WO2009043210A1 - A method for selecting a gateway of the radio network - Google Patents

A method for selecting a gateway of the radio network Download PDF

Info

Publication number
WO2009043210A1
WO2009043210A1 PCT/CN2007/003931 CN2007003931W WO2009043210A1 WO 2009043210 A1 WO2009043210 A1 WO 2009043210A1 CN 2007003931 W CN2007003931 W CN 2007003931W WO 2009043210 A1 WO2009043210 A1 WO 2009043210A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
3gpp
visited
access
pdg
Prior art date
Application number
PCT/CN2007/003931
Other languages
French (fr)
Chinese (zh)
Inventor
Xiaoyun Zhou
Zaifeng Zong
Min Fang
Original Assignee
Zte Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zte Corporation filed Critical Zte Corporation
Publication of WO2009043210A1 publication Critical patent/WO2009043210A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/17Selecting a data network PoA [Point of Attachment]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Definitions

  • the present invention relates to a method for selecting a gateway of a wireless network, and more particularly to a gateway selection method for a wireless network in which a 3GPP evolved network is a home network, and a 3GPP network before the evolved network is a roaming scenario of a visited network.
  • FIG. 1 the architecture of SAE non-3GPP IP access is shown in Figure 1, which includes the following network elements:
  • E-UTRAN Evolved UTRAN
  • the network element included in the E-UTRA is an eNodeB (Evolved NodeB), which provides radio resources for terminal access.
  • HSS Home Subscriber Server
  • a home subscriber server that permanently stores user subscription data.
  • MME Mobility Management Entity: A control plane function entity, a server that temporarily stores user data, responsible for managing and storing UE contexts (such as UE identity/ User ID, mobility management status, user security parameters, etc.), assign temporary identifiers to users, when
  • the UE is camped on the tracking area or the network is responsible for authenticating the user; processing all non-access stratum messages between the MME and the UE; triggering paging at the SAE.
  • S-GW (Serving Gateway): A service gateway.
  • the gateway is a user plane entity responsible for user plane data routing processing and terminating downlink data of UEs in idle state. Manage and store the SAE bearer context of the UE, such as IP bearer service parameters and network internal routing information. It is the anchor point of the internal user plane of the 3GPP system. A user can only have one S-GW at a time. In the case of roaming without 3GPP IP access, the S-GW acts as a local anchor for the visited network.
  • PDN GW PDN Gateway
  • PDN Gateway A packet data network gateway, which is responsible for the UE accessing the PDN gateway, assigning the user IP address, and is the mobility anchor of the 3GPP and non-3GPP access systems. Users can access multiple PDN GWs at the same time.
  • Evolved Packet Data Gateway is an evolution and enhancement of PDG (Packet Data Gateway) in an I-WLAN access network. Untrusted non-3GPP access networks must pass ePDG to access the E-PS Core.
  • 3GPP AAA Authentication, Authorization, Accounting: for passing non-3GPP
  • the UE accessing the IP access network provides authentication, authentication, and accounting services.
  • S2a Provides control and mobility support related to the user plane between the trusted non-3GPP IP access network and the PDN Gateway. Supports MIPV4 FA Mode and PMIPv6 mobility management protocols.
  • S2b Provides user plane related control and mobility support between ePDG and PDN Gateway.
  • S2c Provides user plane related control and mobility support between the UE and the PDN Gateway. It can be applied with a trusted or untrusted non-3GPP IP access network or a 3GPP access network. Support for the DSMHV6 mobility management protocol.
  • the PDN GW selection function selects an appropriate PDN for the UE.
  • the HSS/AAA provides the necessary information for the PDN GW selection function.
  • the information provided by HSS/AAA is as follows:
  • the information provided by the HSS/AAA to the PDN GW selection function is either the PDN GW IP address list and the APN (Access Point Name); or the APN and whether the visited land is optional.
  • An indication of the PDN GW of the mobile network (VPLMN, Visited PLMN).
  • the PDN GW selection function When the HSS/AAA provides an indication of the APN and whether the PDN GW of the VPLMN is available for the PDN GW selection function, if the indication indicates that the PDN GW can be selected in the VPLMN, then: the PDN GW selection function first attempts to select from the VPLMN according to the APN. PDN GW, if it fails, the PDN GW selection function then selects the PDN GW from the HPLMN based on the APN.
  • the ePDG When the UE accesses the 3GPP network through the untrusted non-3GPP network, the ePDG must pass.
  • the PMIPv6 protocol is adopted, the PDN GW selection function will be located in the ePDG.
  • the UE can obtain the PDN GW through multiple methods. Select the function information: (1) Obtained through the attach process of 3GPP access; (2) Obtained from the ePDG in the process of establishing an IPSec tunnel. (3) Obtained through DHCP; (4) Obtained through DNS lookup.
  • the I-WLAN access network is a wireless network that has been successfully applied and deployed. It solves the interconnection between the 3GPP network and the WLAN network.
  • the I-WLAN access network is not limited to the interworking between 3GPP and WLAN. Any other IP access network with similar capabilities to WLAN can access WLAN 3GPP IP access and 3GPP through I-WLAN access network.
  • the network is interconnected or directly connected to the Internet via WLAN Derect IP access.
  • the I-WLAN network architecture is shown in Figure 2.
  • the network elements included are as follows:
  • PDG Packet Data Gateway
  • Packet data gateway Packet data gateway, which is the end point of the IPSec tunnel between the UE and the PDG, and encapsulates and encapsulates the data.
  • the UE is authenticated by the 3GPP AAA Server.
  • the UE is assigned a remote IP address and is bound to its local IP address, and performs routing between the PDN and the UE to provide services for the UE to access the 3GPP through the WLAN.
  • PDG does not support the PDN GW selection function.
  • WAG WLAN-Access gateway
  • a WLAN access gateway that isolates the WLAN from the 3GPP network to provide security for the 3GPP network for data filtering and policy enforcement. Billing is also provided in the case of roaming.
  • the roaming scenario is as follows:
  • the UE is the contracted user of the EPS, and the home network is the EPS.
  • the visited network of the UE is the Pre-SAE (Previous SAE, which is the 3GPP network before the EPS. Therefore, the EPS is not supported.
  • the added function is the visited network supports I-WLAN.
  • the UE accesses the 3GPP AAA Proxy of the network and the home network.
  • the HSS/3GPP AAA Server, the UE and the access network perform mutual authentication. After the authentication succeeds, the home network will authorize the UE. Since the UE is a contracted user of the EPS, the HSS/3GPP AAA Server will carry the information parameter of the PDN GW selection function in the authorization return message. Since the 3GPP AAA Proxy (3GPP AAA Proxy Server) of the visited network is Pre-SAE, it does not support the PDN GW selection function information parameter.
  • the PDN GW selects the function parameter to be non-mandatory (that is, when the 3GPP AAA Proxy cannot recognize the parameter, the parameter may not be processed), then there are two cases: a) If the home network authorizes the UE to access the 3GPP network through the visited network PDN GW, it is also acceptable for the UE to access the 3GPP through the visited PDG: (b) If the home network does not authorize the UE to pass through the visited network PDN GW Accessing the 3GPP network, but since the 3GPP AAA Proxy simply ignores the I > DN GW selection function parameter, the UE can still access the 3GPP network through the PDG of the visited network.
  • the PDN GW selects the function parameter to be mandatory (that is, when the 3GPP AAA Proxy cannot recognize the parameter, it will discard the message or return an error message), regardless of whether the home network authorizes the UE to access the visited network PDN GW.
  • the UE In the 3GPP network, the UE cannot access 3GPP, and even cannot access through PDG.
  • the technical problem to be solved by the present invention is to provide a gateway selection method for a wireless network, which solves the problem that when the 3GPP evolved network is a home network, the 3GPP network before the evolved network is a roaming scenario of the visited network, and the UE is connected through the untrusted non-3GPP IP.
  • the problem of gateway selection for access to the network is to provide a gateway selection method for a wireless network, which solves the problem that when the 3GPP evolved network is a home network, the 3GPP network before the evolved network is a roaming scenario of the visited network, and the UE is connected through the untrusted non-3GPP IP.
  • the present invention provides a
  • the present invention solves the problem that when the 3GPP evolved network is the home network, the 3GPP network before the evolved network is the roaming scenario of the visited network, and the gateway is selected by the UE through the untrusted non-3GPP IP access network.
  • the gateway is selected by the UE through the untrusted non-3GPP IP access network.
  • FIG. 1 is an interworking architecture diagram of an EPS and a non-3GPP IP access network when non-roaming
  • FIG. 1 is a non-roaming. I-WLAN architecture diagram
  • 3 is a roaming scenario diagram of UE untrusted non-3GPP access when the 3GPP evolved network is a home network and the evolved network is a visited network;
  • FIG. 4 is a flow chart of a gateway selection method for a wireless network in a preferred embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a preferred embodiment of the present invention, when the 3GPP evolved network is a home network, and the 3GPP network before the evolved network is a roaming scenario of the visited network, the UE authenticates when accessing the 3GPP service through the non-trusted non-3GPP access network. Authentication flow chart. Preferred embodiment of the invention
  • a method for selecting a gateway of a wireless network is applied to a state in which the 3GPP evolved network is a home network and the 3GPP network before the evolved network is a visited network, and the following steps are included.
  • Step 110 When the UE accesses the untrusted non-3GPP IP access network, the home 3GPP AAA Server authenticates the UE. If the authentication succeeds, step 120 is performed; otherwise, the process ends; the visited non-trusted non-3GPP IP access Net through 3GPP AAA Server, or, through
  • the 3GPP AAA Server and the HSS perform access authentication or tunnel authentication on the visited UE.
  • Step 120 The home 3GPP AAA Server determines the selection function information parameter of the PDN GW according to the subscription information of the UE, and determines whether the UE can access the 3GPP or the external data network through the PDG of the visited network according to the roaming protocol and the network policy, and the home 3GHP
  • the AAA Server sends a return message to the visited 3GPP AAA Proxy;
  • the return message carries an indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG; if the home 3GPP AAA Server Allow the UE to pass If the PDG of the visited network accesses the 3GPP or the external data network, the return message does not carry an indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG.
  • the PDN GW selection function information parameter is non-mandatory, and the indication parameters that are not allowed to access the 3GPP or the external data network through the visited network PDG are mandatory.
  • Step 130 after the visited 3GPP AAA Proxy receives the return message sent by the home 3GPP AAA Server, if the return message does not carry the indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG, step 140 is performed; Otherwise, step 150 is performed; step 140, the visited 3GPP AAA Proxy ignores the selection function information parameter of the PDN GW, and forwards the return message to the visited network PDG, and performs step 160;
  • Step 150 Visiting the 3GPP AAA Proxy to discard the return message or to the home 3GPP
  • AAA Server returns an error message and ends the process
  • the visited 3GPP AAA Proxy discards the return message or returns an error message to the home 3GPP AAA Server, and the process ends.
  • Step 160 The visited network PDG receives the return message, and authorizes the UE to access the 3GPP or the external data network by visiting the local network PDG.
  • this example describes authentication authentication when a 3GPP evolved network is a home network, and the 3GPP network before the evolved network is a visited network, and the UE accesses the 3GPP service through the untrusted non-3GPP access network.
  • the process including the following steps,
  • Step 501 The UE establishes an IKE (Internet Key Exchange) security association with the PDG, and the UE sends a User Identity (NAI) (Network Access Identifier) and a W-APN (WLAN Access Point Name), and adopts EAP.
  • NAI User Identity
  • W-APN WLAN Access Point Name
  • Step 502 The PDG sends an authorization request message to the 3GPP AAA Server, where
  • Step 503 The 3GPP AAA Server determines, according to the subscription information, the roaming protocol, and the network policy of the user, whether the tunnel can be established and whether the visited PDG is allowed to access the 3GPP network or The external data network, if the tunnel is allowed to be established and the access to the 3GPP network or the external data network is allowed through the visited PDG, step 504a is performed; if the tunnel is allowed to be established but not allowed to access the 3GPP network or the external data network by the visited PDG, the execution is performed. Step 504b;
  • Step 504a the 3GPP AAA Server allows the UE to access the 3GPP or the external data network through the PDG, and sends an authorization-response message to the 3GPP AAA Proxy, carrying the PDN GW to select the function information, and performing step 505a;
  • the PDN GW selection function information is not mandatory.
  • Step 505a the 3GPP AAA Proxy receives the authorization-response message, ignores the PDN GW selection function information in the message, and forwards it to the PDG, and performs step 506a;
  • Step 506a The PDG receives the authorization-response message, ignores the 3PDN GW selection function information in the message, and sends an IKE-authentication response message to the UE.
  • Step 507a The PDG receives the authorization-response message, ignores the 3PDN GW selection function information in the message, and sends an IKE-authentication response message to the UE.
  • Step 507a The UE receives the EAP success message, and the access authentication authentication succeeds.
  • Step 504b the 3GPP AAA Server does not allow the UE to access the 3GPP or the external data network through the PDG, and sends an authorization-response message to the 3GPP AAA Proxy, carrying the PDN GW to select the function information and not allowing the PDG access indication, and performing step 505b;
  • the PDG access indication is not allowed to be mandatory.
  • Step 505b The 3GPP AAA Proxy receives the authorization response-message, and the message carries the PDG access indication. Since the 3GPP AAA Proxy cannot identify the parameter and the parameter is mandatory, the 3GPP AAA Proxy discards the message. Performing step 506b;
  • Step 506b In 505b, the 3GPP AAA Proxy discards the message, the session times out, the authentication fails, and the process ends.
  • the technical solution of the present invention solves the problem that when the 3GPP evolved network is the home network, the 3GPP network before the evolved network is the roaming scenario of the visited network, and the UE selects the gateway through the untrusted non-3GPP IP access network, A secure and reliable gateway selection method for wireless networks.

Abstract

A method for selecting a gateway of the radio network includes: if 3GPP AAA Server successfully performs an authentication for UE, then Home 3GPP AAA Server determines the selecting function information parameter and determines whether UE accesses 3GPP network through the visited PDG, and sends the returning back message to the visited 3GPP AAA Proxy; if the returning back message does not carry the indication parameter not allowing UE to access 3GPP network through the visited PDG, then the visited 3GPP AAA Proxy ignores the selecting function information parameter and forwards the returning back message to the visited PDG; finally, the visited PDG authorizes UE to access the network. When 3GPP Evolved network is Home network, and 3GPP network of the pre-Evolved network is the visited network, the present invention solves the problem for selecting the gateway when UE accesses the network through non-trusting and non-3GPP IP access network.

Description

一种无线网络的网关选择方法 技术领域  Gateway selection method for wireless network
本发明涉及一种无线网络的网关选择方法, 尤其涉及一种当 3GPP演进 网络为家乡网络, 演进网絡之前的 3GPP网絡为拜访地网络的漫游场景的无 线网絡的网关选择方法。  The present invention relates to a method for selecting a gateway of a wireless network, and more particularly to a gateway selection method for a wireless network in which a 3GPP evolved network is a home network, and a 3GPP network before the evolved network is a roaming scenario of a visited network.
背景技术 Background technique
随着 Wimax ( World Interoperability for Microwave Access , 全球微波接 入互通)的异军突起, 第三代移动通信系统要保持其在移动通信领域的强有 力的竟争力, 必须提高其网络性能和降低网络建设和运营成本。 因此, 3GPP ( 3rd Generation Partnership Project,第三代合作伙伴计划)的标准化工作组, 目前正致力于研究对 PS Core( Packet Switch Core,包交换核心网)和 UTRAN ( Universal Mobile Telecommunication System Radio Access Network, 全球移 动通信系统无线接入网)的演进,整个系统称为 EPS( Evolved Packet System, 演进的分组域系统)。 其中对 PS Core演进 (简称 E-PS Core)的研究课题叫做 系统架构演进(System Architecture Evolution,筒称 SAE ) , 目的是使得 E-PS Core可提供更高的传输速率,更短的传输延时,优化分組,及支持 E-UTRAN ( Evolved UTRAN,演进的 UTRAN )、 UTRAN、 WLAN ( Wireless Local Area Network, 无线局域网)及其他非 3GPP的接入网络之间的移动性管理。  With the emergence of Wimax (World Interoperability for Microwave Access), the third generation of mobile communication systems must maintain their strong competitiveness in the field of mobile communications, and must improve their network performance and network construction. Operating costs. Therefore, the 3GPP (3rd Generation Partnership Project) standardization working group is currently working on PS Core (Packet Switch Core, Packet Switch Core) and UTRAN (Universal Mobile Telecommunication System Radio Access Network, The evolution of the global mobile communication system radio access network, the entire system is called EPS (Evolved Packet System). The research topic of PS Core Evolution (E-PS Core) is called System Architecture Evolution (SAE). The purpose is to enable E-PS Core to provide higher transmission rate and shorter transmission delay. , Optimize packets, and support mobility management between E-UTRAN (Evolved UTRAN, Evolved UTRAN), UTRAN, WLAN (Wireless Local Area Network), and other non-3GPP access networks.
目前 SAE非 3GPP IP接入的架构如图 1所示, 其中包含了如下网元: At present, the architecture of SAE non-3GPP IP access is shown in Figure 1, which includes the following network elements:
E-UTRAN(Evolved UTRAN): 演进的无线接入网, 可以提供更高的上下 行速率, 更低的传输延迟和更加可靠的无线传输。 E-UTRA 中包含的网元 是 eNodeB(Evolved NodeB), 为终端的接入提供无线资源。 E-UTRAN (Evolved UTRAN): An evolved radio access network that provides higher uplink and downlink rates, lower transmission delays, and more reliable wireless transmission. The network element included in the E-UTRA is an eNodeB (Evolved NodeB), which provides radio resources for terminal access.
HSS(Home Subscriber Server): 归属用户服务器, 永久存储用户签约数 据。  HSS (Home Subscriber Server): A home subscriber server that permanently stores user subscription data.
MME(Mobility Management Entity, 移动管理实体): 控制面功能实体, 临时存储用户数据的服务器, 负责管理和存储 UE上下文(比如 UE标识 / 用户标识, 移动性管理状态, 用户安全参数等), 为用户分配临时标识, 当MME (Mobility Management Entity): A control plane function entity, a server that temporarily stores user data, responsible for managing and storing UE contexts (such as UE identity/ User ID, mobility management status, user security parameters, etc.), assign temporary identifiers to users, when
UE驻扎在该跟踪区域或者该网络是负责对该用户进行鉴权; 处理 MME和 UE之间的所有非接入层消息; 触发在 SAE的寻呼。 The UE is camped on the tracking area or the network is responsible for authenticating the user; processing all non-access stratum messages between the MME and the UE; triggering paging at the SAE.
S-GW (Serving Gateway): 服务网关, 该网关是一个用户面实体, 负责 用户面数据路由处理, 终结处于空闲状态的 UE 的下行数据。 管理和存储 UE的 SAE承载 (bearer)上下文, 比如 IP承载业务参数和网络内部路由信息 等。 是 3GPP 系统内部用户面的锚点, 一个用户在一个时刻只能有一个 S-GW。 在非 3GPP IP接入的漫游情况下, S-GW作为拜访网络的本地锚点。  S-GW (Serving Gateway): A service gateway. The gateway is a user plane entity responsible for user plane data routing processing and terminating downlink data of UEs in idle state. Manage and store the SAE bearer context of the UE, such as IP bearer service parameters and network internal routing information. It is the anchor point of the internal user plane of the 3GPP system. A user can only have one S-GW at a time. In the case of roaming without 3GPP IP access, the S-GW acts as a local anchor for the visited network.
PDN GW (PDN Gateway):分组数据网网关, 负责 UE接入 PDN的网关, 分配用户 IP地址, 同时是 3GPP和非 3GPP接入系统的移动性锚点。 用户在 同一时刻能够接入多个 PDN GW。  PDN GW (PDN Gateway): A packet data network gateway, which is responsible for the UE accessing the PDN gateway, assigning the user IP address, and is the mobility anchor of the 3GPP and non-3GPP access systems. Users can access multiple PDN GWs at the same time.
ePDG ( Evolved Packet Data Gateway):演进的分组数据网关, 是 I-WLAN 接入网络中 PDG(Packet Data Gateway)的演进与增强。 非信任的非 3GPP接 入网必须通过 ePDG才能接入 E-PS Core。  Evolved Packet Data Gateway (Evolved Packet Data Gateway) is an evolution and enhancement of PDG (Packet Data Gateway) in an I-WLAN access network. Untrusted non-3GPP access networks must pass ePDG to access the E-PS Core.
3GPP AAA (Authentication, Authorization, Accounting ):为通过非 3GPP 3GPP AAA (Authentication, Authorization, Accounting): for passing non-3GPP
IP接入网接入的 UE提供鉴证, 鉴权以及计费服务。 The UE accessing the IP access network provides authentication, authentication, and accounting services.
S2a: 提供了可信任非 3GPP IP接入网与 PDN Gateway之间用户面相关 的控制和移动性支持。 支持 MIPV4 FA Mode和 PMIPv6移动性管理协议。  S2a: Provides control and mobility support related to the user plane between the trusted non-3GPP IP access network and the PDN Gateway. Supports MIPV4 FA Mode and PMIPv6 mobility management protocols.
S2b: 提供了 ePDG和 PDN Gateway之间用户面相关的控制和移动性支 持。 支持 PMIPv6移动性管理协议  S2b: Provides user plane related control and mobility support between ePDG and PDN Gateway. Support PMIPv6 mobility management protocol
S2c:提供了 UE和 PDN Gateway之间用户面相关的控制和移动性支持。 可应用与可信任或非信任非 3GPP IP接入网或 3GPP接入网。支持 DSMHV6 移动性管理协议。 在 SAE中, 当 UE接入网络时, PDN GW选择功能为 UE选择适当的 PDN GWo 在移动终端的接入认证过程中, HSS/AAA为 PDN GW选择功能 提供必要的信息。 在 SAE中, 对 HSS/AAA提供的信息有如下规定:  S2c: Provides user plane related control and mobility support between the UE and the PDN Gateway. It can be applied with a trusted or untrusted non-3GPP IP access network or a 3GPP access network. Support for the DSMHV6 mobility management protocol. In the SAE, when the UE accesses the network, the PDN GW selection function selects an appropriate PDN for the UE. In the access authentication process of the mobile terminal, the HSS/AAA provides the necessary information for the PDN GW selection function. In SAE, the information provided by HSS/AAA is as follows:
HSS/AAA给 PDN GW选择功能提供的信息或者为 PDN GW的 IP地址 列表和 APN ( Access Point Name ) ; 或者为 APN和是否可选择拜访地陆地 移动网絡(VPLMN, Visited PLMN) 的 PDN GW的指示。 The information provided by the HSS/AAA to the PDN GW selection function is either the PDN GW IP address list and the APN (Access Point Name); or the APN and whether the visited land is optional. An indication of the PDN GW of the mobile network (VPLMN, Visited PLMN).
当 HSS/AAA为 PDN GW选择功能提供的是 APN和是否可选择 VPLMN 的 PDN GW的指示时, 若该指示表示可在 VPLMN选择 PDN GW, 则: PDN GW选择功能先尝试根据 APN从 VPLMN中选择 PDN GW,若失败, PDN GW 选择功能再从 HPLMN中根据 APN选择 PDN GW。  When the HSS/AAA provides an indication of the APN and whether the PDN GW of the VPLMN is available for the PDN GW selection function, if the indication indicates that the PDN GW can be selected in the VPLMN, then: the PDN GW selection function first attempts to select from the VPLMN according to the APN. PDN GW, if it fails, the PDN GW selection function then selects the PDN GW from the HPLMN based on the APN.
当 UE通过非信任非 3GPP网络接入到 3GPP网络时, 必须经过 ePDG, 在采用 PMIPv6 协议时, PDN GW 的选择功能将定位在 ePDG; 在采用 DSMIPv6时, UE可以通过多种方法获取 PDN GW的选择功能信息: (1)通 过 3GPP接入的 attach过程获取; (2)通过在建立 IPSec隧道的过程中从 ePDG 获取。 (3)通过 DHCP获取; (4)通过 DNS查找获取。  When the UE accesses the 3GPP network through the untrusted non-3GPP network, the ePDG must pass. When the PMIPv6 protocol is adopted, the PDN GW selection function will be located in the ePDG. When the DSMIPv6 is adopted, the UE can obtain the PDN GW through multiple methods. Select the function information: (1) Obtained through the attach process of 3GPP access; (2) Obtained from the ePDG in the process of establishing an IPSec tunnel. (3) Obtained through DHCP; (4) Obtained through DNS lookup.
I-WLAN接入网络是一种已经得到成功应用并部署的无线网络, 它解决 了 3GPP网络与 WLAN网络的互连互通。但是, I-WLAN接入网络并不仅仅 局限于 3GPP与 WLAN的互连互通,任何具有与 WLAN类似能力的其他 IP 接入网络都能通过 I-WLAN接入网的 WLAN 3GPP IP接入与 3GPP网络实 现互连互通或通过 WLAN Derect IP接入直接连到 Internet。  The I-WLAN access network is a wireless network that has been successfully applied and deployed. It solves the interconnection between the 3GPP network and the WLAN network. However, the I-WLAN access network is not limited to the interworking between 3GPP and WLAN. Any other IP access network with similar capabilities to WLAN can access WLAN 3GPP IP access and 3GPP through I-WLAN access network. The network is interconnected or directly connected to the Internet via WLAN Derect IP access.
I-WLAN网络架构如图 2所示, 其中包含的网元如下:  The I-WLAN network architecture is shown in Figure 2. The network elements included are as follows:
PDG ( Packet Data Gateway): 分组数据网关, 是 UE和 PDG之间 IPSec 隧道的终点, 对数据进行封装和接封装。 在 IPSec隧道的建立过程中, 通过 3GPP AAA Server对 UE进行鉴权。 为 UE分配远程 IP地址 , 并与其本地 IP 地址进行绑定,在 PDN和 UE之间执行路由 ,为 UE通过 WLAN接入 3GPP 提供服务。 与 ePDG相比, 显然 PDG并不支持 PDN GW的选择功能。  PDG (Packet Data Gateway): Packet data gateway, which is the end point of the IPSec tunnel between the UE and the PDG, and encapsulates and encapsulates the data. During the establishment of the IPSec tunnel, the UE is authenticated by the 3GPP AAA Server. The UE is assigned a remote IP address and is bound to its local IP address, and performs routing between the PDN and the UE to provide services for the UE to access the 3GPP through the WLAN. Compared with ePDG, it is obvious that PDG does not support the PDN GW selection function.
WAG ( WLAN-Access gateway): WLAN接入网关, 将 WLAN与 3GPP 网络隔离开来, 为 3GPP网络提供安全保障, 进行数据过滤和策略执行。 在 漫游的情况下也提供计费功能。  WAG (WLAN-Access gateway): A WLAN access gateway that isolates the WLAN from the 3GPP network to provide security for the 3GPP network for data filtering and policy enforcement. Billing is also provided in the case of roaming.
如图 3所示的漫游场景: UE是 EPS的签约用户, 其家乡网络为 EPS, 现在 UE所在的拜访地网络为 Pre-SAE(Previous SAE, 即 EPS之前的 3GPP 网络, 因此不支持 EPS所新增的功能)网絡, 但该拜访地网络支持 I-WLAN。  As shown in Figure 3, the roaming scenario is as follows: The UE is the contracted user of the EPS, and the home network is the EPS. The visited network of the UE is the Pre-SAE (Previous SAE, which is the 3GPP network before the EPS. Therefore, the EPS is not supported. The added function) network, but the visited network supports I-WLAN.
UE在接入认证过程中, 通过拜访网络的 3GPP AAA Proxy和家乡网络的 HSS/3GPP AAA Server, UE和接入网络进行相互认证。 当认证成功后, 家 乡网络将对 UE进行授权,由于 UE是 EPS的签约用户,因此 HSS/3GPP AAA Server将在授权返回消息中携带 PDN GW选择功能的信息参数。 由于拜访 网络的 3GPP AAA Proxy ( 3GPP AAA代理服务器)是 Pre-SAE的, 它并不 支持 PDN GW选择功能信息参数。这时,将有两种情况发生:(1) 若 PDN GW 选择功能参数是非强制的(即当 3GPP AAA Proxy无法识别该参数,可以不处 理这个参数), 这时又可分两种情况: (a) 若家乡网络授权 UE可以通过拜访 地网络 PDN GW接入 3GPP网络,现在 UE可以通过拜访地的 PDG接入 3GPP 也是可以接受的: (b) 若家乡网络没有授权 UE通过拜访地网络 PDN GW接 入 3GPP网络,但由于 3GPP AAA Proxy只是筒单的忽略I>DN GW选择功能 参数, UE仍可以通过拜访地网络的 PDG接入 3GPP网络。(2) 若 PDN GW选 择功能参数是强制的(即当 3GPP AAA Proxy无法识別该参数, 它将丢弃该 消息或返回出错消息), 这时不管家乡网络是否授权 UE通过拜访地网络 PDN GW接入 3GPP网络, UE都无法接入 3GPP, 甚至无法通过 PDG接入。 During the access authentication process, the UE accesses the 3GPP AAA Proxy of the network and the home network. The HSS/3GPP AAA Server, the UE and the access network perform mutual authentication. After the authentication succeeds, the home network will authorize the UE. Since the UE is a contracted user of the EPS, the HSS/3GPP AAA Server will carry the information parameter of the PDN GW selection function in the authorization return message. Since the 3GPP AAA Proxy (3GPP AAA Proxy Server) of the visited network is Pre-SAE, it does not support the PDN GW selection function information parameter. At this time, there will be two cases: (1) If the PDN GW selects the function parameter to be non-mandatory (that is, when the 3GPP AAA Proxy cannot recognize the parameter, the parameter may not be processed), then there are two cases: a) If the home network authorizes the UE to access the 3GPP network through the visited network PDN GW, it is also acceptable for the UE to access the 3GPP through the visited PDG: (b) If the home network does not authorize the UE to pass through the visited network PDN GW Accessing the 3GPP network, but since the 3GPP AAA Proxy simply ignores the I > DN GW selection function parameter, the UE can still access the 3GPP network through the PDG of the visited network. (2) If the PDN GW selects the function parameter to be mandatory (that is, when the 3GPP AAA Proxy cannot recognize the parameter, it will discard the message or return an error message), regardless of whether the home network authorizes the UE to access the visited network PDN GW. In the 3GPP network, the UE cannot access 3GPP, and even cannot access through PDG.
综上所述, 当前需要一种当 3GPP演进网络为家乡网络, 演进网络之前 的 3GPP网络为拜访地网络的漫游场景, UE通过非信任非 3GPP IP接入网 接入的网关选择的技术方案。 发明内容  To sum up, there is a need for a gateway scheme in which the 3GPP evolved network is the home network, the 3GPP network before the evolved network is the roaming scenario of the visited network, and the UE selects the gateway through the untrusted non-3GPP IP access network. Summary of the invention
本发明所要解决的技术问题是提供一种无线网络的网关选择方法,解决 了当 3GPP演进网络为家乡网络, 演进网络之前的 3GPP网絡为拜访地网络 的漫游场景, UE通过非信任非 3GPP IP接入网接入的网关选择的问题。  The technical problem to be solved by the present invention is to provide a gateway selection method for a wireless network, which solves the problem that when the 3GPP evolved network is a home network, the 3GPP network before the evolved network is a roaming scenario of the visited network, and the UE is connected through the untrusted non-3GPP IP. The problem of gateway selection for access to the network.
为了解决上述问题, 本发明提供了一种  In order to solve the above problems, the present invention provides a
权利要求核定后补  Claims approved
与现有技术相比, 应用本发明, 解决了当 3GPP演进网络为家乡网络, 演进网络之前的 3GPP 网络为拜访地网络的漫游场景, UE通过非信任非 3GPP IP接入网接入的网关选择的问题。 附图概述 Compared with the prior art, the present invention solves the problem that when the 3GPP evolved network is the home network, the 3GPP network before the evolved network is the roaming scenario of the visited network, and the gateway is selected by the UE through the untrusted non-3GPP IP access network. The problem. BRIEF abstract
图 1是非漫游时 EPS与非 3GPP IP接入网络互通架构图;  FIG. 1 is an interworking architecture diagram of an EPS and a non-3GPP IP access network when non-roaming;
图 2是非漫游时. I-WLAN架构图;  Figure 2 is a non-roaming. I-WLAN architecture diagram;
图 3是当 3GPP演进网络为家乡网络和演进网络之前的 3GPP网络为拜 访地网络时, UE非信任非 3GPP接入的漫游场景图;  3 is a roaming scenario diagram of UE untrusted non-3GPP access when the 3GPP evolved network is a home network and the evolved network is a visited network;
图 4是本发明的较佳实施方式中一种无线网络的网关选择方法的流程 图;  4 is a flow chart of a gateway selection method for a wireless network in a preferred embodiment of the present invention;
图 5是本发明的较佳实施方式中, 在 3GPP演进网络为家乡网络, 演进 网络之前的 3GPP网络为拜访地网络的漫游场景下, UE通过非信任非 3GPP 接入网访问 3GPP业务时的认证鉴权流程图。 本发明的较佳实施方式  5 is a schematic diagram of a preferred embodiment of the present invention, when the 3GPP evolved network is a home network, and the 3GPP network before the evolved network is a roaming scenario of the visited network, the UE authenticates when accessing the 3GPP service through the non-trusted non-3GPP access network. Authentication flow chart. Preferred embodiment of the invention
下面结合附图和较佳的实施方式对本发明作进一步说明。  The invention will now be further described with reference to the drawings and preferred embodiments.
如图 4所示, 一种无线网络的网关选择方法, 应用于 3GPP演进网络为 家乡网络和演进网络之前的 3GPP网絡为拜访地网络的状态下, 包括以下步 骤,  As shown in FIG. 4, a method for selecting a gateway of a wireless network is applied to a state in which the 3GPP evolved network is a home network and the 3GPP network before the evolved network is a visited network, and the following steps are included.
步骤 110、 UE通过非信任非 3GPP IP接入网接入时, 家乡 3GPP AAA Server对 UE进行认证, 若认证成功, 则执行步骤 120; 否则, 结束流程; 拜访地的非信任非 3GPP IP接入网通过 3GPP AAA Server, 或者, 通过 Step 110: When the UE accesses the untrusted non-3GPP IP access network, the home 3GPP AAA Server authenticates the UE. If the authentication succeeds, step 120 is performed; otherwise, the process ends; the visited non-trusted non-3GPP IP access Net through 3GPP AAA Server, or, through
3GPP AAA Server和 HSS对拜访的 UE进行接入认证或隧道认证。 The 3GPP AAA Server and the HSS perform access authentication or tunnel authentication on the visited UE.
步骤 120、家乡 3GPP AAA Server根据所述 UE的签约信息决定 PDN GW 的选择功能信息参数, 同时根据漫游协议和网络策略决定 UE是否可以通过 拜访地网络的 PDG接入 3GPP或外部数据网络, 家乡 3GHP AAA Server将 返回消息发送给拜访地 3GPP AAA Proxy;  Step 120: The home 3GPP AAA Server determines the selection function information parameter of the PDN GW according to the subscription information of the UE, and determines whether the UE can access the 3GPP or the external data network through the PDG of the visited network according to the roaming protocol and the network policy, and the home 3GHP The AAA Server sends a return message to the visited 3GPP AAA Proxy;
若家乡 3GPP AAA Server不允许 UE通过拜访地网络 PDG接入 3GPP 或外部数据网络, 则返回消息中携带不允许 UE通过拜访地网络 PDG接入 3GPP或外部数据网络的指示参数; 若家乡 3GPP AAA Server允许 UE通过 拜访地网络的 PDG接入 3GPP或外部数据网络, 则返回消息中不携带不允 许 UE通过拜访地网络 PDG接入 3GPP或外部数据网络的指示参数。 If the home 3GPP AAA Server does not allow the UE to access the 3GPP or the external data network through the visited network PDG, the return message carries an indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG; if the home 3GPP AAA Server Allow the UE to pass If the PDG of the visited network accesses the 3GPP or the external data network, the return message does not carry an indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG.
其中 PDN GW的选择功能信息参数是非强制的, 而不允许通过拜访地 网络 PDG接入 3GPP或外部数据网络的指示参数是强制的。  The PDN GW selection function information parameter is non-mandatory, and the indication parameters that are not allowed to access the 3GPP or the external data network through the visited network PDG are mandatory.
步驟 130、 拜访地 3GPP AAA Proxy收到家乡 3GPP AAA Server发送的 返回消息后, 若返回消息中没有携带不允许 UE通过拜访地网络 PDG接入 3GPP或外部数据网络的指示参数, 则执行步骤 140; 否则, 执行步骤 150; 步骤 140、拜访地 3GPP AAA Proxy忽略其中的 PDN GW的选择功能信 息参数, 并向拜访地网络 PDG转发所述返回消息, 执行步骤 160;  Step 130, after the visited 3GPP AAA Proxy receives the return message sent by the home 3GPP AAA Server, if the return message does not carry the indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG, step 140 is performed; Otherwise, step 150 is performed; step 140, the visited 3GPP AAA Proxy ignores the selection function information parameter of the PDN GW, and forwards the return message to the visited network PDG, and performs step 160;
步骤 150、 拜访地 3GPP AAA Proxy丟弃所述返回消息或向家乡 3GPP Step 150: Visiting the 3GPP AAA Proxy to discard the return message or to the home 3GPP
AAA Server返回出错消息, 结束流程; AAA Server returns an error message and ends the process;
若返回消息中携带了不允许 UE通过拜访地网络 PDG接入 3GPP或外部 数据网络的指示参数, 则拜访地 3GPP AAA Proxy丟弃该返回消息或向家乡 3GPP AAA Server返回出错消息, 结束流程。  If the return message carries an indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG, the visited 3GPP AAA Proxy discards the return message or returns an error message to the home 3GPP AAA Server, and the process ends.
步驟 160、拜访地网络 PDG收到所述返回消息,授权 UE通过拜访地网 络 PDG接入 3GPP或外部数据网络。  Step 160: The visited network PDG receives the return message, and authorizes the UE to access the 3GPP or the external data network by visiting the local network PDG.
下面结合具体实例对本发明作进一步说明。  The present invention will be further described below in conjunction with specific examples.
如图 5所示, 本实例描述了在 3GPP演进网络为家乡网络, 演进网络之 前的 3GPP网絡为拜访地网络的漫游场景下, UE通过非信任非 3GPP接入 网访问 3GPP业务时的认证鉴权流程, 包括以下步骤,  As shown in FIG. 5, this example describes authentication authentication when a 3GPP evolved network is a home network, and the 3GPP network before the evolved network is a visited network, and the UE accesses the 3GPP service through the untrusted non-3GPP access network. The process, including the following steps,
步骤 501、 UE与 PDG建立 IKE (Internet 密钥交换) 安全联盟, UE发 送用户身份标识 NAI ( Network Access Identifier, 网络接入标识) 和接入点 名 W-APN ( WLAN Access Point Name), 并采用 EAP-AKA (可扩展身份验证 协议 -密钥认同协议) 方法进行隧道认证成功;  Step 501: The UE establishes an IKE (Internet Key Exchange) security association with the PDG, and the UE sends a User Identity (NAI) (Network Access Identifier) and a W-APN (WLAN Access Point Name), and adopts EAP. - AKA (Extensible Authentication Protocol - Key Identity Protocol) method for tunnel authentication succeeded;
步骤 502、 PDG 向 3GPP AAA Server发送授权请求消息, 其中携带 Step 502: The PDG sends an authorization request message to the 3GPP AAA Server, where
W-APN; W-APN;
步骤 503、 3GPP AAA Server根据用户的签约信息、 漫游协议以及网络 策略决定是否可以建立隧道和是否允许通过拜访地 PDG接入 3GPP网络或 外部数据网絡, 如果允许建立隧道并允许通过拜访地 PDG接入 3GPP网络 或外部数据网络, 则执行步骤 504a; 如果允许建立隧道但不允许通过拜访 地 PDG接入 3GPP网络或外部数据网絡, 则执行步骤 504b; Step 503: The 3GPP AAA Server determines, according to the subscription information, the roaming protocol, and the network policy of the user, whether the tunnel can be established and whether the visited PDG is allowed to access the 3GPP network or The external data network, if the tunnel is allowed to be established and the access to the 3GPP network or the external data network is allowed through the visited PDG, step 504a is performed; if the tunnel is allowed to be established but not allowed to access the 3GPP network or the external data network by the visited PDG, the execution is performed. Step 504b;
步骤 504a、 3GPP AAA Server允许 UE通过 PDG接入 3GPP或外部数据 网络, 向 3GPP AAA Proxy发送授权 -应答消息, 携带 PDN GW选择功能信 息, 执行步骤 505a;  Step 504a, the 3GPP AAA Server allows the UE to access the 3GPP or the external data network through the PDG, and sends an authorization-response message to the 3GPP AAA Proxy, carrying the PDN GW to select the function information, and performing step 505a;
所述 PDN GW选择功能信息是非强制的。  The PDN GW selection function information is not mandatory.
步骤 505a、 3GPP AAA Proxy收到授权-应答消息, 忽略消息中的 PDN GW选择功能信息, 并向 PDG转发, 执行步骤 506a;  Step 505a, the 3GPP AAA Proxy receives the authorization-response message, ignores the PDN GW selection function information in the message, and forwards it to the PDG, and performs step 506a;
步骤 506a、 PDG收到授权 -应答消息,忽略消息中的 3PDN GW选择功能 信息, 并向 UE发送 IKE—认证响应消息。 执行步驟 507a;  Step 506a: The PDG receives the authorization-response message, ignores the 3PDN GW selection function information in the message, and sends an IKE-authentication response message to the UE. Step 507a;
步骤 507a、 UE收到 EAP成功消息, 接入认证鉴权成功。  Step 507a: The UE receives the EAP success message, and the access authentication authentication succeeds.
步骤 504b、 3GPP AAA Server不允许 UE通过 PDG接入 3GPP或外部数 据网络, 向 3GPP AAA Proxy发送授权 -应答消息, 携带 PDN GW选择功能 信息和不允许 PDG接入指示, 执行步骤 505b;  Step 504b, the 3GPP AAA Server does not allow the UE to access the 3GPP or the external data network through the PDG, and sends an authorization-response message to the 3GPP AAA Proxy, carrying the PDN GW to select the function information and not allowing the PDG access indication, and performing step 505b;
所述不允许 PDG接入指示是强制的。  The PDG access indication is not allowed to be mandatory.
步驟 505b、 3GPP AAA Proxy收到授权应答-消息, 消息中携带不允许 PDG接入指示, 由于 3GPP AAA Proxy无法识别该参数, 并且该参数是强制 的, 所以 3GPP AAA Proxy丟弃该消息。 执行步骤 506b;  Step 505b: The 3GPP AAA Proxy receives the authorization response-message, and the message carries the PDG access indication. Since the 3GPP AAA Proxy cannot identify the parameter and the parameter is mandatory, the 3GPP AAA Proxy discards the message. Performing step 506b;
步骤 506b、 在 505b中 3GPP AAA Proxy丟弃消息, 会话超时, 鉴权失 败, 结束流程。  Step 506b: In 505b, the 3GPP AAA Proxy discards the message, the session times out, the authentication fails, and the process ends.
以上所述,仅为本发明较佳的具体实施方式,但本发明的保护范围并不 局限于此,任何熟悉该技术的人在本发明所揭露的技术范围内,可轻易想到 的变化或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明的保护范 围应该以权利要求的保护范围为准。  The above is only a preferred embodiment of the present invention, but the scope of protection of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or replacements within the technical scope of the present invention. All should be covered by the scope of the present invention. Therefore, the scope of protection of the present invention should be determined by the scope of the claims.
工业实用 4生 本发明的技术方案, 解决了当 3GPP演进网络为家乡网络, 演进网络之 前的 3GPP网络为拜访地网络的漫游场景, UE通过非信任非 3GPP IP接入 网接入的网关选择的问题, 提供了一种安全可靠的无线网络的网关选择方 法。 Industrial and practical 4 students The technical solution of the present invention solves the problem that when the 3GPP evolved network is the home network, the 3GPP network before the evolved network is the roaming scenario of the visited network, and the UE selects the gateway through the untrusted non-3GPP IP access network, A secure and reliable gateway selection method for wireless networks.

Claims

权 利 要 求 书 Claim
1、 一种无线网络的网关选择方法, 应用于第三代合作伙伴计划 3GPP 演进网络为家乡网络和演进网络之前的 3GPP网络为拜访地网络的状态下, 包括以下步骤, A gateway selection method for a wireless network, which is applied to a third-generation partnership program. The 3GPP network before the home network and the evolved network are in the state of the visited network, and the following steps are included.
a、终端 UE通过非信任非 3GPP IP接入网接入时, 家乡 3GPP演进网络 鉴证、 鉴权、 计费服务器 3GPP AAA Server对 UE进行认证, 若认证成功, 则家乡 3GPP AAA Server决定分组数据网网关 PDN GW的选择功能信息参 数, 并决定 UE是否通过拜访地网络的分组数据网关 PDG接入 3GPP网络, 家乡 3GPP AAA Server将返回消息发送给拜访地演进网络之前的 3GPP网络 婆证、 鉴权、 计费代理服务器 3GPP AAA Proxy;  a. When the terminal UE accesses through the untrusted non-3GPP IP access network, the home 3GPP evolved network authentication, authentication, and accounting server 3GPP AAA Server authenticates the UE. If the authentication succeeds, the home 3GPP AAA Server determines the packet data network. The gateway PDN GW selects a function information parameter, and determines whether the UE accesses the 3GPP network through the packet data gateway PDG of the visited network, and the home 3GPP AAA Server sends the return message to the 3GPP network before the visited evolved network, authentication, authentication, Charging proxy server 3GPP AAA Proxy;
b、 拜访地 3GPP AAA Proxy收到家乡 3GPP AAA Server发送的返回消 息后, 若返回消息中没有携带不允许 UE通过拜访地网络 PDG接入 3GPP 网络或外部数据网络的指示参数, 则忽略所述 PDN GW的选择功能信息参 数, 并向拜访地网络 PDG转发所述返回消息;  After the 3GPP AAA Proxy receives the return message sent by the home 3GPP AAA Server, if the return message does not carry the indication parameter that does not allow the UE to access the 3GPP network or the external data network through the visited network PDG, the PDN is ignored. The GW selects a function information parameter, and forwards the return message to the visited network PDG;
c、拜访地网络 PDG收到所述返回消息后,授权 UE通过拜访地网络 PDG 接入 3GPP网络。  c. Visiting network After receiving the return message, the PDG authorizes the UE to access the 3GPP network through the visited network PDG.
2、 如权利要求 1 所述的方法, 其特征在于, 拜访地的所述非信任非 3GPP IP接入网通过 3GPP AAA Server, 或者通过 3GPP AAA Server和 HSS 对拜访的 UE进行接入认证或隧道认证。 2. The method according to claim 1, wherein the non-trusted non-3GPP IP access network in the visited area performs access authentication or tunneling to the visited UE through the 3GPP AAA Server or through the 3GPP AAA Server and the HSS. Certification.
3、 如权利要求 1所述的方法, 其特征在于, 所述步驟 a中, 所述家乡 3GPP AAA Server根据所述 UE的签约信息决定 PDN GW的选择功能信息参 数, 同时根据漫游协议和网絡策略, 决定 UE是否通过拜访地网络的 PDG 接入 3GPP或外部数据网络。 The method according to claim 1, wherein in the step a, the home 3GPP AAA Server determines a selection function information parameter of the PDN GW according to the subscription information of the UE, and according to the roaming protocol and the network policy. Determining whether the UE accesses the 3GPP or the external data network through the PDG of the visited network.
4、 如权利要求 3所述的方法,其特征在于,所述家乡 3GPP AAA Server 决定 UE是否通过拜访地网络的 PDG接入 3GPP或外部数据网络时, The method according to claim 3, wherein the home 3GPP AAA Server determines whether the UE accesses the 3GPP or the external data network through the PDG of the visited network.
若家乡 3GPP AAA Server不允许 UE通过拜访地网络 PDG接入 3GPP 或外部数据网络, 则返回消息中携带不允许 UE通过拜访地网络 PDG接入 3GPP或外部数据网络的指示参数; If the home 3GPP AAA Server does not allow the UE to access 3GPP through the visited network PDG Or an external data network, where the return message carries an indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG;
若家乡 3GPP AAA Server允许 UE通过拜访地网络的 PDG接入 3GPP 或外部数据网络, 则返回消息中不携带不允许 UE通过拜访地网络 PDG接 入 3GPP或外部数据网络的指示参数。  If the home 3GPP AAA Server allows the UE to access the 3GPP or the external data network through the PDG of the visited network, the return message does not carry the indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG.
5、 如权利要求 4所述的方法, 其特征在于, 所述步骤 b中,  5. The method according to claim 4, wherein in the step b,
所述拜访地 3GPP AAA Proxy收到家乡 3GPP AAA Server发送的返回消 息后, 若返回消息中没有携带不允许通过拜访地网络 PDG接入 3GPP或外 部数据网络的指示参数, 则忽略所述 PDN GW的选择功能信息, 并向拜访 地网络 PDG转发所述返回消息。  After the visited 3GPP AAA Proxy receives the return message sent by the home 3GPP AAA Server, if the return message does not carry the indication parameter that does not allow access to the 3GPP or the external data network through the visited network PDG, the PDN GW is ignored. The function information is selected and forwarded to the visited network PDG.
6、 如权利要求 4所述的方法, 其特征在于, 所述步骤 b中,  6. The method according to claim 4, wherein in the step b,
若所述返回消息中携带不允许 UE通过拜访地网络 PDG接入 3GPP或外 部数据网络的指示参数, 则拜访地 3GPP AAA Proxy丟弃该返回消息或向家 乡 3GPP AAA Server返回出错消息, 结束流程。  If the return message carries an indication parameter that does not allow the UE to access the 3GPP or the external data network through the visited network PDG, the visited 3GPP AAA Proxy discards the return message or returns an error message to the home 3GPP AAA Server, and ends the process.
7、 如权利要求 3所述的方法, 其特征在于, 所述 PDN GW的选择功能 信息参数是非强制的; 所述家乡 3GPP AAA Server不允许 UE通过拜访地网 络 PDG接入 3GPP或外部数据网络的指示参数是强制的。  The method according to claim 3, wherein the selection function information parameter of the PDN GW is non-mandatory; the home 3GPP AAA Server does not allow the UE to access the 3GPP or the external data network through the visited network PDG. Indicates that the parameter is mandatory.
8、 如权利要求 1所述的方法, 其特征在于, 所述步骤 a中, 若所述认 证失败, 则结束流程。  8. The method according to claim 1, wherein in the step a, if the authentication fails, the process ends.
PCT/CN2007/003931 2007-09-30 2007-12-29 A method for selecting a gateway of the radio network WO2009043210A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2007101810063A CN101141822B (en) 2007-09-30 2007-09-30 Gateway selecting method of wireless network
CN200710181006.3 2007-09-30

Publications (1)

Publication Number Publication Date
WO2009043210A1 true WO2009043210A1 (en) 2009-04-09

Family

ID=39193492

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/003931 WO2009043210A1 (en) 2007-09-30 2007-12-29 A method for selecting a gateway of the radio network

Country Status (2)

Country Link
CN (1) CN101141822B (en)
WO (1) WO2009043210A1 (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101572855B (en) * 2008-04-30 2011-09-14 华为技术有限公司 Method and device for selecting gateway for terminal
CN101472263B (en) * 2008-05-04 2011-12-28 中兴通讯股份有限公司 Method for deciding network connection mode
CN101472262B (en) * 2008-05-04 2012-05-16 中兴通讯股份有限公司 Method for implementing access network
CN101577909B (en) * 2008-05-05 2011-03-23 大唐移动通信设备有限公司 Method, system and device for acquiring trust type of non-3GPP access system
CN101472261B (en) * 2008-05-08 2011-10-26 中兴通讯股份有限公司 Method for customer equipment to access business network
CN101335703B (en) * 2008-05-30 2011-08-10 中兴通讯股份有限公司 End-to-end QoS guaranty method
CN101677470B (en) * 2008-09-18 2011-12-21 华为技术有限公司 Processing method, device and system of service request
CN101815296A (en) * 2009-02-23 2010-08-25 华为技术有限公司 Method, device and system for performing access authentication
CN101720119B (en) * 2009-05-27 2012-06-13 中兴通讯股份有限公司 Method and system for realizing PDN connecting selection
CN102223634A (en) * 2010-04-15 2011-10-19 中兴通讯股份有限公司 Method and device for controlling mode of accessing user terminal into Internet
EP2533466B1 (en) * 2011-06-08 2020-03-04 Alcatel Lucent Method and apparatus for providing network access to a user entity
WO2013166679A1 (en) * 2012-05-10 2013-11-14 Nokia Corporation Method and apparatus for managing a wireless connection
US9572171B2 (en) * 2013-10-31 2017-02-14 Intel IP Corporation Systems, methods, and devices for efficient device-to-device channel contention
WO2016183745A1 (en) * 2015-05-15 2016-11-24 华为技术有限公司 Method and apparatus for establishing connection
EP3151599A1 (en) 2015-09-30 2017-04-05 Apple Inc. Authentication failure handling for cellular network access through wlan
WO2017077441A1 (en) * 2015-11-03 2017-05-11 Telefonaktiebolaget Lm Ericsson (Publ) Selection of gateway node in a communication system
CN109219099B (en) * 2017-07-06 2021-07-20 北京佰才邦技术股份有限公司 Network switching method, network controller, related server and PGW

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1960565A (en) * 2005-11-01 2007-05-09 华为技术有限公司 Evolution mobile communication network, and method for registering on evolution 3G access network from terminal
CN1960566A (en) * 2005-11-01 2007-05-09 华为技术有限公司 Evolution mobile communication network, method for managing mobility between 3GPP and non-3GPP access network
CN1984162A (en) * 2006-04-30 2007-06-20 华为技术有限公司 Method and system for registering terminal of deductive network in non-3GPP access system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1960565A (en) * 2005-11-01 2007-05-09 华为技术有限公司 Evolution mobile communication network, and method for registering on evolution 3G access network from terminal
CN1960566A (en) * 2005-11-01 2007-05-09 华为技术有限公司 Evolution mobile communication network, method for managing mobility between 3GPP and non-3GPP access network
CN1984162A (en) * 2006-04-30 2007-06-20 华为技术有限公司 Method and system for registering terminal of deductive network in non-3GPP access system

Also Published As

Publication number Publication date
CN101141822A (en) 2008-03-12
CN101141822B (en) 2011-05-25

Similar Documents

Publication Publication Date Title
WO2009043210A1 (en) A method for selecting a gateway of the radio network
CA3030741C (en) Method for processing pdu session establishment procedure and amf node
JP6385337B2 (en) Wireless communication device, communication system and method for establishing data connectivity between a wireless communication device and a first access network
EP1790188B1 (en) Fast context establishment for interworking in heterogeneous network
EP3477993B1 (en) Method for processing pdu session establishment procedure and amf node
EP2858418B1 (en) Method for updating identity information about packet gateway, aaa server and packet gateway
US20060294363A1 (en) System and method for tunnel management over a 3G-WLAN interworking system
GB2560065A (en) A system and method for data offloading in a hetnet
US20140304777A1 (en) Securing data communications in a communications network
US9973338B2 (en) Configuration of liveness check using internet key exchange messages
WO2009000124A1 (en) A method for selecting the gateway in the wireless network
WO2009000125A1 (en) Method for informing home subscriber server of storing packet data network gateway address information
WO2005039110A1 (en) A method of analyzing the accessing process of the selected service in the wireless local area network
WO2011015140A1 (en) Method, system and apparatus for mobile telecommunication paging
WO2011015001A1 (en) Method and system for carrying out access through wireless local area network access network
WO2009135371A1 (en) Network connection mode determining method
WO2013131487A1 (en) Converged core network and access method therefor
WO2008154874A1 (en) Method and system for establishing tunnel in the evolution network
WO2010086029A1 (en) Method and radio communication system for establishing an access to a mobile network domain
WO2010054560A1 (en) Method and system for implementing multi-access
WO2013020448A1 (en) Information transmission method, packet data gateway, and policy and charging rules function
WO2014048197A1 (en) Method, system and device for user equipment to select visited public land mobile network
WO2013107243A1 (en) Session establishing method and device
WO2012022221A1 (en) Method and system triggering fixed-mobile convergence policy negotiation
WO2024024762A1 (en) User equipment (ue)

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07855931

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07855931

Country of ref document: EP

Kind code of ref document: A1