CN103702311A - Method and system for selecting VPLMN (visited public land mobile network) and packet data network gateway - Google Patents
Method and system for selecting VPLMN (visited public land mobile network) and packet data network gateway Download PDFInfo
- Publication number
- CN103702311A CN103702311A CN201210365853.6A CN201210365853A CN103702311A CN 103702311 A CN103702311 A CN 103702311A CN 201210365853 A CN201210365853 A CN 201210365853A CN 103702311 A CN103702311 A CN 103702311A
- Authority
- CN
- China
- Prior art keywords
- vplmn
- pcrf
- home network
- aaa
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 72
- 238000013475 authorization Methods 0.000 claims abstract description 14
- 238000012986 modification Methods 0.000 claims description 15
- 230000004048 modification Effects 0.000 claims description 15
- 238000012790 confirmation Methods 0.000 description 11
- 238000010586 diagram Methods 0.000 description 11
- GVVPGTZRZFNKDS-JXMROGBWSA-N geranyl diphosphate Chemical compound CC(C)=CCC\C(C)=C\CO[P@](O)(=O)OP(O)(O)=O GVVPGTZRZFNKDS-JXMROGBWSA-N 0.000 description 11
- 230000003993 interaction Effects 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000001960 triggered effect Effects 0.000 description 4
- 230000009977 dual effect Effects 0.000 description 2
- 230000004927 fusion Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/14—Charging, metering or billing arrangements for data wireline or wireless communications
- H04L12/1403—Architecture for metering, charging or billing
- H04L12/1407—Policy-and-charging control [PCC] architecture
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/08—Mobility data transfer
- H04W8/12—Mobility data transfer between location registers or mobility servers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a method for selecting a VPLMN (visited public land mobile network), wherein a packet data network gateway (P-GW) of a home network acquires a VPLMN ID from an authentication, authorization and accounting (AAA) server of the home network or user equipment (UE), and sends the VPLMN ID to a home policy and charging rules function (H-PCRF) of the home network, and the H-PCRF receives the VPLMN ID. The invention further discloses a system for selecting the VPLMN and the P-GW. According to the scheme of the invention, the H-PCRF acquires the VPLMN where an selected AAA Proxy of the VPLMN is when the user equipment has an access to the authentication, and a V-PCRF (visited policy and charging rules function) selected by the H-PCRF and the AAA Proxy of the VPLMN selected by a BBF AAA (broad band forum) are guaranteed to be on the same VPLMN.
Description
Technical Field
The present invention relates to network selection technology, and in particular, to a method and system for selecting a Visited Public Land Mobile Network (VPLMN) in an Evolved Packet System (EPS), and a packet data network gateway.
Background
Fig. 1 is a schematic diagram of a system architecture of an EPS, and as shown in fig. 1, in an EPS of a third Generation Partnership Project (3GPP, 3rd Generation Partnership Project), an EPS Network architecture of a non-roaming scenario is composed of an Evolved universal mobile telecommunications system terrestrial Radio Access Network (E-UTRAN), an Evolved universal mobile telecommunications system terrestrial Radio Access Network (Evolved universal mobile telecommunications Network), a Mobility management unit (MME), a Serving Gateway (S-GW, Serving Gateway), a Packet Data Network Gateway (P-GW or PDN GW, Packet Data Network Gateway), a Home Subscriber Server (HSS), a Policy and Charging rules function entity (PCRF), a Policy and Charging rules function, and other support nodes such as an IP service Network of an operator. The PCRF is the core of Policy and Charging Control (PCC) and is responsible for Policy decision and Charging rule making. The PCRF provides traffic data flow-based network Control rules including detection, Gating (Gating Control), Quality of Service (QoS) Control, and data flow-based charging rules, among others. The PCRF sends the Policy and Charging rules formulated by the PCRF to a Policy and Charging Enforcement Function (PCEF) for Enforcement, and meanwhile, the PCRF needs to ensure that the rules are consistent with the subscription information of the user. The basis for the PCRF to formulate the policy and charging rules comprises the following steps: acquiring information related to a service from an Application Function entity (AF); acquiring Subscription information with user policy charging control from a Subscription database (SPR); information of a bearer-related network is acquired from a PCEF.
EPS supports interworking with non-3 GPP systems. The interworking with non-3 GPP systems is realized through an S2a/S2b/S2c interface, and the P-GW is used as an anchor point between the 3GPP and the non-3 GPP systems. As shown in fig. 1, in the system of EPS, the non-3 GPP system is divided into a trusted non-3 GPP IP access network and an untrusted non-3 GPP IP access network. The trusted non-3 GPP IP access network and the untrusted non-3 GPP IP access network carry out Authentication through an Authentication, Authorization and Accounting (AAA, Authentication, Authorization and Accounting) Server (Server) of the EPS; the trusted non-3 GPP IP access network can be directly connected with the P-GW through an S2a interface; an untrusted non-3 GPP IP access network is connected with a P-GW through an Evolved Packet data gateway (ePDG), and can be accessed into the P-GW through the ePDG; the interface between the ePDG and the P-GW is S2b, and an Intemet protocol Security (IPSec, IP and Security) is used between the User Equipment (UE) and the ePDG to perform encryption protection on signaling and data. The S2c provides user plane related control and mobility support between the UE and the P-GW, and the supported mobility management protocol is dual stack supported mobile IPv6(DSMIPv6, Moblie IPv6support for dual stack host Router).
At present, many operators pay attention to a Fixed Mobile Convergence (FMC) technology, and research on a 3GPP and Broadband Forum (BBF) interworking technology.
Fig. 2 is a schematic diagram of a home routing roaming architecture in a policy interworking scenario in which a UE accesses a 3GPP core network through a BBF access network (also referred to as a fixed broadband access network), where the BBF access network is considered as an untrusted non-3 GPP access network. The BBF access Network needs to interwork with a Home Public Land Mobile Network (HPLMN) through a Visited Public Land Mobile Network (VPLMN). The above scenario in which the UE accesses the mobile core network through the BBF access network needs to guarantee QoS on the entire transmission path for data transmission (data may be transmitted through the fixed network and the mobile network). In the prior art, QoS guarantee is realized by interaction between PCRF and a Broadband Policy Control Framework (BPCF) in BBF access. The BPCF is a policy control architecture in the BBF access network, and performs resource admission control on a resource request message of the PCRF according to a network policy, subscription information, and the like accessed by the BBF. For example, when a UE accesses a 3GPP core Network through a Wireless Local Area Network (WLAN), in order to ensure that the total bandwidth requirement of all UEs accessing a service through a WLAN access line does not exceed the bandwidth of the line, such as the contracted bandwidth or the maximum physical bandwidth supported by the line, the PCRF needs to interact with the BPCF during QoS authorization so that the BPCF performs admission control of resources. In order to implement the above interaction, the PCRF must acquire an access location of the BBF access network to which the UE is currently accessing. After the PCRF acquires the broadband access location information, the BPCF needing interaction can be determined firstly, then the broadband access location information is sent to the selected BPCF, and the BBF access network determines a specific line accessed by the UE according to the broadband access location information, so that the admission control of resources is realized. For the scenario shown in fig. 2, since there is no business relationship (i.e. no roaming agreement is signed) between the HPLMN operator and the BBF access network operator, even if the Home Policy and Charging Rules Function (H-PCRF) obtains the location information of the BBF access network to which the UE is currently accessing, the correct BPCF cannot be found, and it must interact with the BPCF through the Visited Policy and Charging Rules Function (V-PCRF) of the VPLMN. In addition, the architecture of fig. 2 may also perform policy control on the offload traffic data of the UE, and the H-PCRF also needs to interact with the BPCF through the V-PCRF.
Fig. 3 is a schematic diagram of a home routing roaming architecture in a policy fusion scenario in which a UE accesses a 3GPP core network through a BBF access network, where a V-PCRF supports interaction with an IP Edge (IP Edge) through a Gxd interface, and an H-PCRF needs to interact with the BBF access network through the V-PCRF.
Fig. 4 is an attachment flow diagram when the UE accesses 3GPP through the DSMIPv6 protocol, and as shown in fig. 2, with the technical solution in this example, the H-PCRF obtains a visited network identity (VPLMN id) of the VPLMN, so that interaction with the V-PCRF can be smoothly achieved, thereby implementing related admission control, which specifically includes the following steps:
step 101, accessing a BBF access network by UE (user equipment), executing authentication based on 3GPP (3GPP-based), and returning a VPLMN ID of a VPLMN where the UE is located to BBFAAA by an authentication, authorization and accounting server Proxy (AAA Proxy) of the VPLMN in the authentication process;
the performing 3GPP-based authentication is: the BBF AAA interacts with the AAA server of the home network through the AAA Proxy of the VPLMN to complete EAP authentication, and further, the AAA server of the home network interacts with the HSS.
Step 102, an IP Edge in a BBF access network allocates a local IP address for the UE;
step 103, triggered by step 101 or step 102, the IP Edge informs the BPCF that the UE accesses 3GPP through the BBF access network, and the BPCF obtains the VPLMN ID where the aaaprxy of the VPLMN selected when the UE accesses authentication is located;
the VPLMN ID of the VPLMN where the AAA Proxy of the VPLMN selected by the BPCF when obtaining the UE access authentication is located in the VPLMN is as follows: the BBF AAA informs the IP Edge of the VPLMN ID of the VPLMN where the AAA Proxy of the VPLMN is located, which is selected when the UE accesses the authentication, and the IP Edge informs the BPCF of the VPLMN ID.
Step 104, when the BPCF supports the policy intercommunication with the H-PCRF and the local policy indication CAN provide the policy control of the NSWO to the UE, the BPCF determines the VPLMN selected during the access authentication according to the VPLMN ID, and sends an IP-CAN session establishment indication message to the H-PCRF through the V-PCRF of the VPLMN, and the H-PCRF returns a confirmation message through the V-PCRF;
the IP-CAN session establishment indication message carries a user identifier, a UE local IP address and an NSWO-APN.
Step 105, the UE executes a bootstrapping (bootstrapping) process, wherein the UE acquires an IP address of a P-GW to access a PDN, and completes EAP authentication by communicating with an AAA server through the P-GW, and the P-GW allocates an IPv6 address or a prefix to the UE as a home address (HoA) of the UE;
in the present step, in the EAP authentication process, the AAA server also interacts with the HSS;
the UE acquires the IP address of the P-GW to be accessed to the PDN as follows: and the UE searches a Domain Name System (DNS) according to the APN (Access Point Name) to obtain the IP address of the P-GW to be accessed to the PDN.
The UE and the P-GW exchange DSMIPv6 messages;
in order to protect DSMIPv6 messages between the UE and the P-GW, the UE establishes a security association using IKEv2 and authenticates with EAP.
Step 106, UE sends DSMIPv6 binding update message to P-GW, and P-GW establishes binding context;
the binding update message carries CoA and HoA; in the binding message, the lifetime parameter is not zero.
Step 107, the PCEF in the P-GW sends an IP connection Access Network (IP-CAN) session establishment indication message to the H-PCRF;
step 108, the H-PCRF carries out QoS authorization according to the user identification, the UE local IP address and the NSWO-APN in the IP-CAN session establishment indication message, and returns a confirmation message to the PCEF in the P-GW;
step 109, the P-GW returns a binding confirmation message to the UE;
and step 110, the H-PCRF sends a gateway control session trigger message to the BPCF through the V-PCRF, and the BPCF returns an acknowledgement message through the V-PCRF.
In step 111, the BPCF provides the IP Edge with the QoS policy.
In the above access authentication process, the BBF AAA selects an AAA Proxy of the VPLMN, when the BPCF needs to establish an IP-CAN session, the V-PCRF selected by the BPCF and the AAA Proxy of the VPLMN selected by the BBF AAA are located in the same VPLMN, however, when the H-PCRF needs to initiate establishment of a gateway control session, since the H-PCRF does not know the VPLMN in which the AAA Proxy of the VPLMN selected by the UE during access authentication is located, it cannot be ensured that the V-PCRF selected by the H-PCRF and the AAA Proxy of the VPLMN selected by the BBF AAA are located in the same VPLMN, and when NSWO and EPC-routed exist at the same time, the existing technology cannot ensure that the V-PCRF selected by the BPCF and the V-PCRF selected by the H-PCRF are the same.
Disclosure of Invention
In view of this, the main object of the present invention is to provide a VPLMN method, system and P-GW, which ensure that the V-PCRF selected by the H-PCRF and the AAA Proxy of the VPLMN selected by the BBF AAA are located in the same VPLMN.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
the invention provides a method for selecting VPLMN, which is characterized in that the method comprises the following steps:
and the sub P-GW of the home network acquires the VPLMN ID from the AAA server or the UE of the home network and sends the VPLMN ID to the H-PCRF, and the H-PCRF receives the VPLMN ID.
In the above solution, before the P-GW of the home network obtains the VPLMN ID from the AAA server or the UE of the home network, the method further includes:
and in the process that the UE is accessed into the BBF access network to perform 3GPP-based authentication, the AAAProxy of the VPLMN reports the VPLMN ID to the AAA server of the home network, or the BBF AAA sends the VPLMN ID to the UE.
In the above solution, the sending, by the P-GW of the home network, the VPLMN ID to the H-PCRF is:
and the P-GW of the home network carries the VPLMN ID in an IP connection access network (IP-CAN) session establishment indication message or an IP-CAN session modification indication message which is sent to the H-PCRF.
In the above scheme, the method further comprises: and the H-PCRF determines the VPLMN according to the VPLMN ID, and sends a gateway control session establishment triggering message initiated by the PCRF to the BPCF or the IP Edge through the V-PCRF of the VPLMN.
In the above scheme, the P-GW of the home network obtaining the VPLMN ID from the UE is:
and the UE sends the VPLMN ID to the P-GW of the home network through a self-starting process or a DSMIPv6 binding update message.
The invention provides a system for selecting VPLMN, which comprises: P-GW of home network, AAA server of home network, UE, H-PCRF; wherein,
the P-GW of the home network is used for acquiring a VPLMN ID from an AAA server or UE of the home network and sending the VPLMN ID to the H-PCRF;
the AAA server or the UE of the home network is used for providing VPLMN ID for the P-GW of the home network;
and the H-PCRF is used for receiving the VPLMN ID sent by the P-GW of the home network.
In the above scheme, the P-GW of the home network is specifically configured to carry the VPLMN ID in an IP-CAN session establishment indication message or an IP-CAN session modification indication message sent to the H-PCRF.
In the above scheme, the H-PCRF is further configured to determine the VPLMN according to the VPLMN ID, and send a gateway control session establishment trigger message initiated by the PCRF to the BPCF or the IP Edge through the V-PCRF of the VPLMN.
In the above scheme, the system further comprises: AAA Proxy and BBF AAA of VPLMN; wherein,
the AAA Proxy of the VPLMN is used for reporting the VPLMN ID to an AAA server of a home network, or returning the VPLMN ID to a BBF AAA;
and the BBF AAA is used for sending the VPLMN ID to the UE.
In the foregoing solution, the UE is specifically configured to send the VPLMN ID to the P-GW of the home network through a self-starting process or a DSMIPv6 binding update message.
In the foregoing solution, the P-GW of the home network includes: the system comprises an ID acquisition module and an ID sending module; wherein,
the ID acquisition module is used for acquiring VPLMNID from the AAA server or the UE of the home network;
and the ID sending module is used for sending the VPLMN ID acquired by the ID acquisition module to the H-PCRF.
In the above scheme, the ID sending module is specifically configured to carry the VPLMN ID in an IP-CAN session establishment indication message or an IP-CAN session modification indication message sent to the H-PCRF.
The invention provides a P-GW, comprising: the system comprises an ID acquisition module and an ID sending module; wherein,
the ID acquisition module is used for acquiring VPLMNID from the AAA server or the UE of the home network;
and the ID sending module is used for sending the VPLMN ID acquired by the ID acquisition module to the H-PCRF.
The invention provides a method, a system and a P-GW for selecting a VPLMN, wherein the P-GW of a home network acquires a VPLMN ID from an AAA server or UE of the home network and sends the VPLMN ID to an H-PCRF, and the H-PCRF receives the VPLMN ID; therefore, the H-PCRF can know the VPLMN in which the AAA Proxy of the VPLMN selected by the UE during access authentication is positioned, and the V-PCRF selected by the H-PCRF and the AAA Proxy of the VPLMN selected by the BBF AAA are positioned in the same VPLMN.
Drawings
FIG. 1 is a diagram illustrating a system architecture of an EPS in the prior art;
fig. 2 is a schematic diagram of a home routing roaming architecture in a policy interworking scenario in which a UE accesses a 3GPP core network through a BBF access network in the prior art;
fig. 3 is a schematic diagram of a home routing roaming architecture in a policy fusion scenario in which a UE accesses a 3GPP core network through a BBF access network in the prior art;
fig. 4 is a schematic flow chart of a method for selecting a VPLMN in the prior art;
fig. 5 is a flow chart of a method for selecting a VPLMN according to the present invention;
fig. 6 is a schematic structural diagram of a system for selecting VPLMN according to the present invention;
fig. 7 is a flowchart illustrating a method for selecting a VPLMN according to an embodiment of the present invention;
fig. 8 is a flowchart illustrating a method for selecting a VPLMN according to a second embodiment of the present invention;
fig. 9 is a flowchart illustrating a method for selecting a VPLMN according to a third embodiment of the present invention.
Detailed Description
The basic idea of the invention is: the P-GW of the home network acquires the VPLMN ID from the AAA server or the UE of the home network, and sends the VPLMN ID to the H-PCRF, and the H-PCRF receives the VPLMN ID.
The invention is further described in detail below with reference to the figures and the specific embodiments.
The invention realizes a method for selecting VPLMN, as shown in figure 5, the method comprises the following steps:
step 201: the P-GW of the home network acquires the VPLMN ID from the AAA server or the UE of the home network;
specifically, in the process that UE accesses a BBF access network to perform 3GPP-based authentication, an AAA server or the UE of a home network sends a VPLMN ID of a VPLMN where an AAA Proxy of the VPLMN is located to a P-GW of the home network, and the P-GW of the home network receives the VPLMN ID;
the sending, by the UE, the VPLMN ID of the VPLMN at which the aaaprxy of the VPLMN is located to the P-GW of the home network may be: and the UE sends the VPLMN ID to the P-GW of the home network through a bootstrapping process or a DSMIPv6 binding update message.
Before this step, also include: in the process that the UE is accessed into the BBF access network to perform 3GPP-based authentication, the AAA Proxy of the VPLMN reports the VPLMN ID to an AAA server of the home network, or the AAAProxy of the VPLMN returns the VPLMN ID to the BBF AAA, and the BBF AAA sends the VPLMN ID to the UE.
Step 202: the P-GW of the home network sends the VPLMN ID to an H-PCRF, and the H-PCRF receives the VPLMN ID;
specifically, the P-GW of the home network carries the VPLMN ID in an IP-CAN session establishment indication message or an IP-CAN session modification indication message sent to the H-PCRF;
the method further comprises the following steps: the H-PCRF determines a VPLMN according to a VPLMN ID carried in an IP-CAN session establishment indication message or an IP-CAN session modification indication message, and sends a gateway control session establishment triggering message initiated by the PCRF to a BPCF or an IP Edge through a V-PCRF of the VPLMN;
further, after receiving the gateway control session trigger message, the BPCF or the IP Edge returns an acknowledgement message.
In order to implement the above method, the present invention further provides a system for selecting a VPLMN, as shown in fig. 6, where the system includes: P-GW61 of the home network, AAA server 62 of the home network, UE 63, H-PCRF 64; wherein,
the P-GW61 of the home network is used for acquiring the VPLMN ID from the AAA server 62 or the UE 63 of the home network; sending the VPLMN ID to an H-PCRF 64;
an AAA server 62 or a UE 63 of the home network for providing a VPLMN ID to a P-GW61 of the home network;
the H-PCRF64 is configured to receive the VPLMN ID sent by the P-GW61 of the home network;
the gateway P-GW61 of the home network is specifically configured to carry the VPLMN ID in an IP-CAN session establishment indication message or an IP-CAN session modification indication message sent to the H-PCRF 64;
the H-PCRF64 is also used for determining a VPLMN according to the VPLMN ID carried in the IP-CAN session establishment indication message or the IP-CAN session modification indication message, and sending a gateway control session establishment triggering message initiated by the PCRF to the BPCF or the IP Edge through the V-PCRF of the VPLMN;
the system further comprises: AAA Proxy 65 and BBF AAA 66 of VPLMN; wherein,
the AAA Proxy 65 of the VPLMN is configured to report the VPLMN ID to the AAA server 62 of the home network, or return the VPLMN ID to the BBF AAA 66;
the BBF AAA 66 is used for sending the VPLMN ID to the UE 63;
the UE 63 is specifically configured to send the VPLMN ID to the P-GW61 of the home network through a bootstrapping procedure or a DSMIPv6 binding update message.
The P-GW61 of the home network specifically includes: an ID acquisition module 611, an ID transmission module 612; wherein,
the ID obtaining module 611, configured to obtain a VPLMN ID from the AAA server 62 or the UE 63 of the home network;
the ID sending module 612 is configured to send the VPLMN ID obtained by the ID obtaining module 611 to the H-PCRF 64.
The ID sending module 612 is specifically configured to carry the VPLMN ID in an IP-CAN session establishment indication message or an IP-CAN session modification indication message sent to the H-PCRF 64.
Based on the above system, the present invention further provides a P-GW, as shown in fig. 6, where the P-GW61 of the home network specifically includes: an ID acquisition module 611, an ID transmission module 612; wherein,
the ID obtaining module 611, configured to obtain a VPLMN ID from the AAA server 62 or the UE 63 of the home network;
the ID sending module 612 is configured to send the VPLMN ID obtained by the ID obtaining module 611 to the H-PCRF 64.
The ID sending module 612 is specifically configured to carry the VPLMN ID in an IP-CAN session establishment indication message or an IP-CAN session modification indication message sent to the H-PCRF 64.
The following detailed description of the implementation and principles of the method of the present invention is provided in connection with specific embodiments.
Example one
Based on the architecture diagram of fig. 2 or fig. 3, the present embodiment implements the method for selecting a VPLMN, as shown in fig. 7, and includes the following steps:
step 301, a UE accesses a BBF access network, executes authentication based on 3GPP, in the authentication process, an AAA Proxy of a VPLMN returns a VPLMN ID of a VPLMN where the UE is located to a BBF AAA, and reports the VPLMN ID to an AAA server of a home network, the AAA server of the home network stores the VPLMN ID and/or sends the VPLMN ID to an HSS, and the HSS stores the VPLMN ID sent by the AAA server of the home network;
the performing 3GPP-based authentication is: the BBF AAA interacts with the AAA server of the home network through the AAA Proxy of the VPLMN to complete EAP authentication, and further, the AAA server of the home network interacts with the HSS.
The AAAProxy of the VPLMN reports the VPLMN ID to an AAA server of a home network, and the method specifically comprises the following steps: the AAA Proxy of the VPLMN reports the VPLMN ID to an AAA server of the home network through a Diameter EAP Request (Diameter-EAP-Request) message of the SWd interface.
Step 302, the UE obtains a local IP address allocated by a BBF access network;
step 303, triggered by step 301 or step 302, the IP Edge notifies the BPCF that the UE accesses the home network through the BBF access network, and the BPCF obtains the VPLMN ID where the aaaprxy of the VPLMN selected when the UE accesses the authentication is located;
step 304, when the BPCF supports the policy intercommunication with the H-PCRF and the local policy indication CAN provide the policy control of the NSWO to the UE, the BPCF determines the VPLMN selected during the access authentication according to the VPLMN ID, and sends an IP-CAN session establishment indication message to the H-PCRF through the V-PCRF of the VPLMN, and the H-PCRF returns a confirmation message through the V-PCRF;
the IP-CAN session establishment indication message carries a user identifier, a UE local IP address and an NSWO-APN.
Step 305, the UE executes a bootstrapping process, and in the bootstrapping process, the AAA server of the home network sends the VPLMN ID to the P-GW;
the AAA server of the home network sends the VPLMN ID to the P-GW, and the method specifically comprises the following steps: the AAA server of the home network sends the VPLMN ID to the P-GW through a Diameter EAP Answer (Diameter-EAP-Answer) message of an S6b interface; here, when the VPLMN ID is stored in the HSS, the HSS sends the VPLMN ID to the AAA Server of the home network through a Multimedia-Auth-Answer or Server-Assignment-Answer message of the SWx interface before the AAA Server of the home network provides the VPLMN ID to the P-GW;
in the bootstrapping process, UE acquires an IP address of a P-GW (P-gateway) which needs to access a PDN (public data network), the P-GW communicates with an AAA (authentication, authorization and accounting) server of a home network to finish EAP (extensible authentication protocol) authentication, and the P-GW allocates an IPv6 address or prefix for the UE to serve as the HoA of the UE;
in the EAP authentication process, the AAA server of the home network interacts with the HSS;
the UE acquires the IP address of the P-GW to be accessed to the PDN as follows: and the UE carries out DNS search according to the APN to obtain the IP address of the P-GW to be accessed to the PDN.
The UE and the P-GW exchange DSMIPv6 messages;
in order to protect DSMIPv6 messages between the UE and the P-GW, the UE establishes a security association using IKEv2 and authenticates with EAP.
Step 306, UE sends DSMIPv6 binding update message to P-GW, and P-GW establishes binding context;
the binding update message carries CoA and HoA; in the binding message, the lifetime parameter is not zero.
Step 307, the PCEF in the P-GW sends an IP-CAN session establishment indication message carrying the VPLMN ID to the H-PCRF;
step 308, the H-PCRF performs QoS authorization according to the user identifier, the UE local IP address and the NSWO-APN in the IP-CAN session establishment indication message, and returns a confirmation message to the PCEF in the P-GW;
step 309, the P-GW returns a binding acknowledgement message to the UE;
step 310, the H-PCRF determines a VPLMN according to the obtained VPLMN ID, and initiates a gateway control session establishment flow through the V-PCRF of the VPLMN;
specifically, in the architecture shown in fig. 2, the H-PCRF sends a gateway control session establishment trigger message initiated by the PCRF to the BPCF through the V-PCRF of the VPLMN, and provides the local IP address of the UE; the BPCF receives the trigger message, sends a gateway control session establishment message to the V-PCRF, and the V-PCRF returns a confirmation message and initiates a gateway control session establishment process to the H-PCRF;
in the architecture shown in fig. 3, the H-PCRF sends a gateway control session establishment trigger message initiated by the PCRF to the IP Edge through the V-PCRF of the VPLMN, and provides the local IP address of the UE; and the IP Edge receives the trigger message, sends a gateway control session establishment message to the V-PCRF, and the V-PCRF returns an acknowledgement message and initiates a gateway control session establishment process to the H-PCRF.
In step 311, the BPCF provides the IP Edge with the QoS policy.
The method can also comprise the following steps: after P-GW receives the binding update message sent by UE, P-GW requests VPLMN ID to AAA server, AAA server of home network provides VPLMN ID to P-GW.
Example two
Based on the architecture diagram of fig. 2 or fig. 3, the present embodiment implements the method for selecting a VPLMN, as shown in fig. 8, and includes the following steps:
step 401, UE accesses to a 3GPP core network through E-UTRAN and establishes PDN connection;
step 402, after discovering a BBF access network, UE decides to initiate switching;
step 403, the UE accesses the BBF access network, executes authentication based on 3GPP, in the authentication process, the AAA Proxy of the VPLMN returns the VPLMN ID of the VPLMN where the UE is located to the BBF AAA, and reports the VPLMN ID to the AAA server of the home network, the AAA server of the home network stores the VPLMN ID and/or sends the VPLMN ID to the HSS, and the HSS stores the VPLMN ID sent by the AAA server of the home network;
the AAAProxy of the VPLMN reports the VPLMN ID to an AAA server of a home network, and the method specifically comprises the following steps: the AAA Proxy of the VPLMN reports the VPLMN ID to an AAA server of the home network through a Diameter EAP Request (Diameter-EAP-Request) message of the SWd interface.
Step 404, the UE obtains a local IP address allocated by the BBF access network;
step 405, triggered by step 403 or step 404, the IP Edge notifies the BPCF that the UE accesses the home network through the BBF access network, and the BPCF obtains the VPLMN ID where the aaaprxy of the VPLMN selected when the UE accesses the authentication is located;
step 406, when the BPCF supports the policy intercommunication with the H-PCRF and the local policy indication CAN provide the policy control of the NSWO to the UE, the BPCF determines the VPLMN selected during the access authentication according to the VPLMN ID, and sends an IP-CAN session establishment indication message to the H-PCRF through the V-PCRF of the VPLMN, and the H-PCRF returns a confirmation message through the V-PCRF;
the IP-CAN session establishment indication message carries a user identifier, a UE local IP address and an NSWO-APN.
Step 407, the UE executes a bootstrapping process, in which the AAA server of the home network sends the VPLMN ID to the P-GW;
the AAA server of the home network sends the VPLMN ID to the P-GW, and the method specifically comprises the following steps: the AAA server of the home network sends the VPLMN ID to the P-GW through a Diameter EAP Answer (Diameter-EAP-Answer) message of an S6b interface; here, when the VPLMN ID is stored in the HSS, the HSS sends the VPLMN ID to the AAA Server of the home network through a Multimedia-Auth-Answer or Server-Assignment-Answer message of the SWx interface before the AAA Server of the home network provides the VPLMN ID to the P-GW;
in the bootstrapping process, UE acquires an IP address of a P-GW (P-gateway) which needs to access a PDN (public data network), the P-GW communicates with an AAA (authentication, authorization and accounting) server of a home network to finish EAP (extensible authentication protocol) authentication, and the P-GW allocates an IPv6 address or prefix for the UE to serve as the HoA of the UE;
in the EAP authentication process, the AAA server of the home network interacts with the HSS;
the UE acquires the IP address of the P-GW to be accessed to the PDN as follows: and the UE carries out DNS search according to the APN to obtain the IP address of the P-GW to be accessed to the PDN.
The UE and the P-GW exchange DSMIPv6 messages;
in order to protect DSMIPv6 messages between the UE and the P-GW, the UE establishes a security association using IKEv2 and authenticates with EAP.
Step 408, UE sends DSMIPv6 binding update message to P-GW, and P-GW establishes binding context;
the binding update message carries CoA and HoA; in the binding message, the lifetime parameter is not zero.
Step 409, the PCEF in the P-GW sends an IP-CAN session modification indication message carrying the VPLMN ID to the H-PCRF;
step 410, the H-PCRF carries out QoS authorization according to the user identification, the UE local IP address and the NSWO-APN in the IP-CAN session modification indication message, and returns a confirmation message to the PCEF in the P-GW;
step 411, the P-GW returns a binding acknowledgement message to the UE;
step 412, the H-PCRF determines a VPLMN according to the obtained VPLMN ID, and initiates a gateway control session establishment flow through the V-PCRF of the VPLMN;
specifically, in the architecture shown in fig. 2, the H-PCRF sends a gateway control session establishment trigger message initiated by the PCRF to the BPCF through the V-PCRF of the VPLMN, and provides the local IP address of the UE; the BPCF receives the trigger message, sends a gateway control session establishment message to the V-PCRF, and the V-PCRF returns a confirmation message and initiates a gateway control session establishment process to the H-PCRF;
in the architecture shown in fig. 3, the H-PCRF sends a gateway control session establishment trigger message initiated by the PCRF to the IP Edge through the V-PCRF of the VPLMN, and provides the local IP address of the UE; and the IP Edge receives the trigger message, sends a gateway control session establishment message to the V-PCRF, and the V-PCRF returns an acknowledgement message and initiates a gateway control session establishment process to the H-PCRF.
In step 413, BPCF provides the QoS policies to the IP Edge.
The method can also comprise the following steps: after P-GW receives the binding update message sent by UE, P-GW requests VPLMN ID to AAA server, AAA server of home network provides VPLMN ID to P-GW.
EXAMPLE III
Based on the architecture diagram of fig. 2 or fig. 3, the present embodiment implements the method for selecting a VPLMN, as shown in fig. 9, and includes the following steps:
step 501, a UE accesses a BBF access network and executes authentication based on 3GPP, in the authentication process, an AAA Proxy of a VPLMN returns a VPLMN ID of a VPLMN where the AAA Proxy is located to the BBF AAA or the BBF AAA obtains the VPLMN ID according to local configuration, and the BBF AAA returns the VPLMN ID to the UE;
the BBF AAA returning the VPLMN ID to the UE specifically comprises the following steps: the BBF AAA sends the VPLMN ID to the UE through EAPRequest/AKA' -Challenge or EAP Success message.
Step 502, the UE obtains a local IP address allocated by a BBF access network;
step 503, triggered by step 501 or step 502, the IP Edge notifies the BPCF that the UE accesses the 3GPP network through the BBF access network, and the BPCF obtains the VPLMN ID where the AAA Proxy of the VPLMN selected when the UE accesses authentication is located;
step 504, when the BPCF supports the policy intercommunication with the H-PCRF and the local policy indication CAN provide the policy control of the NSWO to the UE, the BPCF determines the VPLMN selected during the access authentication according to the VPLMN ID, and sends an IP-CAN session establishment indication message to the H-PCRF through the V-PCRF of the VPLMN, and the H-PCRF returns a confirmation message through the V-PCRF;
the IP-CAN session establishment indication message carries a user identifier, a UE local IP address and an NSWO-APN.
Step 505, the UE executes a bootstrapping process, and in the bootstrapping process, the UE sends the VPLMNID to the P-GW;
the sending, by the UE, the VPLMN ID to the P-GW specifically is: the UE sends the VPLMN ID to the P-GW through an IKE AUTH Request message, wherein the VPLMN ID can be used as a separate parameter or as a part of Network Access Identification (NAI);
in the bootstrapping process, UE acquires an IP address of a P-GW (P-gateway) which needs to access a PDN (public data network), the P-GW communicates with an AAA (authentication, authorization and accounting) server of a home network to finish EAP (extensible authentication protocol) authentication, and the P-GW allocates an IPv6 address or prefix for the UE to serve as the HoA of the UE;
in the EAP authentication process, the AAA server of the home network interacts with the HSS;
the UE acquires the IP address of the P-GW to be accessed to the PDN as follows: and the UE carries out DNS search according to the APN to obtain the IP address of the P-GW to be accessed to the PDN.
The UE and the P-GW exchange DSMIPv6 messages;
in order to protect DSMIPv6 messages between the UE and the P-GW, the UE establishes a security association using IKEv2 and authenticates with EAP.
Step 506, UE sends DSMIPv6 binding update message to P-GW, and P-GW establishes binding context;
the binding update message carries CoA and HoA; in the binding message, the lifetime parameter is not zero.
Step 507, PCEF in P-GW sends IP-CAN conversation establishment indication message carrying VPLMN ID to H-PCRF;
step 508, H-PCRF carries on QoS authorization according to user's label, UE local IP address, NSWO-APN in the conversation of IP-CAN establishes the indication message, return the acknowledgement message to PCEF in P-GW;
step 509, the P-GW returns a binding acknowledgement message to the UE;
step 510, the H-PCRF determines a VPLMN according to the obtained VPLMN ID, a gateway control session triggering message initiated by the PCRF is sent to a BPCF through a V-PCRF of the VPLMN, and the BPCF returns a confirmation message through the V-PCRF;
in step 511, the BPCF provides the IP Edge with QoS policies.
The method can also comprise the following steps: the UE does not provide the VPLMN ID to the P-GW in step 505, but carries the VPLMN ID through a DSMIPv6 binding update message in step 506.
For the process that the UE accesses the 3GPP core network through the E-UTRAN, establishes the PDN connection and then finds that the BBF access network initiates the switching, the process that the H-PCRF acquires the VPLMN ID is similar to the process, and is not repeated.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention.
Claims (14)
1. A method of selecting a Visited Public Land Mobile Network (VPLMN), the method comprising:
a packet data network gateway (P-GW) of a home network obtains a visited network identity (VPLMN ID) from an authentication, authorization, and accounting (AAA) server or User Equipment (UE) of the home network and sends the VPLMN ID to a policy and charging rules function entity (H-PCRF) of the home network, the H-PCRF receiving the VPLMN ID.
2. The method of claim 1, wherein before the P-GW of the home network obtains the VPLMN ID from the AAA server or the UE of the home network, the method further comprises:
in the process that the UE accesses a broadband forum (BBF) access network to perform authentication based on a third generation partnership project (3GPP), an authentication, authorization and accounting server agent (AAA Proxy) of the VPLMN reports the VPLMN ID to an AAA server of the home network, or the BBF AAA sends the VPLMN ID to the UE.
3. The method of claim 2, wherein the sending, by the P-GW of the home network, the VPLMN ID to the H-PCRF is:
and the P-GW of the home network carries the VPLMN ID in an IP connection access network (IP-CAN) session establishment indication message or an IP-CAN session modification indication message which is sent to the H-PCRF.
4. The method of claim 1, further comprising: and the H-PCRF determines the VPLMN according to the VPLMN ID, and sends a gateway control session establishment triggering message initiated by a Policy and Charging Rules Function (PCRF) to a Broadband Policy Control Framework (BPCF) or an IP Edge route (IP Edge) through a visiting policy and charging rules function (V-PCRF) of the VPLMN.
5. The method of claim 1, wherein the P-GW of the home network obtaining VPLMN ID from the UE is:
and the UE sends the VPLMN ID to the P-GW of the home network through a self-starting process or a DSMIPv6 binding update message.
6. A system for selecting a VPLMN, the system comprising: P-GW of home network, AAA server of home network, UE, H-PCRF; wherein,
the P-GW of the home network is used for acquiring a VPLMN ID from an AAA server or UE of the home network and sending the VPLMN ID to the H-PCRF;
the AAA server or the UE of the home network is used for providing VPLMN ID for the P-GW of the home network;
and the H-PCRF is used for receiving the VPLMN ID sent by the P-GW of the home network.
7. The system according to claim 6, wherein the P-GW of the home network is specifically configured to carry the VPLMN ID in an IP-CAN session establishment indication message or an IP-CAN session modification indication message sent to the H-PCRF.
8. The system of claim 6, wherein the H-PCRF is further configured to determine the VPLMN based on the VPLMN ID, and send a PCRF-initiated gateway control session establishment trigger message to the BPCF or the IP Edge via the V-PCRF of the VPLMN.
9. The system of claim 6, further comprising: AAA Proxy and BBF AAA of VPLMN; wherein,
the AAA Proxy of the VPLMN is used for reporting the VPLMN ID to an AAA server of a home network, or returning the VPLMN ID to a BBF AAA;
and the BBF AAA is used for sending the VPLMN ID to the UE.
10. The system according to claim 6, characterized in that said UE is specifically configured to send said VPLMN ID to a P-GW of said home network via a bootstrapping procedure or a DSMIPv6 binding update message.
11. The system of claim 6, wherein the P-GW of the home network comprises: the system comprises an ID acquisition module and an ID sending module; wherein,
the ID acquisition module is used for acquiring VPLMNID from the AAA server or the UE of the home network;
and the ID sending module is used for sending the VPLMN ID acquired by the ID acquisition module to the H-PCRF.
12. The system according to claim 11, wherein the ID sending module is specifically configured to carry the VPLMN ID in an IP-CAN session establishment indication message or an IP-CAN session modification indication message sent to the H-PCRF.
13. A P-GW, characterized in that the P-GW comprises: the system comprises an ID acquisition module and an ID sending module; wherein,
the ID acquisition module is used for acquiring VPLMNID from the AAA server or the UE of the home network;
and the ID sending module is used for sending the VPLMN ID acquired by the ID acquisition module to the H-PCRF.
14. The P-GW of claim 13, wherein the ID sending module is specifically configured to carry the VPLMN ID in an IP-CAN session establishment indication message or an IP-CAN session modification indication message sent to an H-PCRF.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210365853.6A CN103702311A (en) | 2012-09-27 | 2012-09-27 | Method and system for selecting VPLMN (visited public land mobile network) and packet data network gateway |
| PCT/CN2013/082116 WO2014048191A1 (en) | 2012-09-27 | 2013-08-22 | Method and system for selecting vplmn and packet data network gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210365853.6A CN103702311A (en) | 2012-09-27 | 2012-09-27 | Method and system for selecting VPLMN (visited public land mobile network) and packet data network gateway |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103702311A true CN103702311A (en) | 2014-04-02 |
Family
ID=50363685
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210365853.6A Pending CN103702311A (en) | 2012-09-27 | 2012-09-27 | Method and system for selecting VPLMN (visited public land mobile network) and packet data network gateway |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103702311A (en) |
| WO (1) | WO2014048191A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017219213A1 (en) * | 2016-06-20 | 2017-12-28 | 华为技术有限公司 | Hplmn reselection method and terminal device |
| CN108353284A (en) * | 2015-11-03 | 2018-07-31 | 瑞典爱立信有限公司 | The selection of gateway node in communication system |
| CN108810298A (en) * | 2014-09-05 | 2018-11-13 | 华为技术有限公司 | A kind of across PLMN roaming data traffic online charging method and equipment |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111327431B (en) | 2018-12-14 | 2022-11-22 | 华为技术有限公司 | Charging policy obtaining method and device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100054222A1 (en) * | 2006-11-16 | 2010-03-04 | Johan Rune | Gateway Selection Mechanism |
| CN102340766A (en) * | 2010-07-23 | 2012-02-01 | 中兴通讯股份有限公司 | Method for home network to acquire network element information in visit network and system thereof |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101336001B (en) * | 2008-07-29 | 2011-06-08 | 华为技术有限公司 | Roaming charging method, apparatus and system |
-
2012
- 2012-09-27 CN CN201210365853.6A patent/CN103702311A/en active Pending
-
2013
- 2013-08-22 WO PCT/CN2013/082116 patent/WO2014048191A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100054222A1 (en) * | 2006-11-16 | 2010-03-04 | Johan Rune | Gateway Selection Mechanism |
| CN102340766A (en) * | 2010-07-23 | 2012-02-01 | 中兴通讯股份有限公司 | Method for home network to acquire network element information in visit network and system thereof |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108810298A (en) * | 2014-09-05 | 2018-11-13 | 华为技术有限公司 | A kind of across PLMN roaming data traffic online charging method and equipment |
| CN108353284A (en) * | 2015-11-03 | 2018-07-31 | 瑞典爱立信有限公司 | The selection of gateway node in communication system |
| WO2017219213A1 (en) * | 2016-06-20 | 2017-12-28 | 华为技术有限公司 | Hplmn reselection method and terminal device |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2014048191A1 (en) | 2014-04-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8849273B2 (en) | Method and system for reporting fixed network access information | |
| US20100281170A1 (en) | Method for selecting a policy and charging rules function entity in the non-roaming scenario | |
| CN102378280B (en) | Policy control method and system for realizing BBF (Broadband Forum) access | |
| CN102340763B (en) | Obtain the method and system of user bandwidth accessing position information | |
| WO2013064070A1 (en) | Method, system and pcrf for realizing reflection qos mechanism | |
| CN102958046B (en) | A kind of control method, system and the DRA of mobile terminal accessing business | |
| US9609028B2 (en) | Method, apparatus and system for establishing session | |
| CN102595508A (en) | Strategy control method and system | |
| CN102340766B (en) | Home network obtains the method and system of net element information in visited network | |
| CN103209410A (en) | Methods and system for achieving QoS (quality of service) reflection mechanism | |
| CN103702327B (en) | Method, system and the equipment of user equipment selection visited Public Land mobile network | |
| EP2728810B1 (en) | Information transmission method, packet data gateway, and policy and charging rules function | |
| CN103702311A (en) | Method and system for selecting VPLMN (visited public land mobile network) and packet data network gateway | |
| CN102761852B (en) | A kind of method and system for obtaining roaming information | |
| CN102347892B (en) | A kind of method and system of acquiring user access information by network equipment | |
| Ahmed et al. | Inter-system mobility in evolved packet system (EPS): Connecting non-3GPP accesses | |
| CN103813409A (en) | Policy control method, apparatus, and system of fixed network mobile convergence | |
| CN103188646B (en) | The offer method of charge information, apparatus and system | |
| CN101998515A (en) | Implementation method and implementation system for controlling PCRF load balancing | |
| CN102378143B (en) | A kind of method and system triggering fixed network mobile fusion policy conferring | |
| WO2013152655A1 (en) | Policy control method and system in convergence network | |
| CN102378144B (en) | A kind of method and system setting up session, policy distribution | |
| US20130145038A1 (en) | Method and system for establishing session | |
| CN102932915A (en) | Session establishment method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140402 |