CN116112984B - 5G wireless network fusion management and control method, system, equipment and storage medium - Google Patents

5G wireless network fusion management and control method, system, equipment and storage medium Download PDF

Info

Publication number
CN116112984B
CN116112984B CN202310383446.6A CN202310383446A CN116112984B CN 116112984 B CN116112984 B CN 116112984B CN 202310383446 A CN202310383446 A CN 202310383446A CN 116112984 B CN116112984 B CN 116112984B
Authority
CN
China
Prior art keywords
information
access
equipment
shunting
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310383446.6A
Other languages
Chinese (zh)
Other versions
CN116112984A (en
Inventor
何维兵
刘洋
夏光林
罗志鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Saixun Information Technology Co ltd
Original Assignee
Guangzhou Saixun Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Saixun Information Technology Co ltd filed Critical Guangzhou Saixun Information Technology Co ltd
Priority to CN202310383446.6A priority Critical patent/CN116112984B/en
Publication of CN116112984A publication Critical patent/CN116112984A/en
Application granted granted Critical
Publication of CN116112984B publication Critical patent/CN116112984B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/02Traffic management, e.g. flow control or congestion control
    • H04W28/10Flow control between communication endpoints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a 5G wireless network convergence management and control method, a system, equipment and a storage medium, which are used for improving the network stability, user experience feel and network security of 5G wireless network convergence and reducing the access delay of the 5G wireless network convergence, and the method comprises the following steps: receiving and analyzing a distribution registration request message sent by distribution equipment, and obtaining a mobile phone number of UE and first IP information of the distribution equipment; after determining that the mobile phone number exists in the pre-stored service subscription information, inquiring and acquiring an authorized application list corresponding to the mobile phone number; transmitting an authorization application list to the distribution equipment based on the first IP information, and notifying an access gateway to perform dynamic open authorization; distributing the first access request information from the UE to a distribution channel through distribution equipment; and forwarding the first access request information transmitted through the distribution channel to the Internet or the 5G private network based on the access IP information dynamically through the access gateway.

Description

5G wireless network fusion management and control method, system, equipment and storage medium
Technical Field
The invention relates to the technical field of 5G networks, in particular to a 5G wireless network fusion management and control method, a system, equipment and a storage medium.
Background
With the gradual improvement of 5G network coverage, the application of high-speed, large-connection wireless mobile networks represented by 5G in thousands of industries is gradually rising. Based on the network slicing and other virtualization technologies, the 5G private network can provide internet service and private network access service, and is deeply integrated with the existing business application of enterprises. However, the traditional 5G private network has complex opening flow and higher flow expense, and limits the application scene of the 5G network.
Based on the above, the mobile access requirement of the terminal is solved by adopting a WiFi coverage and fixed network access mode in many application scenes at present. However, this approach has the following two problems:
on one hand, the problem of signal interference exists in WiFi, particularly in scenes such as professional markets, campuses and the like with higher density, and the problems of poor network stability, poor user experience and the like of WiFi access become prominent pain points in industrial application;
on the other hand, the mobile phone accesses the private network and has a certain delay caused by large network detouring, and particularly when the mobile phone accesses enterprise application scenes of the same park, the mobile phone needs to pass through a plurality of network paragraphs such as a 5G core network, an IP backbone network, a metropolitan area network and the like, so that the access needs to detour from the park, to a public network and back to the park again, the access delay is multiplied, the data can flow out of the park, and the service with high sensitivity to delay and high data security is greatly influenced.
In summary, it is necessary to provide a 5G wireless network convergence management scheme that can improve network stability, user experience, network security, and reduce access latency.
Disclosure of Invention
Based on the above, the invention aims to provide a 5G wireless network convergence management and control method, a system, equipment and a storage medium, which are used for improving the network stability, the user experience and the network security of 5G wireless network convergence and reducing the access delay of 5G wireless network convergence.
In a first aspect, the present invention provides a 5G wireless network convergence management and control method, including:
receiving a shunting registration request message sent by shunting equipment, and analyzing the shunting registration request message to obtain a mobile phone number of UE and first IP information of the shunting equipment; the shunt registration request message comprises the mobile phone number and the first IP information;
after determining that the mobile phone number exists in pre-stored service subscription information, inquiring and acquiring an authorized application list corresponding to the mobile phone number; the authorized application list comprises application IP information of authorized applications corresponding to the mobile phone numbers;
sending the authorized application list to the distribution equipment based on the first IP information, and notifying an access gateway to perform dynamic open authorization; the access gateway is positioned at the fixed network side;
distributing the first access request information from the UE to a distribution channel through the distribution equipment; the first access request information is access request information with carried access IP information matched with the application IP information;
and forwarding the first access request information transmitted through the shunting channel to the Internet or a 5G private network through the access gateway dynamically based on the access IP information.
In one possible design, receiving a split registration request message sent by a splitting device includes:
receiving, by the offloading device, offloading request information sent by the UE, so that the offloading device turns on an offloading function based on the offloading request information; the shunting request information is triggered to be sent to the shunting equipment after the UE accesses the URL of the shunting anchor equipment; the shunt anchor point equipment is positioned at the fixed network side;
detecting and analyzing a flow data packet from the UE through a shunting device to obtain target IP information to be accessed by the UE; the flow data packet comprises the target IP information;
and receiving the shunt registration request message sent when the shunt equipment judges that the target IP information is matched with the second IP information of the shunt anchor equipment.
In one possible design, the method further comprises:
when the shunt equipment judges that the target IP information is not matched with the second IP information, the mobile core network accesses the Internet by default;
distributing second access request information from the UE to a default channel through the distributing equipment, and forwarding the second access request information transmitted through the default channel to the Internet through the mobile core network; the second access request information is access request information of which the carried access IP information is not matched with the application IP information.
In one possible design, receiving a split registration request message sent by a splitting device includes:
and receiving the shunt registration request message which is sent by the shunt equipment in an encryption mode through UDP.
In one possible design, the tapping device is integrated into an integrated small base station or connected between A base station BBU and an STN-A device;
the shunt channel is a transmission channel between the broadband access equipment and the shunt equipment at the fixed network side.
In one possible design, before receiving the split registration request packet sent by the splitting device, the method further includes:
receiving a service work order of the system circulation of an operator; after receiving the opening request information for applying to open the 5G wireless network fusion service for the operator system, the service work order is generated based on the opening request information, and comprises the mobile phone number;
receiving an application access right strategy based on user identity sent by an enterprise management terminal; the application access right policy comprises the authorized application list;
and correspondingly storing the service worksheet and the application access authority strategy as the service subscription information.
In one possible design, the method further comprises:
receiving an exit request message sent by the shunting equipment; the exit request message is transmitted by the UE after the shunting equipment detects that the UE exits from a network for forwarding;
acquiring service information corresponding to the UE based on the head information of the exit request message and the service subscription information; the header information carries third IP information of the UE, and the service information includes: the third IP information, the mobile phone number, whether to subscribe to a service and the authorized application list;
and returning a first deleting instruction for deleting the authorized application list to the distribution equipment based on the service information so as to enable the distribution equipment to delete the authorized application list, and issuing a second deleting instruction for deleting user access data to the access gateway so as to enable the access gateway to dynamically delete the user access data of the UE.
In a second aspect, the present invention further provides a 5G wireless network convergence management and control system, including: the system comprises a shunt device, a controller and an access gateway, wherein the controller and the access gateway are positioned at a fixed network side; wherein,,
the shunting equipment is used for sending a shunting registration request message to the controller; the shunting registration request message comprises a mobile phone number of the UE and first IP information of the shunting equipment;
the controller is used for analyzing the shunt registration request message to obtain the mobile phone number of the UE and the first IP information of the shunt equipment; after determining that the mobile phone number exists in pre-stored service subscription information, inquiring and acquiring an authorized application list corresponding to the mobile phone number; the authorized application list comprises application IP information of authorized applications corresponding to the mobile phone numbers; sending the authorized application list to the distribution equipment based on the first IP information, and notifying an access gateway to perform dynamic open authorization;
the shunting equipment is further used for receiving the authorized application list sent by the controller; shunting first access request information from the UE to a shunting channel; the first access request information is access request information with carried access IP information matched with the application IP information;
and the access gateway is used for dynamically forwarding the first access request information transmitted through the shunting channel to the Internet or the 5G private network based on the access IP information according to the notification of the controller.
In a third aspect, the present invention also provides a network device, including: at least one memory and at least one processor;
the at least one memory is used for storing one or more programs;
the method of any one of the possible designs described above is implemented when the one or more programs are executed by the at least one processor.
In a fourth aspect, the present invention also provides a computer-readable storage medium storing at least one program; the method according to any one of the possible designs described above is implemented when the at least one program is executed by a processor.
The beneficial effects of the invention are as follows:
compared with the prior art, the technical scheme provided by the invention has the advantages that the specific access request information is distributed to the local fixed network through the distribution equipment, then the authentication and the flow scheduling of the distributed access request information are finished through the access gateway of the fixed network, so that the stable mobile access on the 5G wireless side is realized, meanwhile, the non-flow-limiting access on the fixed network side and the 5G private network in a non-inductive and safe access park are realized, the fusion access and the use of the mobile network and the fixed network can be realized under the condition of zero adaptation of UE (user equipment), the integrated management and control effect of the wireless network, the park broadband network and the cloud computing seamless connection is realized, the network stability problem caused by signal interference in a scene with higher density is solved, meanwhile, the complex mobile core network data configuration is not needed, the special number card or the special DNN is not needed, the traditional 5G private network opening process is avoided, the problem of the 5G wireless network fusion service is simple, the network stability and the user experience sense of the 5G wireless network fusion are improved, the client side is free, the client side and the non-identity-based on the non-woven network can be realized, the non-conductive access on the wireless network can be realized, the non-active access on the park is greatly, the network can be realized, the security access on the wireless park is prolonged, the network can be greatly, the network can be directly access on the network can be realized, the network can be directly by the network can be directly through the network, and the network can be directly has a reduced, and the security access on the security network can be realized, and the security access network can be protected by the wireless network can be realized.
For a better understanding and implementation, the present invention is described in detail below with reference to the drawings.
Drawings
Fig. 1 is a schematic flow chart of a 5G wireless network convergence management and control method provided by the present invention;
fig. 2 is a schematic flow chart of executing step S101 according to the present invention;
fig. 3 is a schematic diagram of an exit flow of a 5G wireless network convergence service provided in the present invention;
fig. 4 is a schematic diagram of a 5G wireless network convergence management and control system according to the present invention;
fig. 5 is a schematic structural diagram of a network device according to the present invention.
Detailed Description
The implementations described in the following exemplary examples do not represent all implementations consistent with the invention. Rather, they are merely examples of implementations consistent with aspects of the invention.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this disclosure, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in this disclosure refers to and encompasses any or all possible combinations of one or more of the associated listed items.
Unless stated to the contrary, ordinal terms such as "first," "second," and the like, are used for distinguishing between multiple objects and not for defining the order, timing, priority, or importance of the multiple objects.
The technical scheme provided by the invention will be described in detail below with reference to the accompanying drawings.
Fig. 1 is a schematic flow chart of a method for controlling a 5G wireless network convergence according to the present invention. The method is performed by a controller located on the fixed network side or a device in communication with the controller, as the invention is not limited in this regard. As shown in fig. 1, the method may include the steps of:
s101, receiving a shunting registration request message sent by shunting equipment, and analyzing the shunting registration request message to obtain a mobile phone number of UE and first IP information of the shunting equipment.
In some embodiments, the split registration request message may include, but is not limited to: a mobile number (MSISDN) of a User Equipment (UE), a first IP information of a distribution device.
Of course, in implementation, the split registration request message may further include: public land mobile network (Public Land Mobile Network, PLMN), data network name (Data Network Name, DNN) and ID information of the radio base station.
In some embodiments, the offloading device may be integrated into an integrated small base station, or the offloading device may be connected between A base station indoor baseband processing unit (Building Base band Unit, BBU) and an STN-A device, so as to implement offloading control configuration on the wireless base station side, so that stable mobile access of the UE on the 5G wireless side is facilitated, direct access to the network through A direct offloading line on the base station side is achieved, access datA is guaranteed not to go out of A park, and network stability, user experience feel and network security of 5G wireless network fusion are improved, and access delay of the 5G wireless network fusion is reduced.
Wherein the STN-A device is denoted as A device of the intelligent transport network (Smart Transport Network, STN), the A device being A bearer network access device.
In some embodiments, as shown in connection with fig. 1 and 2, step S101 may include, but is not limited to, the following steps:
s101a, receiving the distribution request information sent by the UE through the distribution equipment, so that the distribution equipment starts a distribution function based on the distribution request information.
In particular implementations, the offload request information may be triggered to be sent to the offload device after the UE accesses a uniform resource location system (uniform resource locator, URL) of the offload anchor device. The offloading request information may be used to request the offloading device to turn on the offloading function.
In specific implementation, the shunt anchor device is located at the fixed network side.
In specific implementation, the UE may initiate network access registration request information to the radio base station, and the radio base station forwards the network access registration request information to the core network for authentication. After the core network passes the authentication of the network access registration request information, the URL of the shunting anchor point equipment is input through a user in a browser of the UE, so that the UE is triggered to send the shunting request information to the shunting anchor point after the UE accesses the URL of the shunting anchor point equipment.
It should be noted that, the process of the core network for authenticating the network-access registration request information from the UE may be implemented by using the prior art, which is not described in detail in the present invention.
In an implementation, the offloading device may start the offloading function after receiving the offloading request information, so as to perform offloading control on access request information from the UE.
S101b, detecting and analyzing the flow data packet from the UE through the distribution equipment to obtain target IP information to be accessed by the UE.
In particular implementations, the traffic packets may include, but are not limited to: the target IP information. For example, the traffic packet may further include: the mobile number of the UE, PLMN, DNN and ID information of the radio base station.
S101c, judging whether the target IP information is matched with the second IP information of the shunt anchor point equipment or not through the shunt equipment. If it is determined that the target IP information matches the second IP information, step S101d is performed, otherwise step S101f is performed.
In the implementation, after the offloading device analyzes the traffic data packet from the UE to obtain the target IP information, it may determine whether the target IP information and the second IP information match, so as to determine which paths the UE accesses the network through. For example, when the offloading device determines that the target IP information matches the second IP information, it may be decided that the UE accesses the network through the fixed network, and step S101d is performed, or when the offloading device determines that the target IP information does not match the second IP information, it may be decided that the UE accesses the network through the mobile network, and step S101f is performed.
S101d, receiving a shunt registration request message sent by the shunt equipment.
In a specific implementation, the offloading device may initiate an offloading registration request message to the controller by the proxy when it is determined that the target IP information matches the second IP information.
It should be understood that, when the execution subject of the 5G wireless network convergence management method is a device that communicates with the controller, the device may receive the split registration request message through the controller.
S101e, analyzing the shunt registration request message to obtain the mobile phone number and the first IP information.
In the implementation, after receiving the split registration request message, the controller may parse the split registration request message to obtain a mobile phone number of the UE and first IP information of the split device.
S101f, accessing the Internet through the mobile core network by default through the shunt equipment.
In the invention, after receiving the distribution request information sent by the UE through the distribution equipment, starting the distribution function, and after detecting the flow data packet from the UE, determining that the target IP information is matched with the second IP information, sending a distribution registration request message to the controller so as to facilitate the follow-up distribution of the access request information to a local fixed network or a cloud network, thereby being beneficial to realizing the stable mobile access of the UE on the 5G wireless side, realizing the unlimited flow access on the fixed network side and various applications of the 5G private network of a non-inductive and safe access park, or ensuring that the target IP information is not matched with the second IP information, the target IP information is accessed through the mobile core network by default, thereby being convenient to realize direct access through a direct distribution line on the wireless base station side, being convenient to greatly reduce the access delay in the park, ensuring the data not to leave the park, and being beneficial to improving the network stability, the user experience sense and the network security of the fusion of the 5G wireless network.
In some embodiments, as shown in fig. 1 and fig. 2, the offloading device may send an offloading registration request packet to the controller by using an encryption manner and through a user datagram protocol (User Datagram Protocol, UDP), so that stealth protection of the opposite end, that is, the controller, may be implemented in a single-packet knock manner, and stealth protection inside the 5G private network is implemented, which is helpful for improving network security of 5G wireless network convergence.
S102, judging whether the mobile phone number exists in pre-stored service subscription information. And step S103 is executed after the mobile phone number is determined to be in the pre-stored service subscription information, otherwise, the shunt registration request message is discarded, and the process is ended.
In the implementation, whether the mobile phone number exists in the service subscription information or not can be checked so as to make a decision whether to continue to execute the subsequent flow.
In the invention, the mobile phone number is determined to be stored in the pre-stored service subscription information and then the subsequent procedure is executed, so that the dynamic and minimized authorization based on the user identity can be realized, the network security protection capability can be greatly improved, the universality of the UE access network can be improved, and the method and the device are applicable to the scenes of ordinary Internet surfing, special Internet surfing control, dynamic authorization access on demand of the application in the cloud and the like.
In some embodiments, the pre-storing process of the service subscription information may include the steps of:
and the first step, receiving the business worksheet which is circulated by the operator system.
When the method is implemented, the service work order can be generated based on the opening request information after the operator system receives the opening request information for applying to open the 5G wireless network fusion service. The business worksheet may include, but is not limited to: a mobile phone number. For example, the service worksheet may further include: broadband service account numbers, segments and default access rights. Wherein, the opening request information may include, but is not limited to: mobile phone number, service to be opened.
Illustratively, the user may send the provisioning request information to the operator system through the UE.
In a specific implementation, after the operator system generates the service work order, the service work order may be forwarded to the controller.
And step two, receiving an application access right strategy based on the user identity sent by the enterprise management terminal.
In particular implementations, the application access rights policy may include, but is not limited to: the mobile phone number corresponds to the authorized application list.
As an example, an enterprise administrator may configure an internal authorization policy according to a user identity, i.e., a mobile phone number, through an enterprise management terminal as needed, and plan an access right based on the user identity as needed to obtain the application access right policy. After the enterprise management terminal obtains the application access right policy, the application access right policy can be synchronized to the controller.
And thirdly, correspondingly storing the service worksheet and the application access authority strategy as the service subscription information.
It is understood that the service subscription information includes the service work order and the list of authorized applications.
The pre-storing process of the service subscription information may be understood as a service subscription process, which may be executed before step S101 when implemented, so as to facilitate subsequent shunt management according to the service subscription information by the controller.
S103, inquiring and acquiring an authorized application list corresponding to the mobile phone number.
In some embodiments, the list of authorized applications may include, but is not limited to: application IP information of authorized application corresponding to the mobile phone number.
In some embodiments, the shunting rule can be obtained by querying and obtaining the authorized application list corresponding to the mobile phone number, so that the shunting management and control of the access request information from the UE are facilitated.
And S104, sending the authorized application list to the distribution equipment based on the first IP information, and informing the access gateway to perform dynamic open authorization.
The sending of the authorized application list to the offloading device based on the first IP information may also be understood as replying to the authorized application list to the source IP information (i.e., the first IP information) of the offloading registration request message.
In a specific implementation, the access gateway is located at the fixed network side.
In the invention, the authorized application list is sent to the distribution equipment based on the first IP information, so that the distribution equipment can perform distribution control configuration according to the authorized application list, namely distribution rules after receiving the authorized application list, the distribution strategy is started, the distribution equipment can conveniently perform distribution control on access request information from UE, and the access gateway can be notified to perform dynamic open authorization, so that the access gateway can conveniently perform security control on the access request information from UE, and therefore, the fusion access and use of a mobile network and a fixed network can be realized under the condition of zero adaptation of the UE, the access flow of a 5G wireless network fusion service is simple, complex mobile core network data configuration is not needed, and special number cards or special DNNs are also not needed.
S105, judging whether the access IP information carried by the access request information from the UE is matched with the application IP information or not through the distribution equipment. If it is determined that the access IP information matches the application IP information, step S106 is performed, otherwise, step S108 is performed.
In the implementation, after the shunting equipment receives the access request information from the UE, the access request information can be subjected to shunting control according to the authorized application list, and the access request information is forwarded to the corresponding channel port for processing, so that the access request information of a user can be shunted to the access gateway nearby, the minimum authorized control of key application based on user identity and application level fine granularity is realized, the universality of 5G wireless network fusion control can be improved, and the method is convenient for being applied to scenes such as ordinary internet surfing, special internet surfing control, dynamic authorized access of in-cloud application as required, and the like. For example, the offloading device may perform step S106 when it is determined that the access IP information matches the application IP information, or may perform step S108 when it is determined that the access IP information does not match the application IP information.
S106, the first access request information is shunted to a shunting channel.
In the implementation, the first access request information is access request information with carried access IP information matched with application IP information.
In a specific implementation, the splitting channel may be a transmission channel between the broadband access device and the splitting device on the fixed network side.
In the invention, the first access request information from the UE is shunted to the shunting channel, so that the fusion access and the use of the mobile network and the fixed network (also called as a fixed broadband network) can be realized under the condition of zero adaptation of the UE, and the network stability of the 5G wireless network fusion can be improved, thereby solving the problem of network stability caused by signal interference in a scene with higher density, simultaneously, complex mobile core network data configuration is not needed, and special number cards or special DNNs are not needed, thereby avoiding the problems of complex opening flow and higher flow cost of the traditional 5G private network and being beneficial to improving the user experience sense of the 5G wireless network fusion.
S107, the first access request information transmitted through the shunting channel is dynamically forwarded to the Internet or the 5G private network based on the access IP information through the access gateway.
In implementations, the 5G private network may be an intranet in a campus, an enterprise DC, a private cloud network.
According to the invention, the access gateway dynamically forwards the first access request information transmitted through the shunt channel to the Internet or the 5G private network based on the access IP information, so that legal authorized traffic can be forwarded to the Internet or the 5G private network, network stealth and dynamic and minimized authorization based on user identity can be realized under the condition of no client, network security protection capability is greatly improved, network security of 5G wireless network fusion is improved, and the integrated management and control effects of wireless network, park broadband network and cloud computing seamless connection can be achieved.
S108, the second access request information is shunted to a default channel, and the second access request information transmitted through the default channel is forwarded to the Internet through the mobile core network.
In the implementation, the second access request information is the access request information that the carried access IP information does not match the application IP information.
In an implementation, the default channel may be a transmission channel between the offloading device and the mobile core network.
Compared with the prior art, the technical scheme provided by the invention has the advantages that the specific access request information is distributed to the local fixed network through the distribution equipment, then the authentication and the flow scheduling of the distributed access request information are finished through the access gateway of the fixed network, so that the stable mobile access on the 5G wireless side is realized, meanwhile, the non-flow-limiting access on the fixed network side and the 5G private network in a non-inductive and safe access park are realized, the fusion access and the use of the mobile network and the fixed network can be realized under the condition of zero adaptation of UE (user equipment), the integrated management and control effect of the wireless network, the park broadband network and the cloud computing seamless connection is realized, the network stability problem caused by signal interference in a scene with higher density is solved, meanwhile, the complex mobile core network data configuration is not needed, the special number card or the special DNN is not needed, the traditional 5G private network opening process is avoided, the problem of the 5G wireless network fusion service is simple, the network stability and the user experience sense of the 5G wireless network fusion are improved, the client side is free, the client side and the non-identity-based on the non-woven network can be realized, the non-conductive access on the wireless network can be realized, the non-active access on the park is greatly, the network can be realized, the security access on the wireless park is prolonged, the network can be greatly, the network can be directly access on the network can be realized, the network can be directly by the network can be directly through the network, and the network can be directly has a reduced, and the security access on the security network can be realized, and the security access network can be protected by the wireless network can be realized.
It should be noted that the flow shown in fig. 1 may be understood as an access flow of the 5G wireless network convergence service. In an applicable scenario provided by the present invention, the 5G wireless network convergence management and control method provided by the present invention may further include an exit procedure of the 5G wireless network convergence service, that is, the exit procedure may be performed after step S107 or step S108.
As shown in connection with fig. 1-3, the exit procedure may include the steps of:
s109, receiving an exit request message forwarded by the shunting equipment.
In some embodiments, the exit request message may be forwarded after the offloading device detects that the UE exits the network, where the exit request message is sent by the UE.
For example, the UE may initiate an exit request message to the radio base station to request exit from the network. After the offloading device detects that the UE exits the network, the proxy forwards the exit request packet to the controller.
S110, acquiring service information corresponding to the UE based on the head information and the service subscription information of the exit request message.
In particular implementations, the header information may carry, but is not limited to: and third IP information of the UE. The traffic information may include, but is not limited to: third IP information, mobile phone number and whether to subscribe service and the corresponding authorized application list of mobile phone number.
And S111, returning a first deleting instruction for deleting the authorized application list to the shunting equipment based on the service information so as to enable the shunting equipment to delete the authorized application list, and issuing a second deleting instruction for deleting the user access data to the access gateway so as to enable the access gateway to dynamically delete the user access data of the UE.
In the invention, after the UE exits the network, the controller controls the distribution equipment to delete the authorized application list, namely the distribution rule, and controls the access gateway to dynamically delete the user access data of the UE, so that network stealth and dynamic and minimized authorization based on user identity can be further realized under the condition of no client, the network security protection capability is greatly improved, and the network security of 5G wireless network integration is improved.
Based on the same inventive concept, the embodiment of the invention also provides a 5G wireless network fusion management and control system, as shown in fig. 4, the system may include: the distribution equipment 201, the controller 202 and the access gateway 203, wherein the controller 202 and the access gateway 203 are positioned on the fixed network side; wherein,,
a offloading device 201, configured to send an offloading registration request packet to the controller 202; the offload registration request message includes a mobile phone number of the UE and first IP information of the offload device 201;
a controller 202, configured to parse the offload registration request message, and obtain a mobile phone number of the UE and first IP information of the offload device 201; after determining that the mobile phone number exists in the pre-stored service subscription information, inquiring and acquiring an authorized application list corresponding to the mobile phone number; the authorized application list comprises application IP information of authorized applications corresponding to the mobile phone numbers; transmitting an authorized application list to the offloading device 201 based on the first IP information, and notifying the access gateway 203 of dynamic open authorization;
the offloading device 201 is further configured to receive the authorized application list sent by the controller 202; shunting the first access request information from the UE to a shunting channel; the first access request information is access request information with carried access IP information matched with application IP information;
the access gateway 203 is configured to dynamically forward the first access request information transmitted through the offload channel to the internet or the 5G private network based on the access IP information according to the notification of the controller 202.
It should be appreciated that in particular implementations, the controller 202 may be configured to implement the 5G wireless network convergence management method described above and illustrated in fig. 1.
In one possible design, the system may also include a offload anchor device 204 located on the fixed network side.
In one possible design, the application scenario provided by the invention is as follows:
the tapping device 201 may be integrated into an integrated small base station or connected between the base station BBU and the STN-A device. The offloading device 201 may be configured to obtain and maintain a UE context association table for uplink and downlink packets responsible for detecting user plane interactions. By default, control plane signaling and user plane traffic received by the offloading device 201 from all UEs are forwarded to the core network for processing through the mobile network interface. After turning on the offload function, the offload gateway filters out any request packets that contain access to offload anchor device 204 by unpacking the GTP-U (user plane) packet data. If so, a forked registration request message from the UE is forwarded to the controller 202, which may include, but is not limited to: the mobile phone number of the UE, PLMN, DNN, ID information of the wireless base station, and according to the authentication information returned by the controller 202, allows the split access and issues an authorized application list (i.e. a split rule). The access registration request may be delivered to the controller 202 for verification in a single-packet trick manner with a single-packet authorization (Single Packet Authorization, SPA).
The offload anchor device 204 is mainly used as an anchor reference for data drainage of a UE, and the UE side inputs the address trigger request identifier at the browser, and is used for identifying an offload registration request message of the UE, and when the offload registration request message is unpacked and matched at the offload device 201, if the offload registration request message hits, the offload device 201 is triggered to initiate an offload registration request process from the UE to the controller 202 in a proxy manner.
The controller 202 is responsible for handling UE user access requests and grant application list delivery, and for delivering access grants for the UE to the access gateway 203. The method mainly comprises the following 2 processes:
process 1, UE access and authorized application list issuing:
after detecting that the UE is accessed from the wireless side, the offloading device 201 forwards the offloading registration request message to the controller 202 in an agent manner, and the controller 202 obtains the third IP information of the UE, the mobile phone number, whether to subscribe to the service and the authorized application list according to the header information of the offloading registration request message and the pre-stored service subscription information, and returns a request result through an interface original path. If the service state of the unsubscribed fixed mobile converged cloud broadband service is abnormal, returning authentication failure, and discarding the offload registration request message of the UE by the offload device 201. If the authentication is successful, a list of authorized applications is returned to the tapping device 201, triggering the execution of procedure 2 described below.
Process 2, UE access grant and traffic scheduling:
after receiving the network access registration request information of the UE and passing authentication, the controller 202 issues user access policy data to the corresponding access gateway 203 according to the mobile phone number associated user permission data, thereby completing user access authorization.
The access gateway 203 is responsible for dynamically processing the connection request from the UE according to the notification instruction of the controller 202, and forwarding the legal traffic (i.e. legal access request information) to the internet or the 5G private network. The access gateway 203 does not release any flow which is not verified and authorized under the default condition, and only after the access request information authorization of the user passes the verification, legal access request information is allowed to pass, and the access gateway 203 is used for realizing the refined access control of the user account and the application level, so that the scene requirements of the UE terminal on green surfing and accessing the specific private cloud application are met.
The communication between the bypass device 201 and the controller 202, and the communication between the controller 202 and the access gateway 203 may be performed directly or indirectly through an intermediate device, which is not limited to the present invention.
The 5G wireless network convergence control system in the embodiment of the present invention and the 5G wireless network convergence control method shown in fig. 1 are based on the invention under the same concept, and by the foregoing detailed description of the 5G wireless network convergence control method, those skilled in the art can clearly understand the implementation process of the 5G wireless network convergence control system in the embodiment, so that for the sake of brevity of the description, no further description is given here.
Based on the same inventive concept, the embodiment of the present invention further provides a network device, as shown in fig. 5, where the network device may include: at least one memory 301 and at least one processor 302. Wherein:
at least one memory 301 is used to store one or more programs.
The 5G wireless network convergence management method described above in fig. 1 is implemented when one or more programs are executed by the at least one processor 302.
The network device may also optionally include a communication interface for communicating and data interactive transmissions with external devices.
It should be noted that the memory 301 may include a high-speed RAM memory, and may further include a nonvolatile memory (nonvolatile memory), such as at least one magnetic disk memory.
In a specific implementation, if the memory 301, the processor 302, and the communication interface are integrated on a chip, the memory 301, the processor 302, and the communication interface may communicate with each other through internal interfaces. If the memory 301, the processor 302, and the communication interface are implemented independently, the memory 301, the processor 302, and the communication interface may be connected to each other and perform communication with each other through a bus.
Based on the same inventive concept, the embodiment of the present invention further provides a computer readable storage medium, where the computer readable storage medium may store at least one program, and when the at least one program is executed by a processor, the 5G wireless network convergence management method shown in fig. 1 is implemented.
It should be appreciated that a computer readable storage medium is any data storage device that can store data or a program, which can thereafter be read by a computer system. Examples of the computer readable storage medium include: read-only memory, random access memory, CD-ROM, HDD, DVD, magnetic tape, optical data storage devices, and the like.
The computer readable storage medium can also be distributed over network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.
Program code embodied on a computer readable storage medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, radio Frequency (RF), or the like, or any suitable combination of the foregoing.
The above examples illustrate only a few embodiments of the invention, which are described in detail and are not to be construed as limiting the scope of the invention. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the invention, which are all within the scope of the invention.

Claims (10)

1. The 5G wireless network fusion management and control method is characterized by comprising the following steps of:
receiving a shunting registration request message sent by shunting equipment, and analyzing the shunting registration request message to obtain a mobile phone number of UE and first IP information of the shunting equipment; the shunt registration request message comprises the mobile phone number and the first IP information;
after determining that the mobile phone number exists in pre-stored service subscription information, inquiring and acquiring an authorized application list corresponding to the mobile phone number; the authorized application list comprises application IP information of authorized applications corresponding to the mobile phone numbers;
sending the authorized application list to the distribution equipment based on the first IP information, and notifying an access gateway to perform dynamic open authorization; the access gateway is positioned at the fixed network side;
distributing the first access request information from the UE to a distribution channel through the distribution equipment; the first access request information is access request information with carried access IP information matched with the application IP information;
and forwarding the first access request information transmitted through the shunting channel to the Internet or a 5G private network through the access gateway dynamically based on the access IP information.
2. The method of claim 1, wherein receiving a split registration request message sent by a split device comprises:
receiving, by the offloading device, offloading request information sent by the UE, so that the offloading device turns on an offloading function based on the offloading request information; the shunting request information is triggered to be sent to the shunting equipment after the UE accesses the URL of the shunting anchor equipment; the shunt anchor point equipment is positioned at the fixed network side;
detecting and analyzing a flow data packet from the UE through a shunting device to obtain target IP information to be accessed by the UE; the flow data packet comprises the target IP information;
and receiving the shunt registration request message sent when the shunt equipment judges that the target IP information is matched with the second IP information of the shunt anchor equipment.
3. The method of claim 2, wherein the method further comprises:
when the shunt equipment judges that the target IP information is not matched with the second IP information, the mobile core network accesses the Internet by default;
distributing second access request information from the UE to a default channel through the distributing equipment, and forwarding the second access request information transmitted through the default channel to the Internet through the mobile core network; the second access request information is access request information of which the carried access IP information is not matched with the application IP information.
4. The method of claim 1, wherein receiving a split registration request message sent by a split device comprises:
and receiving the shunt registration request message which is sent by the shunt equipment in an encryption mode through UDP.
5. The method according to claim 1, characterized in that the tapping device is integrated into an integrated small base station or connected between A base station BBU and an STN-A device;
the shunt channel is a transmission channel between the broadband access equipment and the shunt equipment at the fixed network side.
6. The method of claim 1, wherein prior to receiving the split registration request message sent by the splitting device, the method further comprises:
receiving a service work order of the system circulation of an operator; after receiving the opening request information for applying to open the 5G wireless network fusion service for the operator system, the service work order is generated based on the opening request information, and comprises the mobile phone number;
receiving an application access right strategy based on user identity sent by an enterprise management terminal; the application access right policy comprises the authorized application list;
and correspondingly storing the service worksheet and the application access authority strategy as the service subscription information.
7. The method of any one of claims 1-6, wherein the method further comprises:
receiving an exit request message sent by the shunting equipment; the exit request message is transmitted by the UE after the shunting equipment detects that the UE exits from a network for forwarding;
acquiring service information corresponding to the UE based on the head information of the exit request message and the service subscription information; the header information carries third IP information of the UE, and the service information includes: the third IP information, the mobile phone number, whether to subscribe to a service and the authorized application list;
and returning a first deleting instruction for deleting the authorized application list to the distribution equipment based on the service information so as to enable the distribution equipment to delete the authorized application list, and issuing a second deleting instruction for deleting user access data to the access gateway so as to enable the access gateway to dynamically delete the user access data of the UE.
8. A 5G wireless network convergence management and control system, comprising: the system comprises a shunt device, a controller and an access gateway, wherein the controller and the access gateway are positioned at a fixed network side; wherein,,
the shunting equipment is used for sending a shunting registration request message to the controller; the shunting registration request message comprises a mobile phone number of the UE and first IP information of the shunting equipment;
the controller is used for analyzing the shunt registration request message to obtain the mobile phone number of the UE and the first IP information of the shunt equipment; after determining that the mobile phone number exists in pre-stored service subscription information, inquiring and acquiring an authorized application list corresponding to the mobile phone number; the authorized application list comprises application IP information of authorized applications corresponding to the mobile phone numbers; sending the authorized application list to the distribution equipment based on the first IP information, and notifying an access gateway to perform dynamic open authorization;
the shunting equipment is further used for receiving the authorized application list sent by the controller; shunting first access request information from the UE to a shunting channel; the first access request information is access request information with carried access IP information matched with the application IP information;
and the access gateway is used for dynamically forwarding the first access request information transmitted through the shunting channel to the Internet or the 5G private network based on the access IP information according to the notification of the controller.
9. A network device, comprising: at least one memory and at least one processor;
the at least one memory is used for storing one or more programs;
the method of any of claims 1-7 is implemented when the one or more programs are executed by the at least one processor.
10. A computer-readable storage medium, wherein the computer-readable storage medium stores at least one program; the method according to any of claims 1-7 is implemented when said at least one program is executed by a processor.
CN202310383446.6A 2023-04-12 2023-04-12 5G wireless network fusion management and control method, system, equipment and storage medium Active CN116112984B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310383446.6A CN116112984B (en) 2023-04-12 2023-04-12 5G wireless network fusion management and control method, system, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310383446.6A CN116112984B (en) 2023-04-12 2023-04-12 5G wireless network fusion management and control method, system, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN116112984A CN116112984A (en) 2023-05-12
CN116112984B true CN116112984B (en) 2023-06-09

Family

ID=86258282

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310383446.6A Active CN116112984B (en) 2023-04-12 2023-04-12 5G wireless network fusion management and control method, system, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116112984B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007092573A2 (en) * 2006-02-07 2007-08-16 Cisco Technology, Inc. Methods and systems for providing telephony services and enforcing policies in a communication network
CN103533580A (en) * 2012-07-03 2014-01-22 中国电信股份有限公司 Wifi data non-seamless branching method, apparatus and system
CN103974335A (en) * 2013-01-24 2014-08-06 华为技术有限公司 Shunting control method, UE, network equipment and server
CN105557017A (en) * 2014-08-28 2016-05-04 华为技术有限公司 Data transmission method and apparatus
CN113473538A (en) * 2021-07-13 2021-10-01 蒋溢 Wireless convergence network-based shunt control method and system
CN113473465A (en) * 2021-07-13 2021-10-01 蒋溢 Private network fine-grained access control method and system based on wireless converged network distribution
WO2022213605A1 (en) * 2021-04-07 2022-10-13 中国电信股份有限公司 Method and apparatus for providing cloud service security access, and medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8189549B2 (en) * 2007-10-22 2012-05-29 T-Mobile Usa, Inc. System and method for indicating a subscriber's zone within converged telecommunications networks

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007092573A2 (en) * 2006-02-07 2007-08-16 Cisco Technology, Inc. Methods and systems for providing telephony services and enforcing policies in a communication network
CN103533580A (en) * 2012-07-03 2014-01-22 中国电信股份有限公司 Wifi data non-seamless branching method, apparatus and system
CN103974335A (en) * 2013-01-24 2014-08-06 华为技术有限公司 Shunting control method, UE, network equipment and server
CN105557017A (en) * 2014-08-28 2016-05-04 华为技术有限公司 Data transmission method and apparatus
WO2022213605A1 (en) * 2021-04-07 2022-10-13 中国电信股份有限公司 Method and apparatus for providing cloud service security access, and medium
CN113473538A (en) * 2021-07-13 2021-10-01 蒋溢 Wireless convergence network-based shunt control method and system
CN113473465A (en) * 2021-07-13 2021-10-01 蒋溢 Private network fine-grained access control method and system based on wireless converged network distribution

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"Reverse and Forward Engineering of Local Voltage Control in Distribution Networks";Xinyang Zhou;《IEEE Transactions on Automatic Control》;全文 *
"基于5G专网的跨域漫游分流技术研究";李雯雯等;《网络部署》;全文 *

Also Published As

Publication number Publication date
CN116112984A (en) 2023-05-12

Similar Documents

Publication Publication Date Title
US11438303B2 (en) Client device address assignment following authentication
US11751122B2 (en) Wireless gateway supporting public and private networks
CN109565465B (en) Service-based traffic forwarding in virtual networks
JP4754964B2 (en) Radio network control apparatus and radio network control system
EP1829409B1 (en) Provision of user policy to terminal
WO2016155298A1 (en) Relay ue access control method and apparatus
WO2017092501A1 (en) Method and system for network certification
US9408061B2 (en) Distributed network layer mobility for unified access networks
WO2017097023A1 (en) Perception-free authentication method and system, and control method and system based on method
EP2534889B1 (en) Method and apparatus for redirecting data traffic
US9787691B2 (en) Classification of unauthenticated IP users in a layer-2 broadband aggregation network and optimization of session management in a broadband network gateway
EP4247050A1 (en) Network slice connection method and apparatus, storage medium, and electronic apparatus
WO2016165505A1 (en) Connection control method and apparatus
JP2021503264A (en) Allow application for direct discovery
JP2020501440A (en) Emergency number setting method, acquisition method and device
CN114079933A (en) Network slice management system, application server and terminal equipment
CN116112984B (en) 5G wireless network fusion management and control method, system, equipment and storage medium
CN116887346A (en) Flow control method, device, equipment and storage medium
CN106258015B (en) Service distribution method and device
KR20200044592A (en) Multi-path transmission system and method
WO2012075779A1 (en) Method and system for guaranteeing quality of service of mobile node
US20230328620A1 (en) Multipath communication and control
US20230319684A1 (en) Resource filter for integrated networks
CN117640714A (en) Communication method, device and storage medium
WO2016201707A1 (en) Network state information transfer method and network device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant