CN116782275A - Control method and device for terminal equipment to access core network - Google Patents
Control method and device for terminal equipment to access core network Download PDFInfo
- Publication number
- CN116782275A CN116782275A CN202310833402.9A CN202310833402A CN116782275A CN 116782275 A CN116782275 A CN 116782275A CN 202310833402 A CN202310833402 A CN 202310833402A CN 116782275 A CN116782275 A CN 116782275A
- Authority
- CN
- China
- Prior art keywords
- network element
- request
- n3iwf
- data
- data transmission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 230000005540 biological transmission Effects 0.000 claims abstract description 42
- 230000004044 response Effects 0.000 claims abstract description 17
- 238000004891 communication Methods 0.000 claims description 46
- 230000006870 function Effects 0.000 claims description 35
- 238000012545 processing Methods 0.000 claims description 19
- 238000010586 diagram Methods 0.000 description 14
- 238000004590 computer program Methods 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 230000004075 alteration Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000013480 data collection Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The application discloses a control method and a device for terminal equipment to access a core network, which are used for simplifying the path of the terminal to access the core network and improving the data transmission rate. The method is applied to the W-AGF network element and comprises the following steps: receiving a first request from a terminal device; the first request is used for requesting the establishment of a data transmission channel with a non-3GPP interworking function N3IWF network element; analyzing the first request, and determining that the target address of the first request is an N3IWF network element; forwarding the first request to the N3IWF network element according to the target address, and receiving response information returned by the N3IWF network element; the response information is used for representing that the data transmission channel between the terminal equipment and the N3IWF network element is successfully established.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method and an apparatus for controlling access of a terminal device to a core network.
Background
In the field of Fifth generation mobile communication technology (5G), when an industrial terminal device accesses to a 5G core network (5G core,5 GC) from a gateway device in an industrial internet scenario, it is generally required to perform individual authentication on a Non-3GPP interworking function (Non-3GPP InterWorking Function,N3IWF) network element that accesses to the 5GC, so as to implement functions of differentiated charging and quality of service (Quality of Service, qoS) guarantee of different terminal devices. But is defined in the communication standard, the data routing for the terminal equipment needing to access the N3IWF network element includes the two times of user plane functions (User Plane Function, UPF) network element to implement the routing forwarding of the data.
Illustratively, referring to fig. 1, a schematic architecture of a communication system defined for a communication standard is shown. As shown in fig. 1, in a path of a Data Network (DN) accessing 5GC, a terminal device needs to connect with a wireless access gateway function (Wireline Acess Gateway Function, W-AGF) Network element through a gateway device, and further, output the Data to a first UPF Network element through an N3 interface of the W-AGF Network element, and output the Data to an N3IWF through an N6 interface. Still further, after the N3IWF is accessed, the data is output to the second UPF network element through the N3 interface, and finally the DN is accessed. It can be seen that the routing paths defined in the current communication standard are long, and only one set of lightweight 5GC is usually arranged in an industrial internet scene, and only one UPF is included, so that functions of differentiated charging and the like of the terminal cannot be realized through the N3IWF network element.
Disclosure of Invention
The application provides a control method and a device for terminal equipment to access a core network, which are used for simplifying the path of the terminal to access the core network and improving the data transmission rate.
In a first aspect, the present application provides a method for controlling access of a terminal device to a core network, where the method is applied to a wireless access gateway function W-AGF network element in the core network, and the method includes:
receiving a first request from a terminal device; the first request is used for requesting the establishment of a data transmission channel with a non-3GPP interworking function N3IWF network element;
analyzing the first request, and determining that the target address of the first request is the N3IWF network element;
forwarding the first request to the N3IWF network element according to the target address, and receiving response information returned by the N3IWF network element; the response information is used for representing that the data transmission channel between the terminal equipment and the N3IWF network element is successfully established.
In some embodiments, prior to receiving the first request, the method further comprises:
receiving a second request from the terminal device; the second request is used for requesting address information of the N3IWF network element from a data network DN;
forwarding the second request to the DN, and receiving address information of the N3IWF network element returned by the DN;
and sending the address information of the N3IWF network element to the terminal equipment.
In some embodiments, the second request is transmitted over a pre-established management protocol data unit, PDU, session between the gateway device and the DN; the terminal equipment is connected with the gateway equipment, and the PDU session is established by the W-AGF when the gateway equipment is online.
In some embodiments, after the data transmission channel is established successfully, the method further comprises:
when a data packet from a terminal device is received, judging whether the packet head of the data packet contains the identification of the data transmission channel or not;
if the packet header contains the identification of the data transmission channel, forwarding the data packet to the N3IWF network element;
if the packet header does not contain the identifier of the data transmission channel, forwarding the message to a user plane function UPF network element through an N3 interface.
In a second aspect, the present application provides a control device for accessing a terminal device to a core network, where the device is applied to a W-AGF network element in the core network, and the device includes:
a communication unit for receiving a first request from a terminal device; the first request is used for requesting the establishment of a data transmission channel with a non-3GPP interworking function N3IWF network element;
the processing unit is used for analyzing the first request and determining that the target address of the first request is the N3IWF network element;
the processing unit is further configured to instruct the communication unit to forward the first request to the N3IWF network element according to the target address, and receive response information returned by the N3IWF network element; the response information is used for representing that the data transmission channel between the terminal equipment and the N3IWF network element is successfully established.
In some embodiments, the communication unit is further configured to:
receiving a second request from the terminal device; the second request is used for requesting address information of the N3IWF network element from a data network DN;
forwarding the second request to the DN, and receiving address information of the N3IWF network element returned by the DN;
and sending the address information of the N3IWF network element to the terminal equipment.
In some embodiments, the second request is transmitted over a pre-established management protocol data unit, PDU, session between the gateway device and the DN; the terminal equipment is connected with the gateway equipment, and the PDU session is established by the W-AGF when the gateway equipment is online.
In some embodiments, the processing unit is further configured to:
when a data packet from a terminal device is received through the communication unit, judging whether the packet head of the data packet contains the identification of the data transmission channel or not;
when the packet header contains the identifier of the data transmission channel, the communication unit is instructed to forward the data packet to the N3IWF network element;
and when the packet header does not contain the identifier of the data transmission channel, the communication unit is instructed to forward the message to a user plane function UPF network element through an N3 interface.
In a third aspect, an electronic device is provided that includes a controller and a memory. The memory is used for storing computer-executable instructions, and the controller executes the computer-executable instructions in the memory to perform the operational steps of any one of the possible implementations of the method of the first aspect using hardware resources in the controller.
In a fourth aspect, there is provided a computer readable storage medium having instructions stored therein which, when run on a computer, cause the computer to perform the methods of the above aspects.
The application proposes to set data forwarding logic in a W-AGF network element of a core network, the W-AGF network element can analyze information of request connection from terminal equipment, and the W-AGF network element can directly forward the information to N3IWF when determining that the target address is the N3IWF network element. Compared with the traditional communication standard, the W-AGF network element needs to forward the data to the N3IWF network element through UPF, the scheme of the application reduces the detour of the data and simplifies the path of the terminal equipment accessed to the core network.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
FIG. 1 is a schematic diagram of a communication system defined by a communication standard;
fig. 2A is a schematic diagram of a communication system according to an embodiment of the present application;
fig. 2B is a schematic diagram of another architecture of a communication system according to an embodiment of the present application;
fig. 3 is a flowchart of a control method for accessing a terminal device to a core network according to an embodiment of the present application;
fig. 4 is a flowchart of another control method for accessing a terminal device to a core network according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a control device for accessing a terminal device to a core network according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the technical solutions of the present application, but not all embodiments. All other embodiments, based on the embodiments described in the present document, which can be obtained by a person skilled in the art without any creative effort, are within the scope of protection of the technical solutions of the present application.
The terms first, second and the like in the description and in the claims and in the above-described figures, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be capable of being practiced otherwise than as specifically illustrated and described. In addition, the term "and/or" herein is merely an association relationship describing an association object, and means that three relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. The character "/" herein generally indicates that the associated object is an "or" relationship unless otherwise specified.
In the 3GPP communication standard, a technical scheme of accessing 5GC through gateway equipment and W-AGF network elements is defined in an R16 WWC project, and in a 5WWC Phase2 project of R18, a technical scheme of accessing 5GC through gateway equipment and W-AGF network elements by a gateway equipment post-terminal equipment is further defined. In order to facilitate understanding of the scheme of the present application, technical terms related to the present application are first described below.
(1) 5G core network: the core network plays a crucial role in the network, being the management backbone of full access and full service. The 5G core network is abbreviated as 5GC and is divided into a Control Plane (CP) and a User Plane (UP), and is interconnected with DNs such as the internet, a third party service or a carrier service by a UPF network element through an N6 interface, so as to support access to different access types, which may include 3GPP access and non-3GPP access. The following describes the individual network elements of the core network to which the present application relates.
(2) UPF network element: as an interconnection point between the wireless local area network (Radio Access Network, RAN) and DN, the wireless local area network is used for realizing session anchor points of management protocol data units (Protocol Data Unit, PDUs) and realizing functions such as packet routing forwarding, traffic reporting, data packet inspection, qoS processing and the like.
(3) N3IWF network element: is responsible for accessing untrusted non-3GPP access networks (such as WiFi) to the 5GC. An IPSec tunnel is established between the terminal equipment and the N3IWF network element for data transmission, and the N3IWF is respectively connected to a control plane and a user plane of 5GC through an N2 interface and an N3 interface.
IPSec was developed based on security protocols (Security Protocol) and internet key exchange protocols (Internet Key Exchange, IKE), and provides a series of services for both parties of communication such as access control, connectionless integrity, authentication of data sources, encryption, and classified encryption of data streams. Wherein the security protocols include a header authentication protocol (Authentication Header, AH) and a security encapsulation payload (Encapsulate Security Payload, ESP) protocol, the IKE protocol is a TCP/IP framework based on internet security association and key management protocol (Internet Security Association and Key Management Protocol, ISAKMP), and a hybrid protocol incorporating a key exchange protocol and a key technology protocol. The modes of operation of IPSec include a tunnel mode and a transport mode. The tunnel mode refers to that the AH or ESP header and the ESP encrypted user data are encapsulated in a new IP packet for transmission. The transmission mode means that after the AH or ESP header and the ESP encrypted user data are placed in the original IP header, a new IP packet need not be encapsulated.
(4) Access and mobility management function (Access and Mobility Management Function, AMF) network element: the method is used for executing registration, connection, accessibility, mobility management and providing functions such as authentication and authentication when the terminal equipment is accessed.
(5) Session management function (Session Management Function, SMF) network element: the method is used for realizing the functions of establishing, updating and releasing management session, maintaining PDU session state, managing group, controlling and coordinating charge data collection and flow control of UPF network elements, and the like.
(6) Fully qualified domain name (Fully Qualified Domain Name, FQDN): refers to the full name of a domain of the application under which a number of hosts may be suspended, and the FQDN may define the location of each host in the domain name tree.
As the wired access scheme is applied to the industrial internet field, an industrial terminal device may access to 5GC through a gateway device in an industrial scene. Under the scene, for AUN3 terminal equipment which can be authenticated at 5GC, the N3IWF network element can be accessed, so that the functions of differentiated charging, qoS guarantee and the like of the 5GC for different AUN3 terminal equipment are realized. However, referring to fig. 1, in the communication standard, for the routing path of the terminal device in this case, the network element that needs to pass through the UPF twice is defined, and the specific transmission path is: terminal equipment-gateway equipment-W-AGF network element-UPF network element-N3 IWF network element-UPF network element-DN. The path of the terminal equipment connected with DN through the core network is long and can not be realized in the industrial Internet of things.
In view of this, the present application provides a method and an apparatus for controlling access of a terminal device to a core network, and provides a method and an apparatus for configuring a route judgment module in a W-AGF network element, to analyze request information sent by the terminal device and requesting access to an N3IWF network element, and when determining that a target address of the request information is the N3IWF network element, directly send the request information to the N3IWF network element without going through UPF, so that a path of access of the terminal device to the core network is simplified to: the terminal equipment, gateway equipment, W-AGF network element and N3IWF network element reduce the detour of data and are suitable for the scene of the deployment of lightweight 5GC of the industrial Internet.
The following first describes the architecture of a communication system to which the scheme of the present application is applied. Referring to fig. 2A, an architecture diagram of a communication system according to an embodiment of the present application is provided, where the communication system shown in fig. 2A includes a terminal device, a gateway device, a W-AGF network element, an N3IWF network element, a UPF network element, and a data network.
The terminal device may be an AUN3 terminal device in an industrial internet scene, and in order to implement QoS function and differentiated charging of the terminal device, the terminal device needs to be accessed to an N3IWF network element of the core network through a gateway device and a W-AGF network element, and is connected to the data network through an N3 interface by the N3IWF network element. The gateway device may be a conventional Fixed Network gateway (FN-RG) or a 5G-RG.
It should be noted that the number of terminal devices and gateway devices in the present application is not limited, fig. 2A is only an example, and other network elements included in the core network are not shown in fig. 2A. For example, referring to fig. 2B, for a schematic architecture diagram of another communication system provided by the present application, an AMF network element and an SMF network element may be further included in the core network.
The scheme of the present application will be described below in connection with the communication system shown in fig. 2A and 2B. Referring to fig. 3, a flowchart of a control method for accessing a terminal device to a core network is provided in an embodiment of the present application. The method flow may be performed by a W-AGF network element included in the communication system shown in fig. 2A or fig. 2B, for example. The method shown in fig. 3 specifically includes:
301, a first request from a terminal device is received.
Wherein the first request is for requesting to establish a data transmission channel from the N3IWF network element. Alternatively, the first request may be encapsulated using IKEv2 protocol, and the data transmission channel established by the request may be an IPSec tunnel between the terminal device and the N3IWF network element.
And 302, analyzing the first request, and determining that the target address of the first request is N3IWF network element.
Optionally, after receiving the first request, the W-AGF network element may perform processes such as decapsulation and decoding on the first request, to determine an address of the N3IWF network element included in the first request.
And 303, forwarding the first request to the N3IWF network element according to the target address.
Illustratively, the embodiment of the present application proposes that when the target address of the first request is determined to be the N3IWF network element, the first request may be directly forwarded to the N3IWF network element, without forwarding through the UPF network element.
304, receiving response information returned by the N3IWF network element, and forwarding the response information to the terminal device.
The response information is used for representing that the data transmission channel between the terminal equipment and the N3IWF network element is successfully established.
Based on the above scheme, the present application proposes to set data forwarding logic in the W-AGF network element of the core network, where the W-AGF network element may parse information from the terminal device requesting connection, and directly forward the information to the N3IWF when determining that the target address is the N3IWF network element. Compared with the traditional communication standard, the W-AGF network element needs to forward the data to the N3IWF network element through UPF, the scheme of the application reduces the detour of the data and simplifies the path of the terminal equipment accessed to the core network.
In some scenarios, the terminal device may also request address information of the N3IWF network element, such as an IP address of the N3IWF network element, from the Data Network (DN) before requesting to establish the data transmission channel from the N3IWF network element. As an alternative, the terminal device may send a second request to the W-AGF network element, the second request being for requesting address information of the N3IWF network element from the data network. The W-AGF network element forwards the second request to the data network and sends address information returned by the data network to the terminal equipment. Illustratively, the terminal device may send a FQDN identifying the N3IWF to the DNS server and request the DNS server to resolve the FQDN to determine the public network IP address of the N3IWF. As an example, the FQDN identifying the N3IWF may be:
“n3iwf.5gc.mnc<MNC>.mcc<MCC>.pub.3gppnetwork.org”。
the terminal device may also forward the request information (including the first request and the second request described above) through the gateway device when sending the request information to the W-AGF network element, as shown in the communication system shown in fig. 2A or fig. 2B, for example. For example, the gateway device may perform authentication in the core network through the W-AGF network element during online, and establish a PDU session from the gateway device to the UPF network element through the W-AGF network element after the authentication is completed.
Further, when the terminal device is connected to the gateway device on line, the terminal device may first perform authentication at the gateway device. For example, the terminal device may connect to the gateway device via Wi-Fi and authenticate at the gateway device based on the IEEE 802.11 standard. Of course, the authentication mode of the terminal equipment at the gateway equipment is not limited, for example, the application can adopt the open system authentication defined by the IEEE 802.11 standard, and can also adopt the shared key authentication mode. After authentication is completed, the terminal equipment can access the data network through the PDU session created when the gateway equipment is online, and the address information of the N3IWF network element is obtained.
Still further, the terminal device sends a first request to the N3IWF network element according to the obtained address information of the N3IWF network element, requesting to establish a data transmission channel with the N3IWF network element. For convenience of description, the following description will take an example of an IPSec tunnel as an example of a data transmission channel established between a terminal device and an N3IWF network element. The path of the IPSec tunnel is: terminal equipment-gateway equipment-W-AGF network element-N3 IWF network element.
After the IPSec tunnel is established, the subsequent terminal equipment may transfer the data to the tunnel through the NWu interface and finally transmit the data exclusively to the N3IWF network element. For example, the terminal device may add an identifier of the IPSec tunnel to a header of a data packet transmitted through the core network, so that the W-AGF may determine that a transmission path of the received data packet is the IPSec tunnel according to the identifier.
In the following, in order to further understand the solution of the present application, a specific embodiment is described, referring to fig. 4, which is a flowchart of a control method for accessing a terminal device to a core network according to an embodiment of the present application, where the flowchart specifically includes:
the terminal device requests 401 address information of the N3IWF network element from the data network through the connected gateway device.
And 402, the terminal equipment sends a first request to the W-AGF network element according to the acquired address information.
Wherein the first request is for requesting to establish an IPSec tunnel with the N3IWF network element.
403, the w-AGF network element determines whether the destination address of the received first request is an address of the N3IWF network element.
If yes, go on to step 404.
If not, proceed to step 408.
404, the w-AGF network element forwards the first request to the N3IWF network element, and sends response information returned by the N3IWF network element to the terminal device.
And 405, the terminal equipment receives the response information and sends a first data packet to the W-AGF network element.
406, the w-AGF network element determines whether the header of the received first data packet includes an identifier of the IPSec tunnel.
If yes, go on to step 407.
If not, proceed to step 408.
407, the w-AGF network element forwards the first data packet to the N3IWF network element.
Optionally, after receiving the first data packet, the N3IWF may forward the first data packet to the UPF network element through the N3 interface, and the UPF network element may transmit the first data packet to the data network.
408, the w-AGF network element sends the received information to the UPF network element through the N3 interface.
Optionally, the UPF network element may route the received information.
Based on the same concept as the above method, referring to fig. 5, a control device 500 for accessing a terminal device to a core network according to an embodiment of the present application is provided, where the device 500 is configured to execute each step in the above method, and in order to avoid repetition, a detailed description is omitted here. The apparatus 500 includes: a communication unit 501 and a processing unit 502.
A communication unit 501 for receiving a first request from a terminal device; the first request is used for requesting the establishment of a data transmission channel with a non-3GPP interworking function N3IWF network element;
a processing unit 502, configured to parse the first request, and determine that a target address of the first request is the N3IWF network element;
the processing unit 502 is further configured to instruct, according to the target address, the communication unit 501 to forward the first request to the N3IWF network element, and receive response information returned by the N3IWF network element; the response information is used for representing that the data transmission channel between the terminal equipment and the N3IWF network element is successfully established.
In some embodiments, the communication unit 501 is further configured to:
receiving a second request from the terminal device; the second request is used for requesting address information of the N3IWF network element from a data network DN;
forwarding the second request to the DN, and receiving address information of the N3IWF network element returned by the DN;
and sending the address information of the N3IWF network element to the terminal equipment.
In some embodiments, the second request is transmitted over a pre-established management protocol data unit, PDU, session between the gateway device and the DN; the terminal equipment is connected with the gateway equipment, and the PDU session is established by the W-AGF when the gateway equipment is online.
In some embodiments, the processing unit 502 is further configured to:
when a data packet from a terminal device is received through the communication unit 501, judging whether the packet header of the data packet contains the identifier of the data transmission channel;
when the packet header includes the identifier of the data transmission channel, the communication unit 501 is instructed to forward the data packet to the N3IWF network element;
and when the packet header does not contain the identifier of the data transmission channel, the communication unit 501 is instructed to forward the message to a user plane function UPF network element through an N3 interface.
Fig. 6 shows a schematic structural diagram of an electronic device 600 according to an embodiment of the present application. The electronic device 600 in the embodiment of the present application may further include a communication interface 603, where the communication interface 603 is, for example, a network port, and the electronic device may transmit data through the communication interface 603. For example, the communication interface 603 may be used to implement the functionality of the communication unit 501 in fig. 5 described above.
In an embodiment of the present application, the memory 602 stores instructions executable by the at least one controller 601, and the at least one controller 601 may be configured to perform various steps of the method by executing the instructions stored in the memory 602, for example, the controller 601 may implement the functions of the processing unit 502 in fig. 5.
Wherein the controller 601 is a control center of the electronic device, various interfaces and lines can be utilized to connect various portions of the entire electronic device by running or executing instructions stored in the memory 602 and invoking data stored in the memory 602. Alternatively, the controller 601 may include one or more processing units, and the controller 601 may integrate an application controller and a modem controller, wherein the application controller primarily handles an operating system and application programs, etc., and the modem controller primarily handles wireless communications. It will be appreciated that the modem controller described above may not be integrated into the controller 601. In some embodiments, the controller 601 and the memory 602 may be implemented on the same chip, and in some embodiments they may be implemented separately on separate chips.
The controller 601 may be a general purpose controller such as a central processing unit (english: central Processing Unit; abbreviated as CPU), a digital signal controller, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component, and may implement or perform the methods, steps, and logic blocks disclosed in the embodiments of the present application. The general purpose controller may be a microcontroller or any conventional controller or the like. The steps executed by the data statistics platform disclosed in connection with the embodiment of the application can be directly executed by a hardware controller or can be executed by a combination of hardware and software modules in the controller.
The memory 602 is a non-volatile computer readable storage medium that can be used to store non-volatile software programs, non-volatile computer executable programs, and modules. The Memory 602 may include at least one type of storage medium, and may include, for example, flash Memory, a hard disk, a multimedia card, a card Memory, a random access Memory (english: random Access Memory, abbreviated as "RAM"), a static random access Memory (english: static Random Access Memory, abbreviated as "SRAM"), a programmable Read-Only Memory (english: programmable Read Only Memory, abbreviated as "PROM"), a Read Only Memory (english: ROM), a charged erasable programmable Read-Only Memory (english: electrically Erasable Programmable Read-Only Memory, abbreviated as "EEPROM"), a magnetic Memory, a magnetic disk, an optical disk, and the like. Memory 602 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory 602 in embodiments of the present application may also be circuitry or any other device capable of performing storage functions for storing program instructions and/or data.
By programming the controller 601, for example, codes corresponding to the methods described in the foregoing embodiments may be cured into the chip, so that the chip can execute the steps of the foregoing methods when running, and how to design and program the controller 601 is a technology known to those skilled in the art will not be repeated herein.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a controller of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the controller of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the spirit or scope of the application. Thus, it is intended that the present application also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (10)
1. A method for controlling access of a terminal device to a core network, wherein the method is applied to a wireless access gateway function W-AGF network element in the core network, the method comprising:
receiving a first request from a terminal device; the first request is used for requesting the establishment of a data transmission channel with a non-3GPP interworking function N3IWF network element;
analyzing the first request, and determining that the target address of the first request is the N3IWF network element;
forwarding the first request to the N3IWF network element according to the target address, and receiving response information returned by the N3IWF network element; the response information is used for representing that the data transmission channel between the terminal equipment and the N3IWF network element is successfully established.
2. The method of claim 1, wherein prior to receiving the first request, the method further comprises:
receiving a second request from the terminal device; the second request is used for requesting address information of the N3IWF network element from a data network DN;
forwarding the second request to the DN, and receiving address information of the N3IWF network element returned by the DN;
and sending the address information of the N3IWF network element to the terminal equipment.
3. The method of claim 2, wherein the second request is transmitted over a pre-established management protocol data unit, PDU, session between a gateway device and the DN; the terminal equipment is connected with the gateway equipment, and the PDU session is established by the W-AGF when the gateway equipment is online.
4. A method according to any of claims 1-3, characterized in that after the successful establishment of the data transmission channel, the method further comprises:
when a data packet from a terminal device is received, judging whether the packet head of the data packet contains the identification of the data transmission channel or not;
if the packet header contains the identification of the data transmission channel, forwarding the data packet to the N3IWF network element;
if the packet header does not contain the identifier of the data transmission channel, forwarding the message to a user plane function UPF network element through an N3 interface.
5. A control device for accessing a terminal device to a core network, wherein the device is applied to a W-AGF network element in the core network, the device comprising:
a communication unit for receiving a first request from a terminal device; the first request is used for requesting the establishment of a data transmission channel with a non-3GPP interworking function N3IWF network element;
the processing unit is used for analyzing the first request and determining that the target address of the first request is the N3IWF network element;
the processing unit is further configured to instruct the communication unit to forward the first request to the N3IWF network element according to the target address, and receive response information returned by the N3IWF network element; the response information is used for representing that the data transmission channel between the terminal equipment and the N3IWF network element is successfully established.
6. The apparatus of claim 5, wherein the communication unit is further configured to:
receiving a second request from the terminal device; the second request is used for requesting address information of the N3IWF network element from a data network DN;
forwarding the second request to the DN, and receiving address information of the N3IWF network element returned by the DN;
and sending the address information of the N3IWF network element to the terminal equipment.
7. The apparatus of claim 6, wherein the second request is transmitted over a pre-established management protocol data unit, PDU, session between a gateway device and the DN; the terminal equipment is connected with the gateway equipment, and the PDU session is established by the W-AGF when the gateway equipment is online.
8. The apparatus of any one of claims 5-7, wherein the processing unit is further configured to:
when a data packet from a terminal device is received through the communication unit, judging whether the packet head of the data packet contains the identification of the data transmission channel or not;
when the packet header contains the identifier of the data transmission channel, the communication unit is instructed to forward the data packet to the N3IWF network element;
and when the packet header does not contain the identifier of the data transmission channel, the communication unit is instructed to forward the message to a user plane function UPF network element through an N3 interface.
9. An electronic device, comprising: a memory and a controller;
a memory for storing program instructions;
a controller for invoking program instructions stored in the memory to perform the method of any of claims 1-4 in accordance with the obtained program.
10. A computer storage medium storing computer executable instructions for performing the method of any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310833402.9A CN116782275A (en) | 2023-07-07 | 2023-07-07 | Control method and device for terminal equipment to access core network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310833402.9A CN116782275A (en) | 2023-07-07 | 2023-07-07 | Control method and device for terminal equipment to access core network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116782275A true CN116782275A (en) | 2023-09-19 |
Family
ID=88006388
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310833402.9A Pending CN116782275A (en) | 2023-07-07 | 2023-07-07 | Control method and device for terminal equipment to access core network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116782275A (en) |
-
2023
- 2023-07-07 CN CN202310833402.9A patent/CN116782275A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11729712B2 (en) | Network slice isolation information of at least one network slice for a wireless device | |
| US11956856B2 (en) | Network slice isolation information for session management function discovery | |
| US11743767B2 (en) | Compression of ethernet packet header | |
| RU2719447C1 (en) | Method of configuring key, method of determining security policy and device | |
| CN102017677B (en) | Access through non-3GPP access networks | |
| JP4927939B2 (en) | Automatic home agent selection | |
| WO2020221956A1 (en) | Service authorization for indirect communication in a communication system | |
| CN109792788A (en) | The method and apparatus that data for being related to tunnel within a wireless communication network are transmitted | |
| CN101106812B (en) | Access method for communication network and user device | |
| KR102648031B1 (en) | Session management method and device | |
| CN113873453B (en) | Communication method, apparatus, system and medium | |
| KR102397750B1 (en) | GTP tunnels to support anchorless backhaul | |
| CN109787799B (en) | Quality of service (QoS) control method and equipment | |
| CN112653716B (en) | Service binding method and device | |
| WO2022222745A1 (en) | Communication method and apparatus | |
| CN116782275A (en) | Control method and device for terminal equipment to access core network | |
| WO2022067736A1 (en) | Communication method and apparatus | |
| US20240114057A1 (en) | Secure user equipment policy data in a communication network environment | |
| WO2022063075A1 (en) | Billing method and apparatus, communication device, and readable storage medium | |
| WO2023056784A1 (en) | Data collection method, communication apparatus and communication system | |
| CN116132983A (en) | Access authentication method, device, terminal and core network | |
| CN115701089A (en) | Communication method and device | |
| CN115802304A (en) | Industrial wireless network and 5G fusion system and method | |
| CN117459965A (en) | Individual PFCP session model for network access through residential gateway | |
| CN117641342A (en) | Communication method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |