CN103716770B - Network insertion processing method and system - Google Patents
Network insertion processing method and system Download PDFInfo
- Publication number
- CN103716770B CN103716770B CN201210375315.5A CN201210375315A CN103716770B CN 103716770 B CN103716770 B CN 103716770B CN 201210375315 A CN201210375315 A CN 201210375315A CN 103716770 B CN103716770 B CN 103716770B
- Authority
- CN
- China
- Prior art keywords
- twag
- wlan
- twap
- address
- aaa
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Abstract
The present invention provides a kind of network insertion processing methods and system, this method to include:Wlan access network WLANAN obtains the TWAG address informations of WLAN access gatewaies TWAG trusty, wherein, user equipment (UE) accesses the packet-based core networks EPC that net TWAN accesses evolution by WLAN trusty, which includes WLANAN, TWAG and WLAN trusty is authenticated, TWAP is acted on behalf of in mandate and charging AAA;TWAP receives the TWAG address informations sent by WLAN AN;TWAP carries out network insertion processing according to TWAG address information combinations TWAG, through the invention, solve the problems, such as in the prior art between the inside TWAN how connection processing, and then the apparent processing procedure carried out inside TWAN during user equipment accesses EPC by WLAN, and provide possibility for follow-up optimization system.
Description
Technical field
The present invention relates to the communications fields, in particular to a kind of network insertion processing method and system.
Background technology
Third generation partner program(3rd Generation Partnership Project, referred to as 3GPP)Drill
Into grouping system(Evolved Packet System, referred to as EPS)By the Universal Terrestrial Radio Access Network of evolution
(Evolved Universal Terrestrial Radio Access Network, referred to as E-UTRAN), mobile management list
Member(Mobility Management Entity, referred to as MME), gateway(Serving Gateway, referred to as S-
GW), grouped data network gateway(Packet Data Network Gateway, referred to as P-GW), home subscriber server
(Home Subscriber Server, referred to as HSS)Composition.
Fig. 1 is the structural schematic diagram of evolved packet system in the related technology, as shown in Figure 1, MME be responsible for mobile management,
The related work of the control planes such as the processing of Non-Access Stratum signaling and the management of user's mobile management context;S-GW is and E-
Accessing gateway equipment connected UTRAN forwards data between E-UTRAN and P-GW, and be responsible for the pending datas such as paging into
Row caching;P-GW is then EPS and packet data network(Packet Data Network, referred to as PDN)The boundary net of network
It closes, be responsible for the access of PDN and forward the functions such as data between EPS and PDN.UE can also be accessed by UTRAN by upgrading
SGSN, SGSN are in the access for being grouped business by S-GW connections P-GW.This SGSN by upgrading is known as S4SGSN.
It carries out the interaction of control plane by S3 interfaces and MME, and the interaction of user plane is carried out by S4 interfaces and S-GW.
If EPS system support policy charging control(Policy and Charging Control, referred to as PCC), strategy
And charging rule functions(Policy and Charging Rules Function, referred to as PCRF)Entity carries out strategy and meter
Take the formulation of rule, it passes through receiving interface Rx and carrier network agreement(Internet Protocol, referred to as IP)Business
Application function in network(Application Function, referred to as AF)Entity is connected, and business information is obtained, for generating
The business information of PCC strategies.When the S5 interfaces between S-GW and P-GW use GPRS Tunnel Protocol(GPRS Tunnelling
Protocol, referred to as GTP)Strategy and charge execution function are resided when agreement, in P-GW(Policy and Charging
Enforcement Function, PCEF)Entity, PCRF entities exchange information between P-GW by Gx interfaces, and responsible initiation is held
The foundation of load, modification and release, ensure the service quality of business datum(Quality of Service, referred to as QoS), go forward side by side
Row charging control.When the S5 interfaces of S-GW and P-GW use proxy-mobile IP(Proxy Mobile IP, referred to as PMIP)When,
Bearing binding and event reporting function are resident in S-GW(Bearer Binding and Event Report Function,
BBERF)Entity, and information is exchanged by Gxc interfaces between S-GW and PCRF entities, it is responsible for initiating carrying by BBERF entities
Foundation, modification and release, ensure the service quality of business datum, by PCEF entities carry out charging control.
Fig. 2 is according to the schematic network structure of the 3GPP networks and non-3 GPP network intercommunication of the relevant technologies, such as Fig. 2 institutes
Show, EPS is supported and the intercommunication of non-3 GPP system, wherein the intercommunication with non-3 GPP system realized by S2a/b/c interfaces, P-GW
As the anchor point between 3GPP and non-3 GPP system.In the system architecture of EPS, non-3 GPP system access is divided into trustless non-
3GPP is accessed and trusted non-3 GPP access;Wherein, the packet data gateway that trustless non-3 GPP access need to be Jing Guo evolution
(Evolved Packet Data Gateway, referred to as ePDG)It is connected with P-GW, the interface between ePDG and P-GW is S2b;It can
Trusting non-3 GPP access can directly be connect by S2a interfaces with P-GW;In addition, S2c interfaces provide user equipment(User
Equipment, referred to as UE)The relevant control of user interface between P-GW and mobility support, the mobility supported
Management agreement is the mobile IP v 6 for supporting double stacks(Mobile IPv6 Support for Dual Stack Hosts and
Routers, referred to as DSMIPv6), can be used for trustless non-3 gpp and trusted non-3 GPP access.
Recently as Wireless LAN(Wireless Local Area Network, referred to as WLAN)Cover model
The fast development of the expansion enclosed and its safety, more and more operators think that WLAN can be used as non-3 gpp trusty
Access the packet-based core networks of network insertion evolution(Evolved Packet Core, referred to as EPC).When WLAN is recognized by operator
When to be access network trusty, WLAN trusty accesses net(Trusted WLAN Access Network, referred to as
TWAN), pass through STa interfaces and authentication, mandate and charging(Authentication Authorization and
Accounting, referred to as AAA)Servers/proxies connect, and are connected with P-GW by S2a interfaces, access EPS networks.
Fig. 3 is the non-roaming Organization Chart of WLAN accesses net access EPC trusty in the related technology, as shown in figure 3, TWAN
Including WLAN accesses network(WLAN Access Network, referred to as WLAN AN), WLAN access gatewaies trusty
(Trusted WLANAccess Gateway, referred to as TWAG), WLANAAA agencies trusty(Trusted WLAN AAA
Proxy, referred to as TWAP).Include one or more WLAN access points in WLAN AN(Access Point, referred to as AP)Or
Person's access control point(Access Controler, referred to as AC), TWAG connected by S2a interfaces with P-GW, and TWAP passes through
STa interfaces are connect with aaa server/agency.
But in the related art when UE accesses EPC by TWAN all TWAN as a whole, or it is only right
The function that 3 logic modules inside TWAN are capable of providing is illustrated, but in the related technology between the inside TWAN such as
What connection processing is not related to.
Invention content
The present invention provides a kind of network insertion processing method and systems, at least to solve in the prior art to the inside TWAN
Between how connection processing the problem of.
According to an aspect of the invention, there is provided a kind of network insertion processing method, including:WLAN accesses net
Network WLAN AN obtain the TWAG address informations of WLAN access gatewaies TWAG trusty, wherein user equipment (UE) passes through credible
Appoint WLAN access net TWAN access evolution packet-based core networks EPC, the TWAN include the WLANAN, it is described
TWAG and WLAN trusty authentications, mandate and charging AAA act on behalf of TWAP;The TWAP is received to be sent by the WLAN AN
The TWAG address informations;The TWAP carries out network insertion processing according to the TWAG address informations in conjunction with the TWAG.
Preferably, the TWAP receives the TWAG address informations sent by the WLAN AN and includes:It is described
TWAP received as AAA agencies is sent from the WLANAN to the EPC aaa servers be used to carry expansible to recognize
Demonstrate,prove the AAA message of agreement EAP authentications, wherein the TWAG address informations are carried in the AAA message;The TWAP is from connecing
The TWAG address informations are intercepted and captured in the AAA message received.
Preferably, the TWAP includes in conjunction with TWAG progress network insertion processing according to the TWAG address informations:
The TWAP obtains user signing contract information from encapsulating EAP and authenticate in successful AAA message;The TWAP is according to the TWAG
Address information sends request message to the TWAG, wherein carrying the user signing contract information in the request message.
Preferably, the request message includes at least one of:Adhere to triggering request, for transmitting the user
Signing information triggers the TWAG and establishes GTP tunnel between the TWAN and the EPC simultaneously;Information transmits request message,
For transmitting the user signing contract information, the TWAG is established according to the user signing contract information for connecting the TWAN and institute
State the GTP tunnel of EPC.
Preferably, after the TWAP obtains user signing contract information from encapsulating the successful AAA message of EAP authentications,
Further include:The TWAP is established according to the TWAG address informations and the TWAG and is connected.
Preferably, the TWAP establishes to connect according to the TWAG address informations with the TWAG includes:In the TWAG
Address information be the TWAG IP address information in the case of, the TWAP directly according to the IP address information of the TWAG with
The TWAG establishes connection;Alternatively, in the case where the TWAG address informations are the IP address information of the non-TWAG, it is described
TWAP is used after the TWAG address informations of the IP address information of the non-TWAG are converted to the IP address of TWAG
Transformed IP address is established with the TWAG and is connected.
Preferably, the TWAG address informations include at least one of:The IP address information of TWAG, the universe name of TWAG
The title of FQDN, TWAG, the mark of TWAG.
According to another aspect of the present invention, a kind of network insertion processing system is provided, including:Acquisition module is located at nothing
In line LAN optimization network WLANAN, the TWAG address informations for obtaining WLAN access gatewaies TWAG trusty, wherein
User equipment (UE) accesses the packet-based core networks EPC that net TWAN accesses evolution, the TWAN packets by WLAN trusty
Include the WLANAN, the TWAG and WLAN trusty authentications, mandate and charging AAA acts on behalf of TWAP;Receiving module is located at
In the TWAP, for receiving the TWAG address informations sent by the WLANAN;Processing module is located at the TWAP
In, for carrying out network insertion processing in conjunction with the TWAG according to the TWAG address informations.
Preferably, the receiving module includes:Receiving unit is received as AAA agencies by described for the TWAP
The AAA message for carrying expansible authentication protocol EAP authentications that WLANAN is sent to the EPC aaa servers, wherein
The TWAG address informations are carried in the AAA message;Unit is intercepted and captured, for being intercepted and captured from the AAA message received
The TWAG address informations.
Preferably, the processing module includes:Acquiring unit, for obtaining from encapsulating EAP and authenticate in successful AAA message
Take user signing contract information;Transmission unit, for sending request message, wherein institute to the TWAG according to the TWAG address informations
It states and carries the user signing contract information in request message.
Preferably, further include:Establish unit, be located at the TWAP in, for according to the TWAG address informations with it is described
TWAG establishes connection.
Preferably, the unit of establishing includes:First establishes subelement, for being described in the TWAG address informations
In the case of the IP address information of TWAG, is directly established and connected according to the IP address information of the TWAG and the TWAG;Or
Person, second establishes subelement, in the case where the TWAG address informations are the IP address information of the non-TWAG, inciting somebody to action
After the TWAG address informations of the IP address information of the non-TWAG are converted to the IP address of TWAG, using transformed IP
Address is established with the TWAG and is connected.
Through the invention, WLAN access gatewaies TWAG trusty is obtained using wlan access network WLANAN
TWAG address informations, wherein user equipment (UE) pass through WLAN trusty access net TWAN access evolution grouping
Core net EPC, the TWAN include WLAN AN, the TWAG and WLAN trusty authentications, mandate and charging AAA generations
Manage TWAP;The TWAP receives the TWAG address informations sent by the WLAN AN;The TWAP is according to the TWAG
Address information in conjunction with the TWAG carry out network insertion processing, solve in the prior art between the inside TWAN how junction
The problem of reason, so it is apparent carried out inside TWAN during user equipment accesses EPC by WLAN it is processed
Journey, and provide possibility for follow-up optimization system.
Description of the drawings
Attached drawing described herein is used to provide further understanding of the present invention, and is constituted part of this application, this hair
Bright illustrative embodiments and their description are not constituted improper limitations of the present invention for explaining the present invention.In the accompanying drawings:
Fig. 1 is the structural schematic diagram of evolved packet system in the related technology;
Fig. 2 is the schematic network structure according to the 3GPP networks and non-3 GPP network intercommunication of the relevant technologies;
Fig. 3 is the non-roaming Organization Chart of WLAN accesses net access EPC trusty in the related technology;
Fig. 4 is the flow chart of network insertion processing method according to the ... of the embodiment of the present invention;
Fig. 5 is the structure diagram of network insertion processing system according to the ... of the embodiment of the present invention;
Fig. 6 is the structure diagram of receiving module 54 in network insertion processing system according to the ... of the embodiment of the present invention;
Fig. 7 is the structure diagram one of processing module 56 in network insertion processing system according to the ... of the embodiment of the present invention;
Fig. 8 is the structure diagram two of processing module 56 in network insertion processing system according to the ... of the embodiment of the present invention;
Fig. 9 is the structure diagram that unit 82 is established in network insertion processing system according to the ... of the embodiment of the present invention;
Figure 10 is the embodiment one of the method according to the ... of the embodiment of the present invention realized and obtain trusted WLAN access gatewaies
Flow chart;
Figure 11 is the embodiment two of the method according to the ... of the embodiment of the present invention realized and obtain WLAN access gatewaies trusty
Flow chart.
Specific implementation mode
Come that the present invention will be described in detail below with reference to attached drawing and in conjunction with the embodiments.It should be noted that not conflicting
In the case of, the features in the embodiments and the embodiments of the present application can be combined with each other.
A kind of network insertion processing method is provided in the present embodiment, and Fig. 4 is that network according to the ... of the embodiment of the present invention connects
Enter the flow chart of processing method, as shown in figure 4, the flow includes the following steps:
Step S402, wlan access network WLAN AN obtain the TWAG of WLAN access gatewaies TWAG trusty
Address information, wherein user equipment (UE) accesses the packet-based core networks that net TWAN accesses evolution by WLAN trusty
EPC, the TWAN include WLANAN, TWAG and WLAN trusty is authenticated, TWAP is acted on behalf of in mandate and charging AAA, for example, TWAG
Address information may include at least one of:The IP address information of TWAG, the title of universe name FQDN, TWAG of TWAG,
The mark of TWAG.
Step S404, TWAP receive the TWAG address informations sent by above-mentioned WLANAN;
Step S406, TWAP carry out network insertion processing according to TWAG address information combinations TWAG.
Through the above steps, TWAP receives the TWAG address informations sent by WLAN AN, then according to the TWAG
Location information establishes the connection between TWAN and EPC, relative to TWAN only carried out user as a whole in the related technology
Equipment accesses the processing of EPC by WLAN, not only apparent during accessing EPC by WLAN using above-mentioned processing
The processing procedure carried out inside TWAN, and provide possibility for follow-up optimization system.
TWAP can receive the TWAG address informations sent by WLANAN in several ways, for example, TWAP can make
For AAA agency receive is sent from WLAN AN to EPC aaa servers be used for carry expansible authentication protocol
(Extensible Authentication Protocol, referred to as EAP)The AAA message of authentication, wherein in the AAA message
Carry above-mentioned TWAG address informations;TWAP intercepts and captures TWAG address informations from the AAA message received.Using such place
Reason, need not establish new additional flow, and only system does not save resource, and ensure that receive TWAG to a certain extent
The reliability of address information.
TWAP carries out network insertion processing according to TWAG address information combinations TWAG and various ways may be used, for example,
TWAP stores the above-mentioned TWAG address informations got, and after EAP is authenticated successfully, which will be from encapsulating EAP
It authenticates in successful AAA message and obtains user signing contract information;Then TWAP is sent according to the TWAG address informations of storage to TWAG
Request message wherein carries user signing contract information in request message, and the request message is according to used attachment triggering mode
Difference carries out network insertion processing also some difference, for example, when using to TWAP according to above-mentioned TWAG address informations combination TWAG
When L2 attachment triggerings, which sends attachment triggering request, the attachment triggering request, for transmitting user to TWAG
TWAG is triggered while signing information establishes the GTP tunnel between TWAN and EPC;In another example when adhering to triggering using L3, it should
TWAP can then send to TWAG and transmit information request message, which believes for transmitting above-mentioned user and contracting
Breath, wherein TWAG establishes the GTP tunnel for connecting TWAN and EPC according to the user signing contract information.
It more preferably, should in TWAP from encapsulating during EAP authenticates successful AAA message after acquisition user signing contract information
TWAP is established according to TWAG address informations and TWAG and is connected.When TWAP establishes connection according to above-mentioned TWAG address informations and TWAG,
It can be according to the difference of TWAG address information forms, using different processing modes, for example, being TWAG's in TWAG address informations
In the case of IP address information, TWAP can be established directly according to the IP address information of TWAG and TWAG and be connected;And in TWAG
In the case that location information is the IP address information of non-TWAG, TWAP can be by the addresses TWAG of the IP address information of the non-TWAG
After information is converted to the IP address of TWAG, is established and connected using transformed IP address and TWAG, wherein what is be related to turns
Various ways can also be used by changing, for example, may be used from domain name system(Domain Name System, referred to as DNS)It looks into
The mode of inquiry.
Additionally provide a kind of network insertion processing system in the present embodiment, the system is for realizing above-described embodiment and excellent
Embodiment is selected, repeating no more for explanation had been carried out.As used below, predetermined function may be implemented in term " module "
Software and/or hardware combination.Although system described in following embodiment is preferably realized with software, hardware,
Or the realization of the combination of software and hardware is also that may and be contemplated.
In the present embodiment, a kind of network insertion processing system is additionally provided, Fig. 5 is network according to the ... of the embodiment of the present invention
The structure diagram of processing system is accessed, as shown in figure 5, the system includes acquisition module 52, receiving module 54, processing module 56,
The system is illustrated below.
Acquisition module 52 is located in WLAN WLAN access networks WLANAN, is connect for obtaining WLAN trusty
The TWAG address informations of function Access Gateway TWAG, wherein user equipment (UE) accesses net TWAN by WLAN trusty and accesses
The packet-based core networks EPC of evolution, the TWAN include WLAN AN, TWAG and WLAN trusty authentications, mandate and charging AAA generations
Manage TWAP;Receiving module 54 is located in above-mentioned TWAP, above-mentioned acquisition module 52 is connected to, for receiving by the WLAN AN
The TWAG address informations sent;Processing module 56 is located in above-mentioned TWAP, for being combined according to TWAG address informations
TWAG carries out network insertion processing.
Fig. 6 is the structure diagram of receiving module 54 in network insertion processing system according to the ... of the embodiment of the present invention, such as Fig. 6 institutes
Show, which includes receiving unit 62 and intercept and capture unit 64, is illustrated below to the receiving module 54.
Receiving unit 62 receives the use sent from WLAN AN to EPC aaa servers for TWAP as AAA agencies
In the AAA message for carrying expansible authentication protocol EAP authentications, wherein carry TWAG address informations in the AAA message;It cuts
Unit 64 is obtained, above-mentioned receiving unit 62 is connected to, for intercepting and capturing the TWAG address informations from the AAA message received.
Fig. 7 is the structure diagram one of processing module 56 in network insertion processing system according to the ... of the embodiment of the present invention, such as Fig. 7
Shown, which includes acquiring unit 72 and transmission unit 74, is illustrated below to the processing module 56.
Acquiring unit 72, for obtaining user signing contract information from encapsulating EAP and authenticate in successful AAA message;It sends single
Member 74, is connected to above-mentioned acquiring unit 72, for sending request message to TWAG according to TWAG address informations, wherein request disappears
User signing contract information is carried in breath.
Fig. 8 is the structure diagram two of processing module 56 in network insertion processing system according to the ... of the embodiment of the present invention, such as Fig. 8
Shown, which further includes in addition to including acquiring unit 72 and transmission unit 74:Unit 82 is established, this is built below
Vertical unit 82 illustrates.
Unit 82 is established, is located in TWAP, is connected to above-mentioned acquiring unit 72 and transmission unit 74, for according to TWAG
Address information is established with TWAG and is connected.
Fig. 9 is the structure diagram that unit 82 is established in network insertion processing system according to the ... of the embodiment of the present invention, such as Fig. 9 institutes
Show, this, which is established unit 82 and establishes subelement 92 or the second including first, establishes subelement 94, is established in unit 82 to this below
First, which establishes subelement 92 and second, establishes subelement 94 and illustrates.
First establishes subelement 92, in the case where TWAG address informations are the IP address information of TWAG, TWAP to be straight
It connects to be established with TWAG according to the IP address information of TWAG and connect;Second establishes subelement 94, for being non-in TWAG address informations
In the case of the IP address information of TWAG, the TWAG address informations of the IP address information of non-TWAG are being converted to TWAG's by TWAP
After IP address, is established and connected using transformed IP address and TWAG.
Although thinking that each logic module can be connected with each other between each other in the related art, message can be transmitted,
How to connect, and how found each other between modules, how with connection is established each other, how to transmit data etc. and all do not have
It is described.The L2 of TWAG UE can be notified to adhere to event or attachment removal event for example, describing TWAP in a standard, still
How TWAP obtains the address information of TWAG, how with connection is established between TWAG, if the L2 of notice TWAG UE adheres to thing
Part or attachment removal event, these are not all described.
In consideration of it, providing a kind of method and system obtaining trusted WLAN access gatewaies, WLAN in the present embodiment
After AN selects TWAG, the address information of the AAA news TWAP TWAG by carrying EAP authentications.TWAP is further according to receipts
The TWAG information arrived is established with TWAG and is connected, and is triggered TWAG and established the tunnels S2a.That is, when user adheres to/is switched to for the first time
WLAN, when accessing EPC by TWAN modes, WLAN AN send the addresses TWAG got in EAP authentication processes
TWAP.After TWAP intercepts EAP success messages, the tunnels S2a are established further according to the TWAG information triggering TWAG being previously received.
After establishing the interconnection inside TWAN between modules, pass through user's uplink and downlink data of TWAN transmission
It is transmitted by the data channel between WLAN AN and TWAG.
It is accessed by WLAN through the above technical solutions, solving user, trusted when EPC is accessed in a manner of TWAN
WLAN access gatewaies obtain problem.
Technical solution of the present invention is described in further detail below in conjunction with drawings and the specific embodiments.
A kind of method obtaining trusted WLAN access gatewaies is provided in the examples below, and this method includes:User
Adhere to for the first time/it is switched to WLAN, when accessing EPC by TWAN modes, WLAN AN will be got in EAP authentication processes
The addresses TWAG send TWAP to.It is attached to for WLAN neutralizations are switched in WLAN by user and is illustrated respectively for the first time below.
Embodiment one
Figure 10 is the embodiment one of the method according to the ... of the embodiment of the present invention realized and obtain trusted WLAN access gatewaies
Flow chart, as shown in Figure 10, user adhere to from WLAN for the first time, when accessing network insertion EPC with WLAN trusty, are connect in EAP
Enter in authentication process, WLAN AN send the addresses TWAG got to TWAP.
Step S1002:UE and WLAN AN execute the distinctive access process of non-3 gpp, establish L2 connections;
Step S1004:WLAN AN send EAP Request mark to UE(identity)Request message, acquisition request terminal
Mark.Start EAP authentication processes.
Step S1006:UE returns to the mark of EAP response/identity carried terminals to WLAN AN(The mark of user can be
Permanent identification(permanent identity)It can also be pseudo- mark(pseudonym identity)).
Step S1008:After WLAN AN receive the identification response message of UE returns, it will be given to TWAP in the EAP message, it should
EAP message is encapsulated in AAA message.WLAN AN add the address information of TWAG, AC or broadband in the AAA message simultaneously
Remote access server(Broadband RemoteAccess Server, referred to as BRAS)Seamed WLAN unloadings
(Non-seamlesss WLAN offload, referred to as NSWO)Ability instruction, mobile IP feature vectors(Mobility
Internet Protocol-Feature-Vector, referred to as MIP-Feature-Vector)Instruction, WLAN marks(WLAN-
identifier), access network identity(Access Network Identity, referred to as ANID).
TWAG address informations in this AAA message are the TWAG that the AC/AP in WLAN AN is got before EAP processes
Address information, the process of acquisition can be it is dynamic such as:The mode of DNS can also be the mode of static state, such as:Static configuration,
Can also be other acquisition modes.
The address information of TWAG can be the IP address of TWAG or the universe name of TWAG in this AAA message(Fully
Qualified Domain Name, referred to as FQDN)The either title of TWAG or the mark of TWAG or other instructions.
The instruction of NSWO abilities can be the relieving capacity of AC in WLAN AN in this AAA message, can also be what AC was got
The relieving capacity of AP in the relieving capacity or WLAN AN of BRAS, the specifically relieving capacity of that network element device depend on tool
Body realize when unloading point placement, unloading point be placed on that network element be exactly that network element ability.If in WLAN AN
AC or AP and BRAS conjunction set, then the relieving capacity WLAN AN of BRAS can be obtained by inside story, if BRAS and WLAN
AC or AP in AN set up separately, then WLAN AN need to interact with BRAS in other way, obtain the relieving capacity letter of BRAS
Breath.The message is optional.If what WLAN AN can be obtained arrives, including the message.Otherwise the message can not be included.
MIP-Feature-Vector in this AAA message indicates the mobility capability namely TWAG of non-3 GPP access network
The protocol type that S2a interfaces use between PGW.The parameter is a conditional parameter, if non-3 GPP access network supports dynamic
If Move Mode selects, the parameter can be carried, if carry the parameter and also correspond to be TWAG the instruction of an ability, take
It indicates to support S2a interfaces when band.The acquisition modes of the parameter when can be the address information that WLAN AN obtain TWAG, connect TWAG
Ability get together, can also be acquire in other way.The message can also not add herein, and
It is to be added in the next step by TWAP.After TWAP gets the address information of TWAG, according to the address information got with
TWAG connections, obtain the ability parameter of TWAG.
The service set that WLAN mark expressions in this AAA message select when being UE access WLAN AN networks
(Service Set Identifier, referred to as SSID).The message is optional.If what WLAN AN can be obtained arrives, including
The message.
ANID in this AAA message indicates that the access user name of UE connections claims.The message must band.
The AAA message of this encapsulation EAP message can be remote customer dialing authentication system(Remote Authenticatio
N Dial In User Service, referred to as radius)Message either diameter message.Or other similar disappear
Breath.
Step S1010:TWAP is acted on behalf of as WLAN AAA trusty, will be under the AAA message interceptions that WLAN AN are received
Come, removes TWAG address information parameters, aaa server will be given in remaining AAA message.
TWAP intercepts and captures the TWAG address information parameters in AAA message, and preserves.The address information of TWAG for follow-up and
Connection is established between TWAG, triggering TWAG establishes the tunnels S2a.
TWAP can add MIP-Feature-Vector parameters in the AAA message to aaa server in the step, such as
Step does not add the parameter on fruit, and non-3 GPP access network supports dynamic mobile model selection, then TWAP is according to receiving
TWAG address informations ask to obtain the parameter to TWAG, the parameter, which is then added to AAA, disappears with connection is established between TWAG
In breath, aaa server, the ability of TWAG are told.
Step S1012:After AAA receives the mark of UE, if it is considered to the mark received is invalid or can not basis
Pseudonym identity are mapped to effective international mobile subscriber identification(International Mobile
Subscriber Identity, referred to as IMSI)Or aaa server thinks intermediate contact modifications or substitutions user
Identity, then AAA obtain identity again to UE, UE returns meet user identifier as defined in AAA.
Step S1014:After AAA thinks that the identity of UE is effective, check local with the presence or absence of not used mirror
Weight vector, if it is present carrying out EAP authentications using local authentication vector;Otherwise, AAA asks authentication vector, HSS to HSS
Return to authentication vector.
Step S1016:AAA confirms the local EPS access profile for whether having user(Signing information)If do not had
Have, then obtain the signing information of user to HSS, HSS returns to user signing contract information.
Step S1018:AKA '-challenge is completed between AAA and UE(Challenge)Process completes user to network side
Authentication.
Step S1020:AKA '-notification is completed between AAA and UE(Notice)Process.
Step S1022:After EAP is authenticated successfully, AAA sends out EAP Success(Success)Message is to TWAP.By subscription data
Included in the AAA message of transmission EAP success messages.
Step S1024:AAA executes register flow path to HSS.
Step S1026:After TWAP intercepts the EAP success messages of AAA hairs, the user contracting data received, root are preserved
Connection is established according to the TWAG information and TWAG received in step S1008, triggering TWAG establishes the tunnels GTP between PGW.
If the TWAG information that TWAP is received in step S1008 is FQDN or mark or title or other information,
TWAP needs the IP address that these information are converted into TWAG, and conversion regime can be inquiry DNS or other are similar with DNS
Network element.
Step S1028:TWAP sends out the attachment triggering request of layer 2 to TWAG(Such as:WLAN attach request
(WLAN attach requests))Message, carries the subscription data of user, and triggering TWAG establishes the tunnels S2a.
Step S1030:TWAG is sent out to P-GW creates conversation request message, and GTP tunnel is established in request.
Step S1032:P-GW updates the address information of P-GW to AAA, while the address information is passed to HSS by AAA.
Step S1034:P-GW, which is returned, creates conversational response message;
Step S1036:After the completion of GTP tunnel is established, TWAG returns the attachment of layer 2 to TWAP and completes message(Such as:WLAN
attach accept(WLAN attachments receive)).
Step S1038:TWAP sends the EAP success messages that the AAA of intercepting and capturing is sent to UE by WLANAN, terminates
EAP authentication processes.
After the completion of the connection of the sides equal WLAN is all established, user can send upstream data and can also be transmitted to PGW, PGW
To the downlink data of user.
When the upstream data of user reaches the sides AN WLAN, static state may be used in WLAN AN(Such as:Static configuration)Or it is dynamic
State(Dynamic GRE (Generic Routing Encapsulation) tunnel is established)Mode establish data channel with TWAG.WLAN AN are by the data channel of the two by user's
Upstream data passes to TWAG, TWAG again by GTP tunnel by user data delivery to PGW.
When having to the downlink data of user, PGW is by the GTP tunnel to TWAG, by the data transfer of user to TWAG,
Then TWAG establishes data channel by static or dynamic mode with WLAN AN, then by data channel between the two,
Give user data delivery to WLAN AN.Last WLAN AN send the data to user.
It should be noted that for convenience of explanation using EAP-AKA ' authentication modes in this embodiment, but and it is unlimited
In the authentication mode, other authentication modes similarly may be implemented.
In above-described embodiment in order to briefly describe using L2 triggering TWAG establish GTP tunnel by the way of, if using L3
(Layer 3)If triggering TWAG establishes GTP tunnel, above-mentioned flow slightly has modification, TWAP to intercept EAP authentications in step S1026
After success message, the user signing contract information in the AAA message for encapsulating EAP message is cached.TWAP is EAP successes simultaneously
Message is issued to UE, terminates EAP authentication processes.After TWAP issues EAP authentication successful messages, asked to the transmission of TWAG photos and sending messages
Message is sought, it includes user signing contract information that information, which is transmitted in request message,.TWAG etc. receive L3 triggering request message and
After the request message of TWAP hairs, then with establishing GTP tunnel between PGW.The mode that GTP tunnel is established is the same as above-mentioned steps S1030-
1034。
Embodiment two
Figure 11 is the embodiment two of the method according to the ... of the embodiment of the present invention realized and obtain WLAN access gatewaies trusty
Flow chart, as shown in figure 11, user from 3GPP access after, be switched under WLAN coverage, connect with non-3 gpp trusty
When networking access EPC, in EAP access authentication process, WLANAN sends the addresses TWAG got to TWAP.
Step S1102:UE is accessed from 3GPP, and there are GTP tunnels on S5 interfaces.
Step S1104:UE has found WLAN access systems trusty, determines to be switched to discovery from the 3GPP of attachment accesses
Non-3GPP access systems trusty.
Step S1106:UE executes the access authentication and authorization flow of trusted non-3GPP access systems.3GPP AAA clothes
Device authentication of being engaged in and mandate UE access non-3GPP access systems trusty.In this process, ibid embodiment description is the same,
The TWAG address informations got are passed to TWAP by WLAN AN, and TWAP preserves its address information.
Step S1108:In upper step after access authentication success, AAA sends out EAP success messages to TWAP.By subscription data
Included in the AAA message of encapsulation EAP success messages.
Step S1110:After TWAP intercepts the EAP success messages of aaa server hair, the user's signing number received is preserved
According to.Adhere to triggering request to TWAG hair layers 2 simultaneously, triggering TWAG establishes the tunnels S2a.The subscription data of user is passed simultaneously
Give TWAG.
The TWAG address informations that TWAP is got by step S1106 are established with TWAG and are connected.
If what is transmitted in step S1106 is the IP address of TWAG, TWAP is directly built with TWAG according to IP address information
Vertical connection, triggering TWAG establish the tunnels S2a.If the TWAG information received is FQDN or mark or title or other information,
Then TWAP needs the IP address that these information are converted into TWAG, and conversion regime can be inquiry DNS or other are similar with DNS
Network element.Then it is established and is connected with transformed IP address again.
Step S1112:TWAG is sent out to P-GW creates conversation request message, and GTP tunnel is established in request.
Step S1114:P-GW updates the address information of P-GW to AAA, while the address information is passed to HSS by AAA.
Step S1116:P-GW, which is returned, creates conversational response message.
Step S1118:After the completion of GTP tunnel is established, TWAG returns the attachment of layer 2 to TWAP and completes message.
Step S1120:TWAP sends the EAP success messages that AAA is sent to UE, terminates EAP authentication processes.
Step S1122:P-GW triggers PDN deactivation flow release 3GPP EPS carryings.
After the process of equal switchings is fully completed, user can send upstream data by TWAN can also lead to PGW, PGW
Cross the downlink data that TWAN is transmitted to user.
When the upstream data of user reaches the sides AN WLAN, static state may be used in WLAN AN(Such as:Static configuration)Or it is dynamic
State(Dynamic GRE (Generic Routing Encapsulation) tunnel is established)Mode establish data channel with TWAG.WLAN AN are by the data channel of the two by user's
Upstream data passes to TWAG, TWAG again by GTP tunnel by user data delivery to PGW.
When having to the downlink data of user, PGW is by the GTP tunnel to TWAG, by the data transfer of user to TWAG,
Then TWAG establishes data channel by static or dynamic mode with WLAN AN, then by data channel between the two,
Give user data delivery to WLAN AN.Last WLAN AN send the data to user.
It should be pointed out that for convenience of explanation using EAP-AKA ' authentication modes in above-described embodiment, but not
It is limited to the authentication mode, other authentication modes similarly may be implemented.
In the above-described embodiments in order to briefly describe using L2 triggering TWAG establish GTP tunnel by the way of, if using
L3 (Layer 3)If triggering TWAG establishes GTP tunnel, above-mentioned flow slightly has modification, TWAP to intercept EAP in step S1108
After authentication successful message, the user signing contract information in the AAA message for encapsulating EAP message is cached.TWAP is the EAP simultaneously
Success message is issued to UE, terminates EAP authentication processes.After TWAP issues EAP authentication successful messages, passed to TWAG photos and sending messages
Request message is passed, it includes user signing contract information which, which transmits in request message,.TWAG etc. receives the request message of L3 triggerings
And after the request message of TWAP hairs, then with establishing GTP tunnel between PGW.The mode that GTP tunnel is established is the same as step S1112-
1116。
Obviously, those skilled in the art should be understood that each module of the above invention or each step can be with general
Computing device realize that they can be concentrated on a single computing device, or be distributed in multiple computing devices and formed
Network on, optionally, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored
It is performed by computing device in the storage device, and in some cases, it can be with different from shown in sequence execution herein
The step of going out or describing, either they are fabricated to each integrated circuit modules or by them multiple modules or
Step is fabricated to single integrated circuit module to realize.In this way, the present invention is not limited to any specific hardware and softwares to combine.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, any made by repair
Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.
Claims (10)
1. a kind of network insertion processing method, which is characterized in that including:
Wlan access network WLAN AN obtain the TWAG address informations of WLAN access gatewaies TWAG trusty, wherein
User equipment (UE) accesses the packet-based core networks EPC that net TWAN accesses evolution, the TWAN packets by WLAN trusty
Include WLAN AN, the TWAG and WLAN trusty authentications, mandate and charging AAA acts on behalf of TWAP;
The TWAP receives the TWAG address informations sent by the WLAN AN;
The TWAP carries out network insertion processing according to the TWAG address informations in conjunction with the TWAG;
Wherein, the TWAP receives the TWAG address informations sent by the WLAN AN and includes:
The TWAP as AAA agency receive is sent from the WLAN AN to the EPC aaa servers for carrying can
The AAA message of the authentication protocol EAP authentications of extension, wherein the TWAG address informations are carried in the AAA message;
The TWAP intercepts and captures the TWAG address informations from the AAA message received.
2. according to the method described in claim 1, it is characterized in that, the TWAP according to the TWAG address informations in conjunction with described
TWAG carries out network insertion processing:
The TWAP obtains user signing contract information from encapsulating EAP and authenticate in successful AAA message;
The TWAP sends request message according to the TWAG address informations to the TWAG, wherein being carried in the request message
There is the user signing contract information.
3. according to the method described in claim 2, it is characterized in that, the request message includes at least one of:
Adhere to triggering request, the TWAN and institute are established for transmitting the user signing contract information while triggering the TWAG
State the GTP tunnel between EPC;
Information transmits request message, and for transmitting the user signing contract information, the TWAG is built according to the user signing contract information
Found the GTP tunnel for connecting the TWAN and the EPC.
4. according to the method described in claim 2, it is characterized in that, disappearing from the successful AAA of EAP authentications is encapsulated in the TWAP
After obtaining user signing contract information in breath, further include:
The TWAP is established according to the TWAG address informations and the TWAG and is connected.
5. according to the method described in claim 4, it is characterized in that, the TWAP according to the TWAG address informations with it is described
TWAG establishes connection:
In the case where the TWAG address informations are the IP address information of the TWAG, the TWAP is directly according to the TWAG
IP address information and the TWAG establish and connect;Alternatively,
In the case where the TWAG address informations are the IP address information of the non-TWAG, the TWAP is by the non-TWAG
IP address information the TWAG address informations be converted to the IP address of TWAG after, using transformed IP address with it is described
TWAG establishes connection.
6. the method according to any one of claims 1 to 5, it is characterized in that, the TWAG address informations include following
At least one:
The IP address information of TWAG, the title of universe name FQDN, TWAG of TWAG, the mark of TWAG.
7. a kind of network insertion processing system, which is characterized in that including:
Acquisition module is located in wlan access network WLAN AN, for obtaining WLAN access gatewaies TWAG trusty
TWAG address informations, wherein user equipment (UE) pass through WLAN trusty access net TWAN access evolution grouping
Core net EPC, the TWAN include WLAN AN, the TWAG and WLAN trusty authentications, mandate and charging AAA generations
Manage TWAP;
Receiving module is located in the TWAP, for receiving the TWAG address informations sent by the WLAN AN;
Processing module is located in the TWAP, for carrying out network insertion in conjunction with the TWAG according to the TWAG address informations
Processing;
Wherein, the receiving module includes:Receiving unit is received as AAA agencies by the WLAN AN for the TWAP
The AAA message authenticated for carrying expansible authentication protocol EAP sent to the EPC aaa servers, wherein described
The TWAG address informations are carried in AAA message;
Unit is intercepted and captured, for intercepting and capturing the TWAG address informations from the AAA message received.
8. system according to claim 7, which is characterized in that the processing module includes:
Acquiring unit, for obtaining user signing contract information from encapsulating EAP and authenticate in successful AAA message;
Transmission unit, for sending request message to the TWAG according to the TWAG address informations, wherein the request message
In carry the user signing contract information.
9. system according to claim 7, which is characterized in that further include:
Unit is established, is located in the TWAP, is connected for being established according to the TWAG address informations and the TWAG.
10. system according to claim 9, which is characterized in that the unit of establishing includes:
First establishes subelement, is used in the case where the TWAG address informations are the IP address information of the TWAG, directly
It is established and is connected according to the IP address information of the TWAG and the TWAG;Alternatively,
Second establishes subelement, is used in the case where the TWAG address informations are the IP address information of the non-TWAG,
After the IP address that the TWAG address informations of the IP address information of the non-TWAG are converted to TWAG, use is transformed
IP address is established with the TWAG and is connected.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210375315.5A CN103716770B (en) | 2012-09-29 | 2012-09-29 | Network insertion processing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210375315.5A CN103716770B (en) | 2012-09-29 | 2012-09-29 | Network insertion processing method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103716770A CN103716770A (en) | 2014-04-09 |
| CN103716770B true CN103716770B (en) | 2018-08-28 |
Family
ID=50409247
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210375315.5A Expired - Fee Related CN103716770B (en) | 2012-09-29 | 2012-09-29 | Network insertion processing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103716770B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015165250A1 (en) * | 2014-04-30 | 2015-11-05 | 华为技术有限公司 | Method, device and communication system for terminal to access communication network |
| CN105101337B (en) * | 2014-05-22 | 2019-01-01 | 中国电信股份有限公司 | Method for sending information and system |
| KR102318735B1 (en) * | 2014-06-23 | 2021-10-28 | 콘비다 와이어리스, 엘엘씨 | Inter-system mobility in integrated wireless networks |
| EP3509381B1 (en) * | 2015-05-12 | 2020-02-12 | Telefonaktiebolaget LM Ericsson (publ) | Method and nodes for handling access to epc services via a non-3gpp network |
| CN112738132A (en) * | 2021-01-27 | 2021-04-30 | 华北石油通信有限公司 | Secondary authentication access system and method thereof |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1567860A (en) * | 2003-06-25 | 2005-01-19 | 华为技术有限公司 | A method for transmitting service data to WLAN user |
| CN1859335A (en) * | 2005-04-30 | 2006-11-08 | 华为技术有限公司 | Radio local network connecting gateway strategy loading method in radio local network |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070115898A1 (en) * | 2005-11-22 | 2007-05-24 | Stein Robert C | Use of wireline networks to access 3G wireless services |
| CN102960031B (en) * | 2010-11-29 | 2016-03-30 | 华为技术有限公司 | The system of selection of non-3 GPP access gateway, the network equipment and subscriber equipment |
-
2012
- 2012-09-29 CN CN201210375315.5A patent/CN103716770B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1567860A (en) * | 2003-06-25 | 2005-01-19 | 华为技术有限公司 | A method for transmitting service data to WLAN user |
| CN1859335A (en) * | 2005-04-30 | 2006-11-08 | 华为技术有限公司 | Radio local network connecting gateway strategy loading method in radio local network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103716770A (en) | 2014-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10009758B2 (en) | WiFi fixed wireless personal services | |
| CN102905390B (en) | Session association methods, devices and systems | |
| CN102457444B (en) | A kind of converging fixed network and the system and method for mobile network | |
| CN101931946B (en) | Multi-access method of terminal in evolved packet system and system thereof | |
| CN103716770B (en) | Network insertion processing method and system | |
| CN102695236B (en) | A kind of data routing method and system | |
| WO2013016968A1 (en) | Access method,system and mobile intelligent access point | |
| JP5972467B2 (en) | Method and system for notifying location information of access network | |
| US20150334633A1 (en) | Method, Apparatus And System For Policy Control | |
| CN103533666B (en) | Packet data network connects method for building up and device | |
| WO2012003770A1 (en) | System, device and method for user equipment to access mobile network | |
| CN103796281A (en) | Management method, device and system for packet-data network type | |
| CN102917355A (en) | Access method, access system and mobile intelligent access point | |
| CN103686655B (en) | Billing control method and device | |
| CN102347892B (en) | A kind of method and system of acquiring user access information by network equipment | |
| CN102378399B (en) | User equipment access method, Apparatus and system | |
| CN103582159A (en) | Method and system for establishing multiple connections in fixed and mobile convergence scene | |
| CN103379181B (en) | Station address notifying method and device | |
| WO2014177022A1 (en) | Processing method and device for stream mobility supporting capability, and pdn gw | |
| WO2014032542A1 (en) | Method and system for setting up multiple connections | |
| CN104427492B (en) | It was found that the method for the WLAN access net gateway address trusted | |
| CN102056144A (en) | Multi-access processing method, home agent and user equipment | |
| CN103379180B (en) | Station address distribution method and device | |
| CN102740401B (en) | A kind of method and system by fixed network access mobile core network trusty | |
| US20150215780A1 (en) | Method and device for transmitting data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180828 Termination date: 20200929 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |