WO2012013103A1

WO2012013103A1 - Method and system for reporting gateway identity

Info

Publication number: WO2012013103A1
Application number: PCT/CN2011/076149
Authority: WO
Inventors: 毕以峰; 朱春晖
Original assignee: 中兴通讯股份有限公司
Priority date: 2010-07-28
Filing date: 2011-06-22
Publication date: 2012-02-02
Also published as: CN102348193A; CN102348193B

Abstract

A method and system for reporting a gateway identity are provided. The method includes: an evolved Packet Date Gateway (ePDG) reporting a Packet Gateway (P-GW) identity to a Home Subscriber Server/Authentication Authorization Accounting (HSS/AAA). With the present invention, the operation flow under different scenes of the 3^rd Generation Partnership Project (3GPP) and non-3GPP access can be integrated and the operation can be simplified.

Description

Method and system for reporting gateway identification

The present invention relates to an evolved packet system, and more particularly to a method and system for gateway identification in a communication network. Background technique

The 3rd Generation Partnership Project (EPS) evolved packet system (EPS, Evolved Packet System) as shown in Figure 1, by the Evolved Universal Mobile Telecommunications System Terrestrial Radio Access Network (E-UTRAN, Evolved Universal) Terrestrial Radio Access Network), Mobility Management Entity (MME), S-GW (Serving Gateway), Packet Data Network Gateway (P-GW or Packet Data Network Gateway) The Home Subscriber Server (HSS), the 3GPP Authentication and Authorization Accounting Server (AAA), the Policy and Charging Rules Function (PCRF) entity and other supporting nodes are formed. The MME is responsible for control plane related work such as mobility management, non-access stratum signaling processing, and user mobility management context management; S-GW is an access gateway device connected to E-UTRAN, in E-UTRAN and P - The GW forwards data and is responsible for caching the paging wait data. P-GW is the border gateway of 3GPP EPS and Packet Data Network (PDN), which is responsible for PDN access and forwarding data between EPS and PDN. An S6a interface is used between the MME and the HSS. The interface is used for user access authentication, subscription information acquisition, and context storage.

User equipment (UE) in addition to access networks defined by 3GPP (eg above)

E-UTRAN) access to the EPS P-GW, can also be accessed through the non-3GPP access network, that is, the P-GW is a shared gateway between the 3GPP access and the non-3GPP access, and the UE is in the network. Switch the anchor point. Non-3GPP access networks can be classified into trusted non-3GPP access and untrusted non-3GPP Access, when non-trusted non-3GPP access, must be transferred to the P-GW through the network element, evolved Packet Data Gateway (ePDG), where the interface between the ePDG and the P-GW is called the S2b interface. Protocols that can be used for this interface include Proxy Mobile IP Version 6 (ΡΜΙΡνό, Proxy Mobile IP version 6) protocol, or General Packet Radio Service Tunnel Protocol (GTP). The P-GW and the AAA server (Server) / AAA proxy (Proxy) are S6b interfaces, and the S6b interface is used for the P-GW to obtain context information from the AAA/AAA Proxy; between the ePDG and the AAA Server/AAA Proxy It is a SWm interface, which is used for user access authentication and other operations.

According to the prior art, the terminal accesses the EPS through the 3GPP access network (such as EUTRAN) or the untrusted non-3GPP access network, and the terminal first establishes a PDN connection by attaching, and the PDN connection is called a default PDN connection. It is also possible to establish a Additional PDN connection later. For each PDN connection, the terminal obtains one or a pair of Internet Protocol Version 4 (IPv4)/Internet Protocol Version 6 (IPv6) addresses, and the terminal accesses the specific PDN through the acquired IP address. For example, the terminal uses an untrusted non-3GPP access EPS as an example. The following procedure is used to describe the establishment of an attach/PDN connection. As shown in FIG. 2, the process includes the following steps:

Step 201: The user (UE) accesses the authentication and authorization.

Here, the ePDG and the 3GPP HSS/AAA complete the authentication of the UE, and an IPsec tunnel is established between the UE and the ePDG, and the tunnel is used to protect signaling and data between the UE and the ePDG.

It should be noted here that: Before step 201, the UE has completed the access operation of the non-3GPP access network through the existing steps of the untrusted non-3GPP access network.

Step 202: The ePDG sends a "GTP: Create Session Request" message to the P-GW to request to establish a GTP tunnel.

Here, in FIG. 2, the ePDG and the P-GW are tunneled by using GTP, as mentioned in the description of FIG. 1: The tunnel can also be established by using the PMIPv6 protocol between the ePDG and the P-GW. When the PMIPv6 protocol is used, the message used to create the session request in step 202 is a PBU, ΡΜΙΡνό Binding Update message.

Step 203: If the policy and charging control (PCC, Policy and Charging Control) technology is used in the network to uniformly manage resources and charging, the P-GW establishes an IP-CAN session with the PCRF, and obtains the PCC from the PCRF. Strategy.

Step 204: The P-GW reports the P-GW identity update message to the 3GPP HSS/AAA.

Here, the P-GW identifier update message carries the "APN+P-GW identifier" corresponding to the PDN connection, and the HSS/AAA stores the APN+P-GW identifier. The "APN+P-GW identifier" in this document indicates that: the APN and the P-GW identifier are stored in pairs in the HSS/AAA, and it can also be understood that the selected P-GW identifier and the APN are correspondingly stored in In HSS/AAA, it will not be described.

Step 205: In response to requesting signaling in step 202, the P-GW sends a "GTP: Create Session Reply" message to the ePDG to notify the ePDG that the GTP tunnel is successfully established.

Here, when the tunnel is established between the ePDG and the P-GW by using the PMIPv6 protocol, the message replied in step 205 is a proxy binding acknowledgement (PBA, ΡΜΙΡνό Binding Ack) message.

Step 206: The establishment of an Internet Protocol Security (IPsec) tunnel between the UE and the ePDG is completed. Step 207: After the P-GW accepts the tunnel establishment request of the ePDG, the P-GW allocates an IP address to the UE, and carries the message to the ePDG through the message in step 205. In this step 207, the ePDG brings the IP address to the UE through an Internet Key Exchange Version 2 (IKEv2, Internet Key Exchange version 2) message.

User attachment is complete. After the attachment is completed, if the UE wants to establish an additional PDN connection, the above steps 201-207 may be performed again to establish additional PDN connections such as the second and third.

In summary, the UE may establish one or more PDN connections and visit different PDNs. However, when visiting different PDNs, the P-GW selected by the Ecore (Evolved Packet Core network) is different. That is, in the process of establishing a PDN connection, the ePDG is required. Selecting a different P-GW according to the access point name (APN, Access Point Name) sent by the UE or the APN returned by the HSS/AAA (the selection mechanism is prior art), so when performing step 202 in FIG. 2 The ePDG sends a tunnel binding message to the selected P-GW. Once the P-GW is selected, the identifier of the P-GW and the APN need to be correspondingly stored in the HSS/AAA, that is: In FIG. 2, the APN+P-GW identifier is implemented in the HSS/AAA by step 204. Storage. The purpose of storing the APN+P-GW identifier is to keep the P-GW unchanged during the handover process. For example, when the UE is switched from the non-3GPP access network to the EUTRAN access, the EUTRAN access network does not know which P-GW to use because the EUTRAN access network does not know which P-GW the UE selects when it is not the 3GPP access. The P-GW establishes a tunnel binding relationship. Therefore, the UE needs to store the correspondence between the selected P-GW identifier and the APN to the HSS/AAA when the UE is initially accessed through the non-3GPP. After the UE switches to the EUTRAN access, the EUTRAN accesses the access profile through the user. The right operation obtains the stored APN+P-GW identification information from the HSS/AAA, so that the EUTRAN knows to establish a tunnel binding relationship with the P-GW, so as to ensure that the P-GW selected before and after the handover is the same P-GW. The anchor gateway P-GW is guaranteed to be unchanged during the handover process, which ensures the continuity of the service.

The flow of the APN+P-GW identifier is reported by the P-GW to the HSS/AAA through the S6b interface. Different from the operation of the UE through the EUTRAN access, the P-GW does not need to perform the operation when the EUTRAN is accessed, and the storage of the APN+P-GW identifier is reported by other network elements, such as the MME, to the HSS/AAA. That is to say, in different scenarios of 3GPP access and non-3GPP access, different requirements are imposed on the behavior of the P-GW. When the APN+P-GW identifier is reported to the HSS/AAA storage, different networks are used. The execution of the meta-reports makes the operation process seem confusing and non-uniform. Currently, a gateway identification reporting solution is urgently needed, which can unify the operation process and simplify operations. Summary of the invention

In view of this, the main purpose of the present invention is to provide a method and system for reporting a gateway identity, which can unify the operation flow and simplify operations in different scenarios of 3GPP access and non-3GPP access. In order to achieve the above object, the technical solution of the present invention is achieved as follows:

A method for verifying a gateway on a gateway, the method comprising:

The evolved packet data gateway (ePDG) reports the packet data network gateway (P-GW) to the Home Subscriber Server (HSS) / Authentication Authorization Accounting Server (AAA).

The method further includes: the ePDG reporting a P-GW identifier update message to the HSS/AAA, and the HSS/AAA receiving the P-GW identifier after the user initiates an attach/packet data network (PDN) connection establishment. And storing the P-GW identifier, where the P-GW identifier update message carries the P-GW identifier.

The condition for triggering the ePDG to report includes any one of the following:

Condition 1: After the user equipment (UE) access authentication and authorization, the UE access authentication and authorization process, or the UE access authentication and authorization is completed, the ePDG uploads the P-GW identity update message;

Condition 2: After the initiating P-GW notifies the ePDG General Packet Radio Service Tunneling Protocol (GTP) tunnel establishment, the P-GW notifies the ePDG GTP tunnel establishment process, or the P-GW notifies that the ePDG GTP tunnel is established, the ePDG reports the P-GW identification update message;

Condition 3: After the establishment of the Internet Protocol Security (IPsec) tunnel between the UE and the ePDG, the establishment of the IPsec tunnel between the UE and the ePDG, or the establishment of the IPsec tunnel between the UE and the ePDG, The ePDG identifies the P-GW identity update message.

When the user switches to the access network where the ePDG is located, the method further includes: when the ePDG performs a user access authentication operation, requesting to obtain, from the HSS/AAA, the P- stored by the HSS/AAA before the handover. GW logo.

The method further includes: the ePDG reports a P-GW identifier update message to the HSS/AAA, and the HSS/AAA receives the P-GW identifier update message, and deletes the location. Stored P-GW identity.

Wherein, when the detaching is initiated by the UE/non-3GPP access network/ePDG, the ePDG is triggered. The conditions for reporting include any of the following:

Condition 1: After the release of the Internet Key Exchange Version 2 (IKEv2) tunnel, the release of the IKEv2 tunnel, or the release of the KEv2 tunnel, the ePDG updates the P-GW identifier message;

Condition 2: After the initiating P-GW notifies the ePDG to release the GTP tunnel, the P-GW notifies the ePDG to release the GTP tunnel, or the P-GW notifies the ePDG to release the GTP tunnel, the P-GW identity update message is sent on the ePDG. ;

Condition 3: Initiating a non-3GPP access network to release resources through an existing resource release operation, a non-3GPP access network releasing resources through an existing resource release operation, or a non-3GPP access network releasing through an existing resource release operation After the resource is completed, the ePDG reports the P-GW identity update message.

The P-GW identity update message includes: a P-GW identity storage request message, a P-GW identity acquisition request message, or a P-GW identity deletion request message.

A system for identifying a gateway on a gateway, the system includes an ePDG and an HSS/AAA; wherein, the ePDG is configured to report the P-GW identifier to the HSS/AAA;

The HSS/AAA is used to receive the P-GW identifier reported by the ePDG.

The ePDG is further configured to: when the initial connection/PDN connection is established, the P-GW identifier update message is sent to the HSS/AAA, where the P-GW identifier update message carries the P-GW identifier;

The HSS/AAA is further configured to store the P-GW identifier after receiving the P-GW identifier.

The ePDG is further configured to perform a user access authentication operation when the user switches to the access network where the ePDG is located, and request to obtain, from the HSS/AAA, the P-GW identifier stored by the HSS/AAA before the handover. .

The ePDG is further used to report the P-GW when the user detaches/PDN connection is released. Identifying an update message to the HSS/AAA;

The HSS/AAA is further configured to delete the P-GW identifier stored by the HSS/AAA after receiving the P-GW identifier update message.

In the prior art, when the 3GPP is accessed, the P-GW identifier is reported by the MME to the HSS/AAA; when the non-3GPP is accessed, the P-GW identifier is reported by the P-GW to the HSS/AAA, and the process and the network element function are MME and P-GW do not have uniformity. In the present invention, when the non-3GPP is accessed, the P-GW identity is uniformly reported by the ePDG to the HSS/AAA. Since the ePDG and the MME have similar functions in the terminal access process, the present invention is in 3GPP access and non-3GPP access. The different process scenarios unify the operation process and simplify the operation. DRAWINGS

1 is a schematic diagram of an untrusted non-3GPP access network accessing an EPS in the prior art; FIG. 2 is a schematic diagram of an attachment process of a P-GW identity storage in the prior art;

3 is a schematic flowchart of an implementation process of Embodiment 1 of the method according to the present invention;

4 is a schematic flowchart of an implementation process of Embodiment 2 of the method according to the present invention;

FIG. 5 is a schematic diagram of an implementation process of Embodiment 3 of the method according to the present invention. detailed description

The basic idea of the present invention is: The ePDG reports the P-GW identity to the HSS/AAA.

The implementation of the technical solution will be further described in detail below with reference to the accompanying drawings.

The solution of the present invention is applicable to the non-3GPP access scenario, and the ePDG reports the P-GW to the HSS/AAA. The subsequent HSS/AAA stores the received P-GW identifier, the ePDG obtains the stored P-GW identifier from the HSS/AAA, or the HSS/AAA deletes the stored P-GW identifier at the request of the ePDG.

A method for identifying a ^ on a gateway, the method mainly includes the following contents:

Uniformly reported by the ePDG to the P-GW to the HSS/AAA. Further, when the initial connection/PDN connection is established, the ePDG may report the P-GW identity update message to the HSS/AAA through the SWm interface, and request the HSS/AAA to store the P-GW identifier, and the HSS/AAA may be in the lifetime of the PDN connection. The received P-GW identifier is stored. The P-GW identifier update message carries the P-GW identifier.

Further, when the user switches, the ePDG obtains the P-GW identifier stored in the HSS/AAA before the handover from the HSS/AAA through the user access authentication operation.

Further, when the user detaches/PDN connection is released, the ePDG requests the HSS/AAA to delete the P-GW identifier, and the HSS/AAA deletes the P-GW identifier.

It should be noted here that when the P-GW initiates a PDN connection deletion/resource deactivation due to the handover reason, the ePDG does not request the HSS/AAA to delete the P-GW identity.

The invention is illustrated by way of example below.

The P-GW identification update message used in the following embodiments is a generalized message name, and may specifically include: a P-GW identifier storage request message, a P-GW identifier acquisition request message, or a P-GW. Identifies the delete request message. The message may be carried by the Diameter signaling carrying a special indication, as long as the HSS/AAA can parse the parameters carried by the message and can perform the operation indicated by the message (storing/deleting/acquiring the P-GW identifier), the message name is not made. Specifically limited.

Method Embodiment 1: The P-GW identifies the stored attach/PDN connection establishment process.

This embodiment is a process in which a terminal attaches to an EPS core network through an untrusted non-3GPP access network according to the present invention; or, after attaching, an additional PDN connection process is established, and in the process of attaching/PDN connection establishment, ePDG is directed to The HSS/AAA sends a P-GW identity update message, which carries the P-GW identity, and the HSS/AAA stores the P-GW identity, as shown in FIG. Figure 3 shows a non-roaming scenario. The roaming scenario differs from that of Figure 3 in that: the P-GW interacts with the home policy and charging rule function (hPCRF) by visiting the visited policy and charging rules of the network. (vPCRF) Transfer; The interaction between ePDG and home HSS/AAA is transferred via the AAA Proxy of the visited network. The difference here does not affect the invention. The process shown in Figure 3 includes the following steps:

Step 301: The user (UE) accesses the authentication and authorization.

It should be noted here that before step 301, the UE has completed the access operation to the non-3GPP access network through the existing steps of the untrusted non-3GPP access network.

Step 302: During the establishment of the IPsec tunnel, the UE will carry the APN to the ePDG, or the AAA will send the signed APN to the ePDG. Based on the APN, the ePDG selects the P-GW that needs to be connected to establish the PDN connection through an existing mechanism (such as a DNS query). The ePDG sends a P-GW identity update message to the HSS/AAA through the SWm interface, requesting the HSS/AAA to store the P-GW identity.

The P-GW identification update message triggering condition of step 302 or the execution timing may be any one as shown below:

Condition 1: is triggered by step 301, that is, step 302 occurs after step 301, as shown in FIG. 3;

Condition 2: triggered by step 305, that is, step 302 occurs after step 305, which is not disclosed in FIG. 3;

Condition 3: Triggered by step 306, step 302 occurs after step 306, which is not disclosed in FIG.

Of course, as a failure exception, if it is executed after steps 301 and 305

The P-GW identifies the update, and the subsequent attach/PDN connection establishment fails. The ePDG sends a P-GW identity update request to the HSS/AAA, requesting the HSS/AAA to delete the stored P-GW identity.

Because different APNs identify different PDNs, and different PDNs need to be accessed through different P-GWs (may be the same P-GW in some scenarios), the ePDG sends a P-GW identifier to the HSS/AAA. When updating the message, the APN and P-GW identifiers are sent in pairs, HSS/AAA The storage of this message is also stored in pairs.

Step 303: The ePDG sends a "GTP: Create Session Request" message to the selected P-GW to request to establish a GTP tunnel.

Here, in FIG. 3, the ePDG and the P-GW are tunneled by using the GTP protocol, as mentioned in the description of FIG. 1: The tunnel can also be established by using the PMIPv6 protocol between the ePDG and the P-GW. When the PMIPv6 protocol is used, the message used to create the session request in step 303 is a PBU message.

Step 304: If the PCC technology is used in the network to uniformly manage resources and charging, the P-GW establishes an IP-CAN session with the PCRF and obtains a PCC policy from the PCRF.

Step 305: In response to the request signaling in step 303, the P-GW sends a "GTP: Create Session Response" message to the ePDG to notify the ePDG that the GTP tunnel is successfully established.

Here, when the tunnel is established between the ePDG and the P-GW by using the PMIPv6 protocol, the message replied in step 305 is a PBA message.

Step 306: The establishment of the IPsec tunnel between the UE and the ePDG is completed.

Step 307: After the P-GW accepts the tunnel establishment request of the ePDG, the P-GW allocates an IP address to the UE, and carries the message to the ePDG through the message in step 305. In this step 307, the ePDG brings the IP address to the UE through the IKEv2 message.

User attachment is complete. Similarly, after the user completes the attach, if an additional PDN connection needs to be established, the above steps 301~307 can be performed again to establish additional PDN connections such as the second and third.

Method Embodiment 2: PDN connection release/de-attachment procedure initiated by the UE/ePDG/non-3GPP access network deleted by the P-GW.

This embodiment is based on the present invention, after the terminal is attached to the EPS core network through the untrusted non-3GPP access network (one or several additional PDN connections may or may not be established after the attachment, UE or ePDG or non-3GPP connection) Incoming network initiates de-attach/PDN connection release stream Cheng. The "PDN connection release" means that the UE has multiple PDN connections, and one or several PDN connections need to be disconnected, but the UE also maintains the remaining PDN connections, so the UE does not attach from the network side. . During the detachment/PDN connection release process, the ePDG sends a P-GW identity update message to the HSS/AAA. After receiving the message, the HSS/AAA deletes the P-GW identity, as shown in FIG. Figure 4 shows a non-roaming scenario. The roaming scenario differs from that of Figure 4 in that: the interaction between the P-GW and the hPCRF is transferred through the vPCRF of the visited network; the interaction between the ePDG and the home HSS/AAA is through the AAA Proxy of the visited network. Transferred. The difference here does not affect the invention.

The process shown in Figure 4 includes the following steps:

Step 401: The user (UE) or the non-3GPP access network or the ePDG initiates a detach operation, triggering the release of the IKEv2 tunnel.

Step 402: In this embodiment, the ePDG sends a P-GW identifier update message to the HSS/AAA through the SWm interface, requesting the HSS/AAA to delete the P-GW identifier, and the HSS/AAA is triggered to delete the P-GW identifier.

The trigger condition of step 402 or the execution timing may be any one of the following: Condition 1 : Triggered by step 401, that is, step 402 occurs after step 401, as shown in FIG. 4;

Condition 2: triggered by step 405, that is, step 402 occurs after step 405, which is not disclosed in FIG. 4;

Condition 3: Triggered by step 406, step 402 occurs after step 406, which is not disclosed in FIG.

Of course, as a failure exception process, if the P-GW identity update (delete) is performed after steps 401 and 405, and the subsequent detach operation fails, the ePDG will resend the P-GW identity update to the HSS/AAA ( Store) request, request HSS/AAA to re-store the P-GW Step 403: The ePDG sends a "GTP: Delete Session Request" message to the selected P-GW to request to tear down the GTP tunnel.

Here, in FIG. 4, the ePDG and the P-GW are tunneled by using the GTP protocol, as mentioned in the description of FIG. 1: The tunnel can also be established by using the PMIPv6 protocol between the ePDG and the P-GW. When the PMIPv6 protocol is used, the message of step 402 is a PBU message for creating a session request, and the lifetime is set to zero, specifically "PMIPv6 Binding Update ( lifetime=0)".

Step 404: If the PCC technology is used in the network to uniformly manage resources and charging, the P-GW terminates the IP-CAN session with the PCRF.

Step 405: In response to the request signaling in step 403, the P-GW sends a "GTP: Delete Session Reply" message to the ePDG, informing the ePDG to release the GTP tunnel.

Here, when the tunnel is established between the ePDG and the P-GW by using the PMIPv6 protocol, the message replied in step 405 is a PBA message.

Step 406: The non-3GPP access network releases the resource by using an existing resource release operation step.

The above operation is detachment. Similarly, when the user initiates the release of the PDN connection, the steps are similar to the above steps 401 to 406.

Method Embodiment 3: The PDN connection release/resource deactivation process initiated by the P-GW/PCRF deleted by the P-GW identifier.

In this embodiment, according to the present invention, after the terminal attaches to the EPS core network through the untrusted non-3GPP access network, one or more additional PDN connections are established, and the PCRF or P-GW initiates the process of resource deactivation/PDN connection release. . During the resource deactivation/PDN connection release process, the ePDG sends a P-GW identity update message to the HSS/AAA. After receiving the message, the HSS/AAA deletes the P-GW identity, as shown in FIG. 5. Figure 5 shows a non-roaming scenario. The roaming scenario differs from that of Figure 5 in that: the interaction between the P-GW and the hPCRF is transferred through the vPCRF of the visited network; the interaction between the ePDG and the home HSS/AAA is through the AAA Proxy of the visited network. Transferred. The difference here does not affect the invention. The process shown in Figure 5 includes the following steps:

Step 501: The PCRF initiates an termination/modification operation of the IP-CAN session, and notifies the P-GW to delete a PDN connection/deactivate resource of a PDN connection.

Here, this step is an optional step.

Step 502: The P-GW sends a "GTP: Delete Bearer Request" message to the ePDG, requesting to remove the related bearer.

In Figure 5, the ePDG and the P-GW are tunneled using the GTP protocol, as mentioned in the description of Figure 1: The tunnel can also be established between the ePDG and the P-GW using the PMIPv6 protocol, when using PMIPv6. In the case of the protocol, the message used to delete the bearer request in step 502 is a Binding Revocation Indication (BRI) message.

Step 503: The non-3GPP access network releases the related resources. If all the resources connected to the PDN are triggered to be released, the IKEv2 tunnel release between the UE and the ePDG is also triggered to be released.

Step 504: When the resource is deactivated and the PDN connection is released, the ePDG sends a P-GW identity update message to the HSS/AAA through the SWm interface, requesting the HSS/AAA to delete the P-GW identifier, and the HSS/AAA is triggered. P-GW logo.

The triggering condition of step 504 or the timing of execution may be any of the following: Condition 1 : triggered by step 502, ie step 504 occurs after step 502, which is not disclosed in FIG. 5;

Condition 2: Triggered by step 503, that is, step 504 occurs after step 503, as shown in FIG.

Of course, as a failure exception process, if the P-GW identity update (delete) is performed after step 502, and the subsequent resource deactivation/PDN connection release operation fails, the ePDG sends the P-GW identity to the HSS/AAA again. Update (storage) the request, requesting the HSS/AAA to re-store the P-GW identity.

Step 505: In response to the 502 step request signaling, the ePDG sends "GTP:" to the P-GW: Delete bearer reply" message.

Here, when the tunnel is established between the ePDG and the P-GW by using the PMIPv6 protocol, the message used to delete the bearer response in step 505 is a Binding Revocation Ack (BRA) message.

Step 506: The IP-CAN session terminates/modifies the response.

In order to implement the foregoing method, the present invention further provides a system for reporting a gateway identity, the system includes an ePDG and an HSS/AAA; wherein the ePDG is used to report the P-GW identity to the HSS/AAA; and the HSS/AAA is configured to receive the ePDG report. P-GW logo.

Here, in the case of requesting to store the P-GW identity, the ePDG is further configured to report the P-GW identity update message to the HSS/AAA when the user initiates the attach/PDN connection establishment, and request the HSS/AAA to store the P-GW identity; wherein, P The GW identity update message carries the P-GW identity.

The HSS/AAA is further configured to store the P-GW identity after receiving the P-GW identity.

Here, in the case of requesting to obtain the P-GW identity, the ePDG is further configured to perform a user access authentication operation when the user switches to the access network where the ePDG is located, and request to obtain the P- stored by the HSS/AAA before the handover from the HSS/AAA. GW logo.

Here, in the case of requesting to delete the P-GW identity, the ePDG further reports the P-GW identity update message to the HSS/AAA when the user detaches/PDN connection is released, and requests the HSS/AAA to delete the stored P-GW identity.

The HSS/AAA is further configured to delete the P-GW identifier stored in the HSS/AAA after receiving the P-GW identifier update message.

The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

Claims

Claim

A method for identifying a gateway on a gateway, wherein the method comprises:

The method according to claim 1, wherein when the initial connection/packet data network (PDN) connection is established, the method further includes:

The ePDG reports a P-GW identity update message to the HSS/AAA, and the HSS/AAA stores the P-GW identity after receiving the P-GW identity, where the P-GW identity update message carries The P-GW identifier.

The method according to claim 2, wherein the condition for triggering the ePDG to report includes any one of the following:

Condition 2: After the initiating P-GW notifies the ePDG General Packet Radio Service Tunneling Protocol (GTP) tunnel establishment, the P-GW notifies the ePDG GTP tunnel establishment process, or the P-GW notifies the ePDG GTP tunnel establishment that the ePDG is "3⁄4" The P-GW identifies an update message;

The method according to claim 1, wherein when the user switches to the access network where the ePDG is located, the method further includes: when the ePDG performs a user access authentication operation, requesting from the HSS/ The P-GW identifier stored by the HSS/AAA before the handover is obtained at the AAA.

The method according to claim 1, wherein, when the user detaches/PDN connection is released, the method further includes: sending, by the ePDG, a P-GW identifier update message to the HSS/AAA, after receiving the P-GW identity update message, the HSS/AAA deletes the stored P-GW identity.

The method according to claim 5, wherein when the detaching is initiated by the UE/non-3GPP access network/ePDG, the condition for triggering the ePDG to report includes any one of the following: Condition 1: Initiating the Internet After the release of the key exchange version 2 ( IKEv2 ) tunnel, the release of the IKEv2 tunnel, or the release of the KEv2 tunnel, the e-PDG updates the P-GW identifier message;

The method according to claim 2, 3, 5 or 6, wherein the P-GW identity update message comprises: a P-GW identity storage request message, a P-GW identity acquisition request message, or a P- The GW identifies the delete request message.

8. A system for gateway identification, wherein the system comprises ePDG and HSS/AAA;

ePDG, used to report the P-GW identifier to the HSS/AAA;

The HSS/AAA is used to receive the P-GW identifier reported by the ePDG.

The system according to claim 8, wherein the ePDG is further configured to report a P-GW identity update message to the HSS/AAA when the user initiates an attach/PDN connection establishment, where the P- The GW identifier update message carries the P-GW identifier.

The HSS/AAA is further configured to store the P-GW after receiving the P-GW identifier Logo.

The system according to claim 8, wherein the ePDG is further configured to perform a user access authentication operation when the user switches to the access network where the ePDG is located, requesting from the HSS/AAA Obtain the P-GW identifier stored by the HSS/AAA before the handover.

The system according to claim 8, wherein the ePDG is further used to report a P-GW identity update message to the HSS/AAA when the user detaches/PDN connection is released;