suitable access network device for the UE and to support the network slice requested by the UE, or to determine information indicating to the UE the access network device supporting the UE request. In a possible implementation manner, in an embodiment of the present application, the network slice requested by the UE may be understood as a network slice required by the UE.

Subsequently, the AMF indicates the specific implementation of the N3IWF-2 information to the UE in two ways.

Mode one, the AMF indicates the information of the N3IWF-2 to the UE through the registration reject message, and performs step 909.

909: the AMF sends a registration reject message to the UE.

When the AMF determines that the N3IWF-1 to which the UE is currently connected does not support all or part of the network slice requested by the UE, the AMF may send a registration reject message (NAS message) to the UE through the N3IWF-1 and carry the N3IWF-2 information determined by the AMF in step 908 in the registration reject message.

In a possible implementation manner, optionally, the registration reject message may further include an identifier of at least one network slice corresponding to the N3 IWF-2. That is, the AMF may transmit N3IWF-2 information and at least one slice information corresponding to the N3IWF-2 to the UE. The network slice information corresponding to the N3IWF-2 may be network slice information supported by the N3IWF-2, or may be network slice information in at least one network slice supported by the N3IWF-2 and requested by the UE.

Mode two, the AMF indicates the information of N3IWF-2 to the UE through a registration accept message, and steps 910-916 are performed.

That is, when the AMF determines that the N3IWF-1 to which the UE is currently connected does not support all or part of the network slices requested by the UE, the access of the UE is not denied or is not immediately denied, but the registration procedure is continued and the N3IWF-2 information determined in step 908 is fed back to the UE in a registration accept message.

910: authentication and security procedures are performed.

The AMF may decide to perform an authentication procedure for the UE. Specifically, the AMF selects an AUSF and sends an authentication request message to the AUSF. The subsequent AUSF performs an authentication procedure on the UE and obtains authentication data from the UDM. Wherein, the data packets related to authentication can be encapsulated by NAS messages, and the NAS messages can be encapsulated by EAP/5G-NAS data packets.

The AUSF may send a security anchor function (SEcurity Anchor Function, SEAF) key to the AMF after authentication is complete. The AMF can derive the NAS security key and the security key of N3IWF-1 by using the SEAF key. The N3IWF-1 key is used by the UE and N3IWF-1 to establish an IPSec SA communication tunnel.

The AMF sends a NAS security mode command (NAS Security Mode Command) to the UE to activate NAS communication security. The NAS Security Mode Command may include EAP-Success (Success), indicating that the EAP-AKA authentication performed by the core network is successful. The N3IWF forwards NAS Security Mode Command sent by the AMF to the UE and sends NAS Security Mode Complete a NAS security mode complete message sent by the UE to the AMF.

911: the AMF sends a context setup request message to the N3 IWF-1.

After the AMF receives the NAS Security Mode Complete message from the UE, the AMF may send a context setup request message to the N3IWF-1, e.g., NGAP Initial Context Setup Request, which may include the N3IWF-1 key.

912: the N3IWF-1 transmits an ike_auth response message to the UE.

The IKE_AUTH response message includes EAP-Success (Success), and the EAP-5G session is completed without EAP-5G packet interaction.

913: the UE and the N3IWF-1 complete the establishment of the IPSec SA communication tunnel.

The UE and the N3IWF-1 establish an IPSec SA communication tunnel through the N3IWF-1 key acquired previously.

914: the N3IWF-1 transmits a context setup response message to the AMF.

After establishing the IPSec SA communication tunnel, the N3IWF-1 may send a context setup response message to the AMF informing the AMF that the UE's corresponding context has been created. For example, N3IWF-1 sends NGAP Initial Context Setup Response to the AMF.

At this point, the IPSec SA will be configured to operate in tunnel mode, and the N3IWF-1 may assign an intranet IP ADDRESS and NAS IP ADDRESS (nas_ip_address) to the UE so that subsequent NAS messages may be transported through the IPSec SA. For example, for an uplink NAS message sent by the UE to the AMF, the source ADDRESS may be an intranet IP ADDRESS of the UE, and the destination ADDRESS is nas_ip_address; for the downlink NAS message sent by the AMF to the UE, the source ADDRESS may be nas_ip_address, and the destination ADDRESS may be an intranet IP ADDRESS of the UE.

915: the AMF sends an N2 message to N3IWF-1 including registration accept information.

The AMF sends an N2 message to the N3IWF-1 including a NAS registration accept message (NAS Registration Accept) forwarded to the UE. Then, the N3IWF-1 may send a NAS registration accept message to the UE through the established IPSec SA communication tunnel.

In one possible implementation, when the AMF determines in step 908 that N3IWF-1 does not support some or all of the network slices requested by the UE and determines N3IWF-2 information, the N3IWF-2 information may be included in the registration accept message.

In a possible implementation manner, optionally, the registration accept message may further include an identifier of at least one network slice corresponding to the N3 IWF-2. That is, the AMF may transmit N3IWF-2 information and at least one slice information corresponding to the N3IWF-2 to the UE. The network slice information corresponding to the N3IWF-2 may be network slice information supported by the N3IWF-2, or may be network slice information in at least one network slice supported by the N3IWF-2 and requested by the UE.

In another possible implementation, the AMF includes information of the N3IWF-2 and an identification of at least one network slice corresponding to the N3IWF-2 in a registration accept message when the UE includes the first indication information in the registration request message. Subsequently, when the AMF registers with the UDM, the access type to be provided to the UDM may be a non-3 GPP access.

916: the N3IWF-1 forwards the registration accept information to the UE.

The N3IWF-1 may send NAS registration accept information to the UE through the IPSec SA communication tunnel established in the aforementioned step 913.

917: the UE performs de-registration.

The UE may acquire the information of the N3IWF-2 according to the registration accept message, and determine that the currently connected access network device N3IWF-1 does not support the network slice requested by the UE, and the UE may perform the deregistration procedure or perform the deregistration procedure through the N3 IWF-1. The specific de-registration process may refer to the related description of the prior art, which is not described in detail in the embodiment of the present application.

918: the UE establishes a connection with N3 IWF-2.

If the UE performs step 909 (mode one), i.e., receives the registration reject message, the UE may determine that the currently connected access network device N3IWF-1 does not support the network slice requested by the UE. The UE establishes connection with the N3IWF 2 according to the N3IWF-2 information in the registration rejection message, and registers the core network through the N3 IWF-2. So that the UE may select or connect to an access network device that supports the network slice requested by the UE.

If the UE performs step 910-917 (mode two), i.e. receives the registration accept message and completes the de-registration procedure with the N3IWF-1, the UE may establish a connection with the N3IWF-2 according to the information of the N3IWF-2 in the registration accept message, and register with the core network through the N3 IWF-2.

By the method, when the AMF determines that the access network equipment currently connected with the UE does not support the network slice requested by the UE, the AMF determines the target access network equipment supporting the requested network slice for the UE, and feeds back the information of the target access network equipment to the UE in a registration acceptance message or a registration rejection message, so that the UE is triggered to replace the access network equipment according to the information of the target access network equipment and access the core network, and the UE can establish connection with the access network equipment supporting the network slice requested by the UE, thereby improving communication efficiency.

In addition, in another embodiment, the first core network device may acquire, according to the information of the network slice requested by the terminal device, information of the second access network (or information of the second access network device) when the first access network device connected to the terminal device does not support part or all of the network slice requested by the terminal device. The first core network device may send information of the second access network and/or information of a network slice corresponding to or supported by the second access network to the terminal device. The terminal device may establish a connection with the second access network device according to the information of the second access network and/or the information of the network slice corresponding to or supported by the second access network. The first core network device may be a mobility management device, a policy control device, or other network elements that may perform the foregoing functions.

In one possible implementation, the information of the second access network includes one or more of a service set identification (e.g., service Set Identifier, SSID), identification information of the second access network device (e.g., a TNGF ID or trusted access network device identification), second access network node identification information (e.g., a TNAP Identifier), address information of the second access network device, domain name information of the second access network device (e.g., FQDN or domain name), port information of the second access network device, information of one or more network slices supported by the second access network device. In a possible implementation, the information of the one or more network slices supported by the second access network may include information of all slices supported by the second access network, or information of network slices supported by the second access network and allowed to be used or subscribed to by the terminal device. In a possible implementation, the information of the one or more network slices supported by the second access network device may include information of all slices supported by the second access network device, or information of network slices supported by the second access network device and allowed to be used or subscribed to by the terminal device. The information of the network slice may include network slice identification information (e.g., NSSAI or S-NSSAI). In a possible implementation, one or more of the service set identification (e.g. Service Set Identifier, SSID), identification information of the second access network device (e.g. TNGF ID or trusted access network device identification), second access network node identification information (e.g. TNAP Identifier), address information of the second access network device, domain name information of the second access network device (e.g. FQDN or domain name), port information of the second access network device may be associated with or have a correspondence to part or all of the network slices to which the terminal device requests access.

For example, when the terminal device requests access to slice 1 and slice 2. The first access network device supports slice 1 and the second access network device supports slices 1 and 2. Wherein SSID 1 supports slice 1 and slice 3, SSID 2 supports slice 1 and slice 2. When the first core network device determines that the first access network device does not support part or all of the slices Requested by the terminal device (for example, the first access network device does not support the slices 2) according to the network slice information Requested by the terminal device (for example, the Requested NSSAI includes the slices 1 and 2), and the second access network device supports part or all of the slices Requested by the terminal device (for example, the second access network device supports the slices 1 and 2), the first core network device obtains or determines the information of the second access network (or the information of the second access network device) according to the information of the access network or the corresponding relation between the information of the access network and the slice information.

In a possible implementation manner, the first core network device sends information of the second access network and/or information of a network slice corresponding to or supported by the second access network to the terminal device. For example, the first core network device may be a mobility management device, the second core network device may be a policy control device, and the mobility management device or the policy control device may send information of the second access network and/or information of a network slice corresponding to or supported by the second access network to the terminal device.

In a possible implementation manner, the first core network device may be configured with information of one or more access networks and/or information of network slices corresponding to or supported by the one or more access networks. For example, the mobility management device or policy control device may be configured with information of one or more access networks and/or information of corresponding or supported network slices of one or more access networks.

In a possible implementation, the information of the network slices supported by the access network may include information of all slices supported by the access network, or information of network slices supported by the access network and allowed to be used or subscribed to by the terminal device.

In a possible implementation manner, the first core network device may obtain, through the second core network device, information of one or more access networks and/or information of network slices corresponding to or supported by the one or more access networks. For example, the mobility management device may obtain information of one or more access networks and/or information of network slices corresponding to or supported by the one or more access networks through the policy control device.

In a possible implementation manner, the first core network device may send the information of the network slice requested by the terminal device to the second core network device, and the second core network device obtains the information of the second access network according to the information of the network slice requested by the terminal device and the information of one or more access networks and/or the information of the network slice corresponding to or supported by the one or more access networks. The second core network equipment sends information of a second access network to the terminal equipment; or the second core network equipment sends the information of the second access network to the terminal equipment through the first core network equipment. For example, the mobility management device may send the information of the network slice requested by the terminal device to the policy control device, and the policy control device obtains the information of the second access network according to the information of the network slice requested by the terminal device. The policy control device sends information of the second access network to the terminal device; or the policy control device sends the information of the second access network to the terminal device through the mobile management device. In a possible implementation manner, the policy control device may send information of the second access network to the terminal device through a configuration update procedure.

In one possible implementation manner, after the first core network device sends the information of the second access network to the terminal device, access of the terminal device is denied, a registration rejection message is sent to the terminal device, or an access network device reselection or redirection procedure is performed.

In a possible implementation manner, the terminal device may obtain, through a registration reject message, a registration accept message, a configuration update message, a wireless local area network selection policy rule (WLANSP rules), or through a configuration update procedure, information of the second access network and/or information of a network slice corresponding to or supported by the second access network.

In a possible implementation manner, the terminal device may acquire information of the second access network and/or information of a network slice corresponding to or supported by the second access network.

In a possible implementation manner, the terminal device acquires information of the second access network and/or information of a network slice corresponding to or supported by the second access network, and establishes connection with the second access network device.

In one possible implementation manner, the terminal device obtains a correspondence between information of the access network and information of the network slice, and obtains information of the second access network according to the information of the network slice requested to be accessed.

In a possible implementation manner, the terminal device obtains information of one or more access networks and/or information of network slices corresponding to or supported by one or more access networks, and obtains information of a second access network according to the information of the network slice requested to be accessed. The second access network or the second access network device supports the network slice that the terminal device requests to access, and the terminal device obtains the information of the second access network.

In a possible implementation manner, the terminal device obtains a corresponding relation between information of the access network and slice information, and obtains information of the second access network according to the network slice information requested to be accessed and the corresponding relation between the information of the access network and the slice information.

In a possible implementation manner, the terminal device obtains information of one or more access networks and/or information of one or more network slices corresponding to or supported by the access networks, and obtains information of a second access network according to the information of the network slice requested to be accessed and the information of one or more access networks and/or the information of one or more network slices corresponding to or supported by the access networks. The second access network or the second access network device supports the network slice that the terminal device requests to access, and the terminal device obtains the information of the second access network.

In a possible implementation manner, the terminal device may obtain the corresponding relationship between the information of the access network and the slice information through a registration rejection message, a registration acceptance message, a configuration update message, a wireless local area network selection policy rule (WLANSP rules), or a configuration update procedure.

In one possible implementation, the information of the second access network includes one or more of a service set identification (e.g., service Set Identifier, SSID), identification information of the second access network device (e.g., a TNGF ID or trusted access network device identification), second access network node identification information (e.g., a TNAP Identifier), address information of the second access network device, domain name information of the second access network device (e.g., FQDN or domain name), port information of the second access network device, information of one or more network slices supported by the second access network device. The terminal equipment acquires the information of the second access network and determines or selects the service set identification. For example, when the information of the second access network includes an SSID, the terminal equipment selects the SSID included in the information of the second access network. For example, when the information of the second access network includes a TNAP Identifier, the terminal device selects a TNAP corresponding to the TNAP Identifier included in the information of the second access network. For example, when the terminal device determines or selects the second access network or the second access network device according to the information of the network slice requesting access, the SSID is selected or determined according to the information of the second access network.

In a possible implementation, the terminal device includes information of the second access network device in a domain name information part of the network access identity (network access Identifier, NAI) according to the information of the second access network. Or the terminal equipment generates or constructs the NAI according to the information of the second access network.

In one possible implementation, when the information of the second access network includes one or more of identification information of the second access network device (e.g., a TNGF ID or a trusted access network device identification), address information of the second access network device, port information of the second access network device, domain name information of the second access network device (e.g., FQDN or domain name), the terminal device may include one or more of identification information of the second access network device (e.g., a TNGF ID or a trusted access network device identification) in the domain name information portion of nai=username@real, i.e., the real portion includes one or more of address information of the second access network device (e.g., a TNGF ID or a trusted access network device identification), port information of the second access network device, and domain name information of the second access network device (e.g., FQDN or domain name). The terminal device sends a NAI to a second access node (e.g., TNAP). The second access node (e.g., TNAP) may determine or select a second access network device (e.g., TNGF) based on the SSID and/or NAI (or realm portion of the NAI) selected by the terminal device.

The terminal device obtains the information of the second access network through a registration reject message, a registration accept message, a configuration update message, a wireless local area network selection policy rule (WLANSP rules), or a configuration update procedure, for example. The second access network corresponds to a part or all of the network slices requested to be accessed by the terminal equipment, or the second access network supports a part or all of the network slices requested to be accessed by the terminal equipment. The information of the second access network includes one or more of SSID, TNGF Identifier, TNAP Identifier, TNGF domain name information, TNGF IP address, TNGF port information. The terminal device selects the second access network according to the SSID and/or the TNAP Identifier (e.g., selects an SSID and/or a TNAP corresponding to the second access network). The terminal equipment sends a NAI to the second access network (e.g., a TNAN or a TNAP). The NAI may include information of the second access network device (e.g., information of the TNGF), for example, the NAI may include one or more of a TNGF Identifier, a TNGF domain name information, a TNGF IP address, and a TNGF port information. In one possible implementation, the domain name information in the NAI may include one or more of a TNGF Identifier, a TNGF domain name information, a TNGF IP address, and a TNGF port information. The TNAP or the TNAN may select the TNGF based on the SSID selected by the end device and/or the TNGF information included in the NAI. The terminal device may thereby establish a connection with a second access network device, e.g. a TNGF.

In one possible implementation, the information that the NAI includes the second access network device may include, but is not limited to, the following several possible forms:

take the second access network device as the tnff for example:

NAI＝<any_username>@nai.5gc.tngfid<TNGFID>.mnc<MNC>.mcc<MCC>the 3gpp network. Org, i.e. NAI, or domain name part of NAI (i.e. realm) comprises identification information of the second access network device (e.g. TNGF). Wherein, TNGFID is the identification information of TNGF. The identification information of the second access network device may be constituted by a string of characters, numbers, bits or a string of bits, octal or hexadecimal numbers, etc. The present application is not limited to the form of the identification information of the second access network device.

NAI＝<any_username>@nai.5gc.tngffqdn<TNGFFQDN>.mnc<MNC>.mcc<MCC>.3gppnetwork.org

I.e. the NAI or the domain name part of the NAI (i.e. realm) comprises domain name information of the second access network device (e.g. the TNGF). Wherein, TNGFFQDN is the domain name information of TNGF. The domain name information of the second access network device may be constituted by a string of characters, numbers, bits or strings of bits, octal or hexadecimal numbers, etc. The present application is not limited to the form of domain name information of the second access network device.

NAI＝<any_username>@nai.5gc.tngfaddr<TNGFADDR>.mnc<MNC>.mcc<MCC>.3gppnetwork.org

I.e. the NAI or the domain name part of the NAI (i.e. realm) comprises address information of the second access network device (e.g. the TNGF). Where TNGFADDR is the address information (e.g., IP address or MAC address) of TNGF. The address information of the second access network device may be constituted by a string of characters, numbers, bits or a string of bits, octal or hexadecimal numbers, etc. The present application is not limited to the form of the address information of the second access network device.

NAI＝<any_username>@nai.5gc.tngfport<TNGFPORT>.mnc<MNC>.mcc<MCC>.3gppnetwork.org

I.e. the NAI or the domain name part of the NAI (i.e. realm) comprises port information of the second access network device (e.g. the TNGF). Where TNGFPORT is the address information of the TNGF (e.g., TCP port number or UDP port number). The port information of the second access network device may be constituted by a string of characters, numbers, bits or a string of bits, octal or hexadecimal numbers, etc. The present application is not limited to the form of the port information of the second access network device. In a possible implementation manner, the terminal device obtains fourth indication information. The fourth indication information may be used to instruct the terminal device to obtain the NAI according to information of one or more access networks. Or, the fourth indication information may be used to instruct the terminal device to obtain the NAI according to the correspondence between the information of the access network and the information of the network slice. Or, the fourth indication information may be used to instruct the terminal device to obtain the NAI according to the information of the network slice requested to be accessed and the correspondence between the information of the access network and the information of the network slice. Or the fourth indication information may be used to instruct the terminal device to obtain information of the second access network according to the network slice information requested to be accessed and the corresponding relationship between the information of the access network and the information of the network slice, and obtain the NAI according to the information of the second access network.

In a possible implementation manner, the terminal device obtains fourth indication information. The fourth indication information may be used to instruct the terminal device to obtain the NAI according to information of one or more access networks. Or, the fourth indication information may be used to instruct the terminal device to obtain the NAI according to information of one or more access networks and/or information of network slices corresponding to or supported by one or more access networks. Or, the fourth indication information may be used to instruct the terminal device to obtain the NAI according to the information of the network slice requested to be accessed, the information of one or more access networks, and/or the information of the network slice corresponding to or supported by one or more access networks. Or, the fourth indication information may be used to instruct the terminal device to obtain information of the second access network according to the network slice information requested to be accessed, the information of one or more access networks and/or the information of one or more network slices corresponding to or supported by the one or more access networks, and obtain the NAI according to the information of the second access network.

In one possible implementation, acquiring a NAI may be understood as generating or constructing a NAI.

A possible implementation, the NAI comprises information for indicating the second access network device, or other information associated with the second access network device, e.g. comprising an identification of the second access network device.

In a possible implementation manner, the fourth indication information may be a registration rejection message, a registration acceptance message, a configuration update message, a wireless local area network selection policy rule (WLANSP rule), or indication information included in a configuration update procedure; alternatively, the fourth indication information may be a registration reject message, a registration accept message, a configuration update message, a wireless local area network selection policy rule (WLANSP rules); or the fourth indication information may be part or all of the information of the second access network; or the fourth indication information may be part or all of the information of the access network and the corresponding relation of the information of the network slice; or the fourth indication information may be part or all of information of one or more access networks and/or information of one or more corresponding or supported network slices of the access networks.

In another embodiment, the mobile management device may further change the access network device for the UE when determining that the access network device currently connected by the UE does not support the network slice requested by the UE according to the network slice requested by the UE in the registration procedure of the UE, specifically, may send information of the target access network device to the UE through the source access network device, so that the UE may connect to the target access network according to the information of the target access network device, so that the changed target access network device can support the network slice requested by the UE, and improve communication efficiency. In addition, the access network equipment is replaced for the UE, so that the UE does not need to execute the registration process again, and signaling cost and time delay cost can be effectively reduced.

In this embodiment, the second message may further include second indication information, where the second indication information may instruct the terminal device to replace the access network device, or be used to instruct the UE to connect to the access network device corresponding to the requested network slice, or connect to the access network device corresponding to the requested network slice.

In combination with the foregoing embodiment, the second message includes information of the second access network device, and the second message further includes second indication information, that is, the second message sent by the mobile management device to the UE, is used to indicate that the UE may replace the access network device according to the information of the second access network device, so as to satisfy at least one network slice that the current UE requests to access.

A possible implementation manner is that after the mobile management device receives the first message, the mobile management device determines that the first access network device to which the UE is currently connected does not support the network slice (part or all) requested by the UE, and the second access network device is able to support one or more network slices requested by the UE, as shown in fig. 10, then the method may further include:

1001: the UE sends a first message to the mobility management device via the first access network device.

Reference is made to the previous description of step 801 or steps 906-907.

1002: the mobile management device sends a first request message to the second access network device.

If the mobile management device determines that the first access network device does not support part or all of the network slices requested by the UE and determines that the second access network device supports part or all of the network slices requested by the UE, the mobile management device sends a first request message to the second access network device for requesting to replace the access network device for the terminal device.

In particular, the first request message may be used to indicate information (or address) of the target access network device requesting replacement for the terminal device, or to indicate information requesting provision of the access network device, or to indicate replacement or reselection of the access network device for the terminal device.

In a possible embodiment, the first request message may include an identification of the terminal device, for indicating that the terminal device needs to be replaced or reselected to the second access network device or for indicating that the terminal device needs to be replaced or reselected to the second access network device.

Optionally, the first message in the foregoing step 1001 may further include an identifier of the terminal device, so that the first message is further used to instruct the UE corresponding to the identifier of the terminal device to request to obtain access network device information supporting the network slice, or instruct the UE corresponding to the identifier of the terminal device to match the access network device corresponding to the network slice requested by the UE.

Or, optionally, referring to step 907, the first access network device (e.g., N3 IWF-1) may carry the first message in an N2 message sent to the mobility management device (e.g., AMF) through the N2 interface, where the N2 message may further include an identifier of the terminal device, which is used to indicate that the UE requests to obtain access network device information supporting a network slice, or indicate an access network device corresponding to the network slice that may match the request for the UE.

1003: the second access network device sends a first response message to the mobility management device.

Wherein the first response message comprises information of the second access network device. The first response message may be used to indicate that the access network device is changed to the second access network device for the terminal device or that the target access network device is the second access network device.

1004: the mobile management device sends a second message to the UE.

Wherein the second message may comprise information of the second access network device. Reference is made to step 802 described previously.

1005: the UE establishes a connection with a second access network device.

The UE can be connected with the second access network equipment according to the second access network equipment information, and access the core network through the second access network equipment to complete the registration process and acquire the requested network slicing service. Reference is made to step 803, previously described.

The following embodiments of the present application take an example of an untrusted non-3 GPP access network device in a UE access non-3 GPP access type, and a specific flow of an access network device determining method is described in conjunction with fig. 11.

1101: the N3IWF-1 forwards the first message to the AMF.

The steps before step 1101 may refer to the foregoing steps 901 to 906, and are not described herein.

Optionally, the first message or the N2 message may further include an identifier of the UE.

1102: authentication and security procedures are performed.

Reference is made to the relevant description of step 910, which is not repeated here.

When the AMF receives the NAS Security Mode Complete message from the UE, the AMF determines that the N3IWF-1 currently connected to the UE does not support some or all of the network slices requested by the UE, the AMF may obtain information of the access network device supporting the network slices (some or all) requested by the UE, for example, N3IWF-2, according to the network slice information respectively supported by the N3IWF network elements.

1103: the AMF sends a first request message to the N3IWF-2.

For example, the first request message may specifically be a replace request (e.g. Relocation Request) message, optionally, the Relocation Request message may include a UE identifier, which is used to indicate to the N3IWF-2 that the UE corresponding to the UE identifier needs to replace the UE connected to the N3IWF-2 or replace or reselect to the N3IWF-2, to identify the corresponding UE for the UE.

1104: the N3IWF-2 sends a first response message to the AMF.

The N3IWF-2 sends a first response message to the AMF according to the first request message, where the information of the N3IWF-2 may be carried, for example, may be an identifier or an address of the N3 IWF-2.

1105: the AMF sends a second message to N3 IWF-1.

The AMF may send an N2 message to the N3IWF-1 through the N2 port, where the N2 message includes a downlink NAS message (second message) sent to the UE, and the NAS message (second message) may include information of the N3 IWF-2.

Optionally, the NAS message (second message) may further include second indication information (such as replacement indication information), which indicates that the UE needs to be replaced to the second access network device, or indicates that the UE may establish a connection with the N3IWF-2 according to the information of the N3 IWF-2.

1106: the N3IWF-1 forwards the second message to the UE.

1107: the UE establishes a communication tunnel with N3 IWF-2.

Specifically, the UE may establish an internet security protocol (IPsec Security Association, IPSec SA) with N3IWF-2 by initiating an initial exchange of internet key exchange protocols (Internet Key Exchange, IKE).

1108: the UE sends an ike_auth request message to the N3 IWF-2.

1109: the N3IWF-2 transmits a replacement confirm message or a replacement notification message to the AMF.

Optionally, the first request message sent by the AMF to the N3IWF-2 in step 1103 includes the UE identifier, and when the N3IWF-2 establishes a connection with the UE, the N3IWF-2 determines that the UE identifier is the same as the UE identifier included in the first request message sent by the AMF to the N3IWF-2 in step 1103, the N3IWF-2 may send a replacement confirmation message to the AMF, thereby notifying the AMF that the UE has established a connection with the N3 IWF-2.

1110: the AMF sends a context setup request message to the N3IWF 2.

For example, a NGAP Initial Context Setup Request message is sent, which may include the N3IW key.

1111: the N3IWF-2 transmits an ike_auth response message to the UE.

1112: the UE and the N3IWF-2 complete the establishment of the IPSec SA communication tunnel.

The UE and the N3IWF-2 establish the IPSec SA communication tunnel with the previously acquired N3IW key.

1113: the N3IWF-2 sends a context setup response message to the AMF.

After establishing the IPSec SA communication tunnel, the N3IWF-2 may send a context setup response message to the AMF informing the AMF that the UE's corresponding context has been created. For example, N3IWF-2 sends NGAP Initial Context Setup Response to the AMF.

At this point, the IPSec SA will be configured to operate in tunnel mode, and the N3IWF-2 may assign an intranet IP ADDRESS and NAS IP ADDRESS (nas_ip_address) to the UE so that subsequent NAS messages may be transported through the IPSec SA. For example, for an uplink NAS message sent by the UE to the AMF, the source ADDRESS may be an intranet IP ADDRESS of the UE, and the destination ADDRESS is nas_ip_address; for the downlink NAS message sent by the AMF to the UE, the source ADDRESS may be nas_ip_address, and the destination ADDRESS may be an intranet IP ADDRESS of the UE.

1114: the AMF sends an N2 message to the N3IWF-2 including registration accept information.

The AMF sends an N2 message to the N3IWF-2 including a NAS registration accept message (NAS Registration Accept) forwarded to the UE.

1115: the N3IWF-2 transmits a registration accept message to the UE.

The N3IWF-2 sends NAS registration acceptance information to the UE through the established IPSec SA communication tunnel.

In another embodiment, the method for determining an access network device according to the present application may also be applied to a trusted non-3 GPP access network device in a non-3 GPP access type.

By way of example, a specific flow of an access network device determination method will be described below with reference to fig. 12, taking UE access to a trusted non-3 GPP access network device as an example.

1201: the UE establishes a connection with the TNAP.

Wherein the UE selects a PLMN and a trusted non-3GPP access network TNAN connected to the PLMN. The UE establishes a Layer 2 (Layer-2, L2) connection with the trusted non-3GPP access point TNAP.

In one possible implementation manner, the terminal device obtains configuration information; the terminal device selects an access network device supporting the requested slice (or supporting the required slice) according to the configuration information. The configuration information may be one or more of WLAN selection policies (e.g., WLAN selection policy, WLANSP), trusted non-3GPP access network configuration information (e.g., TNAN configuration), trusted non-3GPP access point selection information (e.g., trusted non-3GPP access point selection information), trusted non-3GPP access gateway selection information (e.g., TNGF selection information).

One possible implementation manner, the configuration information includes one or more pieces of access network device information and slice information corresponding to or supported by the one or more pieces of access network devices. The access network device information may be one or more of identification information (e.g., identifier or SSID), domain name information (e.g., domain name or FQDN), address information (e.g., IP address), and port number information, among others. The slice information may be one or more NSSAIs or one or more S-NSSAIs, etc.

In one possible implementation, the terminal device may select an access network device from one or more access network devices (which may be referred to as alternative access network devices) supporting the slice requested or required by the terminal device according to slice information corresponding to or supported by one or more access network device information in the configuration information. In one possible implementation, the access network device may be an N3IWF, TNAN, TNGF, TNAP or WLAN access node (e.g., access point, AP). In a possible implementation manner, the slice corresponding to the slice information included in the configuration information may be a slice supported by the access network device, or may be a slice in the slice supported by the access network device and allowed to be used by the terminal device, or may be a slice subscribed by the terminal device in the slice supported by the access network device.

In another possible implementation manner, the configuration information includes one or more slice information and access network device information corresponding to the one or more slice information. The access network device corresponding to the slice information may be understood as access network device information of the access network device supporting the slice. The access network device information may be one or more of identification information, domain name information (e.g., domain name or FQDN), address information (e.g., IP address), and port number information, among others. The slice information may be one or more NSSAIs or one or more S-NSSAIs, etc. The terminal device may determine, according to the access network device information corresponding to the slice information in the configuration information, one or more access network device information supporting the slice requested or required by the terminal device, and select one access network device from the access network devices corresponding to the one or more access network device information. In one possible implementation, the access network device may be an N3IWF, TNAP, TNAN, TNGF or WLAN access node (e.g., access point, AP). In a possible implementation manner, the slice corresponding to the one or more slices included in the configuration information may be a slice supported by the network, or may be a slice allowed to be used by the terminal device, or may be a slice subscribed to by the terminal device.

1202: the UE performs EAP flow with TNAP.

Specifically, the UE sends an EAP request message to the TNAP, the EAP request message being encapsulated in the L2 packet, e.g., in an IEEE 802.3 or 802.1x or PPP packet. The TNAP transmits an EAP response message or an EAP acknowledgement message (EAP-Req/Identity message) to the UE, requesting acquisition of the identification information of the UE.

1203: the UE sends a network access identity to the TNAP.

Wherein the network access identifier (Network Access Identifier, NAI) is used to trigger the TANP to send an AAA request (AAA request) to the TNGF-1.

Wherein the NAI indicates that a 5G connection (5G connectivity) of a particular PLMN is requested. For example nai= "< any_username > @ nai.5gc mcn < MNC >. MCC < MCC >.3gpp network org. EAP packets between TNAP and TNGF-1 are encapsulated by AAA messages. The AAA request also includes a TNAP identity that may be used as user location information (User Location Information, ULI).

1204: TNGF-1 sends an EAP Request/5G-Start packet to the UE.

The EAP-Request/5G-Start packet is used to inform the UE to initiate an EAP-5G session, e.g., to inform the UE to Start sending NAS messages (by encapsulating NAS messages in EAP-5G packets).

1205: the UE sends an EAP-Response/5G-NAS packet to TNGF 1.

The 5G-NAS packet includes AN AN parameter and a first message (e.g., a registration request message). The AN parameters include parameter information for TNGF-1 to select AMFs, such as GUAMI, selected PLMN IDs (or PLMN IDs and NIDs), etc.

Optionally, the first message (registration request message) may include first indication information, which is used to indicate that access network device information supporting at least one network slice requested by the terminal device is acquired, or indicate that a corresponding access network device is matched for the terminal device according to the first message.

In this case, the UE sends an EAP-Response/5G-NAS packet to the tnff 1, and may further include an identifier of the terminal device, for the tnff 1 to determine that the terminal device corresponding to the identifier of the terminal device matches the appropriate access network device and feed back information of the access network device.

1206: TNGF-1 forwards the first message to the AMF.

Wherein TNGF-1 performs AMF selection and sends a first message (e.g., a registration request message) to the AMF.

1207: authentication and security procedures are performed.

After authentication is completed, the AUSF sends the SEAF key to the AMF. The AMF can derive the NAS security key and the TNGF-1 security key from the SEAF key. The AMF sends NAS Security Mode Command to the UE to activate NAS security. The NAS Security Mode Command includes EAP-Success, indicating that the EAP-AKA authentication performed by the core network was successful. TNGF-1 forwards NAS Security Mode Command sent by the AMF to the UE and sends NAS Security Mode Complete message sent by the UE to the AMF.

1208: the AMF sends a first request message to TNGF-2.

When the AMF receives the NAS Security Mode Complete message from the UE, the AMF determines that the tnff-1 currently connected by the UE does not support part or all of the network slices requested by the UE, the AMF may obtain information of access network devices supporting (part or all of) the network slices requested by the UE, such as an identifier or an address of the tnff-2, according to the network slice information respectively supported by the plurality of tnff network elements. The AMF then sends a first request message to TNGF-2.

For example, the first request message may specifically be a replacement request (Relocation Request) message for indicating a request to obtain the address of the TNGF-2. In one possible implementation, the first request message may include an identification of the UE. The identity of the UE may be used to indicate a terminal device to replace or reselect to TNGF-2.

1209: TNGF-2 sends a first response message to the AMF.

TNGF-2 sends TNGF-2 information, such as TNGF-2 identification or address, to the AMF according to the first request message.

1210: the AMF sends a second message to TNGF-1.

Wherein the second message may include information of TNGF-2.

Specifically, the AMF may send Relocation Request message to TNGF-1, relocation Request message carrying the security key of TNGF-1 and a second message (downstream NAS message) to the UE.

Optionally, the downlink NAS message (second message) may further include second indication information (such as replacement indication information), which indicates that the UE needs to be replaced to the second access network device TNGF-2, or indicates that the UE may establish a connection with the TNGF-2 according to the information of the TNGF-2.

1211: TNGF-1 forwards the second message to the UE.

TNGF-1 accepts the TNGF security key and sends a second message (downstream NAS message) to the UE.

Further comprises: the UE sends EAP-Response/5G-Notification to TNGF-1.

After TNGF-1 receives the message, AAA message is sent to TNAP, and the AAA message comprises EAP-Success message sent to UE and TNAP key obtained by TNGF-1 derivation sent to TNAP by TNGF-1.

1212: the AMF sends a context setup request message to TNGF-2.

For example, a NGAP Initial Context Setup Request message is sent, which may include a TNGF key.

1213: the UE establishes L2 security with the TNAP.

Wherein the TNAP key may be used to establish L2 security (layer-2 security) between the UE and the TNAP.

1214: the UE completes the local IP configuration with the TNAP.

The TNAP configures to the UE local IP, and the UE receives the IP configuration of the TNAN. For example, the UE may acquire its own IP address through DHCP.

At this point, the UE successfully connects to the TNAN network and acquires the IP configuration.

1215: the UE completes NWt connection establishment with TNGF-2.

Specifically, the UE may initiate a secure NWt connection with the TNGF-2, where NWt is the connection interface between the UE and the TNGF. Illustratively, the UE may initiate an ike_init interaction with the address of the tnff-2, where the UE identity provided by the UE may be the same as the UE identity included in steps 1205 and/or 1208, so that the tnff-2 may determine the tnff-2 key corresponding to the UE based on the identity of the UE. The TNGF-2 key may be used for bi-directional authentication.

Wherein the transmission between the UE and the TNGF is not encrypted, as is a trusted network (operator deployed, considered trusted, so no encryption is required). TNGF-2 may assign an intranet IP ADDRESS, TCP port, NAS_IP_ADDRESS, and a differentiated services code point (differentiated services code point, DSCP) value to the UE. The DSCP value may be marked for IP packets transmitted between the UE and the TNGF-2. The UE and the TNAP may map the DSCP value to a corresponding QoS class. After establishing the IPSec SA tunnel, the UE may establish a TCP connection with the tnff through nas_ip_address and TCP ports. Subsequent NAS messages may be tunneled through the IPSec SA tunnel. For example, for an uplink NAS message sent by the UE to the AMF, the source ADDRESS may be an intranet IP ADDRESS of the UE, and the destination ADDRESS is nas_ip_address; for the downlink NAS message sent by the AMF to the UE, the source ADDRESS may be nas_ip_address, and the destination ADDRESS may be an intranet IP ADDRESS of the UE.

1216: TNGF-2 sends a context setup response message to the AMF.

After NWt connection is successfully established, TNGF-2 may inform the AMF that the security context for the UE has been created through NGAP Initial Context Setup Response.

1217: the AMF sends an N2 message to TNGF-2.

The N2 message includes a NAS registration accept message (NAS Registration Accept) transmitted to the UE. Subsequently, when the AMF registers with the UDM, the UDM needs to be provided with a Non-3GPP access (Non-3 GPP access) type.

1218: TNGF-2 sends a registration accept message to the UE.

TNGF-2 sends NAS registration accept message to UE through the IPSec SA communication tunnel that establishes.

In yet another possible implementation manner, in a trusted non-3GPP access scenario, if the mobility management device determines that the tnff-1 (the first tnff network element) does not support the network slice (part or all) requested by the UE, and determines that the tnff-2 (the second tnff network element) supports the network slice (part or all) requested by the UE, the mobility management device may further send a second message to the terminal device through the tnff-2 to indicate information of the second access network device tnff-2 to the UE, so that the UE may access the tnff-2 through the information of the tnff-2, and then access the core network to obtain the slice service. Therefore, the flow can be further simplified, and the signaling overhead and the time delay overhead are saved.

Wherein, optionally, after the mobility management device determines that the TNGF-1 does not support (part or all of) the network slice requested by the UE, the method may further comprise: the mobile management equipment sends a second request message to TNGF-1 to request to acquire the identification of a trusted non-3 GPP access point TNAP connected by the terminal equipment; TNGF-1 sends to the mobility management device the TNAP identification accessed by the UE.

Thus, optionally, after the mobile management device obtains the TNAP identification information accessed by the UE, a third request message may be sent to the TNGF-2 for requesting to establish the context of the terminal device. The third request message may further include a TNAP identifier currently accessed by the UE.

By way of example, a specific flow of the method for determining an access network device will be described below with reference to fig. 13, taking UE access to a trusted non-3 GPP access network device as an example.

1301: TNGF-1 forwards the first message to the AMF.

The steps before step 1301 may refer to the foregoing steps 1201-1205, and are not repeated here.

TNGF-1 performs AMF selection and sends a first message (e.g., a registration request message) to the AMF.

1302: authentication and security procedures are performed.

Reference is made to the aforementioned step 1207, which is not repeated here.

1303: the AMF sends a second request message to TNGF-1.

The AMF sends a request message (e.g., relocation Request) to the TNGF1 requesting acquisition of the TNAP identity (i.e., the identity of the UE-connected TNAP); in one possible implementation, the request message includes an indication information, where the indication information is used to indicate the request TNAP identifier; after receiving the request message, TNGF1 sends an identification of TNAP connected with the UE to AMF; in a possible implementation, the request message may further include an identification of the terminal device. The identifier of the terminal device is used for indicating that the request message is used for requesting to acquire the identifier of the TNAP to which the terminal device corresponding to the identifier of the terminal device is connected. So that the TNGF1 may feed back the identity of the TNAP to which the end device is connected in accordance with the request message.

1304: TNGF-1 sends a second response message to the AMF.

Including the identity of the TNAP to which the UE is connected.

1305: the AMF sends a third request message to TNGF-2.

The third request message is for requesting establishment of a security context of the UE. Wherein the third request message includes an identification of the TNAP. Optionally, a TNGF key may also be included.

Illustratively, the AMF sends NGAP Initial Context Setup Request a message to TNGF-2, which may include a TNGF key and a TNAP identification. Wherein the TNGF-2 can learn from TNAP identity in the request message that the establishment of the security context was migrated from other TNGF.

Optionally, the third request message may further include third indication information, where the third indication information is used to indicate that the security context establishment of the UE is migrated from other TNGF.

1306: TNGF-2 sends a second message to the UE.

Wherein the second message may include information of the TNGF-2 for feeding back to the UE that the TNGF-2 may support one or more of the network slices requested by the UE. The TNGF-2 information can be an address or a mark of TNGF-2.

Specifically, the TNGF-2 may send the second message to the UE through the TNAP corresponding to the TNAP identifier according to the TNAP identifier carried in the third request message, for example, the TNGF-2 information may be sent to the UE through an EAP-Req/5G-Notification message.

Optionally, the second message may further include second indication information (such as replacement indication information), which indicates that the UE needs to be replaced or reselected to the second access network device TNGF-2, or indicates that the UE may establish a connection with the TNGF-2 according to the information of the TNGF-2.

So that the subsequent UE may establish a connection with the TNGF-2, the subsequent flow may refer to step 1211 and the related descriptions in steps 1213 to 1218 in the foregoing embodiments, which are not described herein.

Based on the above method for determining the access network device provided by the present application, the present application also provides a communication device, as shown in fig. 14, where the communication device 1400 includes a sending module 1401, a receiving module 1402, and a processing module 1403. The method for implementing the terminal device implementation in fig. 8 to 13 is used for implementing the above embodiments.

Wherein the sending module 1401 is configured to send a first message to the mobility management device through the first access network device, where the first message includes an identifier of at least one network slice, and the first message indicates that access to the network slice is requested.

The receiving module 1402 is configured to receive, by the first access network device or a second access network device, a second message, the second message including information of the second access network device, the second message indicating that the second access network device supports one or more of the at least one network slice.

The processing module 1403 is configured to establish a connection with the second access network device.

Further, the processing module 1403 is further configured to implement operations of the terminal device side in the above embodiments of fig. 8 to 13 according to the present application, such as receiving or transmitting data/information. The transmitting module 1401 is further configured to implement the operation of transmitting data/information on the terminal device side in fig. 8 to 12 according to the above embodiment of the present application, and the receiving module 1402 is further configured to implement the operation of receiving data/information on the terminal device side in fig. 8 to 12 according to the above embodiment of the present application.

In addition, based on the foregoing embodiments, the present application also provides a communication apparatus, as shown in fig. 14, a communication apparatus 1400 includes a transmitting module 1401, a receiving module 1402, and a processing module 1403. A method for implementing the mobile management device implementation in the above embodiments as in fig. 8 to 12.

The receiving module 1402 is configured to receive, by a first access network device, a first message from a terminal device, where the first message includes an identifier of at least one network slice, and the first message indicates that the terminal device requests access to the network slice.

Processing module 1403 is configured to determine that if the first access network device does not support one or more of the at least one network slice and determine that the second access network device supports one or more of the at least one network slice.

The sending module 1401 is configured to send a second message to the terminal device through the first access network device, where the second message includes information of the second access network device, and the second message indicates that the second access network device supports one or more of the at least one network slice.

Further, the processing module 1403 is further configured to implement operations of the mobility management device side in the above embodiments of fig. 8 to 12 according to the present application, such as receiving or transmitting data/information. The transmitting module 1401 is configured to implement the operation of transmitting data/information on the mobile management device side in the above embodiments of the present application in fig. 8 to 12, and the receiving module 1402 is configured to implement the operation of receiving data/information on the mobile management device side in the above embodiments of the present application in fig. 8 to 11.

In addition, based on the foregoing embodiments, the present application also provides a communication apparatus, as shown in fig. 14, a communication apparatus 1400 includes a transmitting module 1401, a receiving module 1402, and a processing module 1403. A method for implementing the mobile management device implementation in the above embodiment as in fig. 13.

The receiving module 1402 is configured to receive, by a first access network device, a first message from a terminal device, where the first message includes an identification of at least one network slice, and the first message indicates that the terminal device requests access to the network slice.

Processing module 1403 is for determining that the first access network device does not support one or more of the at least one network slice and determining that a second access network device supports one or more of the at least one network slice.

The sending module 1401 is configured to send a second message to the second access network device, where the second message indicates that the second access network device sends information of the second access network device to the terminal device, and the information of the second access network device is used for the terminal device to establish a connection with the second access network device.

Further, the processing module 1403 is further configured to implement operations of the mobility management device side in the above embodiment of fig. 13 according to the present application, such as receiving or transmitting data/information. The transmitting module 1401 is configured to implement the operation of transmitting data/information on the mobility management device side in the above embodiment of the present application in fig. 13, and the receiving module 1402 is configured to implement the operation of receiving data/information on the mobility management device side in the above embodiment of the present application in fig. 13.

In addition, based on the foregoing embodiments, the present application also provides a communication apparatus, as shown in fig. 14, a communication apparatus 1400 includes a transmitting module 1401, a receiving module 1402, and a processing module 1403. A method for implementing the access network device implementation in the above embodiments, such as in fig. 8 to 13.

Wherein the receiving module 1402 is configured to receive a first message from a terminal device, the first message including an identification of at least one network slice, the first request indicating that the terminal device requests access to the network slice.

The sending module 1401 is configured to send the first message to a mobility management device.

The receiving module 1402 is further configured to receive a second message from the mobility management device, the second message including information of a second access network device, the second message indicating that the second access network device supports one or more of the at least one network slice.

The sending module 1401 is further configured to send the second message to the terminal device.

Further, the processing module 1403 is further configured to implement operations of the access network device side in addition to receiving or sending data/information in the above embodiments of the present application, such as fig. 8 to 13. The sending module 1401 is configured to implement the operation of sending data/information on the access network device side in the embodiments of the present application as shown in fig. 8 to 13, and the receiving module 1402 is configured to implement the operation of receiving data/information on the access network device side in the embodiments of the present application as shown in fig. 8 to 13.

In a simple embodiment, one skilled in the art will appreciate that the communication device 1400 described above may take the form shown in fig. 7. For example, the processor 701 in fig. 7 may cause the communication device 1400 to perform the described methods performed by the communication devices in the above-described method embodiments by invoking computer-executable instructions stored in the memory 703.

The functions/implementation of the transmitting module 1401 and the receiving module 1402 in fig. 14 may be implemented by the processor 701 in fig. 7 calling computer-executable instructions stored in the memory 703, for example. Alternatively, the functions/implementation of the processing module 1403 in fig. 14 may be implemented by the processor 701 in fig. 7 calling computer-executable instructions stored in the memory 703, and the functions/implementation of the transmitting module 1401 and the receiving module 1402 in fig. 14 may be implemented by the communication interface 704 in fig. 7.

It should be noted that one or more of the above modules or units may be implemented in software, hardware, or a combination of both. When any of the above modules or units are implemented in software, the software exists in the form of computer program instructions and is stored in a memory, a processor can be used to execute the program instructions and implement the above method flows. The processor may be built in a SoC (system on a chip) or ASIC, or may be a separate semiconductor chip. The processor may further include necessary hardware accelerators, such as field programmable gate arrays (field programmable gate array, FPGAs), PLDs (programmable logic devices), or logic circuits implementing dedicated logic operations, in addition to the cores for executing software instructions for operation or processing.

When the above modules or units are implemented in hardware, the hardware may be any one or any combination of a CPU, microprocessor, digital signal processing (digital signal processing, DSP) chip, micro control unit (microcontroller unit, MCU), artificial intelligence processor, ASIC, soC, FPGA, PLD, special purpose digital circuitry, hardware accelerator, or non-integrated discrete devices that may run the necessary software or that do not rely on software to perform the above method flows.

In addition, considering that different services may have privacy protection requirements on nsai information of the user, an Access Stratum (AS) connection establishment flow further includes operator-controlled (operator-controlled) slice information, that is, whether nsai information can be included in the connection establishment flow is controlled to implement user privacy protection.

Specifically, the serving PLMN may control slice information (e.g., nsai information) that may be included in the procedure for access layer connection establishment by the terminal device (e.g., UE) according to the access type, e.g., when the UE establishes a connection through a service request (e.g., service request), a periodic registration update (e.g., periodic registration update), or a registration procedure for updating the UE capability, the procedure for access layer connection establishment may include nsai information (if any). Furthermore, regardless of the procedure that caused the RRC connection establishment, the home PLMN or the visited PLMN may also indicate that the UE is not to include nsai information in the access layer, thereby enabling privacy protection of the nsai.

In one implementation, during registration of the UE, the AMF may include a mode parameter (Access Stratum Connection Establishment NSSAI Inclusion Mode parameter) in a registration accept message (Registration Accept) sent to the UE to indicate whether and when the UE may include slice information (e.g., nsai information) in the access layer connection establishment (Access Stratum Connection Establishment).

The NSSAI including mode for establishing the access layer connection may include the following cases a, b, c or d.

a. The UE may include a set of slice information corresponding to the slices allowed to be used, e.g., nsai set (if available) of allowed NSSAI (Allowed NSSAI), in an access layer connection setup caused or triggered by a Service Request (Service Request), a periodic registration update (Periodic Registration Update), or a registration procedure (Registration procedure used to update the UE capabilities) for updating UE capabilities.

b. For the case of access stratum connection establishment caused or triggered by a service request, the included slice information (e.g., nsai information) may be: triggering S-NSSAI in the network slice established by the access layer connection, namely reactivating all S-NSSAI of the PDU session user plane through the service request; alternatively, the S-nsai in the network slice triggering the service request to perform control plane cross-correlation may be, for example, for a session management SM, the S-nsai of the PDU session to which the SM message relates.

For the case of access stratum connection establishment caused or triggered by periodic registration update or registration procedure for updating UE capability, the included nsai information may be: subset of Allowed NSSAI.

c. The UE should not include any nsai information in the access layer connection setup caused or triggered by service requests, periodic registration updates, or registration procedures for updating the UE capabilities.

d. The UE should not provide nsai information at the access stratum.

Wherein in mode a, b or c, the UE may include a Requested nsai provided in the NAS layer for the case of access stratum connection establishment caused or triggered by a mobile registration update or an initial registration.

For all UEs that are allowed to use mode a, b or c, the access layer connection setup nsai inclusion mode (Access Stratum Connection Establishment NSSAI Inclusion Mode) should remain consistent over the same registration area, i.e. the UE is within the registration area, which access layer connection setup nsai inclusion mode remains unchanged. As part of the network slice configuration, the UE may store and act in accordance with the corresponding mode for each PLMN and access type. The AMF network element corresponding to the serving PLMN should not instruct the UE to operate in any other mode than mode d in the 3GPP access type unless the HPLMN provides an indication to allow this (i.e. if the PLMN allows mode a, b or c), then the UDM of the HPLMN sends a display indication to the serving AMF indicating that the nsai may be included in the RRC as part of the subscription data.

The default working mode of the UE is as follows:

for 3GPP access types, the UE defaults to operating in mode d unless an indication is obtained that it can operate in mode a, b or c.

For the untrusted non-3 GPP access type, the UE defaults to operating in mode b unless an indication is obtained that it may operate in mode a, b or d.

For trusted non-3 GPP access types, the UE defaults to operate in mode d unless an indication is obtained that it can operate in mode a, b or c.

For the W-5GAN access type, the 5G-RG defaults to operating in mode b unless it obtains an indication that it can operate in mode a, c or d.

In addition, the operator may pre-configure the UE to default to operate in mode c in the HPLMN, i.e., the UE includes NSSAI information in the access layer when performing initial registration and mobility registration update procedures with the HPLMN, until the HPLMN changes modes as described above, acquiring an indication that it may operate in modes a, b, or d.

In the above scenario, based on the background that the UE may not include nsai information in the procedure of establishing a connection, the present application further provides an embodiment for determining an access network device, when the access network device connected by the UE does not support the slice requested by the UE, the AMF may determine, according to the slice information supported by the access network device, the target access network device, and send the target access network device information to the UE, so that the UE may establish a connection with the target access network device through a procedure capable of establishing a connection with the target access network device, for example, through a service request, a mobility registration update procedure, a periodic update procedure, or a registration procedure for updating the UE capability, and access to the core network through the target access network device.

As shown in fig. 15, a method for determining an access network device according to an embodiment of the present application, where a terminal device is taken as a UE as an example, may include the following steps.

1501: the terminal device sends a first message to the mobile management device through the first access network device.

In addition, in an embodiment, the first message may further include first indication information, where the first indication information is used to indicate that access network device information supporting at least one network slice is acquired, or indicate that a corresponding access network device is matched or selected according to the first message. In one possible implementation, the first indication information may be used to indicate support for acquiring slice information supported by the access network device.

For the other, reference may be made to the description of step 801 in the foregoing embodiment, which is not repeated here.

1502: the mobile management device sends a second message to the terminal device through the first access network device.

Correspondingly, the mobile management device receives the first message, when determining that the first access network device currently connected with the UE does not support part or all of the network slices requested by the UE, the mobile management device may determine, according to the network slice information supported by the access network device, a target access network device, such as a second access network device, and send information of the second access network device to the UE through the second message, so that the UE may be connected with the second access network device according to the information of the second access network device.

Wherein the second message may comprise information of the second access network device.

Additionally, the second message may indicate that the second access network device supports one or more of the at least one network slice. That is, the second message is used to indicate to the UE that the second access network device may support some or all of the network slices requested by the UE.

In one embodiment, the second message may also indicate that the first access network device does not support one or more of the at least one network slice. That is, the second message may be used to indicate to the UE that the first access network device does not support some or all of the network slices requested by the UE, while the second access network device may support some or all of the network slices requested by the UE but not supported by the first access network device.

In an embodiment, when the first message of the UE includes a plurality of network slices and the second access network device supports only a portion of the plurality of network slices requested by the UE, the second message may further include an identification of one or more of the at least one network slice included in the first message in such an embodiment.

The second message may be a response message responsive to the first message, for example. For example, the first message may be a registration request message and the second message may be a registration accept message.

For the other, reference may be made to the description of step 802 in the foregoing embodiment, which is not repeated here.

1503: the mobility management device sends third information for indicating to release the connection of the first access network device and the terminal device.

In a possible implementation manner, the mobility management device may send the third information to the first access network device, or the mobility management device may send the third information to the terminal device through the first access network device.

In one possible implementation, the third information may be a second message.

In a possible implementation manner, the third information may be information used for updating the policy of the terminal device in the configuration updating procedure.

In one possible implementation, the third information may include information of the second access network device. And the terminal equipment acquires that the first access network equipment does not support the slice requested by the terminal equipment or acquires that the second access network equipment supports the slice requested by the terminal equipment according to the third information. The terminal device establishes a connection with the second access network device. In one possible implementation, the terminal device may establish a connection with the second access network device after releasing the connection with the first access network device. In another possible implementation manner, after the terminal device may perform the deregistration procedure through the first access network device, the registration procedure is performed through the second access network device.

Illustratively, the mobile management device initiating the connection release procedure may include: the mobility management device sends a UE context release instruction (e.g., N2 UE Context Release Command) to the first access network device. The first access network device then sends an AS message to the UE for releasing the connection with the first access network device.

For example, the AMF may initiate AN N2 connection release procedure, or the UE may initiate AN release procedure, causing the UE to enter AN IDLE state (e.g., CM-IDLE state). Subsequently, the UE may establish a connection with the second access network device through a service request, a periodic registration update, a mobility registration update, or a registration procedure for updating a capability of the terminal device, so as to obtain a service corresponding to the Requested network slice (e.g., requested nsai), so that the second access network device may support the slice Requested by the UE.

In one embodiment, the terminal device may obtain fourth information, where the fourth information is used to indicate that the terminal device is allowed to establish a connection, including slice information, and/or a procedure performed. That is, the terminal device may learn or determine, by receiving the fourth information, or the configured/preconfigured fourth information, information of at least one network slice requested by the terminal device in a procedure to be performed for subsequent connection establishment with the second access network device. In one possible implementation, the executed procedures include a mobility registration update procedure, an initial access procedure, a service request procedure, a periodic registration update procedure, or a registration procedure for updating the capabilities of the terminal device.

1504: and the terminal equipment sends fifth information and establishes connection with the second access network equipment.

In a possible implementation manner, the terminal device may send the fifth information to the second access network device, or the terminal device may send the fifth information to the mobility management device through the second access network device. The connection may be AN access stratum connection (AS connection), AN access network connection (AN connection), or a non-access stratum signaling connection (e.g., NAS signaling connection).

Wherein the fifth information may include at least one network slice, such as Requested NSSAI, for which the terminal device requests access.

The fifth information may be sent to the mobility management device by a service request, a periodic registration update, a mobility registration update, or a message in a registration procedure for updating the capabilities of the terminal device. In a possible implementation, the fifth information may be a service request, a periodic registration update, a mobility registration update, or a message in a registration procedure for updating the capabilities of the terminal device.

In one embodiment, the terminal device may send an indication information to the second access network device indicating that the establishment cause is for updating, reselecting or redirecting the access network device.

In a possible implementation, the reason for the establishment of the connection between the terminal device and the second access network device may be updating, reselecting or redirecting the access network device. For example, when the terminal device establishes a connection with the second access network device, the establishment cause (e.g., establishment Cause) sent by the terminal device to the second access network device may be a cause of an access network device redirection (e.g., access node relocation, access network relocation, tnff relocation or N3IWF relocation), an access network device update, an access network device replacement, or an access network device reselection. The establishment cause may be used to indicate that the reason for the terminal device to establish a connection with the second access network device is to replace the access network device, or that the reason for the terminal device to establish a connection with the second access network device is to support network slicing requested by the terminal device.

Wherein the mobility management device updates, learns, acquires or determines Allowed slice information (e.g., allowed NSSAI) corresponding to the UE after the UE establishes a connection with the second access network device and/or after establishing a connection with the mobility management device through the second access network device. The allowed slice information may contain Requested slice information (e.g., requested NSSAI).

In embodiments of the present application, the updating of the Allowed slice information (e.g., allowed NSSAI) may be accomplished in two ways.

Mode 1, the mobile management device may include the Allowed slice information sent to the terminal device as network slice information Requested by the terminal device, i.e., the Allowed NSSAI includes the Requested NSSAI.

Specifically, when the terminal device accesses the mobility management device through the first access network device, the access mobility management device determines that at least one network slice (such as a first network slice) in the Requested NSSAI of the first message is not supported by the first access network device, but determines that the second access network device can support the at least one network slice such as the first network slice, and then the mobility management device determines, according to network slice information (such as the Requested NSSAI) Requested by the terminal device and network slice information (such as supported slots) supported by the second access network device, allowable slice information (such as an Allowed NSSAI) corresponding to the UE.

It should be noted that, the slice permission information may include first slice information supported by the second access network device, where the first slice information includes an identifier of at least one network slice supported by the second access network device. And, the allowed slice information may include second slice information that the terminal device requests access, wherein the second slice information includes an identification of at least one network slice, and the first slice information may be the same as or different from the second slice information. For example, the slices requested by the terminal device are slice 1, slice 2 and slice 3, the first access network device connected by the terminal device supports slice 1, the second access network device supports slice 1 and slice 2, and then the mobile management device may obtain that slice information allowed by the terminal device includes first slice information, where the first slice information includes identification of slice 1 and slice 2, and the first slice information includes second slice information, where the second slice information includes some or all of the slices requested to be accessed by the terminal device, for example, may include slice 1 and slice 2. At this time, the allowed slice information includes both slice information supported by the first access network device and slice information not supported by the first access network device, such as slice 2. That is, the Allowed NSSAI of the present application may include slice information that is not supported by the first access network device but is supported by the second access network device.

Subsequently, the mobile management device may include or carry the allowed slice information in the second message sent to the UE when the authentication of the UE is successful and the access to the core network is allowed. Alternatively, the allowed slice information may also be sent to the UE in a message (e.g., UE Configuration Update Command) or flow (e.g., UE Configuration Update procedure) for updating the configuration. In a possible implementation, the mobile management device may send the allowed slice information and/or information of the second access network device to the UE. In a possible implementation, the allowed slice information and/or the information of the second access network device may be used to indicate that the connection of the terminal device with the first access network device is released. For example, when the terminal device obtains the allowed slice information and/or the information of the second access network device, or obtains the allowed slice information and/or the information of the second access network device through the first access network device, one or more of the following information may be known: the first access network equipment does not support part or all of the slices which the terminal equipment requests to access; the second access network equipment supports part or all of the slices which the terminal equipment requests to access; releasing the connection between the terminal equipment and the first access network equipment; the terminal equipment executes a deregistration process through the first access network equipment; the terminal equipment needs to establish connection with the second access network equipment; the terminal device executes the registration process through the second access network device.

In one embodiment, in the process of establishing connection between the terminal device and the second access network device, the terminal device sends fifth information, where the fifth information includes third slice information that the terminal device requests to access, where the third slice information includes an identifier of part or all of the network slices that the terminal device requests to access. The third slice information may be the same as or different from the first slice information or the second slice information. For example, according to the foregoing example, if the slices requested by the terminal device are slice 1, slice 2, and slice 3, the first access network device to which the terminal device is connected supports slice 1, the second access network device supports slice 1 and slice 2, and the third slice information may include the identities of slice 1 and slice 2. Alternatively, the third slice information may include an identification of slice 2, which indicates slice information corresponding to a slice that is not supported by the first access network device but is supported by the second access network device. In a possible implementation manner, the third slice information may include slice information corresponding to a slice that is not allowed to be used (or is not supported by the first access network device) in the network slice that the terminal device requests to access when the terminal device accesses through the first access network device. In one possible implementation manner, the third slice information may be slice information corresponding to a network slice supported by the second access network device, that is, the third slice information may include slice information corresponding to a slice supported by the second access network device, which is not allowed to be used (or is not supported by the first access network device) in a network slice that the terminal device requests to access when the terminal device accesses through the first access network device.

In mode 2, when the terminal device accesses through the first access network device, the first access network device does not support a part of the slices Requested by the terminal device, and determines that the second access network device supports at least one slice, the mobility management device may record, save or store fourth slice information, where the fourth slice information includes a slice not supported by the first access network device, and subsequently, the mobility management device may determine an Allowed NSSAI according to network slice information (such as a Requested NSSAI) Requested by the terminal device and the fourth slice information. Wherein in embodiments of the application, storing, recording or preserving may refer to the same meaning.

For example, the context information corresponding to the terminal device records the network slice identification information that the first access network device does not support the request of the terminal device, so that after the UE establishes a connection with the mobility management device through the second access network device, the mobility management device may update slice information that the terminal device is Allowed to use, for example, update the Allowed NSSAI, according to the context information.

Alternatively, the slice information stored in the context information corresponding to the UE may be slice information that the UE is Allowed to use (e.g., allowed nsai), the UE request slice information (Requested nsai), the slice Requested by the UE but not supported by the first access network device (e.g., nsai that is not included in the Allowed nsai in the Requested nsai). I.e. the AMF may save, store or record the slice information that the first access network device fails to support the UE requesting the slice. Alternatively, the slice information may be slice information supported by the second access network device. For example, according to the foregoing example, if the slice requested by the terminal device is slice 1, slice 2, and slice 3, the first access network device to which the terminal device is connected supports slice 1, and the second access network device supports slice 1 and slice 2, the fourth slice information stored on the AMF side may include the identifiers of slice 1 and slice 2, or include the identifiers of slice 2 and/or slice 3.

Further, in the embodiment of mode 1, the second message includes allowed slice information, and may further include fourth information, where the fourth information is used to indicate that the requested slice information is carried or included in an access layer message (e.g. AS message) or a non-access layer message (e.g. NAS message) in a procedure of allowing the UE to establish a connection with the second access network device.

Alternatively, the fourth information may also be carried or included in step 1503 described above, i.e. carried in the message releasing the connection.

Thus, in a subsequent step 1504, during the connection between the terminal device and the second access network device or the connection between the terminal device and the mobility management device through the second access network device, at least one network slice, such as a Requested nsai, requested for access by the terminal device may be carried or included according to the fourth information.

According to the embodiment, when the mobile management equipment determines that the access network equipment currently connected with the UE does not support the slicing requested by the UE, the mobile management equipment acquires or determines the target access network equipment supporting the slicing for the UE, establishes connection with the target access network equipment to access the core network under the condition that the UE does not need to execute a deregistration flow, and enables the UE to comprise the slicing information requested by the UE by expanding or updating the slicing information allowed to be used by the UE, so that the interaction flow is simplified, and the problem that the access network equipment cannot be accurately connected to acquire network slicing services is effectively solved.

In one implementation, when the access network device to which the UE is connected does not support the UE-requested slice, the UE can still access the core network, but the UE is allowed to use slices that do not include the UE-requested slice. Therefore, when the core network reselects the access network device for the UE, and the UE does not need to perform a registration procedure, the AMF needs to update the slice information allowed to be used by the UE, otherwise, the UE cannot acquire the corresponding slice service by using the requested network slice even if the UE accesses the core network through the target access network device supporting the request of the UE for slicing.

In addition, the application also provides a possible implementation manner, which can comprise the following steps:

1. the terminal device sends first information to the mobility management device via the first access network device, the first information comprising an identification of at least one network slice to which the terminal device requests access.

2. The mobile management device obtains allowed slice information comprising an identification of at least one slice supported by the second access network device.

Correspondingly, the mobile management device receives the first information of the terminal device, and when determining that the first access network device currently connected with the terminal device does not support part or all of the network slices requested by the terminal device, the mobile management device can determine the second access network device for the terminal device according to the network slice information supported by the access network device. Wherein the second access network device may support some or all of the network slices requested by the terminal device but not supported by the first access network device.

Thus, the mobile management device determines the allowed slice information, which may include an identification of at least one network slice supported by the second access network device and requested by the terminal device.

Subsequently, the mobile management device may send the allowed slice information to the terminal device when authentication of the terminal device is successful and access to the core network is allowed. For example, the allowed slice information may be carried in the second information sent to the terminal device. Alternatively, the allowed slice information may also be sent to the UE in a message (e.g., UE Configuration Update Command) or flow (e.g., UE Configuration Update procedure) for updating the configuration.

Thus, when the subsequent terminal device establishes connection with the mobile management device through the second access network device, the Allowed slice information (such as Allowed NSSAI) corresponding to the UE determined by the mobile management device includes slice information (such as Requested NSSAI) Requested by the terminal device, and the terminal device can successfully establish connection and access the core network.

Other steps in the registration procedure or the access procedure of the terminal device may be further included in this embodiment, and specific reference may be made to related steps in other embodiments of the present application or related procedures in the existing implementation, which is not specifically limited in this application. The various embodiments provided by the application may be combined with one another.

According to the embodiment, when the access network equipment currently connected with the terminal equipment does not support the slice requested by the terminal equipment, the mobile management equipment can determine the target access network equipment supporting the slice for the terminal equipment, and under the condition that the terminal equipment does not need to execute a registration procedure, the terminal equipment updates the allowed slice information to enable the allowed slice information to comprise the slice information supported by the target access network equipment and requested by the terminal equipment, so that the terminal equipment and the target access network equipment are connected and access to a core network, the interaction procedure is simplified, and the problem that the terminal equipment cannot accurately connect with the access network equipment to acquire network slice services is effectively solved.

Next, a specific embodiment of the present application will be described taking an untrusted non-3 GPP access technology as an example. The application can also be applied to scenes such as trusted non-3 GPP access types, wired access types, trusted WLAN access technologies or 3GPP access types, and the like, and for different access types or access technologies, the access network equipment in the embodiment can be replaced by the access network equipment corresponding to the access type or the access technology and/or the connection establishment mode of the terminal equipment and the access network equipment is replaced by the connection establishment mode corresponding to the access type or the access technology.

As shown in fig. 16, the method may include the following steps.

1601: the UE connects to an untrusted non-3 GPP access point.

1602: the UE selects N3IWF-1 and acquires address information of the N3 IWF-1.

1603: the UE establishes a communication tunnel with the N3 IWF-1.

1604: the UE sends an ike_auth request message to N3 IWF-1.

1605: the N3IWF-1 transmits an ike_auth response message to the UE.

1606: the UE sends an ike_auth request message to N3IWF-1, including the first message.

The first message carries identification information of the network slice requested by the UE. Illustratively, the first message may be Registration Request carrying a request NSSAI (e.g., a Requested NSSAI). In the embodiments of the present application, carrying is understood to include.

1607: the N3IWF-1 forwards the first message to the AMF.

1608: the AMF determines that N3IWF-1 does not support the network slice requested by the UE and determines the information of N3 IWF-2.

The above steps 1601-1608 may refer to the relevant descriptions of the steps 901-908 in the previous embodiments, and are not repeated here.

In one possible implementation manner, when the AMF determines that the N3IWF-1 currently connected to the UE does not support all or part of the network slices requested by the UE, it may determine, according to the first indication information sent by the UE, that the network slices requested by the UE need to be satisfied, or that target access network equipment supporting the network slices requested by the UE need to be selected, or that target access network equipment information supporting the network slices requested by the UE need to be acquired, or that the UE supports performing access network equipment reselection, or that the UE supports selecting access network equipment according to the slices, or that the UE supports extended access network equipment configuration information.

Thus, the AMF determines access network device information, e.g., an identification of the N3IWF-2, to obtain the network slice (part or all) supporting the UE request. In one possible implementation, the number of network slices supported by N3IWF-2 is greater than the number of network slices supported by N3IWF-1 in one or more network slices requested by the UE.

By way of example, the access network device information may be an identification of the access network device, such as N3IWF ID, N3IWF node ID, global N3IWF node ID, TNGF node ID, global TNGF node ID, TNAP ID, TNAP node ID, global TNAP ID, global TNAP node ID, SSID, W-AGF ID, W-AGF node ID, global W-AGF node ID, RAN ID, cell ID, global Cell ID, TAI, global RAN ID, TWIF node ID, global TWIF node ID. Alternatively, the access network device information may be an address (e.g., IP address, MAC address), port number, domain name information (e.g., FQDN, N3IWF FQDN), SSID, BSSID, TNAN ID, or access node identification (e.g., AP Identifier, TNAP Identifier), etc. of the access network device.

Another possible implementation (corresponding to the foregoing description of mode 1), the AMF obtains the Allowed slice information (e.g. Allowed nsai) corresponding to the UE according to the network slice information (e.g. Requested nsai) Requested by the UE and/or the slice information (e.g. supported slots) supported by the N3 IWF-2. The AMF may send the permission slice information corresponding to the UE in a registration accept message or a procedure or message for updating the configuration. In the embodiments of the present application, the acquisition may be understood as determining, receiving, generating, or the like.

1609: authentication and security procedures are performed.

1610: the AMF sends a context setup request message to the N3 IWF-1.

1611: the N3IWF-1 transmits an ike_auth response message to the UE.

1612: the UE and the N3IWF-1 complete the establishment of the IPSec SA communication tunnel.

1613: the N3IWF-1 transmits a context setup response message to the AMF.

Steps 1609-1613 described above may be referred to in the relevant description of steps 910-914 of the previous embodiments.

In one possible implementation (corresponding to the foregoing manner 2), when the Allowed slice information corresponding to the UE does not include the network slice information Requested by the UE (e.g., requested nsasi) and/or the N3IWF-2 supported slice information (e.g., supported slots) in step 1608, or the Allowed slice information corresponding to the UE is the Allowed slice information acquired according to the subscription data of the UE (e.g., the slice information corresponding to the UE subscribed to) and the N3IWF-1 supported network slice information, e.g., the AMF does not acquire the Allowed slice information (e.g., the extended Allowed nsai of the present application in manner 1) according to the network slice information Requested by the UE and/or the N3IWF-2 supported network slice information, but acquires the Allowed slice information (e.g., the existing Allowed nsai) based on the subscription data of the UE and the N3IWF-1 supported network slice information, then the AMF may save the network slice information Requested by the UE.

Optionally, step 1614 is included: the AMF stores network slice information requested by the UE.

In one embodiment, the fourth slice information that the AMF saves in the context information of the UE may be slice information that the UE is Allowed to use (e.g., allowed nsai), slice information Requested by the UE (Requested nsai), a slice Requested by the UE but not supported by N3IWF-1 (e.g., nsai that is not included in the Allowed nsai in the Requested nsai). I.e., the AMF may save or record network slice information that the N3IWF-1 fails to support the UE request. Alternatively, the fourth slice information may include slice information supported by the N3 IWF-2.

In a possible implementation manner, the fourth slice information stored, recorded or saved by the AMF may also be referred to as slice information Allowed by the UE or slice information Allowed to be used, such as Allowed NSSAI, where the Allowed NSSAI may include slice information supported by the first access network device and slice information supported by the second access network device. In one possible implementation, the fourth slice information may include slice information that is not supported by the first access network device but is supported by the second access network device. In another possible implementation manner, the fourth slice information may be slice information that is not supported by the first access network device in a slice in which the terminal device requests access; or the fourth slice information may be slice information that is not supported by the first access network device but is supported by the second access network device in a slice in which the terminal device requests access.

In one possible implementation, the Allowed nsai sent by the AMF to the UE and the stored Allowed nsai may be different. For example, the Allowed nsai (denoted as first Allowed nsai) sent by the AMF to the UE may be determined according to subscription data of the UE (e.g. subscribed slice information) and slice information supported by the first access network device; whereas the AMF stores, maintains or records the Allowed nsai (denoted as second Allowed nsai) may include slice information supported by both the first access network device and the second access network device. In one possible implementation, the second Allowed nsai may be some or all of the Requested nsais sent by the UE, except for the first Allowed nsai. The part or all of the NSSAI may be supported by the second access network device or not supported by the first access network device. Alternatively, the part or all of the nsai or the second Allowed nsai may be a nsai subscribed to by the UE.

1615: the AMF sends an N2 message to N3IWF-1 including registration accept information.

In one possible implementation, when the AMF determines that the N3IWF-1 does not support the slice requested by the UE and determines the N3IWF 2 information in step 7, the N3IWF-2 information (identification or address) may be included in the registration accept message. The N3IWF-2 information is information of the target access network device (e.g., the second access network device) according to the foregoing embodiment. The information of the access network device may refer to various possible forms of the aforementioned information of the access network device, such as an identification, an address or a port number of the access network device, etc.

Optionally, the registration accept message may further include slice information requested by the UE, that is, the AMF may send the N3IWF-2 information and slice information corresponding to the N3IWF-2 to the UE. The slice information corresponding to the N3IWF-2 may be slice information supported by the N3IWF-2, or may be slice information supported by the N3IWF-2 and included in the slice requested by the UE.

In a possible implementation manner, when the UE includes the first indication information in the registration request message in step 1606-1607, the AMF includes the information of the N3IWF-2 and/or slice information corresponding to the N3IWF-2 in a registration accept message.

One possible implementation (corresponding to the foregoing mode 1), the Allowed NSSAI included in the registration accept message sent by the AMF to the UE may be the Allowed slice information (for example, may be extended Allowed slice information) determined according to mode 1, which is described in step 1608. For example, the registration accept message includes an Allowed NSSAI (or Extended Allowed NSSAI) in which the UE requests slice information, and there may be information that a part of the slices are not supported by N3IWF-1, or that a part of the slices are not supported by N3IWF-1 but supported by N3 IWF-2.

In another possible implementation, the registration accept message may carry fourth information. The fourth information is used for indicating slice information and/or a procedure to be executed when the UE subsequently establishes a connection through the N3 IWF-2. The fourth information may also be referred to as carrying slice indication information or containing slice indication information.

For example, the fourth information may be mode information, which may be used to indicate that the UE may carry Requested slice information (Requested NSSAI) of the UE in the AS or NAS message when the UE establishes a connection with the N3IWF-2, and the Requested slice information may be used to enable the N3IWF-2 or the AMF to learn slice information Requested by the UE when the UE establishes a connection with the N3 IWF-2. For example, the mode information may be an access layer connection establishment slice containing mode (Access Stratum Connection Establishment NSSAI Inclusion Mode), and the mode information may specifically be mode e (from the foregoing, the mode includes a, b, c, d in one implementation). In one possible implementation, the Requested nsai may be a Requested nsai sent by the UE through the first access network device, or may be an nsai that the UE requests access but is not supported by the first access network device, or may be an nsai that the UE requests access and is supported by the second access network device, or may be an nsai that the UE requests access and is not supported by the first access network device but is supported by the second access network device.

Or, the fourth information may be used to indicate that the UE needs to initiate a mobility registration update procedure or an initial access procedure when subsequently establishing a connection through the N3 IWF-2. Thus, the UE may include the UE request slice information (Requested nsai) in the NAS message.

Alternatively, the fourth information may indicate that the UE is establishing a connection with the N3IWF-2, and the establishment cause may be used to indicate that the access network device is changed/reselected or that the access network device is reselected/redirected (e.g., establishment Cause is N3IWF relocation/redirection). In one possible implementation, when the AMF registers with the UDM, the access type is provided to the UDM as a non-3 GPP access.

1616: the N3IWF-1 forwards the registration accept information to the UE.

The N3IWF-1 may send NAS registration accept information to the UE through the IPSec SA communication tunnel established in step 1612 described above.

1617: the AMF sends a context release instruction to N3 IWF-1.

The AMF initiates an N2 connection release procedure, and sends an N2 UE context release instruction (e.g., N2 UE Context Release Command) to the N3 IWF-1.

1618: the N3IWF-1 sends an AS message to the UE for releasing the access network connection.

For example, the AS message that N3IWF-1 sends to the UE may be IKE informational Request.

In a possible implementation manner, if the registration accept information in the aforementioned step 1615 does not include the fourth information, the fourth information may be carried in the context release instruction of the N2 UE, and/or the fourth information may be carried in an AS message sent by the N3IWF-1 to the UE, where the AS/NAS message is used to instruct the UE to establish a connection with the N3IWF-2, and request slice information (Requested nsai) may be carried.

1619: and the UE sends a response message corresponding to the release connection to the N3 IWF-1.

The response message may be used to indicate that the AN connection release was successful, e.g., may be a message in response to IKE informational Request.

1620: the N3IWF-1 transmits a context release complete message to the AMF.

For example, the context release complete message may be N2 UE Context Release Complete.

In a possible implementation manner, after the UE obtains the information of the second access network device through the registration accept message or through the configuration update procedure, the UE may learn to establish a connection with the second access network device according to the information of the second access network device.

1621: the UE establishes a connection through N3 IWF-2.

In one possible implementation, when the UE initiates a service request, periodic registration update, or registration procedure for updating UE capability through N3IWF-2, request for slice information (Requested nsai) may be included in the AS or NAS message sent to N3IWF-2 according to the fourth information.

Alternatively, in the request message to establish a connection, the establishment cause for establishing a connection with the access network device is indicated, including indicating to change/reselect/redirect the access network device. For example, in this embodiment, taking an untrusted non-3 GPP access type as an example, the establishment cause (Establishment Cause) may be indicated as relocation/redirect N3IWF (or N3IWF relocation/redirection). For other access types, the establishment cause may be an access network device name corresponding to the other access types, for example, for a trusted non-3 GPP access technology, the establishment cause (Establishment Cause) may be indicated as TNGF relocation.

One possible implementation, the UE initiates a mobility registration procedure with the N3IWF-2 and includes the requested slice information in the NAS message.

In one possible implementation, after the UE establishes a connection with the N3IWF-2 according to the fourth information, a mobility registration procedure or an initial access procedure is initiated through the N3IWF-2, and the NAS message includes the requested slice information.

One possible implementation (corresponding to the foregoing mode 1) may initiate a service request, a periodic registration update or a registration procedure for updating UE capabilities, a mobility registration update procedure to the N3 IWF-2. In one possible implementation, the AMF obtains the slice information requested by the UE and updates the Allowed nsai according to the stored slice information (e.g., the information stored in the UE context information) in step 1614.

1622: the N3IWF-2 sends an N2 message to the AMF, wherein the N2 message comprises a NAS message from the UE.

The specific message type of the NAS message may depend on the UE-initiated procedure, for example. If the UE initiates a Service Request flow, the NAS may be a Service Request. In one possible implementation, if the UE includes the requested slice information in the AS message, the target access network device may include the requested slice information in the N2 message.

Optionally, step 1623 may be further included: AMF updates the information of the allowed slices corresponding to the UE.

Wherein the AMF obtains the UE request slice information according to one or more of slice information stored in the foregoing step 1614 (e.g., slice information included in the UE context information), NAS message from the UE, and N2 message. And the AMF updates the information (such as Allowed NSSAI) of the Allowed slice corresponding to the UE according to the UE request slice information and the information of the target access network equipment supporting the slice. This step may not be performed if the AMF already includes the information requesting a slice in the allowed slice information transmitted to the UE through the N3 IWF-1.

1624: the AMF sends the information of the allowed slices corresponding to the UE to the N3 IWF-2.

The information of allowing the slice includes slice information Requested by the UE, that is, the Allowed NSSAI includes the Requested NSSAI, so that the UE can acquire the Requested network slice service through the N3 IWF-2.

1625: the UE and the N3IWF-2 complete the connection establishment of the AN.

It should be noted that, in the above embodiment of the present application, the non-trusted non-3 GPP access type is taken as an example, and for other non-3 GPP access types, the UE and the access network device are not connected in the same manner, so the connection establishment flows in steps 1601 to 1606 may be different (such as the embodiment shown in fig. 12); in addition, the subsequent AS connections used to carry NAS messages, the underlying connections, and the manner in which the connections are established may vary. For example, in the case of 3GPP access types, it is an RRC connection or radio air interface bearer NAS, and for non-trusted non-3 GPP or trusted non-3 GPP access technologies, it is an IP connection bearer NAS message. For the wired access technology, it may be layer two or layer three connections that carry NAS messages.

Through the embodiment, when the AMF determines that the access network equipment currently connected with the UE does not support the slicing requested by the UE, the access network equipment supporting the slicing is determined for the UE, and under the condition that the UE does not need to execute a registration procedure, connection is established with the target access network equipment to access the core network, so that the problem that the access network equipment cannot be accurately connected to acquire network slicing services is effectively solved.

In addition, in another embodiment, the first core network device may acquire, according to the information of the network slice requested by the terminal device, information of the second access network (or information of the second access network device) when the first access network device connected to the terminal device does not support part or all of the network slice requested by the terminal device. The first core network device may send information of the second access network and/or information of a network slice corresponding to or supported by the second access network to the terminal device. The terminal device may establish a connection with the second access network device according to the information of the second access network and/or the information of the network slice corresponding to or supported by the second access network.

In one possible implementation, the information of the second access device according to the information of the second access network and/or the information of the network corresponding to or supporting the second access network includes one or more of service set identification (for example Service Set Identifier, SSID), identification information of the second access network device (for example TNGF ID or trusted access network device identification), second access network node identification information (for example TNAP Identifier), address information of the second access network device, domain name information of the second access network device (for example FQDN or domain name), port information of the second access network device, information of one or more network slices supported by the second access network, and information of one or more network slices supported by the second access network device. In a possible implementation, the information of the one or more network slices supported by the second access network may include information of all slices supported by the second access network, or information of network slices supported by the second access network and allowed to be used or subscribed to by the terminal device. In a possible implementation, the information of the one or more network slices supported by the second access network device may include information of all slices supported by the second access network device, or information of network slices supported by the second access network device and allowed to be used or subscribed to by the terminal device. The information of the network slice may include network slice identification information (e.g., NSSAI or S-NSSAI). In a possible implementation, one or more of the service set identification (e.g. Service Set Identifier, SSID), identification information of the second access network device (e.g. TNGF ID or trusted access network device identification), second access network node identification information (e.g. TNAP Identifier), address information of the second access network device, domain name information of the second access network device (e.g. FQDN or domain name), port information of the second access network device may be associated with or have a correspondence to part or all of the network slices to which the terminal device requests access.

In a possible implementation manner, the first core network device sends information of the second access network and/or information of a network slice corresponding to or supported by the second access network to the terminal device. For example, the mobility management device or the policy control device may send information of the second access network and/or information of the network slice corresponding or supported by the second access network to the terminal device.

take the second access network device as the tnff for example:

Based on the above method for determining the access network device provided by the present application, the present application also provides a communication device, as shown in fig. 14, where the communication device 1400 includes a sending module 1401, a receiving module 1402, and a processing module 1403. A method for implementing the above embodiment implemented by the terminal device or the mobility management device in fig. 15 to 16.

Wherein the processing module 1403 may be used to implement operations of the terminal device side in the above-described embodiments of fig. 15 to 16 of the present application, other than receiving or transmitting data/information, and the like. The transmitting module 1401 is configured to implement the operation of transmitting data/information on the terminal device side in fig. 15 to 16 according to the above embodiment of the present application, and the receiving module 1402 is also configured to implement the operation of receiving data/information on the terminal device side in fig. 15 to 16 according to the above embodiment of the present application.

The processing module 1403 may also be used to implement operations of the mobility management device side in addition to receiving or transmitting data/information, etc. in the above-described embodiments of fig. 15 to 16 of the present application. The transmitting module 1401 is configured to implement the operation of transmitting data/information on the mobile management device side in the above embodiments of the present application in fig. 15 to 16, and the receiving module 1402 is also configured to implement the operation of receiving data/information on the mobile management device side in the above embodiments of the present application in fig. 15 to 16.

In a simple embodiment, one skilled in the art will appreciate that the communication device 1400 described above may take the form shown in fig. 7. For example, the processor 701 in fig. 7 may cause the communication device 1400 to perform the method described above for each of the communication devices in fig. 15-16 by invoking computer-executable instructions stored in the memory 703.

Optionally, an embodiment of the present application further provides a chip system, including: at least one processor and an interface, the at least one processor being coupled with the memory through the interface, the at least one processor, when executing the computer programs or instructions in the memory, causing the method of any of the method embodiments described above to be performed. In one possible implementation, the system on a chip further includes a memory. Alternatively, the chip system may be formed by a chip, or may include a chip and other discrete devices, which are not specifically limited in this embodiment of the present application.

Optionally, an embodiment of the present application further provides a computer readable storage medium. All or part of the flow in the above method embodiments may be implemented by a computer program to instruct related hardware, where the program may be stored in the above computer readable storage medium, and when the program is executed, the program may include the flow in the above method embodiments. The computer readable storage medium may be an internal storage unit of the communication device of any of the foregoing embodiments, such as a hard disk or a memory of the communication device. The computer readable storage medium may be an external storage device of the communication apparatus, for example, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) card, a flash card (flash card) or the like provided in the communication apparatus. Further, the computer readable storage medium may further include both an internal storage unit and an external storage device of the communication apparatus. The computer-readable storage medium is used to store the computer program described above and other programs and data required by the communication apparatus. The above-described computer-readable storage medium may also be used to temporarily store data that has been output or is to be output.

Optionally, the embodiment of the application further provides a computer program product. All or part of the above-described method embodiments may be implemented by a computer program to instruct related hardware, where the program may be stored in the above-described computer program product, and the program, when executed, may include the above-described method embodiments.

Alternative embodiments of the present application also provide a computer instruction. All or part of the flow in the above method embodiments may be implemented by computer instructions to instruct related hardware (such as a computer, a processor, an access network device, a mobility management network element, or a session management network element, etc.). The program may be stored in the above-mentioned computer readable storage medium or in the above-mentioned computer program product.

From the foregoing description of the embodiments, it will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of functional modules is illustrated, and in practical application, the above-described functional allocation may be implemented by different functional modules according to needs, i.e. the internal structure of the apparatus is divided into different functional modules to implement all or part of the functions described above.

In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical functional division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another apparatus, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and the parts displayed as units may be one physical unit or a plurality of physical units, may be located in one place, or may be distributed in a plurality of different places. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.

The foregoing is merely illustrative of specific embodiments of the present application, and the scope of the present application is not limited thereto, but any changes or substitutions within the technical scope of the present application should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A method for determining an access network device, applied to a terminal device, the method comprising:

transmitting, by a first access network device, a first message to a mobility management device, the first message including an identification of at least one network slice, the first message indicating a request to access the network slice;

receiving, by the first access network device or a second access network device, a second message including information of a second access network device, the second message indicating that the second access network device supports one or more of the at least one network slice;

and establishing connection with the second access network equipment.

2. The method of claim 1, wherein the second message indicates that the first access network device does not support one or more of the at least one network slice.

3. The method according to claim 1 or 2, wherein the first message comprises first indication information indicating that access network device information supporting the at least one network slice is acquired or that a corresponding access network device is matched according to the first message.

4. A method according to any of claims 1-3, wherein the information of the second access network device comprises at least one of an identification of the second access network device or an address of the second access network device.

5. The method of any of claims 1-4, wherein the second message further comprises an identification of one or more of the at least one network slice included in the first message.

6. The method according to any of claims 1-5, wherein the first access network device is any one of a trusted non-3 GPP gateway function, TNGF, network element corresponding to a trusted non-3 GPP access technology, a non-3 GPP interworking function, N3IWF, network element corresponding to a non-trusted non-3 GPP access technology, a trusted WLAN interworking function, tif, network element corresponding to a trusted wireless local area network, WLAN, access network device corresponding to a wired access technology, a related gateway function, W-AGF, access network device corresponding to a non-3 GPP access technology, or access network device corresponding to a 3GPP access technology.

7. The method according to any of claims 1-6, wherein if the second message is a registration accept message, the method further comprises, prior to receiving the second message:

and the terminal equipment completes authentication and security flow and establishes an internet security protocol IPsec SA communication tunnel.

8. The method of claims 1-7, wherein after receiving the second message, the method further comprises:

and the terminal equipment executes a deregistration process through the first access network equipment.

9. The method according to any of claims 1-6, wherein the second message comprises second indication information, the second indication information indicating that the terminal device changes access network devices.

10. The method according to any one of claims 1-7, further comprising:

and acquiring third information, wherein the third information is used for indicating to release the connection between the terminal equipment and the first access network equipment.

11. The method according to any one of claims 1-7 or 10, further comprising:

and acquiring allowed slice information, wherein the allowed slice information comprises first slice information supported by the second access network equipment, and the first slice information comprises identification of at least one network slice.

12. The method of claim 11, wherein the allowed slice information comprises second slice information that the terminal device requests access to, the second slice information comprising an identification of at least one network slice, the first slice information being the same as or different from the second slice information.

13. The method of any one of claims 1-7 or 10-12, wherein the method further comprises:

fourth information is acquired, wherein the fourth information is used for indicating that the terminal equipment is allowed to establish connection and comprises slice information and/or executed flow.

14. The method according to any of claims 1-7, 10-13, wherein establishing a connection with the second access network device, in particular comprises:

and transmitting fifth information, wherein the fifth information comprises third slice information which is requested to be accessed by the terminal equipment, the third slice information comprises at least one identifier of a network slice, and the third slice information is the same as or different from the first slice information or the second slice information.

15. The method of claim 14, wherein the method further comprises:

the terminal device sends indication information to the second access network device indicating that the establishment cause is for updating, reselecting or redirecting the access network device.

16. A method for determining an access network device, applied to a mobile management device, the method comprising:

receiving, by a first access network device, a first message from a terminal device, the first message including an identification of at least one network slice, the first message indicating that the terminal device requests access to the network slice;

if it is determined that the first access network device does not support one or more of the at least one network slice, and it is determined that a second access network device supports one or more of the at least one network slice;

a second message is sent to the terminal device via the first access network device, the second message comprising information of a second access network device, the second message indicating that the second access network device supports one or more of the at least one network slice.

17. The method of claim 16, wherein the at least one network slice is a first network slice, and wherein the mobility management device determines that the first access network device does not support the first network slice and determines that a second access network device supports the first network slice;

a second message is sent to the terminal device via the first access network device.

18. The method of claim 16 or 17, wherein the second message indicates that the first access network device does not support one or more of the at least one network slice.

19. The method according to any of claims 16-18, wherein the first message comprises first indication information indicating that access network device information supporting the at least one network slice is acquired or that a corresponding access network device is matched according to the first message.

20. The method according to any of claims 16-19, wherein the information of the second access network device comprises at least one of an identification of the second access network device or an address of the second access network device.

21. The method of any of claims 16-20, wherein the second message further comprises an identification of one or more of the at least one network slice included in the first message.

22. The method according to any of claims 16-21, wherein the first access network device is any one of a trusted non-3 GPP gateway function, TNGF, network element corresponding to a trusted non-3 GPP access technology, a non-3 GPP interworking function, N3IWF, network element corresponding to a non-trusted non-3 GPP access technology, a trusted WLAN interworking function, tif, network element corresponding to a trusted wireless local area network, WLAN, access network device corresponding to a wired access technology, a related gateway function, W-AGF, access network device corresponding to a non-3 GPP access technology, or access network device corresponding to a 3GPP access technology.

23. The method according to any of claims 16-22, wherein the second message is a registration reject message.

24. The method according to any of claims 16-23, wherein the second message comprises second indication information, the second indication information indicating that the terminal device changes the corresponding access network device.

25. The method according to any one of claims 16-24, further comprising:

the mobile management device receives the identifier of the terminal device, and the identifier of the terminal device is used for the access network device to determine the terminal device.

26. The method of claim 25, wherein after the determining that the second access network device supports one or more of the at least one network slice, the method further comprises:

sending a first request message to the second access network device, wherein the first request message comprises an identifier of the terminal device, and the first request message is used for requesting to replace the access network device for the terminal device;

a first response message is received from the second access network device, the first response message including an address of the second access network device.

27. The method according to any one of claims 16-22, further comprising:

and storing fourth slice information which is requested to be accessed by the terminal equipment, wherein the fourth slice information comprises the identification of at least one network slice.

28. The method of claim 27, wherein the fourth slice information comprises an identification of at least one network slice not supported by the first access network.

29. The method according to any one of claims 16-22, further comprising:

and transmitting allowed slice information to the terminal equipment, wherein the allowed slice information comprises first slice information supported by the second access network equipment, and the first slice information comprises identification of at least one network slice.

30. The method of claim 29, wherein the allowed slice information comprises second slice information that the terminal device requests access to, the second slice information comprising an identification of at least one network slice, the first slice information being the same as or different from the second slice information.

31. The method of any one of claims 16-22, 27-30, wherein the method further comprises:

And sending third information, wherein the third information is used for indicating to release the connection between the terminal equipment and the first access network equipment.

32. The method of any one of claims 16-22, 29-31, further comprising:

and sending fourth information to the terminal equipment, wherein the fourth information is used for indicating that slice information is included and/or executed flow is executed when the terminal equipment is allowed to establish connection.

33. The method of any one of claims 16-22, 29-32, wherein the method further comprises:

and acquiring fifth information, wherein the fifth information comprises third slice information which is requested to be accessed by the terminal equipment, the third slice information comprises at least one identifier of a network slice, and the third slice information is the same as or different from the first slice information or the second slice information.

34. The method according to any one of claims 27-33, further comprising:

and updating the allowed slice information according to the fourth slice information or the third slice information.

35. The method of any one of claims 16-22, 27-34, wherein the method further comprises:

transmitting the allowed slice information corresponding to the terminal equipment to the second access network equipment; and/or the number of the groups of groups,

And sending the allowed slice information to the terminal equipment through the second access network equipment.

36. A method for determining an access network device, applied to a mobile management device, the method comprising:

and sending a second message to the second access network device, wherein the second message indicates the second access network device to send information of the second access network device to the terminal device, and the information of the second access network device is used for establishing connection between the terminal device and the second access network device.

37. The method of claim 36, wherein after the determining that the first access network device does not support one or more of the at least one network slice, the method further comprises:

Sending a second request message to the first access network equipment, wherein the second request message requests to acquire the identifier of a non-3 GPP access point connected with the terminal equipment;

an identification of a non-3 GPP access point to which the terminal device is connected from the first access network device is received.

38. The method of claim 36 or 37, wherein after the determining that the first access network device does not support one or more of the at least one network slice, the method further comprises:

and sending a third request message to the second access network equipment, wherein the third request message comprises the identification of the non-3 GPP access point.

39. The method of claim 38, wherein the third request message further includes third indication information indicating that the access network device is replaced for the terminal device, or that the terminal device is migrated from another access network device, or that the terminal device was previously connected to another access network device.

40. The method according to claim 38 or 39, characterized in that a third request message is used for establishing context information of the terminal device.

41. A communication device, comprising a processor and a transmission interface;

wherein the processor is configured to execute instructions stored in the memory to cause the apparatus to perform the method of any one of claims 1 to 40.

42. A computer readable storage medium comprising a program or instructions which, when executed by a processor, performs the method of any one of claims 1 to 40.

43. A computer program product, characterized in that the computer program product, when run on a computer or a processor, causes the computer or the processor to perform the method of any of claims 1 to 40.