GB2598293A - Apparatus, methods, and computer programs - Google Patents

Apparatus, methods, and computer programs Download PDF

Info

Publication number
GB2598293A
GB2598293A GB2012492.1A GB202012492A GB2598293A GB 2598293 A GB2598293 A GB 2598293A GB 202012492 A GB202012492 A GB 202012492A GB 2598293 A GB2598293 A GB 2598293A
Authority
GB
United Kingdom
Prior art keywords
address
network
nat
server
core network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
GB2012492.1A
Other versions
GB202012492D0 (en
Inventor
Flinck Hannu
Hoffmann Klaus
Thiebaut Laurent
Korja Pekka
Kuure Pekka
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia Technologies Oy
Original Assignee
Nokia Technologies Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Technologies Oy filed Critical Nokia Technologies Oy
Priority to GB2012492.1A priority Critical patent/GB2598293A/en
Publication of GB202012492D0 publication Critical patent/GB202012492D0/en
Publication of GB2598293A publication Critical patent/GB2598293A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2567NAT traversal for reachability, e.g. inquiring the address of a correspondent behind a NAT server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2571NAT traversal for identification, e.g. for authentication or billing 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A network apparatus for an application function 709 (which may be located at an edge platform 708) comprises means for signalling, to an apparatus in a core network 705 (which may be located within a 5G system 702) a request comprising registration information indicating that a Network Address Traversal (NAT) binding discovery can be run between an entity in the core network and a NAT binding discovery server (e.g. a Session Traversal Utilities for NAT, STUN, server on edge platform 708). The registration information associates an edge application server 707 address with routing information for a NAT binding discovery server. The core network apparatus comprises means for receiving the request and means for registering the registration information. A network apparatus for a policy control function comprising means for receiving, from a core network entity, the registration information and means for determining a policy rule based thereon. A network apparatus for a core network function comprises means for receiving policy information from a core network apparatus, the information associating an edge application server with routing information for a NAT binding discovery server. A NAT 706 may translate addresses between 5G system 702 and edge application server 707.

Description

APPARATUS, METHODS, AND COMPUTER PROGRAMS
Field
[0001] The present disclosure relates to apparatus, methods: and computer programs, and in particular but not exclusively to apparatus, methods and computer programs for network apparatuses.
Background
[0002] A communication system can be seen as a facility that enables communication sessions between two or more entities such as user terminals, access nodes and/or other nodes by providing carriers between the various entities involved in the communications path. A communication system can be provided for example by means of a communication network and one or more compatible communication devices. The communication sessions may comprise, for example: communication of data for carrying communications such as voice, electronic mail (email), text message, multimedia and/or content data and so on. Content may be multicast or uni-cast to communication devices.
[0003] A user can access the communication system by means of an appropriate communication device or terminal. A communication device of a user is often referred to as user equipment (UE) or user device. The communication device may access a carrier provided by an access node, and transmit and/or receive communications on the carrier.
[0004]The communication system and associated devices typically operate in accordance with a required standard or specification which sets out what the various entities associated with the system are permitted to do and how that should be achieved. Communication protocols and/or parameters which shall be used for the connection are also typically defined. One example of a communications system is UTRAN (3G radio). Another example of an architecture that is known is the long-term evolution (LTE) or the Universal Mobile Telecommunications System (UMTS) radio-access technology. Another example communication system is so called 5G system that allows user equipment (UE) or user device to contact a 5G core via e.g. new radio (NR) access technology or via other access technology such as Untrusted access to 5GC or wireline access technology.
Summary
[0005] According to a first aspect, there is provided a network apparatus for an application function, the network apparatus comprising: means for signaling, to a core network apparatus in a core network, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server.
[0006] The network apparatus may comprise means for associating the registration information with an identification of a network in the core network.
[0007] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0008] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0009] According to a second aspect, there is provided a network apparatus for a core network entity, the network apparatus comprising: means for receiving, from an application function, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server; and means for registering the registration information.
[0010] The means for registering may comprise making the registration information available to a policy control function.
[0011] The network apparatus may comprise means for associating the registration information with an identification of a network in the core network.
[0012] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0013] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0014] According to a third aspect, there is provided a network apparatus for a policy control function, comprising: means for receiving, from a core network entity, registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with at routing information for at least one NAT binding discovery server; and means for determining at least one policy rule based on the registration information.
[0015] The network apparatus may comprise means for providing the at least one policy rule to a session management entity in the core network.
[0016] The at least one policy rule may be provided to a session management entity on establishment of a session for a user equipment, or subsequent to a session for a user equipment being established [0017] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0018] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0019] According to a fourth aspect, there is provided a network apparatus for a core network function, comprising: means for receiving policy information from a core network apparatus, wherein said policy information associates at least one edge application server address with routing information for at least one Network Address Traversal, NAT, binding discovery server.
[0020] The network apparatus may comprise means for receiving the policy information when a session is being established, or receiving the policy information when the session is already established.
[0021] The policy information may comprise an indication that a mapping is to be stored for mapping an Internet Protocol (IP) address and port of the user equipment with a translated version of the IP address and port of the user equipment, and the network apparatus may comprise means for causing said mapping to be performed in response to receiving the policy information.
[0022] The network apparatus may comprise means for determining whether or not a destination address in a message originating from the user equipment matches with said at least one edge application server address; and means for determining whether or not a source address and a port in said message matches a mapped address provided in said mapping.
[0023] The network apparatus may comprise means for, when the destination address matches with said at least one edge application server address and the source address and port match to a mapped address and port in said mapping, forwarding the message to the edge application server address; and/or means for, when the destination address matches with said at least one edge application server address and when a match for the source IP address and port is not provided in said mapping; causing a Network Address Traversal binding discovery client located in the core network to request a new mapping from the at least one NAT binding discovery server. [0024] A response to the request for a new mapping may be used by the network apparatus to additionally form at least part of said mapping.
[0025] The response may be used to additionally form at least part of said mapping only when a value in the response matches a random value comprised within the request.
[0026] The Network Address Traversal binding discovery client may comprise a Session Traversal Utilities for Network Address Traversal client.
[0027] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0028] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0029] According to a fifth aspect, there is provided a method for a network apparatus for an application function, the method comprising: signaling, to a core network apparatus in a core network, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server.
[0030] The method may comprise associating the registration information with an identification of a network in the core network.
[0031] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0032] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0033] According to a sixth aspect, there is provided a method for a network apparatus for a core network entity, the method comprising: receiving, from an application function, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server and registering the registration information.
[0034] The registering may comprise making the registration information available to a policy control function.
[0035] The method may comprise associating the registration information with an identification of a network in the core network.
[0036] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0037] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0038]According to a seventh aspect, there is provided a method for a network apparatus for a policy control function, comprising: receiving, from a core network entity, registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with at routing information for at least one NAT binding discovery server; and determining at least one policy rule based on the registration information.
[0039] The method may comprise providing the at least one policy rule to a session management entity in the core network.
[0040] The at least one policy rule may be provided to a session management entity on establishment of a session for a user equipment, or subsequent to a session for a user equipment being established.
[0041] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0042] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0043] According to an eighth aspect, there is provided a method for a network apparatus for a core network function, comprising: receiving policy information from a core network apparatus, wherein said policy information associates at least one edge application server address with routing information for at least one Network Address Traversal, NAT, binding discovery server.
[0044] The method may comprise receiving the policy information when a session is being established, or receiving the policy information when the session is already established.
[0045]The policy information may comprise an indication that a mapping is to be stored for mapping an Internet Protocol (IF) address of the user equipment with a translated version of the IP address of the user equipment, and wherein the method comprises causing said mapping to be performed in response to receiving the policy information.
[0046] The method may comprise determining whether or not a destination address in a message originating from the user equipment matches with said at least one edge application server address; and determining whether or not a source address and a port in said message matches a mapped address provided in said mapping.
[0047] The method may comprise, when the destination address matches with said at least one edge application server address and the source address and port match to a mapped address and port in said mapping, forwarding the message to the edge application server address; and/or, when the destination address matches with said at least one edge application server address and when a match for the source IP address and port is not provided in said mapping, causing a Network Address Traversal binding discovery client located in the core network to request a new mapping from the at least one NAT binding discovery server.
[0048] A response to the request for a new mapping may be used by the network apparatus to additionally form at least part of said mapping.
[0049] The response may be used to additionally form at least part of said mapping only when a value in the response matches a random value comprised within the request.
[0050] The Network Address Traversal binding discovery client may comprise a Session Traversal Utilities for Network Address Traversal client.
[0051]The address-provision client may comprise a Session Traversal Utilities for Network Address Traversal client.
[0052] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0053] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0054]According to a ninth aspect, there is provided a network apparatus for an application function, the network apparatus comprising at least one processor and at least one memory comprising code that, when executed by the at least one processor, causes the network apparatus to: signal, to a core network apparatus in a core network, a request comprising registration information indicating that a Network Address Traversal, NAT; binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server.
[0055] The network apparatus may be caused to associate the registration information with an identification of a network in the core network [0056] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0057] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0058] According to a tenth aspect, there is provided a network apparatus for a core network entity, the network apparatus comprising at least one processor and at least one memory comprising code that, when executed by the at least one processor, causes the network apparatus to: receive, from an application function, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server; and register the registration information.
[0059] The registering may comprise making the registration information available to a policy control function.
[0060] The network apparatus may be caused to associate the registration information with an identification of a network in the core network.
[0061] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0062] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0063] According to an eleventh aspect, there is provided a network apparatus for a policy control function, the network apparatus comprising at least one processor and at least one memory comprising code that, when executed by the at least one processor, causes the network apparatus to: receive from a core network entity, registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with at routing information for at least one NAT binding discovery server; and determine at least one policy rule based on the registration information.
[0064] The network apparatus may be caused to provide the at least one policy rule to a session management entity in the core network.
[0065] The at least one policy rule may be provided to a session management entity on establishment of a session for a user equipment, or subsequent to a session for a user equipment being established.
[0066] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0067] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0068] According to a twelfth aspect, there is provided a network apparatus for a core network function, the network apparatus comprising at least one processor and at least one memory comprising code that, when executed by the at least one processor, causes the network apparatus to: receive policy information from a core network apparatus, wherein said policy information associates at least one edge application server address with routing information for at least one Network Address Traversal, NAT, binding discovery server.
[0069] The network apparatus may be caused to receive the policy information when a session is being established, or receive the policy information when the session is already established.
[0070] The policy information may comprise an indication that a mapping is to be stored for mapping an Internet Protocol (IF) address of the user equipment with a translated version of the IF address of the user equipment, and wherein the network apparatus may be caused to cause said mapping to be performed in response to receiving the policy information.
[0071] The network apparatus may be caused to determine whether or not a destination address in a message originating from the user equipment matches with said at least one edge application server address; and determine whether or not a source address and a port in said message matches a mapped address provided in said mapping.
[0072]The network apparatus may be caused to, when the destination address matches with said at least one edge application server address and the source address and port match to a mapped address and port in said mapping, forward the message to the edge application server address: and/or, when the destination address matches with said at least one edge application server address and when a match for the source IP address and port is not provided in said mapping, cause a Network Address Traversal binding discovery client located in the core network to request a new mapping from the at least one NAT binding discovery server.
[0073] A response to the request for a new mapping may be used by the network apparatus to additionally form at least part of said mapping.
[0074] The response may be used to additionally form at least part of said mapping only when a value in the response matches a random value comprised within the request.
[0075]The Network Address Traversal binding discovery client may comprise a Session Traversal Utilities for Network Address Traversal client.
[0076] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0077] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0078] According to a thirteenth aspect; there is provided a network apparatus for an application function; the network apparatus comprising: signaling circuitry for signaling, to a core network apparatus in a core network; a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server; said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server.
[0079] The network apparatus may comprise associated circuitry for associating the registration information with an identification of a network in the core network.
[0080] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0081] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0082] According to a fourteenth aspect, there is provided a network apparatus for a core network entity, the network apparatus comprising: receiving circuitry for receiving, from an application function, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server: said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server; and registering circuitry for registering the registration information.
[0083] The registering circuitry may comprise making circuitry for making the registration information available to a policy control function.
[0084] The network apparatus may comprise associating circuitry for associating the registration information with an identification of a network in the core network.
[0085] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0086] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0087] According to a fifteenth aspect, there is provided a network apparatus for a policy control function, comprising: receiving circuitry for receiving, from a core network entity, registration information indicating that a Network Address Traversal; NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with at routing information for at least one NAT binding discovery server; and determining circuitry for determining at least one policy rule based on the registration information.
[0088] The network apparatus may comprise providing circuitry for providing the at least one policy rule to a session management entity in the core network.
[0089] The at least one policy rule may be provided to a session management entity on establishment of a session for a user equipment, or subsequent to a session for a user equipment being established.
[0090] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0091] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0092] According to a sixteenth aspect, there is provided a network apparatus for a core network function, comprising: receiving circuitry for receiving policy information from a core network apparatus, wherein said policy information associates at least one edge application server address with routing information for at least one Network Address Traversal, NAT, binding discovery server.
[0093] The network apparatus may comprise receiving circuitry for receiving the policy information when a session is being established, or receiving the policy information when the session is already established.
[0094] The policy information may comprise an indication that a mapping is to be stored for mapping an Internet Protocol (IP) address of the user equipment with a translated version of the IP address of the user equipment, and wherein the network apparatus comprises causing circuitry for causing said mapping to be performed in response to receiving the policy information.
[0095] The network apparatus may comprise determining circuitry for determining whether or not a destination address in a message originating from the user equipment matches with said at least one edge application server address; and determining circuitry for determining whether or not a source address and a port in said message matches a mapped address provided in said mapping.
[0096] The network apparatus may comprise, when the destination address matches with said at least one edge application server address and the source address and port match to a mapped address and port in said mapping, forwarding circuitry for forwarding the message to the edge application server address; and/or, when the destination address matches with said at least one edge application server address and when a match for the source IF address and port is not provided in said mapping, causing circuitry for causing a Network Address Traversal binding discovery client located in the core network to request a new mapping from the at least one NAT binding discovery server.
[0097] A response to the request for a new mapping may be used by the network apparatus to additionally form at least part of said mapping.
[0098] The response may be used to additionally form at least part of said mapping only when a value in the response matches a random value comprised within the request.
[0099] The Network Address Traversal binding discovery client may comprise a Session Traversal Utilities for Network Address Traversal client.
[0100] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0101] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0102] According to a seventeenth aspect, there is provided non-transitory computer readable medium comprising program instructions for causing a network apparatus for an application function to perform at least the following to: signal, to a core network apparatus in a core network, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server.
[0103] The network apparatus may be caused to associate the registration information with an identification of a network in the core network.
[0104] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity..
[0105]The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0106] According to an eighteenth aspect, there is provided non-transitory computer readable medium comprising program instructions for causing a network apparatus for a core network entity to perform at least the following: receive, from an application function, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server; and register the registration information.
[0107] The registering may comprise making the registration information available to a policy control function.
[0108] The network apparatus may be caused to associate the registration information with an identification of a network in the core network.
[0109] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0110] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0111] According to a nineteenth aspect, there is provided non-transitory computer readable medium comprising program instructions for causing a network apparatus for a policy control function to perform at least the following: receive, from a core network entity, registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with at routing information for at least one NAT binding discovery server; and determine at least one policy rule based on the registration information.
[0112] The network apparatus may be caused to provide the at least one policy rule to a session management entity in the core network.
[0113] The at least one policy rule may be provided to a session management entity on establishment of a session for a user equipment, or subsequent to a session for a user equipment being established.
[0114] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0115] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0116] According to a twentieth aspect, there is provided non-transitory computer readable medium comprising program instructions for causing a network apparatus for a core network function to perform at least the following: receive policy information from a core network apparatus, wherein said policy information associates at least one edge application server address with routing information for at least one Network Address Traversal, NAT, binding discovery server.
[0117] The network apparatus may be caused to receive the policy information when a session is being established, or receive the policy information when the session is already established.
[0118] The policy information may comprise an indication that a mapping is to be stored for mapping an Internet Protocol (IP) address of the user equipment with a translated version of the IP address of the user equipment, and wherein the network apparatus may be caused to cause said mapping to be performed in response to receiving the policy information.
[0119] The network apparatus may be caused to determine whether or not a destination address in a message originating from the user equipment matches with said at least one edge application server address: and determine whether or not a source address and a port in said message matches a mapped address provided in said mapping.
[0120]The network apparatus may be caused to, when the destination address matches with said at least one edge application server address and the source address and port match to a mapped address and port in said mapping, forward the message to the edge application server address; and/or, when the destination address matches with said at least one edge application server address and when a match for the source IP address and port is not provided in said mapping, cause a Network Address Traversal binding discovery client located in the core network to request a new mapping from the at least one NAT binding discovery server.
[0121] A response to the request for a new mapping may be used by the network apparatus to additionally form at least part of said mapping.
[0122] The response may be used to additionally form at least part of said mapping only when a value in the response matches a random value comprised within the request.
[0123] The Network Address Traversal binding discovery client may comprise a Session Traversal Utilities for Network Address Traversal client.
[0124] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
[0125] The at least one NAT binding discovery server may comprise at least one Session Traversal Utilities for Network Address Traversal server.
[0126] According to a twenty first aspect, there is provided a computer program comprising program instructions for causing a computer to perform any method as described above.
[0127] According to a twenty second aspect, there is provided a computer program product stored on a medium may cause an apparatus to perform any method as described herein [0128] According to a twenty third aspect, there is provided an electronic device that may comprise apparatus as described herein.
[0129] According to a twenty fourth aspect, there is provided a chipset that may comprise an apparatus as described herein.
[0130] Various other aspects are also described in the following detailed description and in the attached claims.
Brief description of Figures
[0131] Embodiments will now be described, by way of example only, with reference to the accompanying Figures in which: [0132] Figure 1 shows a schematic representation of a 5G system; [0133] Figure 2 shows a schematic representation of a network apparatus; [0134] Figure 3 shows a schematic representation of a user equipment; [0135] Figure 4 shows a schematic representation of a non-volatile memory medium storing instructions which when executed by a processor allow a processor to perform one or more of the steps of the methods of some embodiments; [0136] Figures 5 to 7 illustrate potential network setups; [0137] Figure 8 illustrates signaling between various communicating entities; and [0138] Figures 9 to 10 are flow charts illustrating potential operations of different communication entities.
Detailed description
[0139] In the following certain embodiments are explained with reference to mobile communication devices capable of communication via a wireless cellular system and mobile communication systems serving such mobile communication devices. Before explaining in detail the exemplifying embodiments, certain general principles of a 5G wireless communication system are briefly explained with reference to Figure 1.
[0140] Figure 1 shows a schematic representation of a 5G system (5GS) 100. The 5GS may comprise a user equipment (UE) 102 (which may also be referred to as a communication device or a terminal), a 5G access network (AN) (which may be a 5G Radio Access Network (RAN) or any other type of 5G AN such as a Non-3GPP Interworking Function (N3IWF) /a Trusted Non3GPP Gateway Function (TNGF) for Untrusted / Trusted Non-3GPP access or Wireline Access Gateway Function (W-AGF) for Wireline access) 104, a 5G core (5GC) 106, one or more application functions (AF) 108 and one or more data networks (DN) 110.
[0141] The 5G RAN may comprise one or more gNodeB (gNB) distributed unit functions connected to one or more gNodeB (gNB) centralized unit functions. The RAN may comprise one or more access nodes.
[0142] The 5GC 106 may comprise one or more access management functions (AMF) 112, one or more session management functions (SMF) 114, one or more authentication server functions (AUSF) 116, one or more unified data management (UDM) functions 118, one or more user plane functions (UPF) 120, one or more unified data repository (UDR) functions 122, one or more policy control (PCF) functions 128, and/or one or more network exposure functions (NEF) 124. Although PCF 128 is not depicted with its interfaces, it is understood that this is for clarity reasons and that PCF 126 may have a plurality of interfaces with other network functions, such as AMF 112 (via interface N15), SMF 114 (via interface N7). UDR 122 (through interface N36), network data analytics function (NWDAF) 126 (through interface N23), and many other network functions.
[0143] The 5GC 106 also comprises a network data analytics function (NWDAF) 126. The NWDAF is responsible for providing network analytics information upon request from one or more network functions or apparatus within the network. Network functions can also subscribe to the NWDAF 126 to receive information therefrom. Accordingly, the NWDAF 126 is also configured to receive and store network information from one or more network functions or apparatus within the network. The data collection by the NWDAF 126 may be performed based on at least one subscription to the events provided by the at least one network function.
[0001]As part of 3GPP Release 17, 3GPP is having a Study Item on how to improve 3GPP support of Edge Computing. Edge computing generally relates to the provision of processing functions towards an edge of a network. For cellular systems, this means that services may be deployed by processing functions at an edge of a network, outside of a core network functionality, such as in a radio access network part of a network. Outsourcing computational/processing work to an edge of a network is also known as "fog computing".
[0002]An example mechanism/architecture for providing edge computing is Multi--access edge computing (MEG). MEG is a European Telecommunications Standards Institute (ETSI)-defined network architecture concept that has been publicly developed since 2014. MEG is directed towards enabling cloud computing capabilities and a service environment to be provided at the edge of a cellular network. The concepts of MEG may be applied to the edge of any network, and not just cellular networks. Therefore, although the following may describe examples in the context of cellular networks, it is understood that the presently described techniques are not limited to cellular networks.
[0144] A 5G UE may access an Application hosted by a platform located at the edge, for instance using Single protocol data unit (PDU) Session via an intermediate user plane function (I-UPF) provided by a PDU Session anchor. This is illustrated with respect to Figure 5.
[0145] Figure 5 shows a UE 501 that communicates with an I-UPF 502 providing a PDU Session anchor (PSA) in a 5G System 503. The I-UPF 502 may also communicate with another user plane function (UPF) 504 providing another PSA in the 5G System 503. The UPF 504 may exchange user plane traffic with a Network Address Translation (NAT) entity 505 located outside of the 5G System 503 (e.g. over an N6 interface). The I-UPF 502 may also exchange user plane traffic with another NAT function 506 (e.g. via an N6 interface) located on an edge platform 507. The edge platform 507 may be an MEG or 3rd party platform (such as a public cloud) that provides platform services to an application. The edge platform 507 may also comprise an (edge) application server 508 with which the UE 501 exchanges user plane traffic as the UE 501 gets services from the (edge) application server 508. The (edge) application server 508 is controlled by an application function 509 that may communicate with entities in the 5GS 503 using, for example, application programming interfaces. For example, the application function 509 may consume an application programming interface of an NEF.
[0146] The presently described techniques may apply to the communication between the UE and (edge) application server 508 via the I-UPF 502 and the NAT function 506 reached by the I-UP F 502, but the same mechanism may apply for the communication between the UE and (edge) application server 508 via the UPF 504 and the corresponding NAT function 505 in Figure 5, and in analogous functional element illustrated with respect to Figures 6 and 7.
[0147] The 5G0 may allocate a private 5GC UE Internet protocol (IP) address that is translated by a NAT function (such as any of 505 and 506) when traffic is exchanged over the N6 interface. This NAT function may transform the 5GC UE IF address into IP addressing information at the application level.
[0148] The current NEF Influence API (defined in 3GPP Release 15 and 16) allows for an authorized AF to be provided with a mapping between the UE IF address allocated by 5GC (e.g. the 5GC UE IP addressing information) and a corresponding Subscription Permanent Identifier (SUFI) (e.g. 5GC UE ID, as discussed in 3GPP Technical Specification 29.521).
[0149] There may be thus be a NAT function between a platform hosting an Application and a UPF/PSA that relays user plane IF traffic between the UE and the Application on the platform over an N6 interface. Network address/port translation (NAPT) is a technique in which multiple internal IP addresses are translated into a single public IF address. As part of this translation process, the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports in the packets are also translated. In other words, the addresses of multiple different 5GC UE IP may be translated by a NAT function to the same Application level IP address, while the multiple addresses may have different Transmission Control Protocol (TCP) and/or User Datagram Protocol (UDP) ports.
[0150] In 3GPP, NAT traversal and detection of NAT between UE and the IP Multimedia Subsystem (IMS) domain is defined in (TS 23.228 Annex G). The mechanisms are based on information available from application layer signalling (such as Session Information Protocol signalling) and deployment of specific functionality such as Session Traversal Utilities for NAT (STUN).
[0151] STUN servers enable NAT clients (such as IF Phones behind a firewall) to set up phone calls to an application provider, such as a VolP provider, hosted outside of a local network. A STUN server allows STUN clients to find out their public address, the type of NAT they are behind and the Internet side port associated by the NAT with a particular local port. A STUN server may be considered to be an entity that receives STUN requests and sends STUN responses. A STUN server can also send indications. A STUN client may be considered to be an entity that sends STUN requests and receives STUN responses. A STUN client can also send indications. For example, a STUN client sending a message to a STUN server through a NAT will be informed by the STUN server that the original IP address x and port k was transformed by the NAT in IP address y and port m. This information may be used to set up UDP communication between the client and the VolP provider to establish a call. The STUN protocol is defined in RFC 3489.
[0152] One mechanism used in the STUN protocol is the Binding mechanism. The Binding method can be used either in request/response transactions or in indication transactions. When used in request/response transactions, the Binding method can be used to determine the particular "binding" a NAT has allocated to a STUN client. In other words, a NAT binding refers to an association that maps the translation made by a NAT entity from an input address-port pair to an output address-port pair.
[0153] In the Binding request/response transaction, a Binding request is sent from a STUN client to a STUN server. When the Binding request arrives at the STUN server, it may have passed through one or more NATs between the STUN client and the STUN server. As the Binding request message passes through a NAT, the NAT will modify the source transport address (that is, the source IP address and the source port) of the packet. As a result, the source transport address of the request received by the server will be the public IP address and port created by the NAT closest to the server. This is called a reflexive transport address. The STUN server copies that source transport address into an XOR-MAPPED-ADDRESS attribute in the STUN Binding response and sends the Binding response back to the STUN client. As this packet passes back through a NAT, the NAT will modify the destination transport address in the IF header, but the transport address in the XOR-MAPPED-ADDRESS attribute within the body of the STUN response will remain untouched. In this way, the client can learn its reflexive transport address allocated by the outermost NAT with respect to the STUN server.
[0154] However, in 3GPP, there is no application layer agnostic mechanism to discover address and port translation on the user plane path. Port Control Protocol (RFC 6887), and its predecessor NAT-Port Mapping Protocol (defined in RFC 6886), define a user plane path mechanism, but requires the protocol functionality in the host or client and the entity performing the NAT functions. Another example of NAT type variations and NAT software are described in RFC 4787. Software appliances providing NAT functions may be deployed in the cloud. Such appliance may exhibit specific application programming interfaces (APIs) that allow service operations for translation behaviour of those appliances.
[0155] When a NAT for translating addresses between a 505 and an edge application server is under control of a 5GC network operator, problems in translating port/address combinations may be addressed by the NAT exposing an interface to request mapping information. However, the interface may not be exposed when the NAT is not under control of a 5GC network operator, [0156] In order to address a subscriber via 505 APIs, an application function uses an identity representing subscriber or an identity that can be translated in 5GS to represent the subscriber. A UE source IF address allocated by the 5GC may be used to obtain a suitable subscriber identity. For example, a Binding Support Function (BSF) may be invoked to resolve UE source IP address allocated by the 5GC to other identities, such as a Generic Public Subscription Identifier (GPSI), as discussed in 30PP Technical Specification 29.521 or a SUPI.
[0157] However, an application function located at an edge of a network cannot invoke RIF/NEF APIs for a subscriber with UE (source) IP address not allocated by the 5GC which may happen when there is a NAT between a UPF and the AF,. This is illustrated with respect to Figure 6, in which a NAT is located outside of the 5G system and outside an edge platform.
[0158] Figure 6 shows a UE 601 that communicates with an I-UPF 602 provided by a PDU Session anchor (PSA) in a 5G System 603. The I-UPF 602 may also communicate with a user plane function (UPF) 604 provided by another PSA in the 5GS. The UPF 602 may have an interface with a Network Address Translation (NAT) entity 606 located outside of the 5G System 603 and outside an edge platform 607. The edge platform 607 may be an MEC or 3rd party platform (such as a public cloud) that provides platform services to an application. The edge platform 607 may comprise an application on an Edge Application Server 608 that interfaces with NAT 606 and with an application function 609 also on the edge platform 607. It is understood that the application function may be located other than on the edge platform 607 in some examples. The application function 609 may request services from the 5GS 603 via a network function 610 (NEF network exposure function) located at the edge of the 5G System 603 using an application programming interface.
[0159] In this case, if it is assumed that the NAT 606 translates an IP address of X and a port of k into an IP address of y and a port of m, the IP address y and the port m will be provided by the application function 609 to the network exposure function 610 when requesting a service from the network exposure function 610. In such a case, the network exposure function 610 will not be able to resolve the IP address y, and so will return an error message.
[0160]Therefore, a new mechanism would be useful when addresses are being translated outside of the 5GC operator's control.
[0161]The following appropriates communication protocols to discover addresses represented behind a NAT or a chain of NATs. In particular, the following associates an Edge application platform with at least one Session Traversal Utilities for NAT (STUN server). The STUN protocol (currently defined in RFC 5389) may be used by SIP clients to discover their addresses (labelled as "Reflexive Transport Addresses") represented behind the NAT or a chain of NATs. STUN messages between the STUN client and STUN sever may be sent using any of a variety of transport protocols, such as the User Datagram Protocol (UDP), Transport Control Protocol (TCP), and/or Transport-Layer-Security (TLS) -over-TOP, etc, These messages may be sent to discover the bindings between Reflexive Transport Address and the private address [0162] In the following, an application function controlling at least one Edge Application server (EAS) may provide the 5GS with an indication that a proactive NAT binding table mirror is to be implemented at the 5GS for a set of EAS IF addresses and provides necessary information for the STUN client in the 5GC to be able to reach the STUN server(s) located on the Edge system 607 hosting the Edge Application server(s) (EAS) 607.
[0163] Figure 7 illustrates a potential network setup illustrating this.
[0164] Figure 7 shows a UE 701 communicating with a 5GS 702 through an access network (5G AN) 703 of the 5GS 702. The 5G AN 703 is connected to a PSA 704 in the 5GS, which comprises an interface to an SMF and STUN client 705 in the 5GS 702. This interface to the SMF may be an N4 interface. The PSA 704 may further have an interface (such as an N6 interface) to one or more NATs 706 located outside of the 5GS 702 operator's control. The NAT 706 may, for example, translate within user plane traffic between the first pair of an IF address x and a port k and the second pair of an IF address y and a port m. This second pair may be visible to an EAS (Edge Application server) 707 on an Edge platform 708. The edge platform 708 may also comprise an application function 709. The NAT 706 may be located outside of the Edge platform 708.
[0165] Using the example addresses of Figure 7, the STUN client in the 5GC may be triggered by the SMF to discover the binding of the 5GC allocated address UE IF (IF x, port k) and the IF address seen by the Application server (IF y, port m) using the STUN Binding request and response procedure. The SMF may trigger the STUN client in the 5GC to build a reverse NAT table of the mappings proactively. The SMF may trigger the STUN client to discover the UE's address visible to the edge application server (aka Reflexive Transport Address in STUN). For this purpose, the STUN client may acquire the UE IF address and port and use it as a source address of the Binding request STUN messages. The destination address of the Binding request may be the address of the STUN server. In order to not interfere with the use of STUN by the UE, the STUN client used by the 5GS may use private ports for its STUN messages instead of STUN port. The address (and possibly private port) that the 5GS STUN client uses may be provided to the 5GS by the application function 709.
[0166] Wien the AF subsequently requests for information about an UE identified by Reflexive Transport Address through the NEE, the NAT mapping is already resolved in the table built up in the 5GS, and can be used to identify the UE as though the NAT were under the control of the 5GC.
[0167] The following discusses some specific implementations of the presently described mechanisms.
[0168] In a first example, the STUN client is co-located with the UPF. In this case the SMF provides information to reach the corresponding STUN server(s) over an interface (e.g. the N4 interface) to the UPF [0169] This first example is illustrated with respect to Figure 8, which shows example signaling between different communication entities. In particular, Figure 8 shows example signaling between a UE 801, an SMF 802, a PSA UPF 803, a STUN client 804, a PCF 805, an NEF 806, an application function 807, an NAT 808, an EAS 809, and a STUN server 809'. EAS 809 and STUN server 809' may be located on an Edge platform.
[0170] In a first operation, the application function 807 may register at least one IF address of EAS 809 along with information to reach the corresponding STUN server 809' associated with that EAS 809 on the edge platform. This is shown through the signaling of 8001 and 8002. It is understood that the STUN server 809' may comprise at least one STUN server, although only one is illustrated in the present example for clarity purposes.
[0171] At 8001, the EAS signals the NEF with at least one IF address of EAS 809 along with information to reach the corresponding STUN server 809. This signaling is a request to register the provided information.
[0172] The provided information for reaching the corresponding STUN server 809' may comprise at least one of: the IF address of the STUN server 809' (or respective IF addresses for multiple STUN servers), the private port used by the STUN server(s) 809' when the private port exists (there may be a single private port for multiple STUN servers 809' of the edge platform) and security credential(s) to be used for reaching the STUN server(s). The provided information by the AF may be stored by the NEF in UDR Policy Data and may be used by the PCF to determine corresponding PCC rules. [0173] The transmitted request may be associated by the AF 807 itself or by a NEF 806 with an identifier of the network. For example, the identifier may be a Data Network Name (DNN) and/or a single slice identifier (Single-Network Slice Selection Assistance Information (S-NSSAI)). These identifiers are used to manage PDU sessions. For example, the establishment of a PDU session within the selected network slice is triggered when the AMF receives a Session Management message from UE. The AMF discovers candidate Session Management Functions (SW) using multiple parameters, which may include at least one of the DNN and S-NSSAI provided in the UE request, and selects the appropriate SMF. The selection of the User Plane Function (UPF) is performed by the SMF and may uses multiple parameters, including the DNN and the S-NSSAI. The data transmission can take place after a PDU session to a Data Network is established in a Network Slice. The SNSSAI associated with a PDU Session is provided to the AN, and to the policy and charging entities, to apply slice specific policies.
[0174] At 8002, the NEF 806 signals PCF 805.
[0175] In a second operation, the UE 801 establishes a PDU session to the DNN and/or the S-NSSAI. The SMF 802 may receive FCC rules sent by the PCF 805 for this PDU Session immediately at the establishment of the PDU session or later in the lifetime of the PDU Session.
[0176] The SMF 802, using at least part of FCC rules sent by the PCF 805 for this PDU Session, may receive an indication from the PCF 805 that reverse NAT mapping needs to be maintained for at least one identified IF address. The at least one identified IF address may correspond to the EAS addresses received from EAS 809 during the first operation. The received rules may also comprise the information to be used to reach the corresponding STUN server(s). The SMF may thus be configured to invoke a 5GC STUN client to proactively build a mapping between the 5GC allocated IF address of the UE and the address seen by the application at the edge platform running on the EAS 809.
[0177] This second operation is reflected by the operations illustrated by 8003 and 8004 in Figure 8.
[0178] At 8003, the UE 801, SMF 802 and PSA 804 exchange signaling to set up a PDU session.
[0179] If the Request to set up a PDU session is Type is "initial request" and a dynamic Policy, Charging Control (FCC) is deployed, and the PDU Session Type is IPv4 or IPv6 or IPv4v6, the SMF may notify the PCF with the allocated UE IP address/prefix(es) (TS 23.502 clause 4.3.2.2).
[0180] At 8004, the PCF 806 signals the SMF 802. This signaling provides the above-mentioned FCC rules for establishing the session. This signaling may indicate that a STUN client is to be triggered when the PDU session is set.
[0181]At 8005, in a third operation, the SMF 802 sets up at least one PDR (Packet Detection Rule) and associated FAR (Forwarding Action Rule) in the PSA 804.
[0182] In particular, the user plane function/PSA 804 is arranged to detect uplink traffic to at least one [AS addresses using a Packet Detection Rule (labelled as PDR1 in the following). A Packet Detection Rule is a rule comprising information used to classify a packet arriving at a user plane function. Upon this traffic being detected using PDR1, the PSA 804 applies a Forwarding action that is specific to the STUN server behavior. This Forwarding action contains the information to reach the corresponding STUN server(s) 809'.
[0183] Also at 8005, the SMF 802 may enable communication between the STUN client and STUN server via rules for the interface (e.g. specification-defined rules for an N4 interface) configured on the PSA 804. A downlink Packet Detection rule (labelled as PDR2 in the following), instructs the PSA 804 to detect the STUN responses from the STUN server. This may be performed, for example, using the STUN server IP address and the private port learned by the SMF 802 in 8004. The corresponding forwarding action for PDR 2 may cause the responses to be forwarded to the STUN client of 5GC. Other STUN responses may go directly back to UE 801. [0184] At 8006, in a fourth operation, the UE 801 starts to contact an application server on the [AS 809.
[0185] In a fifth operation, the signaling of 8006 is detected by the UPF using PDR1. The forwarding action rule action associated with this detection will cause a NAT binding table to be built, as discussed below. Therefore, this forwarding action rule may be associated with a timer for "NAT binding table".
[0186] One example of how the PCF 806 may invoke the creation of the binding information in BSF is to use the Nbsf_Management_Register service operation (currently defined in TS 23.502 clause 4.16.4 and clause 4.16.5.1). Using this Nbsf_Management_Register mechanism, a Network Function service consumer (such as the PCF 806) may register the session binding information for a UE in the BSF by providing the user identity (SUPI/GPSI), the DNN, the UE address(es) as allocated by 5GC and the selected PCF address/URI for a certain PDU Session to the BSF, and the BSF stores the information. (TS 29.521 clause 4.2.2 Nbsf Management_Register Service Operation). The SUPI/GPSI may be retrieved from the 5GS managed UE IF address using the bsf Management_discovery service, which is also defined in these 3GPP Technical Specifications.
[0187] The FAR action "build NAT binding table" may operate as follows.
[0188] When a translation for an uplink source IP address and port exists in the NAT binding table, then the uplink UE traffic is simply forwarded.
[0189] When no translation for an uplink source IF address and port exists in the NAT binding table, the STUN CLIENT is started for the first occurrence of the IF flow. As long as there is no translation in the NAT binding table, the traffic is buffered in the PSA 804. When the network address translation is subsequently written in the NAT binding table by the STUN client, the corresponding uplink traffic (which may comprise buffered traffic and traffic received after a NAT binding has been established) is then sent to the EAS 809.
[0190] When there is no traffic on an IF flow between the UE 801 and the EAS 809 for longer than a predefined time duration the binding is removed in the NAT binding table. The duration may be predefined in the FAR provided by the SMF 802.
[0191] This operation is represented by signaling 8007 and 8008 in Figure 8.
[0192] At 8007, the PSA 803 signals STUN client 804.
[0193] In response to the signaling of 8007, the STUN client 804 may be triggered to send a STUN binding request for the UE's address (such as the UE IF Address) at 8008. For example, the STUN client 805 may be triggered to send Binding request with the source address equal to the UE 5G IF, a destination address equal to an address of the STUN server 809' associated with the EAS server 809, with a STUN port equal to the private port number, and with a given Transaction ID. The Transaction ID may be a randomly (or pseudo-randomly) generated value. Although the STUN client uses the UE IF address and port to reach the EAS as a source of the STUN Binding requests (address spoofing), because of the use of the private port learnt at step 1, this address spoofing does not interfere with potential use of STUN by the UE. [0194] In a sixth operation, the STUN client 804 receives responses 8009 from the STUN server 809'. The STUN client accepts those responses that match the randomly generated transaction identity. Responses that do not match the randomly generated transaction identity are sent back to the UE 801. Once the STUN server has received the STUN response, it builds the Reverse NAT Mapping table proactively and sends the user plane traffic of the UE 801 towards the EAS 809.
[0195] This sixth operation is represented by step 8009 in Figure 8, in which STUN server 809' responds to the message of the STUN client 804 signalled at 8007.
[0196] At 8010, the reverse NAT mapping is built between the UE 5G IP address and port and the translated UE IP address and port when a successful transaction ID is matched during the sixth operation. Consequently, when an AF subsequently requests services requiring such address mapping information, using for example the NEF, this information is available in the table and may be used to provide such services to the AF.
[0197] In the example of Figure 7, SMF and STUN client 705 were co-located. However, it is understood that the STUN client can co-located with the user plane function in PSA 704. When the STUN client is not co-located in UPF, then FAR1 described above in respect of the third operation may merely correspond to a interface change (e.g. a PFCP/N4 interface change). VVhen the STUN client is in the SMF, the FAR1 operation may be to forward the traffic to the SMF 705, 802. In this case, the forwarded traffic may omit the information to reach the corresponding STUN server(s) 809'. This may mean that all the traffic sent to the EAS addresses is forwarded to the SMF 705, 802.
[0198] Figures 9 to 12 are flow charts illustrating some general operations of the presently described system. It is understood that the functionality described above in respect of the specific examples may also be performed by the corresponding functional entities mentioned below.
[0199] All of the following refer to at least one NAT binding discovery server some of the following refer to at least one NAT binding discovery client. A NAT binding discovery server may refer to a server that can be used to discover a NAT binding (e.g. a translation between an address-port pair input to a NAT and an address-port pair that the NAT translates that input into). Similarly, a NAT binding discovery client may be a client of such a NAT binding discovery server. The NAT binding discovery client may issue a discover request to such a NAT binding discovery server in order to discover/find out an address/port binding made by the NAT.
[0200] Figure 9 is a flow chart representing actions that may be performed by a network apparatus for an application function. The application function may be located at an edge platform (although it is understood that the application function may be located other than at an edge platform). The edge platform may be located outside of the control of a core network operator. The application function may be an edge application service.
[0201] At 901, the network apparatus signals, to a core network apparatus in a core network, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server.
[0202] The core network apparatus may be considered to be an entity located within the control of the core network operator. The at least one NAT binding discovery server may be at least one STUN server. The STUN server may interact with a NAT binding discovery client located within the control of the core network operator, such as a STUN client.
[0203] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity. All of these listed types of routing information may be comprised within the routing information.
[0204] The network apparatus may be arranged to associate the registration information with an identification of a network in the core network. For example, the identification of a network in the core network may be a DNN. As another example, the identification of a network in the core network may be an identification of a virtualized network, such as a slice (e.g. identified used S-NSSAI).
[0205] Figure 10 is a flow chart representing actions that may be performed by a network apparatus for a core network entity. The core network entity may be considered to be an entity located within the control of a core network operator. The core network entity may be, for example, an NEF.
[0206] At 1001, the network apparatus may receive, from an application function, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server [0207]The edge platform may be located outside of the control of a core network operator. The application function may be an edge application service. The application function may (or may not) be located at an edge platform.
[0208] The at least one NAT binding discovery server may be at least one STUN server. The STUN server may interact with a NAT binding discovery client located within the control of the core network operator, such as a STUN client.
[0209] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity. . All of these listed types of routing information may be comprised within the routing information.
[0210]At 1002, the network apparatus registers the registration information. The registering may comprise making the registration information available to a policy control function. For example, the registration information may be transmitted to the policy control function.
[0211] The network apparatus may be arranged to associate the registration information with an identification of a network in the core network. For example, the identification of a network in the core network may be a DNN. As another example, the identification of a network in the core network may be an identification of a virtualized network, such as a slice (e.g. identified used S-NSSAI).
[0212] Figure 11 is a flow chart representing actions that may be performed by a network apparatus for a core network entity. The core network entity may be considered to be an entity located within the control of a core network operator. The core network entity may be, for example, a policy control function.
[0213] At 1101, the network apparatus may receive, from another core network entity, registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with at routing information for at least one NAT binding discovery server. The another core network entity may be an NEF.
[0214] At 1102, the network apparatus may determine at least one policy rule based on the registration information.
[0215] The network apparatus may provide the at least one policy rule to a session management entity located in the core network (i.e. under the control of a core network operator). For example, the at least one policy rule may be provided to an SMF. The at least one policy rule may be provided to a session management entity on establishment of a session for a user equipment. The at least one policy rule may be provided to a session management entity after establishment of a session for a user equipment. The at least one policy rule may be a forwarding rule. The forwarding rule may define how to route incoming messages having certain source and/or destination addresses.
[0216] The at least one NAT binding discovery server may be at least one STUN server. The STUN server may interact with a NAT binding discovery client located within the control of the core network operator, such as a STUN client.
[0217] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity. All of these listed types of routing information may be comprised within the routing information.
[0218] Figure 12 is a flow chart representing actions that may be performed by a network apparatus for a core network entity. The core network entity may be considered to be an entity located within the control of a core network operator. The core network entity may be, for example, a session management function. The core network entity may be, for example, a user plane function, such as a PSA.
[0219] At 1201, the network apparatus receives policy information from a core network apparatus, wherein said policy information associates at least one edge application server address with routing information for at least one Network Address Traversal, NAT, binding discovery server.
[0220] The at least one NAT binding discovery server may be at least one STUN server. The STUN server may interact with a NAT binding discovery client located within the control of the core network operator, such as a STUN client. This NAT binding discovery client is referred to further below.
[0221] The routing information for the at least one NAT binding discovery server may comprise at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity, a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity. All of these listed types of routing information may be comprised within the routing information.
[0222] The network apparatus may receive the policy information when a session is being established for a user equipment. The network apparatus may receive the policy information when the session is already established for a user equipment.
[0223] The policy information may comprise an indication that a mapping is to be stored for mapping an Internet Protocol (IP) address of the user equipment with a translated version of the IP address of the user equipment, and wherein the network apparatus may comprise means for causing said mapping to be performed in response to receiving the policy information.
[0224] The network apparatus may determine whether or not a destination address in a message originating from the user equipment matches with said at least one edge application server address. The network apparatus may determine whether or not a source address and a port in said message matches a mapped address provided in said mapping.
[0225] The network apparatus may, when the destination address matches with said at least one edge application server address and the source address and port match to a mapped address and port in said mapping, forward the message to the edge application server address.
[0226] The network apparatus may, when the destination address matches with said at least one edge application server address and when a match for the source IP address and port is not provided in said mapping, cause a Network Address Traversal binding discovery client located in the core network to request a new mapping from the at least one NAT binding discovery server.
[0227] [0228] A response to the request for a new mapping may be used by the network apparatus to additionally form at least part of said mapping. The response may be used to additionally form at least part of said mapping only when a value in the response matches a random value corn prised within the request. This may correspond to the above-described transaction identity. The at least one address-provision entity may be at least one STUN server. The STUN server may interact with an address-provision client located within the control of the core network operator, such as a STUN client. This interacting address-provision client may be the address-provision client presently discussed [0229] In the above, the term NAT is used to refer to any network entity that performs one or more of network address translation, and/or NAPT, and/or similar translation functions between two different addressing schemes. Examples of NAT implementation variations are described in, for example, RFC 4787.
[0230] Figure 2 shows an example of a control apparatus for a communication system, for example to be coupled to and/or for controlling a station of an access system, such as a RAN node, e.g. a base station, gNB, a central unit of a cloud architecture or a node of a core network such as an MME or S-GW, a scheduling entity such as a spectrum management entity, or a server or host, for example an apparatus hosting an NWDAF, AMF, SMF, UDM/UDR etc. The control apparatus may be integrated with or external to a node or module of a core network or RAN. In some embodiments, base stations comprise a separate control apparatus unit or module. In other embodiments, the control apparatus can be another network element such as a radio network controller or a spectrum controller. The control apparatus 200 can be arranged to provide control on communications in the service area of the system. The apparatus 200 comprises at least one memory 201, at least one data processing unit 202, 203 and an input/output interface 204. Via the interface the control apparatus can be coupled to a receiver and a transmitter of the apparatus. The receiver and/or the transmitter may be implemented as a radio front end or a remote radio head. For example the control apparatus 200 or processor 201 can be configured to execute an appropriate software code to provide the control functions.
[0231] A possible wireless communication device will now be described in more detail with reference to Figure 3 showing a schematic, partially sectioned view of a communication device 300. Such a communication device is often referred to as user equipment (UE) or terminal. An appropriate mobile communication device may be provided by any device capable of sending and receiving radio signals. Non-limiting examples comprise a mobile station (MS) or mobile device such as a mobile phone or what is known as a 'smart phone', a computer provided with a wireless interface card or other wireless interface facility (e.g., USB dongle), personal data assistant (PDA) or a tablet provided with wireless communication capabilities, or any combinations of these or the like. A mobile communication device may provide, for example, communication of data for carrying communications such as voice, electronic mail (email), text message, multimedia and so on. Users may thus be offered and provided numerous services via their communication devices.. Non-limiting examples of these services comprise two-way or multi-way calls, data communication or multimedia services or simply an access to a data communications network system, such as the Internet. Users may also be provided broadcast or multicast data. Non-limiting examples of the content comprise downloads, television and radio programs, videos, advertisements, various alerts and other information.
[0232] A wireless communication device may be for example a mobile device, that is, a device not fixed to a particular location, or it may be a stationary device. The wireless device may need human interaction for communication, or may not need human interaction for communication. In the present teachings the terms UE or "user" are used to refer to any type of wireless communication device.
[0233] The wireless device 300 may receive signals over an air or radio interface 307 via appropriate apparatus for receiving and may transmit signals via appropriate apparatus for transmitting radio signals. In Figure 3 transceiver apparatus is designated schematically by block 306. The transceiver apparatus 306 may be provided for example by means of a radio part and associated antenna arrangement. The antenna arrangement may be arranged internally or externally to the wireless device.
[0234] A wireless device is typically provided with at least one data processing entity 301, at least one memory 302 and other possible components 303 for use in software and hardware aided execution of tasks it is designed to perform, including control of access to and communications with access systems and other communication devices. The data processing, storage and other relevant control apparatus can be provided on an appropriate circuit board and/or in chipsets. This feature is denoted by reference or 304. The user may control the operation of the wireless device by means of a suitable user interface such as key pad 305, voice commands, touch sensitive screen or pad, combinations thereof or the like. A display 308, a speaker and a microphone can be also provided. Furthermore, a wireless communication device may comprise appropriate connectors (either wired or wireless) to other devices and/or for connecting external accessories, for example hands-free equipment, thereto.
[0235] Figure 4 shows a schematic representation of non-volatile memory media 400a (e.g. computer disc (CD) or digital versatile disc (DVD)) and 400b (e.g. universal serial bus (USB) memory stick) storing instructions and/or parameters 402 which when executed by a processor allow the processor to perform one or more of the steps of the methods of Figures 9 to 12 [0236] The embodiments may thus vary within the scope of the attached claims. In general, some embodiments may be implemented in hardware or special purpose circuits, software, logic or any combination thereof, For example, some aspects may be implemented in hardware, while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing device, although embodiments are not limited thereto. While various embodiments may be illustrated and described as block diagrams, flow charts, or using some other pictorial representation, it is well understood that these blocks, apparatus, systems, techniques or methods described herein may be implemented in, as non-limiting examples, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof.
[0237] The embodiments may be implemented by computer software stored in a memory and executable by at least one data processor of the involved entities or by hardware, or by a combination of software and hardware. Further in this regard it should be noted that any procedures, e.g., as in Figures 9 to 12, may represent program steps, or interconnected logic circuits, blocks and functions, or a combination of program steps and logic circuits, blocks and functions. The software may be stored on such physical media as memory chips, or memory blocks implemented within the processor, magnetic media such as hard disk or floppy disks, and optical media such as for example DVD and the data variants thereof, CD.
[0238] The memory may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor-based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory. The data processors may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), application specific integrated circuits (ASIC), gate level circuits and processors based on multi-core processor architecture, as non-limiting examples.
[0239] Alternatively or additionally some embodiments may be implemented using circuitry. The circuitry may be configured to perform one or more of the functions and/or method steps previously described. That circuitry may be provided in the base station and/or in the communications device.
[0240] As used in this application, the term "circuitry" may refer to one or more or all of the following: (a) hardware-only circuit implementations (such as implementations in only analogue and/or digital circuitry); (b) combinations of hardware circuits and software, such as: (i) a combination of analogue and/or digital hardware circuit(s) with software/firmware and (ii) any portions of hardware processor(s) with software (including digital signal processor(s)), software, and memory(ies) that work together to cause an apparatus, such as the communications device or base station to perform the various functions previously described; and (c) hardware circuit(s) and or processor(s), such as a microprocessor(s) or a portion of a microprocessor(s), that requires software (e.g., firmware) for operation, but the software may not be present when it is not needed for operation.
[0241] This definition of circuitry applies to all uses of this term in this application, including in any claims. As a further example, as used in this application, the term circuitry also covers an implementation of merely a hardware circuit or processor (or multiple processors) or portion of a hardware circuit or processor and its (or their) accompanying software and/or firmware. The term circuitry also covers, for example integrated device.
[0242] The foregoing description has provided by way of exemplary and non-limiting examples a full and informative description of some embodiments. However, various modifications and adaptations may become apparent to those skilled in the relevant arts in view of the foregoing description, when read in conjunction with the accompanying drawings and the appended claims. However, all such and similar modifications of the teachings will still fall within the scope as defined in the appended claims.

Claims (25)

  1. Claims 1. A network apparatus for an application function, the network apparatus comprising: means for signaling, to a core network apparatus in a core network, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server.
  2. 2 A network apparatus for a core network entity, the network apparatus comprising: means for receiving, from an application function, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server; and means for registering the registration information.
  3. 3 An apparatus as claimed in claim 2, wherein the means for registering comprises making the registration information available to a policy control function.
  4. 4 An apparatus as claimed in any preceding claim, comprising means for associating the registration information with an identification of a network in the core network.
  5. A network apparatus for a policy control function, comprising: means for receiving, from a core network entity, registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with at routing information for at least one NAT binding discovery server; and means for determining at least one policy rule based on the registration information.
  6. 6. A network apparatus as claimed in claim 5, comprising means for providing the at least one policy rule to a session management entity in the core network.
  7. 7 A network apparatus as claimed in claim 6, wherein the at least one policy rule is provided to a session management entity on establishment of a session for a user equipment, or subsequent to a session for a user equipment being established
  8. 8 A network apparatus for a core network function: comprising: means for receiving policy information from a core network apparatus, wherein said policy information associates at least one edge application server address with routing information for at least one Network Address Traversal, NAT, binding discovery server
  9. 9 A network apparatus as claimed in claim 8, comprising means for receiving the policy information when a session is being established, or receiving the policy information when the session is already established.
  10. 10.A network apparatus as claimed in any of claims 8 to 9: wherein the policy information comprises an indication that a mapping is to be stored for mapping an Internet Protocol (IP) address and port of the user equipment with a translated version of the IP address and port of the user equipment, and wherein the network apparatus comprises means for causing said mapping to be performed in response to receiving the policy information.
  11. 11.A network apparatus as claimed in any of claims 8 to 10, comprising: means for determining whether or not a destination address in a message originating from the user equipment matches with said at least one edge application server address; and means for determining whether or not a source address and a port in said message matches a mapped address provided in said mapping.
  12. 12.A network apparatus as claimed in claim 11, comprising: means for, when the destination address matches with said at least one edge application server address and the source address and port match to a mapped address and port in said mapping, forwarding the message to the edge application server address; and/or means for, when the destination address matches with said at least one edge application server address and when a match for the source IA address and port is not provided in said mapping, causing a Network Address Traversal binding discovery client located in the core network to request a new mapping from the at least one NAT binding discovery server.
  13. 13.A network apparatus as claimed in claim 12, wherein a response to the request for a new mapping is used by the network apparatus to additionally form at least part of said mapping.
  14. 14.A network apparatus as claimed in claim 13, wherein the response is used to additionally form at least part of said mapping only when a value in the response matches a random value comprised within the request.
  15. 15. An apparatus as claimed in any of claims 11 to 14, wherein the Network Address Traversal binding discovery client comprises a Session Traversal Utilities for Network Address Traversal client.
  16. 16. An apparatus as claimed in any preceding claim, wherein the at least at least one NAT binding discovery server comprises at least one Session Traversal Utilities for Network Address Traversal server.
  17. 17.A network apparatus as claimed in any preceding claim, wherein the routing information for the at least one NAT binding discovery server comprises at least one of: at least one Internet Protocol address of the at least one NAT binding discovery server entity; a private port identity used by the at least one NAT binding discovery server entity, and security information for communicating with the at least one NAT binding discovery server entity.
  18. 18.A method for a network apparatus for an application function, the method comprising: signaling, to a core network apparatus in a core network, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server.
  19. 19.A method for a network apparatus for a core network entity, the method comprising: receiving, from an application function, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server; and registering the registration information.
  20. 20. A method for a network apparatus for a policy control function, the method comprising: receiving, from a core network entity, registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with at routing information for at least one NAT binding discovery server; and determining at least one policy rule based on the registration information.
  21. 21.A method for a network apparatus for a core network function, the method comprising: receiving policy information from a core network apparatus, wherein said policy information associates at least one edge application server address with routing information for at least one Network Address Traversal, NAT, binding discovery server.
  22. 22.A computer program product that, when one run at least one processor of a network apparatus for an application function, causes the network apparatus to perform signaling, to a core network apparatus in a core network, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server.
  23. 23.A computer program product that, when one run at least one processor of a network apparatus for a core network entity, causes the network apparatus to perform: receiving, from an application function, a request comprising registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with routing information for at least one NAT binding discovery server; and registering the registration information.
  24. 24.A computer program product that, when one run at least one processor of a network apparatus for a policy control function, causes the network apparatus to perform: receiving, from a core network entity, registration information indicating that a Network Address Traversal, NAT, binding discovery can be run between at least one entity in the core network and at least one NAT binding discovery server, said registration information associating at least one edge application server address with at routing information for at least one NAT binding discovery server; and determining at least one policy rule based on the registration information.
  25. 25.A computer program product that, when one run at least one processor of a a network apparatus for a core network function, causes the network apparatus to perform: receiving policy information from a core network apparatus, wherein said policy information associates at least one edge application server address with routing information for at least one Network Address Traversal, NAT, binding discovery server.
GB2012492.1A 2020-08-11 2020-08-11 Apparatus, methods, and computer programs Pending GB2598293A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB2012492.1A GB2598293A (en) 2020-08-11 2020-08-11 Apparatus, methods, and computer programs

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB2012492.1A GB2598293A (en) 2020-08-11 2020-08-11 Apparatus, methods, and computer programs

Publications (2)

Publication Number Publication Date
GB202012492D0 GB202012492D0 (en) 2020-09-23
GB2598293A true GB2598293A (en) 2022-03-02

Family

ID=72520092

Family Applications (1)

Application Number Title Priority Date Filing Date
GB2012492.1A Pending GB2598293A (en) 2020-08-11 2020-08-11 Apparatus, methods, and computer programs

Country Status (1)

Country Link
GB (1) GB2598293A (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114513546A (en) * 2020-10-28 2022-05-17 中国电信股份有限公司 Service guarantee method, system and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013127456A1 (en) * 2012-03-01 2013-09-06 Nec Europe Ltd. Method for providing access of an user end device to a service provided by an application function within a network structure and a network structure

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013127456A1 (en) * 2012-03-01 2013-09-06 Nec Europe Ltd. Method for providing access of an user end device to a service provided by an application function within a network structure and a network structure

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; System architecture for the 5G System (5GS); Stage 2 (Release 16)", vol. SA WG2, no. V16.5.1, 3 August 2020 (2020-08-03), pages 1 - 440, XP051925856, Retrieved from the Internet <URL:ftp://ftp.3gpp.org/Specs/archive/23_series/23.501/23501-g51.zip 23501-g51.docx> [retrieved on 20200803] *
3GPP TSG SA WG6: "LS on IP address to GPSI translation", vol. SA WG6, no. e-meeting; 20200514 - 20200526, 27 May 2020 (2020-05-27), XP051891857, Retrieved from the Internet <URL:https://ftp.3gpp.org/tsg_sa/WG6_MissionCritical/TSGS6_037-e/Docs/S6-200947.zip S6-200947 LS on IP address to GPSI translation.doc> [retrieved on 20200527] *
CHINA MOBILE ET AL: "Discussion of policy control in the presence of NAT devices", 3GPP DRAFT; S2-122972-DISCUSSION OF POLICY CONTROL IN THE PRESENCE OF NAT DEVICES OUTSIDE PCEF, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG2, no. Barcelona, Spain; 20120709 - 20120713, 3 July 2012 (2012-07-03), XP050633493 *

Also Published As

Publication number Publication date
GB202012492D0 (en) 2020-09-23

Similar Documents

Publication Publication Date Title
CA2748410C (en) Creating a globally unique indentifier of a subscriber device
US9307039B2 (en) Method, system, push client, and user equipment for service communication
US8559448B2 (en) Method and apparatus for communication of data packets between local networks
US9401962B2 (en) Traffic steering system
US8094648B2 (en) Method and system for mobile-to-mobile web service handling
US10250646B2 (en) Method and device for establishing channel
US8838771B2 (en) Enabling VoIP calls to be initiated when a call server is unavailable
US12009940B2 (en) Providing communication services using sets of I/O devices
WO2021135663A1 (en) Application instance determination method, device, and system
US20200053136A1 (en) Originating caller verification via insertion of an attestation parameter
US11968167B2 (en) Apparatus and method to facilitate network address translation service
US11444987B2 (en) Systems and methods for user capability exchange across networks
US8457111B2 (en) Voice communication method and system in ubiquitous robotic companion environment
GB2598293A (en) Apparatus, methods, and computer programs
US9705794B2 (en) Discovery of network address allocations and translations in wireless communication systems
CN108810180A (en) Dispatching method, device and its terminal that domain name mapping redirects
AU2020473989B2 (en) Methods and apparatuses for implementing a service request
CN108833434B (en) Method for realizing cross-network video call system based on IP bidirectional network set top box
US10277421B2 (en) Route lookup resolution
US20200196135A1 (en) Enhanced connectivity in dual-mode networks for single-mode nodes
US11956302B1 (en) Internet protocol version 4-to-version 6 redirect for application function-specific user endpoint identifiers
WO2023213395A1 (en) Echo cancellation for i/o user devices performing user terminal emulation as a cloud computing service
CN116016427A (en) Method, device, gateway and medium for accessing operator resources by terminal in local area network
CN117319429A (en) Information acquisition method and equipment
KR20130085622A (en) Method for providing plurality of ims service through respective service registrations in single user station