WO2012065499A1 - Method and system for realizing service quality control - Google Patents

Method and system for realizing service quality control Download PDF

Info

Publication number
WO2012065499A1
WO2012065499A1 PCT/CN2011/081246 CN2011081246W WO2012065499A1 WO 2012065499 A1 WO2012065499 A1 WO 2012065499A1 CN 2011081246 W CN2011081246 W CN 2011081246W WO 2012065499 A1 WO2012065499 A1 WO 2012065499A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
network element
qos
segw
henb
Prior art date
Application number
PCT/CN2011/081246
Other languages
French (fr)
Chinese (zh)
Inventor
毕以峰
霍玉臻
刘国燕
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012065499A1 publication Critical patent/WO2012065499A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/16Central resource management; Negotiation of resources or communication parameters, e.g. negotiating bandwidth or QoS [Quality of Service]
    • H04W28/24Negotiating SLA [Service Level Agreement]; Negotiating QoS [Quality of Service]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/04Large scale networks; Deep hierarchical networks
    • H04W84/042Public Land Mobile systems, e.g. cellular systems
    • H04W84/045Public Land Mobile systems, e.g. cellular systems using private Base Stations, e.g. femto Base Stations, home Node B

Definitions

  • the present invention relates to the field of wireless communications, and in particular, to a method and system for implementing Quality of Service (QoS) control.
  • QoS Quality of Service
  • the Evolved Packet System (EPS) of the 3rd Generation Partnership Project (3GPP) is evolved by Evolved Universal Terrestrial Radio Access Network (E-UTRAN), mobile management.
  • a component Mobility Management Entity, MME
  • S-GW Serving Gateway
  • P-GW Packet Data Network Gateway
  • HSS Home Subscriber Server
  • FIG. 1 is a schematic diagram of an architecture of a Home evolved NodeB (HeNB) accessing an EPS in a non-roaming scenario according to the related art.
  • HeNB Home evolved NodeB
  • S-GW is an access gateway device connected to E-UTRAN, in E-UTRAN and The P-GW forwards data and is responsible for buffering the paging waiting data.
  • the P-GW is the border gateway of the EPS and Packet Data Network (PDN) network, which is responsible for PDN access and EPS and PDN. Transfer data and other functions.
  • PDN Packet Data Network
  • the Policy and Charging Rules Function performs policy and charging rules. It passes the interface Rx and the carrier network.
  • the application function (AF) of the protocol (Internet Protocol, IP) service network is connected to obtain service information, which is used to generate service information of the PCC policy.
  • GTP GPRS Tunneling Protocol
  • PCEF Policy and Charging Enforcement Function
  • the S-GW hosts the Bearer Binding and Event Report Function (BBERF), and The S-GW exchanges information with the PCRF through the Gxc interface.
  • the BBERF is responsible for initiating the establishment, modification, and release of the bearer to ensure the service quality of the service data.
  • the PCEF performs charging control.
  • the P-GW (or other network element, such as the S-GW) has a bearer binding function.
  • the quintuple of the data packet (source address, destination address, source) is used.
  • the port number, the destination port number, and the protocol number are matched to the TFT (traffic flow template), and the PF (a packet filter) that forms the TFT is associated with different bearers.
  • the quintuple of the data packet matches a certain PF, the data packet is transmitted to the corresponding bearer.
  • the EPS supports the access of the HeNB, which is a small, low-power base station deployed in indoor places such as homes, offices, and corporate buildings.
  • the Closed Subscriber Group is a concept introduced after the introduction of a home base station. Usually a household or an enterprise internal user forms a closed user group, which is identified by a CSG ID. The home base station serving the users in this closed subscriber group has the same CSG ID. When a closed subscriber group is served by only one home base station, the closed subscriber group can also directly identify the home base station identity (e.g., BS ID).
  • BS ID home base station identity
  • CSG users and/or non-CSG users can distinguish different levels, and the priority of the service is different, and the service quality and service category can be different.
  • the user can access the home base station corresponding to multiple closed user groups, for example, the user's office, home, and the like.
  • the concept of allowing a closed user group list to be introduced is therefore introduced. This list is stored in the user's terminal and the user data server on the network side.
  • home base stations There are three usage modes for home base stations: closed mode, mixed mode, and open mode.
  • closed mode only the CSG subscription user to which the home base station belongs can access the base station and enjoy the service provided by the base station; when the home base station is in the open mode, any operator subscription user can access the base station.
  • the home base station at this time is equivalent to the macro base station; when the home base station is in the hybrid mode, it also allows any operator to sign up the user or the roaming user to access the use, but according to whether the user subscribes to the CSG information to distinguish different levels, that is, Said that users who sign up for the CSG have higher business priorities when using hybrid home base stations, and enjoy better service. Quality and business category.
  • the HeNB usually accesses the core network of the EPS through the leased fixed network line (as shown in FIG. 1).
  • a security gateway (SeGW) is introduced in the core network for shielding, and between the HeNB and the SeGW.
  • IP Security Internet Security
  • IPSec Internet Security
  • the HeNB is connected to the MME and the S-GW of the core network, or is connected to the MME and the S-GW through the HeNB GW (the HeNB GW is an optional network element, whether or not deployed by the operator-based network), and controls signaling or user data.
  • IP Security Internet Security
  • IPSec Internet Security
  • the HeNB is connected to the MME and the S-GW of the core network, or is connected to the MME and the S-GW through the HeNB GW (the HeNB GW is an optional network element, whether or not deployed by the operator-based network), and controls signaling or user data.
  • the HeNB GW is an optional network element, whether or not deployed by the operator-based network
  • the Universal Mobile Telecommunications System supports access to the home base station HNB (Home NodeB).
  • HNB Home NodeB
  • 2 is a schematic diagram of an architecture of an HNB accessing UMTS in a non-roaming scenario according to the related art.
  • the architecture in FIG. 2 is similar to the architecture of FIG. 1, except that a Serving General Packet Radio Service is used.
  • the Support Node (SGSN) replaces the MME and the S-GW, and replaces the P-GW with a Gateway General Packet Radio Service Support Node (GGSN).
  • SGSN Serving General Packet Radio Service
  • GGSN Gateway General Packet Radio Service Support Node
  • the HNB can access the EPC core network through the enhanced SGSN (S4-SGSN), and the S4-SGSN and the S-GW are connected through the S4 interface, and the HSS is connected through the S6d/Gr interface, and the S4-SGSN is the same.
  • S4-SGSN enhanced SGSN
  • the function of the MME in the HeNB scenario is as shown in Figure 2a.
  • HeNB/HNB PF Policy Function
  • an interface T1 is set between the SeGW and the HeNB/HNB PF
  • an interface T2 is set between the HeNB/HNB and the HeNB/HNB PF.
  • the T1 interface is used to transmit related HeNB/HNB system messages, such as HeNB/HNB address, HeNB/HNB identifier, etc., to the HeNB/HNB PF and the fixed network when the HeNB/HNB is powered on, for association policy session and positioning.
  • T2 interface for The HeNB/HNB transmits relevant policy negotiation control signaling and corresponding policies to the HeNB/HNB PF and the fixed network, and implements QoS control on the user data on the HeNB/HNB.
  • an interface T1 is set between the SeGW and the HeNB/HNB PF
  • an interface T3 is set between the HeNB/HNB GW/MME and the HeNB/HNB PF.
  • the T1 interface is used to transmit related HeNB/HNB system messages, such as HeNB/HNB address, HeNB/HNB identifier, etc., to the HeNB/HNB PF and the fixed network when the HeNB/HNB is powered on, for association policy session and positioning.
  • the T3 interface is used by the HeNB/HNB GW/MME to transmit related policy negotiation control signaling and corresponding policies to the HeNB/HNB PF and the fixed network, and implement QoS control on the user data on the HeNB/HNB.
  • the QoS of the fixed line of the HeNB/HNB is usually restricted by the signing of the owner of the HeNB/HNB and the fixed network operator, and the user service data is passed.
  • an IPsec tunnel is encapsulated and transmitted by a fixed network link, whether the fixed network can guarantee the QoS of the service data depends entirely on the condition of the fixed network resource. All data services (such as voice, video, and other data services) that are connected to all PDNs of all the terminals of the same HeNB/HNB are transmitted through the same IPSec tunnel, so that different services are used.
  • the technical problem to be solved by the present invention proposes a method and system for implementing Q 0 S control to realize Guarantee the corresponding QoS for different services.
  • the present invention provides a method for implementing quality of service control, comprising: a security gateway (SeGW) passing a downlink network protocol security (IPsec) tunnel information and IP data stream information through a second network element The corresponding relationship information is reported to the fixed network element, and the SeGW or the first network element reports the correspondence between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element through the second network element, and the fixed network element is used by the fixed network.
  • SeGW security gateway
  • IPsec downlink network protocol security
  • the first network element is an evolved home base station (HeNB), and the second network element is an evolved home base station policy function (HeNB PF); or the first network element is a home base station (HNB), and the second network element For the Home Base Station Policy Function (HNB PF).
  • HeNB evolved home base station
  • HeNB PF evolved home base station policy function
  • HNB home base station
  • HNB PF Home Base Station Policy Function
  • the above method has the following characteristics:
  • the information about the correspondence between the IPsec tunnel information and the IP data flow information in the downlink direction is reported to the fixed network element by the second network element, and the SeGW or the first network element sends the IPsec tunnel information in the uplink direction by using the second network element.
  • the method further includes:
  • More than one IPsec tunnel is established between the first network element and the SeGW.
  • the above method has the following characteristics:
  • IPsec tunnel is established between the first network element and the SeGW in a static or dynamic manner.
  • the above method has the following characteristics:
  • the method further includes:
  • the first network element and/or the SeGW receive the IP data flow information sent from the core network, and establish a correspondence between the IPsec tunnel information and the IP data flow information.
  • the above method has the following characteristics:
  • the IPsec tunnel information is a Security Parameter Index (SPI) or a Differentiated Service Code Point (DSCP) information;
  • SPI Security Parameter Index
  • DSCP Differentiated Service Code Point
  • the IP data stream information is one or more of the following information: quintuple information, tunnel endpoint identifier (TEID), radio bearer identifier (RB-ID), QoS rule, service flow template (TFT) Or a packet filter (PF), wherein the quintuple information includes information of a source address, a destination address, a source port number, a destination port number, and a protocol number.
  • quintuple information includes information of a source address, a destination address, a source port number, a destination port number, and a protocol number.
  • the above method has the following characteristics:
  • the corresponding relationship information received by the fixed network element is the correspondence information between the SPI and the QoS rule.
  • the above method has the following characteristics:
  • the QoS control performed by the fixed network element refers to:
  • the fixed network element provides a hierarchical QoS guarantee for transmitting data packets according to different SPIs and their corresponding QoS rules.
  • the method further includes:
  • the first network element creates an uplink mapping table or a filter according to the RB-ID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and maps or filters the uplink data.
  • the SeGW creates a mapping table or a filter in the downlink direction according to the TEID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and maps or filters the downlink data.
  • the above method has the following characteristics:
  • the fixed network element that receives the correspondence information between the IPsec tunnel information and the IP data flow information is a Broadband Forum Policy Control Function (BPCF), and the BPCF provides a hierarchical QoS guarantee for the transmission data, or the BPCF
  • BPCF Broadband Forum Policy Control Function
  • BNG broadband network gateway
  • BRAS broadband remote access server
  • the above method has the following characteristics:
  • the SeGW In the step that the SeGW reports the correspondence information between the IPsec tunnel information and the IP data flow information in the downlink direction to the fixed network element by using the second network element, the SeGW sends the corresponding relationship information to the request information through the notification request message.
  • the second network element sends the corresponding relationship information to the fixed network element by using an S9* interface session message;
  • the SeGW In the step of reporting, by the second network element, the correspondence information between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element by the second network element, the SeGW, by using the notification request message, Corresponding relationship information is sent to the second network element, or the first network element sends the corresponding relationship information to the second network element by using a resource request message or a resource modification request message; The second network element sends the corresponding relationship information to the fixed network element by using an S9* interface session message.
  • the technical problem to be solved by the present invention is to provide a system for implementing quality of service control, including: a first network element, a second network element, a SeGW, and a fixed network element, where
  • the SeGW is configured to: report, by the second network element, the correspondence information between the IPsec tunnel information and the IP data flow information in the downlink direction to the fixed network element;
  • the SeGW or the first network element is configured to: report the correspondence information between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element by using the second network element;
  • the fixed network element is configured to: ensure the QoS of the data transmitted in the phase IPsec tunnel according to the correspondence information in the downlink direction and the uplink direction;
  • the first network element is an HeNB, and the second network element is an HeNB PF; or the first network element is an HNB, and the second network element is an HNB PF.
  • the above system has the following characteristics:
  • the first network element is further configured to: establish more than one IPsec tunnel with the SeGW.
  • the above system has the following characteristics:
  • the IPsec tunnel information is a Security Parameter Index (SPI) or a Differential Service Code Point (DSCP) information;
  • SPI Security Parameter Index
  • DSCP Differential Service Code Point
  • the IP data stream information is one or more of the following information: quintuple information, tunnel endpoint identifier (TEID), radio bearer identifier (RB-ID), QoS rule, service flow template (TFT), or data packet.
  • TEID tunnel endpoint identifier
  • RB-ID radio bearer identifier
  • QoS rule service flow template
  • TFT service flow template
  • data packet data packet.
  • PF filter
  • the above system has the following characteristics:
  • the first network element is further configured to: create an uplink mapping table or a filter according to the RB-ID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and map or filter the uplink data;
  • the SeGW is further configured to: create a mapping table or filter in the downlink direction according to TEID or quintuple information and QoS information, and a correspondence between the QoS information and the SPI, and map or filter the downlink data.
  • the embodiments of the present invention can ensure that the QoS is differentiated for different services when the terminal accesses from the HeNB/HNB, and the QoS requirements are preferentially met to improve the user experience.
  • FIG. 1 is a schematic structural diagram of an HeNB accessing an EPS according to the related art
  • FIG. 2 is a schematic structural diagram of an HNB accessing UMTS according to the related art
  • FIG. 2a is a schematic structural diagram of an HNB accessing an EPS according to the related art
  • FIG. 3 is a schematic flowchart of statically establishing multiple SAs and implementing QoS control according to the present invention
  • FIG. 4 is a schematic flowchart of dynamically establishing multiple SAs and implementing QoS control according to the present invention
  • FIG. 6 is a schematic structural diagram of a downlink mapping relationship according to the present invention.
  • Figure 7 is a schematic structural view of the upper and lower filters of the present invention.
  • Embodiment 8 is a flowchart of Embodiment 1 of the present invention (SeGW parses Sl/Iuh messages, based on T1-T2 architecture);
  • SeGW parses Sl/Iuh messages, based on the T1-T3 architecture
  • Embodiment 10 is a flowchart of Embodiment 3 of the present invention (SeGW does not parse Sl/Iuh messages, based on T1-T2 architecture);
  • FIG. 11 is a flowchart of Embodiment 4 of the present invention (the SeGW does not parse the Sl/Iuh message, and is based on the T1-T2 architecture).
  • the SeGW does not parse the Sl/Iuh message, and is based on the T1-T2 architecture.
  • IPSec tunnel/SA Security Association
  • IKEv2 Internet Key exchange
  • HeNB/HNB and SeGW establish multiple IPSec tunnel/SA pairs, different IPsec tunnel/SA pairs are identified by different SPIs (pairs), and fixed network provides different QoS guarantees according to SPI (pair) .
  • the method includes: establishing one or more IPsec tunnels between the first network element and the SeGW;
  • the SeGW reports the correspondence between the IPsec tunnel information and the IP data flow information in the downlink direction to the fixed network element by using the second network element, and the SeGW or the first network element sends the IPsec tunnel information in the uplink direction by using the second network element.
  • the correspondence information between the IP data stream information is reported to the fixed network element; the QoS control is performed by the fixed network element.
  • the first network element is an HeNB, and the second network element is an HeNB PF; or the first network element is an HNB, and the second network element is an HNB PF.
  • An IPsec tunnel can be established between the first network element and the SeGW in a static or dynamic manner.
  • the core network sends the IP data stream information to the first network element and/or the SeGW, and establishes a correspondence between the IPsec tunnel information and the IP data stream information.
  • the IPsec tunnel information can be SPI or DSCP information
  • the IP data stream information is one or more of the following information: quintuple information, TEID (Tunnel End Point Identifier), RB-ID (radio-mounted identifier), QoS rule, TFT or PF
  • the quintuple information includes information of a source address, a destination address, a source port number, a destination port number, and a protocol number.
  • the correspondence information sent to the fixed network element is correspondence information between the SPI and the QoS rule.
  • the HeNB/HNB subsystem sends the SPI and QoS relationship to the fixed network element.
  • the fixed network element provides a distinction between the transport packets based on different SPIs and their corresponding QoS rules. Level QoS guarantee.
  • the first network element creates an uplink mapping table or a filter according to the RB-ID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and maps or filters the uplink data.
  • the SeGW creates a mapping table or a filter in the downlink direction according to the TEID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SP1, and maps or filters the downlink data.
  • the BPCF provides a hierarchical QoS guarantee for the transmission data, or the BPCF and other fixed network elements, for example BNG/BRAS (Broadband Network Gateway/Broadband Remote Access Server) provides a differentiated QoS guarantee for transmitting data.
  • BNG/BRAS Broadband Network Gateway/Broadband Remote Access Server
  • the SeGW sends the corresponding relationship information by using a notification request message. Sending to the second network element; the second network element sends the corresponding relationship information to the fixed network element by using the S9* interface session message;
  • the SeGW In the step of reporting, by the second network element, the correspondence information between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element by the second network element, the SeGW, by using the notification request message, Corresponding relationship information is sent to the second network element, or the first network element sends the corresponding relationship information to the second network element by using a resource request message or a resource modification request message; the second network element passes the S9* interface.
  • the session message sends the corresponding relationship information to the fixed network element.
  • the S9* interface refers to the modified or enhanced S9 interface.
  • the system for implementing the quality of service control in the embodiment of the present invention includes: a first network element, a second network element, an SeGW, and a fixed network element, which are implemented as described above.
  • each tunnel corresponds to a different QoS rule range, and each tunnel corresponds to the uplink and downlink SA.
  • Each SA corresponds to its respective SPI, corresponding to Figure 3.
  • IPsec channels are arranged according to a certain priority.
  • the data packets are mapped/matched to the IPsec tunnel/SA according to the priority order, and which tunnel is mapped/matched, which one is used. Tunnel transmission.
  • M-1 tunnels correspond to specific QoS or QoS ranges. These M-1 tunnels are called “private tunnels”.
  • An IPsec tunnel has no specific QoS requirements, which is called "default/default tunnel”. After the user data arrives, map/match to the M tunnels one by one, and which tunnel is mapped/matched to which tunnel, if the former M-1 IPsec tunnels are not suitable for transmitting a certain service or the service is fundamental. Without specific QoS requirements, the service can be mapped/matched to the "default/default tunnel" by default.
  • a specific tunnel is selected from M tunnels (in general, the tunnel has the highest priority and QoS requirements) as a “signaling tunnel", and all 3GPP control planes transmitted through the IPsec tunnel. Signaling is transmitted through this particular "signaling tunnel”.
  • the signaling tunnel is prioritized over other tunnels, that is, a signaling tunnel is established after the HeNB/HNB access authentication, and the registration signaling or other information sent to other networks by the subsequent HeNB is transmitted. Control plane signaling service.
  • the establishment of the tunnel can be initiated by the HeNB/HNB or the SeGW.
  • Different IPsec tunnels can be independent IPsec tunnels or multiple IPSec tunnels/sub-SAs (CMd-SAs) belonging to the same family.
  • the HeNB/HNB/SeGW determines according to the relevant rules.
  • This QoS requires the establishment/modification/deletion of a proprietary SA/IPsec tunnel to guarantee QoS. That is, the solution differs from (1) in that it is not the HeNB that establishes multiple IPsec tunnels with different QoS when powering up, but decides to create a new IPSec tunnel when there is a specific QoS requirement for the service. See Figure 4.
  • each IPsec tunnel corresponds to a different QoS range, for each IPsec tunnel.
  • SAs correspond to their respective SPIs.
  • a "default/default tunnel" can be established when the HeNB/HNB is powered on.
  • the tunnel serves the BE service or when all proprietary IPsec tunnels cannot be mapped/matched.
  • a specific tunnel can be established when the HeNB/HNB is powered on (generally, the tunnel has the highest priority and QoS requirements) as a “signaling tunnel", all transmitted through the IPsec channel. 3GPP control plane signaling is transmitted over this particular "signaling tunnel”.
  • the signaling tunnel is prioritized over other tunnels, that is, a signaling tunnel is established after the HeNB/HNB access authentication, and the registration signaling for the subsequent HeNB/HNB to other networks is transmitted. Or other control plane signaling services.
  • the establishment of the tunnel can be initiated by the HeNB/HNB or SeGW.
  • Different IPsec tunnels can be independent IPsec tunnels or multiple IPSec tunnels/child SAs belonging to the same family.
  • the HeNB/HNB acts as an endpoint of the IPsec tunnel and stores an upstream data mapping table/filter.
  • the mapping table/filter is used to map/match the data packet (uplink) to the appropriate IPsec tunnel.
  • the structure of the filter is shown in Figure 5.
  • the radio bearer there is a one-to-one or many-to-one relationship between the radio bearer and the QoS range, and the QoS range has a one-to-one relationship with the uplink SA (SPI) of the IPsec tunnel.
  • SPI uplink SA
  • the radio bearer and QoS range, as well as the radio bearer and uplink SA/SPI are not necessarily the corresponding relationship. It is possible that multiple RB-IDs correspond to the same SPI (as shown in Figure 5), or vice versa. This depends on the granularity of the QoS of the radio bearer and the QoS of the IPsec tunnel. But the QoS scope and SPI are - the corresponding relationship.
  • SeGW is the same.
  • the SeGW stores a downlink data mapping table/filter, which is used to map/match the data packet (downlink) to the appropriate IPsec tunnel.
  • the structure of the mapping table/filter is as shown in FIG. 6.
  • a one-to-one or many-to-one relationship between the identifier TEID and the SPI carried by the Sl/Iuh is established.
  • the mapping table/filter may have another structure (referred to herein as structure 2), which is different from the RB-ID or TEID described above and establishes a one-to-one or one-to-one correspondence relationship with the SPI (the above structure is called structure one). ), but the quintuple of the data packet (source address, destination address, source port number, destination port number, protocol number of the data packet) establishes a one-to-one or many-to-one correspondence with the SPI. As shown in Figure 7.
  • the mapping table/filter of the structure 2 can be used on the SeGW or the HeNB/HNB, but the corresponding QoS range, SPI, and quintuple are downlink and uplink respectively.
  • the terminal accesses the EPS/UMTS, or establishes a PDN connection, or initiates a dedicated bearer setup, or initiates a dedicated bearer setup on the network side.
  • the final operation is attributed to the network element MME of the EPS/UMTS network.
  • the SGSN sends a message on the S1/Iuh interface to the HeNB/HNB (for example: initial context setup request/attach accept/bearer setup request/PDN connection accept), and the message carries the bearer QoS (except the default bearer) rule (also May include quintuple information).
  • the HeNB/HNB determines to modify/create/delete a radio bearer (RB) according to the carried QoS, that is, there is a correspondence between the QoS and the radio bearer.
  • the HeNB/HNB finds the "QoS range" corresponding to the corresponding IPSec tunnel according to the QoS, so that the correspondence between the QoS and the SA identifier SPI of the IPSec tunnel is established.
  • the identity of the radio bearer, the QoS of the bearer, and the SPI establish a correspondence.
  • This corresponding relationship is the mapping table/filter of the bearer.
  • different bearers have different bearer mapping tables/filters, and different mapping tables/filters on different terminals are also different.
  • the SeGW acquires the QoS of the bearer after intercepting the message on the Sl/Iuh interface (for example: initial context setup request/attach accept/bearer setup request/PDN connection acceptance) (except the default bearer)
  • Rules and bearers identify TEID (or quintuple information).
  • the SeGW finds the corresponding QoS scope of the IPSec tunnel. This establishes the correspondence between the QoS and the downlink SA identifier SPI of the IPSec tunnel. Thereby, the correspondence between the TEID, the bearer QoS and the SPI is established, and the corresponding relationship is the mapping table/filter of the bearer.
  • the SeGW does not intercept the Sl/Iuh message, the downlink mapping table/filter may be trusted by other network elements, such as HeNB/HNB PF or HeNB/HNB.
  • mapping table/filter on the HeNB/HNB can also be commissioned by other network elements, such as SeGW, HeNB/HNB PF, and so on.
  • the specific operation depends on the specific implementation, which will be introduced in the following process examples.
  • the Sl/Iuh message (eg: initial context setup request/attach accept/bearer setup request/PDN connection accept) message carries the quintuple information and QoS of the service data packet. information. Therefore, both the SeGW and the HeNB can establish a correspondence between quintuple, QoS, and SPI, and the correspondence can be used as a filter for the bearer.
  • the mapping table/filter on the HeNB/HNB/SeGW is: the identifier/TEID of the radio bearer, the QoS of the bearer, and the correspondence between the SPI. Therefore, after the HeNB/HNB obtains the uplink data from the radio bearer, the IPsec tunnel can be found according to the RB-ID of the radio bearer of the data packet, and the data packet is mapped/matched into the appropriate IPSec tunnel. After obtaining the downlink data from the Sl/Iuh bearer, the SeGW can find the IPsec tunnel according to the TEID carried by the Sl/Iuh of the data packet, and map/match the data packet to the appropriate IPSec tunnel.
  • Another form of the corresponding filter when the HeNB/HNB/SeGW receives the uplink/downlink data packet, finds the corresponding SPI according to the quintuple of the data packet, and matches the data packet to the appropriate IPSec tunnel.
  • the HeNB/HNB/SeGW is used to locally map/filter the data packets, and the QoS and SPI correspondences need to be reported to the fixed network through the HeNB/HNB PF, so that the fixed network learns the SPI and the SPI.
  • the QoS relationship can guarantee the QoS of data packets transmitted in different IPSec tunnels.
  • the HeNB/HNB When the HeNB/HNB reports the "Relationship between SPI and QoS" to the fixed network through the HeNB/HNB PF, the HeNB HNB first reports the "correspondence" to the HeNB through the "Resource Request/Modify Request/Release Request” message of the T2 interface. /HNB PF, the HeNB/HNB PF reports the S9* interface session message to the BPCF of the fixed network, and the other network elements of the BPCF and the fixed network are executed according to the corresponding relationship. Lines distinguish between different levels of QoS control.
  • the PF is an intermediate network element of the HeNB/HNB and the SeGW interworking mapping relationship/filter and IP data flow information, in addition to the intermediate network element that reports the QoS and SPI correspondence to the fixed network. , embodied in the subsequent process.
  • the IPsec tunnel information refers to identification information identifying the IPsec tunnel/SA, such as: SPI. It can also be other information that uniquely identifies an IPSec tunnel, such as DSCP (Differential Services Code Point).
  • SPI is generally only mentioned as IPsec tunnel information, but the possibility of using other tunnel information such as DSCP is not excluded. That is to say, it can be equivalently replaced with other tunnel information such as DSCP, and the scheme can also be operated, which is also the content of the present invention.
  • the IP data stream information is identification information, policy information, and the like that can describe an IP data stream, including but not limited to one or more of the following information: a quintuple (source address, destination address, source port number, destination port) No., protocol number), TEID, QoS rules, TFT/PF, etc.
  • IPsec tunnel information The correspondence between IPsec tunnel information and IP data stream information is any kind of IPsec tunnel information.
  • Embodiment 1 The SeGW parses the Sl/Iuh interface message, based on the T1T2 architecture (Fig. 8).
  • Step 801 The UE initiates an attach/PDN connection establishment operation, and the related processing of the wireless side and the core network. This is a prior art.
  • Step 802 After the terminal accesses the EPS/UMTS through the HeNB/HNB, whether it is attached or not, PDN connection establishment, terminal initiated or private bearer setup initiated by the network side, and finally the corresponding message is sent by the network side to the HeNB/HNB, which is the GTP (GPRS Tunnel Protocol) of the Sl/Iuh interface.
  • Control signaling as shown in the message: Initial context setup request/attach accept/bearer setup request/PDN connection accept.
  • the message carries the QoS rules corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple, and the like, that is, the IP data stream information.
  • the signaling of the Sl/Iuh interface is intercepted by the SeGW when the SeGW passes through the SeGW, and the IP data stream information in the signaling is obtained, and then the Sl/Iuh message is sent to the HeNB/HNB.
  • Step 803 The SeGW obtains the IP data flow information from the GTP message, and determines to create a new SA (dynamic scheme) or select the SA (dynamic or static scheme) according to the relevant policy.
  • the SeGW sends a "Create Sub-AS Request" to the HeNB/HNB of the IKEv2 message, and carries the SPI of the downlink SA selected by the SeGW in the message.
  • the SeGW obtains QoS rules, TEIDs, and/or quintuple information from the GTP messages of the Sl/Iuh interface.
  • the SeGW determines whether the received QoS rules need to be newly created or existing SAs according to the information configured by the SeGW. The requirements of this QoS rule.
  • the SPI of the newly created or selected SA can be associated with the QoS rule.
  • the QoS rule and the TEID have a corresponding relationship, so the TEID and the SPI establish a correspondence, or a mapping (MAPPING) relationship. , see Figure 6.
  • the mapping table/filter generated on the SeGW is used to filter/map downstream packets, called downlink (DL) mapping/filters.
  • DL downlink
  • Step 804 The SeGW sends a "Create Sub-SA Request" to the HeNB/HNB, and carries the SPI of the downlink SA selected by the SeGW in the message; after receiving the request, the HeNB/HNB selects the SPI of the uplink SA, and "creates” The child SA responds with a "message sent to SeGW.
  • Step 805 The HeNB/HNB receives the Sl/Iuh message and obtains the QoS rule, TEID, and/or quintuple information.
  • the HeNB/HNB can determine, according to the QoS rule, which radio bearer the GTP bearer corresponds to, That is, the corresponding relationship is established with the radio bearer identifier RB-ID (prior art); the information configured by the HeNB/HNB itself determines whether the received QoS rule needs to create a new SA or an existing SA to satisfy the requirement of the QoS rule. .
  • the SPI of the newly created or selected SA can be associated with the QoS rule; thus, the RB-ID and the SPI establish a correspondence (mapping relationship/mapping table) through the QoS rule, as shown in FIG. 5.
  • the mapping table/filter generated on the HeNB/HNB is used to filter/map the upstream packets, called the uplink (UL) mapping/filter.
  • the SeGW may also be a HeNB/HNB, and the uplink and downlink SAs established by a pair of IKEv2 messages may not necessarily serve the uplink and downlink data streams on the same bearer.
  • the SeGW or the HeNB/HNB After the SeGW or the HeNB/HNB discovers the newly received QoS rule, it first checks whether there is an SA that is not associated with the QoS in the existing SA. If yes, it establishes an association with the SA; if not, it initiates Newly built and associated with it;
  • the above mentioned may have "SAs not associated with QoS". This can happen in several scenarios: 1) Because the IKEv2 messages are sent in pairs (request + response), the requester chooses SPI (corresponding A SA can establish the correspondence between SPI and QoS; however, the responder does not know what QoS the SA corresponding to the selected SPI should be associated with, so there is an SA that is not associated with QoS. When the receiver receives the QoS, it can establish the association between the QoS and the "unavailable SA”. 2) The EPS/UMTS core network may send a request to release the bearer in addition to the new bearer request. Therefore, after a bearer is released, the SA may be idle (no binding relationship with QoS).
  • Step 806 The HeNB/HNB forwards the "SPI and QoS correspondence" to the HeNB/HNB PF through the "resource request/modification request" message of the T2 interface.
  • the HeNB/HNB PF replies with a response message to the HeNB/HNB;
  • the SeGW reports the uplink "SPI and QoS correspondence" to the HeNB/HNB PF through the "Notification Request" message of the T1 interface.
  • the HeNB/HNB PF replies with a response message to the SeGW;
  • the HeNB/HNB PF associates the corresponding relationship reported by the two sessions.
  • the T1 session and the T2 session can be associated with each other. Therefore, according to the association relationship of the session, the reported upper and lower levels can be reported.
  • the line "SPI and QoS correspondence" is associated with and reported to the fixed network BPCF through the S9* interface.
  • the BPCF or BPCF entrusts other fixed network elements to guarantee QoS for the data packets transmitted in different IPsec tunnels.
  • step S806 If it is a static SA establishment scenario, you can use the "SPI and QoS correspondence" in step S806. You can also use an optimization method, that is, the correspondence between the SPI and QoS rules can be established initially. When all SAs are completed, they are reported to the HeNB/HNB PF.
  • Step 808 The HeNB/HNB responds to the EPS core network with the GTP message of the Sl/Iuh interface.
  • Embodiment 2 SeGW parsing Sl/Iuh message, based on T1T3 architecture (Fig. 9)
  • Step 901 The UE initiates an attach/PDN connection establishment operation, and the related processing of the wireless side and the core network, which is a prior art.
  • Step 902 After the terminal accesses the EPC/UMTS through the HeNB/HNB, whether it is an attachment, a PDN connection establishment, a terminal initiated, or a dedicated bearer initiated by the network side, the network side sends a corresponding message to the HeNB/ HNB, this message is the GTP control signaling of the Sl/Iuh interface. That is, the message shown in the figure: initial context establishment request/attach acceptance/bearer establishment request/PDN connection acceptance, for example, the message carries the QoS rule corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple And other information, that is, IP data stream information.
  • initial context establishment request/attach acceptance/bearer establishment request/PDN connection acceptance for example, the message carries the QoS rule corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple And other information, that is, IP data stream information.
  • the GTP signaling of the Sl/Iuh interface is intercepted by the SeGW when the SeGW is passed, and the IP data stream information in the signaling is obtained, and then the Sl/Iuh message is sent to the HeNB/HNB.
  • Step 903 The SeGW obtains the IP data flow information from the GTP message, and determines to create a new SA (dynamic scheme) or select the SA (dynamic or static scheme) according to the relevant policy.
  • the SeGW sends a "Create Sub-AS Request" to the HeNB/HNB of the IKEv2 message, and carries the SPI of the downlink SA selected by the SeGW in the message.
  • the SeGW obtains QoS rules, TEIDs, and/or quintuple information from the GTP messages of the Sl/Iuh interface.
  • the SeGW determines whether the received QoS rules need to be newly created or existing SAs according to the information configured by the SeGW. The requirements of this QoS rule. This new or selected SA
  • the SPI can be associated with the QoS rules.
  • the QoS rule and the TEID have a corresponding relationship. Therefore, the TEID and the SPI establish a correspondence, or a mapping (MAPPING) relationship, as shown in FIG. 6.
  • the mapping table/filter generated on the SeGW is used to filter/map the downstream packets, which is called the downlink (DL) mapping table/filter.
  • Step 904 The SeGW sends a "Create Sub-SA Request" to the HeNB/HNB, and carries the SPI of the downlink SA selected by the SeGW in the message; after receiving the request, the HeNB/HNB selects the SPI of the uplink SA, and "creates” The child SA responds with a "message sent to SeGW.
  • Step 905 The SeGW sends the Sl/Iuh message intercepted in step 902 to the HeNB/HNB in the newly created or selected SA.
  • the Sl/Iuh message does not necessarily pass through the newly created or selected SA, but carries the newly created or selected SA SPI in the Sl/Iuh message.
  • Step 906 The HeNB/HNB can determine the SA according to the SA from which the Sl/Iuh message is sent.
  • the HeNB/HNB can determine the correspondence between the IP flow information and the SA on the bearer to be established by the Sl/Iuh message according to the SPI carried in the Sl/Iuh message.
  • the HeNB/HNB Based on the above relationship, the HeNB/HNB generates an uplink data MAPPING table using the same mechanism as the S805.
  • Step 907 Because the SeGW acquires the Sl/Iuh message content in step 902, and establishes the SA in step 904, and obtains the corresponding SPI, the SeGW generates a downlink MAPPING table;
  • Step 908 the SeGW may simultaneously generate the correspondence between the uplink and downlink QoS rules and the SPI, and send the HeNB/HNB PF through the notification request message.
  • the SeGW reports the uplink and downlink "SPI and QoS correspondence" to the HeNB/HNB PF through the "Notification Request" message of the T1 interface.
  • the HeNB/HNB PF replies with a response message to the SeGW;
  • the HeNB/HNB PF reports to the fixed network BPCF through the S9* interface, and the BPCF or BPCF entrusts other fixed network elements to guarantee QoS for transmitting data packets in different IPsec tunnels. Note: If the scene is statically established, you can use the corresponding relationship in step S908. You can also use an optimization method. That is, the correspondence between the SPI and the QoS rule can be used when all SAs are initially established. Just go to the PF.
  • Step 909 The HeNB/HNB responds to the EPS core network with the GTP message of the Sl/Iuh interface.
  • Embodiment 3 The SeGW does not parse the Sl/Iuh message, based on the T1T2 architecture (Fig. 10).
  • Step 1001 The UE initiates an attach/PDN connection establishment operation, and the related processing of the wireless side and the core network. This is a prior art.
  • Step 1002 After the terminal accesses the EPS/UMTS through the HeNB/HNB, whether it is an attachment, a PDN connection establishment, a terminal initiated, or a dedicated bearer initiated by the network side, the corresponding message is sent by the network side to the HeNB/ HNB, this message is the GTP control signaling of the Sl/Iuh interface. That is, the message shown in the figure: initial context establishment request/attach acceptance/bearer establishment request/PDN connection acceptance, for example, the message carries the QoS rule corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple And other information, that is, IP data stream information.
  • initial context establishment request/attach acceptance/bearer establishment request/PDN connection acceptance for example, the message carries the QoS rule corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple And other information, that is, IP data stream information.
  • Step 1003 The HeNB/HNB obtains related information according to the GTP message, and determines to create a new SA (dynamic scheme) or select an SA (dynamic or static scheme) according to the related policy.
  • the HeNB/HNB sends a "Create Sub SA Request" of the IKEv2 message to the SeGW, and carries the SPI of the uplink SA selected by the HeNB/HNB in the message.
  • the HeNB/HNB obtains the QoS rule, the TEID, and/or the quintuple information from the GTP message of the Sl/Iuh interface, and the HeNB HNB can determine, according to the QoS rule, which radio bearer the GTP bearer corresponds to, that is, the radio bearer identifier RB.
  • -ID establishes the correspondence (prior art); the information configured by the HeNB/HNB itself determines whether the received QoS rule needs to create a new SA or an existing SA to satisfy the requirements of the QoS rule.
  • the SPI of the newly created or selected SA can be associated with the QoS rule; thus, the RB-ID and the SPI establish a correspondence (map relationship/mapping table) through the QoS rule, as shown in FIG. 5.
  • a mapping table/filter generated on the HeNB/HNB is used to filter/map uplink data packets, called Uplink (UL) mapping table/filter.
  • Step 1004 The HeNB/HNB sends a "Create Sub-SA Request" to the SeGW, and carries the SPI of the uplink SA selected by the HeNB/HNB in the message; after receiving the request, the SeGW selects the SPI of the downlink SA, and "creates” The sub-SA responds with a "message sent to the HeNB/HNB.
  • Step 1005 The HeNB/HNB reports the uplink SPI and the HeNB/HNB PF through the T1 interface.
  • Step 1006 The HeNB/HNB PF sends a downlink QoS rule to the SeGW.
  • Step 1007 The SeGW selects an SA according to the downlink QoS rule, and establishes a correspondence between SPI and QoS, that is, a correspondence between the downlink SPI and the QoS.
  • Step 1008 The SeGW sends a downlink SPI and QoS correspondence to the He B/HNBPF through the T2 interface.
  • the HeNB/HNB PF associates the correspondence between the uplink and downlink SPI and the QoS obtained in steps 1008 and 1005, and associates the corresponding relationship reported by the two sessions (prior art, the same as FIG. 8), and reports to the fixed network through the S9* interface.
  • BPCF, the BPCF or BPCF entrusts other fixed network elements to guarantee QoS for transmitting data packets in different IPsec tunnels.
  • Step 1009 The HeNB/HNB responds to the EPS core network with the GTP message of the Sl/Iuh interface.
  • Embodiment 4 The SeGW does not parse the Sl/Iuh message, and is based on the T1T2 architecture (FIG. 11).
  • Step 1101 The UE initiates an attach/PDN connection establishment operation, and the related processing of the wireless side and the core network. This is a prior art.
  • Step 1102 After the terminal accesses the EPS/UMTS through the HeNB/HNB, whether it is an attachment, a PDN connection establishment, a terminal initiated, or a dedicated bearer initiated by the network side, the network side sends a corresponding message to the HeNB/ HNB, this message is the GTP control signaling of the Sl/Iuh interface. That is, the message shown in the figure: initial context establishment request/attach acceptance/bearer establishment request/PDN connection acceptance, for example, the message carries the QoS rule corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple And other information, that is, IP data stream information.
  • initial context establishment request/attach acceptance/bearer establishment request/PDN connection acceptance for example, the message carries the QoS rule corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple And other information, that is, IP data stream information.
  • Step 1103 The HeNB/HNB obtains related information according to the GTP message, and determines to create a new SA (dynamic scheme) or select an SA (dynamic or static scheme) according to the relevant policy. If a new SA is created, the HeNB/HNB sends a "Create Sub-SA Request" of the IKEv2 message to the SeGW, and carries the SPI of the uplink SA selected by the HeNB/HNB in the message.
  • SA dynamic scheme
  • SA dynamic or static scheme
  • the HeNB/HNB obtains the QoS rule, the TEID, and/or the quintuple information from the GTP message of the Sl/Iuh interface, and the HeNB HNB can determine, according to the QoS rule, which radio bearer the GTP bearer corresponds to, that is, the radio bearer identifier RB.
  • -ID establishes the correspondence (prior art); the information configured by the HeNB/HNB itself determines whether the received QoS rule needs to create a new SA or an existing SA to satisfy the requirements of the QoS rule.
  • the SPI of the newly created or selected SA can be associated with the QoS rule; thus, the RB-ID and the SPI establish a correspondence (map relationship/mapping table) through the QoS rule, as shown in FIG. 5.
  • Step 1104 The HeNB/HNB sends a "Create Sub-SA Request" to the SeGW, and carries the SPI of the uplink SA selected by the HeNB/HNB in the message; after receiving the request, the SeGW selects the SPI of the downlink SA, and "creates” The sub-SA responds with a "message sent to the HeNB/HNB.
  • Step 1105 After step 1104, the HeNB/HNB can acquire the SPI of the downlink SA, and the HeNB/HNB acquires the downlink QoS rule, and the HeNB/HNB can generate the correspondence between the downlink QoS and the SPI.
  • the HeNB/HNB reports the correspondence between the uplink and downlink SPI and QoS to the HeNB/HNB PF through the T1 interface.
  • the HeNB/HNB PF reports the correspondence between the uplink and downlink SPI and QoS obtained in step 1105, and reports it to the fixed network BPCF through the S9* interface.
  • the BPCF or BPCF entrusts other fixed network elements to ensure the data packets in different IPsec tunnels. QoS.
  • Step 1106 The He B/HNBPF sends a corresponding relationship between the downlink QoS rule and the SPI to the SeGW.
  • Step 1107 The SeGW establishes a downlink MAPPING table or a filter according to the downlink QoS rule.
  • Embodiment 5 is a diagrammatic representation of Embodiment 5:
  • the uplink/downlink mapping table/filter, the SPI and QoS correspondence are generated by the HeNB/HNB and the SeGW respectively, or the HeNB/HNB respectively generate the uplink and downlink, and the PF mediation is advertised. Give the peer SeGW.
  • the corresponding relationship between the SPI and the QoS is reported by the HeNB/HNB and the SeGW to the PF and finally to the fixed network (T1T2 architecture), or reported by the SeGW to the PF and finally to the fixed network (T1T3 architecture).
  • T1T2 architecture fixed network
  • T1T3 architecture the fixed network
  • the SeGW and the HeNB/HNB can respectively generate respective mapping tables/filters and "correspondence between SPI and QoS", and the HeNB/HNB will respond to the uplink "SPI and QoS".
  • the relationship is sent to the SeGW through the extended IKEv2 message, and is reported by the SeGW to the PF through the T1 interface to the fixed network.
  • the HeNB/HNB can acquire the content of the Sl/Iuh message and send it to the SeGW through the extended IKEv2 message for the SeGW to generate the downlink mapping/filter and downlink SPI and QoS. Correspondence.
  • the SeGW can obtain uplink based on "anti-mapping" uplink data. "Relationship between SPI and QoS”. After the SeGW generates/acquires the uplink "Relationship between SPI and QoS", but cannot advertise the HeNB/HNB, the HeNB/HNB can obtain the uplink "Relationship between SPI and QoS" based on the "anti-mapping" downlink data system. That is to say, SeGW and HeNB/HNB can negotiate the correspondence between SPI and QoS through the demapping mechanism.
  • the demapping refers to: after the SeGW or the HeNB/HNB receives the data packet of the opposite end (HeNB/HNB or SeGW), the SPI of the IPSec header encapsulated by the data packet is used to search for the SPI generated by the pair.
  • the reverse SPI the QoS rule, TEID, quintuple and other information corresponding to the data packet are reversed: Up/down QoS/TEID is mapped to lower/uplink QoS/TEID, source in quintuple information/ Destination address/port number exchange.
  • After finding the SPI and the reverse processed QoS Rules, TEID, quintuple and other information are associated.
  • the above is the anti-mapping mechanism. By doing so, it is possible to generate a "mapping table/filter" and "correspond relationship between SPI and QoS" of the peer.
  • each module/unit in the foregoing embodiment may be implemented in the form of hardware, or may use software functions.
  • the form of the module is implemented. The invention is not limited to any specific form of combination of hardware and software.
  • the embodiments of the present invention can ensure that the QoS is differentiated for different services when the terminal accesses from the He B/HNB, and the services with high QoS requirements are prioritized to meet the QoS requirements and improve the user experience.

Abstract

A method and a system for realizing service quality control. The method includes that a secure gateway (SeGW) reports the corresponding relation information between internet protocol security (IPSec) tunnel information and IP data stream information in the downlink direction to a fixed network element through a second network element, the SeGW or a first network element reports a corresponding relation information between the IPSec tunnel information and the IP data stream information in the uplink direction to the fixed network element through the second network element, and the fixed network element performs service quality (QoS) control, wherein, the first network element is a Home evolved Node B (HeNB), and the second network element is a Home evolved Node B Policy Function (HeNB PF); or the first network element is a Home Node B (HNB), and the second network element is a Hone Node B Policy Function (HNB PF). The invention meets the QoS demand of the service with high QoS demand prior to others, and improves user experience.

Description

一种实现服务质量控制的方法和系统  Method and system for realizing service quality control
技术领域 Technical field
本发明涉及无线通信领域, 尤其涉及一种实现服务质量 (Quality of Service , QoS )控制的方法和系统。 背景技术  The present invention relates to the field of wireless communications, and in particular, to a method and system for implementing Quality of Service (QoS) control. Background technique
第三代合作伙伴计划 (3rd Generation Partnership Project, 3GPP ) 的演进 的分组系统(Evolved Packet System, EPS ) 由演进的通用地面无线接入网 ( Evolved Universal Terrestrial Radio Access Network , E-UTRAN )、移动管理 单元 ( Mobility Management Entity, MME ) 、 服务网关 ( Serving Gateway, S-GW ) 、 分组数据网络网关(Packet Data Network Gateway, P-GW )、 归属 用户服务器( Home Subscriber Server, HSS )组成。  The Evolved Packet System (EPS) of the 3rd Generation Partnership Project (3GPP) is evolved by Evolved Universal Terrestrial Radio Access Network (E-UTRAN), mobile management. A component (Mobility Management Entity, MME), a Serving Gateway (S-GW), a Packet Data Network Gateway (P-GW), and a Home Subscriber Server (HSS).
图 1 是根据相关技术的非漫游场景下的演进家庭基站 (Home evolved NodeB, HeNB )接入 EPS的架构示意图, 如图 1所示, MME与 EUTRAN、 S-GW和家庭基站网关(HeNB GW )相连接, 负责移动性管理、 非接入层信 令的处理和用户移动管理上下文的管理等控制面的相关工作; S-GW是与 E-UTRAN相连的接入网关设备 , 在 E-UTRAN和 P-GW之间转发数据 , 并且 负责对寻呼等待数据进行緩存; P-GW则是 EPS与分组数据网络( Packet Data Network, PDN )网络的边界网关, 负责 PDN的接入及在 EPS与 PDN间转发 数据等功能。  FIG. 1 is a schematic diagram of an architecture of a Home evolved NodeB (HeNB) accessing an EPS in a non-roaming scenario according to the related art. As shown in FIG. 1, the MME and the EUTRAN, the S-GW, and the Home Base Station Gateway (HeNB GW) Connected, responsible for control planes such as mobility management, non-access stratum signaling processing, and user mobility management context management; S-GW is an access gateway device connected to E-UTRAN, in E-UTRAN and The P-GW forwards data and is responsible for buffering the paging waiting data. The P-GW is the border gateway of the EPS and Packet Data Network (PDN) network, which is responsible for PDN access and EPS and PDN. Transfer data and other functions.
如果 EPS系统支持策略计费控制 (Policy and Charging Control, PCC ) , 则策略和计费规则功能( Policy and Charging Rules Function, PCRF )进行策 略和计费规则的制定, 它通过接口 Rx和运营商网络协议( Internet Protocol , IP )业务网络中的应用功能( Application Function , AF )相连, 获取业务信息, 用于生成 PCC策略的业务信息。当 S-GW与 P-GW之间的 S5接口釆用 GPRS 隧道协议( GPRS tunnel Protocol , GTP )协议时, P-GW中驻留了策略和计费 执行功能( Policy and Charging Enforcement Function, PCEF ) , PCRF与 P-GW 间通过 Gx接口交换信息, 负责发起承载的建立、修改和释放, 保证业务数据 的服务质量(Quality of Service, QoS ) , 并进行计费控制。 当 S-GW与 P-GW 的 S5接口釆用代理移动 IP ( Proxy Mobile IP, PMIP )时, S-GW中驻留承载 绑定和事件报告功能(Bearer Binding and Event Report Function, BBERF ) , 并且 S-GW与 PCRF之间通过 Gxc接口交换信息,由 BBERF负责发起承载的 建立、 修改和释放, 保证业务数据的服务质量, 由 PCEF进行计费控制。 If the EPS system supports Policy and Charging Control (PCC), the Policy and Charging Rules Function (PCRF) performs policy and charging rules. It passes the interface Rx and the carrier network. The application function (AF) of the protocol (Internet Protocol, IP) service network is connected to obtain service information, which is used to generate service information of the PCC policy. When the S5 interface between the S-GW and the P-GW uses the GPRS Tunneling Protocol (GTP) protocol, the Policy and Charging Enforcement Function (PCEF) resides in the P-GW. The PCRF exchanges information with the P-GW through the Gx interface, and is responsible for initiating the establishment, modification, and release of bearers to ensure service data. Quality of Service (QoS), and charge control. When the S5 interface of the S-GW and the P-GW uses the Proxy Mobile IP (PMIP), the S-GW hosts the Bearer Binding and Event Report Function (BBERF), and The S-GW exchanges information with the PCRF through the Gxc interface. The BBERF is responsible for initiating the establishment, modification, and release of the bearer to ensure the service quality of the service data. The PCEF performs charging control.
现有的 EPS系统中, P-GW (或者其他网元, 如 S-GW )具有承载绑定功 能, 在进行承载绑定时, 是用数据包的五元组(源地址、 目的地址、 源端口 号、 目的端口号、 协议号 ) 向 TFT ( Traffic Flow Template, 业务流模板) 匹 配, 组成 TFT的 PF ( acket Filter, 数据包过滤器)与不同的承载建立了对应 关系。 当数据包的五元组和某个 PF匹配时, 则该数据包被放到对应的承载上 传输。  In the existing EPS system, the P-GW (or other network element, such as the S-GW) has a bearer binding function. When the bearer binding is performed, the quintuple of the data packet (source address, destination address, source) is used. The port number, the destination port number, and the protocol number are matched to the TFT (traffic flow template), and the PF (a packet filter) that forms the TFT is associated with different bearers. When the quintuple of the data packet matches a certain PF, the data packet is transmitted to the corresponding bearer.
EPS支持 HeNB的接入, HeNB是一种小型、 低功率的基站, 部署在家 庭、 办公室及企业大楼等室内场所。 闭合用户组( Closed Subscriber Group, CSG )是引入家庭基站后提出的概念。 通常一个家庭或者一个企业内部的用 户组成一个闭合用户组, 这个闭合用户组用 CSG ID进行标识。 为这个闭合 用户组内用户服务的家庭基站具有相同的 CSG ID。当一个闭合用户组只由一 个家庭基站服务时,该闭合用户组也可以直接釆用家庭基站标识(例如 BS ID ) 来进行标识。 根据家庭基站管理者的意愿, CSG用户和 /或非 CSG用户可以 区分不同的等级, 优先级不同则其享受的业务优先级, 享受服务质量和业务 类别都可以不同。 用户通过与运营商签约可以接入到多个闭合用户组所对应 的家庭基站, 例如, 用户的办公场所、 家庭等。 因此引入了允许闭合用户组 列表的概念。 这个列表保存在用户的终端和网络侧的用户数据服务器中。  The EPS supports the access of the HeNB, which is a small, low-power base station deployed in indoor places such as homes, offices, and corporate buildings. The Closed Subscriber Group (CSG) is a concept introduced after the introduction of a home base station. Usually a household or an enterprise internal user forms a closed user group, which is identified by a CSG ID. The home base station serving the users in this closed subscriber group has the same CSG ID. When a closed subscriber group is served by only one home base station, the closed subscriber group can also directly identify the home base station identity (e.g., BS ID). According to the wishes of the home base station manager, CSG users and/or non-CSG users can distinguish different levels, and the priority of the service is different, and the service quality and service category can be different. By signing with the operator, the user can access the home base station corresponding to multiple closed user groups, for example, the user's office, home, and the like. The concept of allowing a closed user group list to be introduced is therefore introduced. This list is stored in the user's terminal and the user data server on the network side.
家庭基站的使用模式分为三种: 闭合模式、 混合模式和开放模式。 当家 庭基站是闭合模式的时候,只有该家庭基站所属 CSG签约用户可以接入该基 站并享受基站提供的业务; 当家庭基站是开放模式的时候, 任何运营商签约 用户都可以接入该基站, 此时的家庭基站等同于宏基站使用; 当家庭基站是 混合模式的时候, 同样允许任何运营商签约用户或者漫游用户接入使用, 但 是要根据用户是否签约 CSG的信息区分不同的级别, 也就是说签约该 CSG 的用户在使用混合型家庭基站的时候具有更高的业务优先级, 享受更好的服 务质量和业务类别。 There are three usage modes for home base stations: closed mode, mixed mode, and open mode. When the home base station is in the closed mode, only the CSG subscription user to which the home base station belongs can access the base station and enjoy the service provided by the base station; when the home base station is in the open mode, any operator subscription user can access the base station. The home base station at this time is equivalent to the macro base station; when the home base station is in the hybrid mode, it also allows any operator to sign up the user or the roaming user to access the use, but according to whether the user subscribes to the CSG information to distinguish different levels, that is, Said that users who sign up for the CSG have higher business priorities when using hybrid home base stations, and enjoy better service. Quality and business category.
HeNB通常通过租用的固网线路接入 EPS的核心网 (如图 1所示 ) , 为 了保障接入的安全, 核心网中引入安全网关(Security Gateway, SeGW )进 行屏蔽, HeNB与 SeGW之间的数据将釆用因特网协议安全性(IP Security, IPSec )机制进行封装。 HeNB连接到核心网的 MME和 S-GW, 或者通过 HeNB GW(HeNB GW是一个可选网元, 是否釆用基于运营商的网络部署)连 接到 MME和 S-GW, 控制信令或者用户数据中间通过 HeNB与 SeGW之间 的 IPSec隧道。  The HeNB usually accesses the core network of the EPS through the leased fixed network line (as shown in FIG. 1). To ensure the security of the access, a security gateway (SeGW) is introduced in the core network for shielding, and between the HeNB and the SeGW. The data will be encapsulated using the Internet Security (IP Security, IPSec) mechanism. The HeNB is connected to the MME and the S-GW of the core network, or is connected to the MME and the S-GW through the HeNB GW (the HeNB GW is an optional network element, whether or not deployed by the operator-based network), and controls signaling or user data. Intermediate through the IPSec tunnel between the HeNB and the SeGW.
此夕卜 , 通用移动通信系统 ( Universal Mobile Telecommunications System , UMTS )支持家庭基站 HNB ( Home NodeB )的接入。 图 2是根据相关技术的 非漫游场景下的 HNB接入 UMTS的架构示意图, 图 2中的架构与图 1的架 构类似, 不同的是, 使用服务通用分组无线业务支撑节点 (Serving General Packet Radio Service Support Node , SGSN )代替了 MME和 S-GW, 使用网关 通用分组无线业务支持节点 ( Gateway General Packet Radio Service Supporting Node , GGSN )代替了 P-GW。 同样, HNB 又可以通过增强的 SGSN (即 S4-SGSN )接入到 EPC核心网, S4-SGSN与 S-GW之间通过 S4接口连接, 与 HSS通过 S6d/Gr接口连接, S4-SGSN的同能同 HeNB场景下 MME的功 能, 如图 2a。  Furthermore, the Universal Mobile Telecommunications System (UMTS) supports access to the home base station HNB (Home NodeB). 2 is a schematic diagram of an architecture of an HNB accessing UMTS in a non-roaming scenario according to the related art. The architecture in FIG. 2 is similar to the architecture of FIG. 1, except that a Serving General Packet Radio Service is used. The Support Node (SGSN) replaces the MME and the S-GW, and replaces the P-GW with a Gateway General Packet Radio Service Support Node (GGSN). Similarly, the HNB can access the EPC core network through the enhanced SGSN (S4-SGSN), and the S4-SGSN and the S-GW are connected through the S4 interface, and the HSS is connected through the S6d/Gr interface, and the S4-SGSN is the same. The function of the MME in the HeNB scenario is as shown in Figure 2a.
当前的 HeNB/HNB系统中, 引入了 HeNB/HNB PF ( Policy Function , 策 略功能) 网元, 其功能是在 3GPP的 HeNB/HNB系统和固网系统中传递策略 协商的控制信令及对应策略, 以及制定某些策略决策。 当前对 HeNB/HNB PF 自身的功能、 与其他网元的信息交互机制等, 有两种并行的架构方案, 这两 种方案具体描述如下:  In the current HeNB/HNB system, a HeNB/HNB PF (Policy Function) network element is introduced, and its function is to transmit control signaling and corresponding policies of policy negotiation in the 3GPP HeNB/HNB system and the fixed network system. And make certain strategic decisions. Currently, there are two parallel architecture schemes for the functions of the HeNB/HNB PF itself and the information interaction mechanism with other network elements. The two schemes are described as follows:
架构一(图 1图 2中, 当只有 Tl、 T2接口时) : T1-T2方案  Architecture 1 (in Figure 1 and Figure 2, when there are only Tl and T2 interfaces): T1-T2 scheme
该方案中, 在 SeGW和 HeNB/HNB PF间设置了接口 T1 , 在 HeNB/HNB 和 HeNB/HNB PF之间设置了接口 T2。  In this solution, an interface T1 is set between the SeGW and the HeNB/HNB PF, and an interface T2 is set between the HeNB/HNB and the HeNB/HNB PF.
T1接口用于当 HeNB/HNB上电时,向 HeNB/HNB PF及固网传递相关的 HeNB/HNB系统消息, 例如 HeNB/HNB的地址, HeNB/HNB标识等信息, 用 于关联策略会话和定位 HeNB/HNB 在固网中的位置等。 T2 接口用于 HeNB/HNB向 HeNB/HNB PF及固网传递相关的策略协商控制信令及对应策 略, 对 HeNB/HNB上的用户数据实现 QoS控制等。 The T1 interface is used to transmit related HeNB/HNB system messages, such as HeNB/HNB address, HeNB/HNB identifier, etc., to the HeNB/HNB PF and the fixed network when the HeNB/HNB is powered on, for association policy session and positioning. The location of the HeNB/HNB in the fixed network, etc. T2 interface for The HeNB/HNB transmits relevant policy negotiation control signaling and corresponding policies to the HeNB/HNB PF and the fixed network, and implements QoS control on the user data on the HeNB/HNB.
架构二(图 1图 2中, 当只有 Tl、 T3接口时) : T1-T3方案  Architecture 2 (Figure 1, Figure 2, when there are only Tl, T3 interfaces): T1-T3 solution
该方案中, 在 SeGW和 HeNB/HNB PF间设置了接口 T1 , 在 HeNB/HNB GW/MME和 HeNB/HNB PF之间设置了接口 T3。  In this solution, an interface T1 is set between the SeGW and the HeNB/HNB PF, and an interface T3 is set between the HeNB/HNB GW/MME and the HeNB/HNB PF.
T1接口用于当 HeNB/HNB上电时,向 HeNB/HNB PF及固网传递相关的 HeNB/HNB系统消息, 例如 HeNB/HNB的地址, HeNB/HNB标识等信息, 用 于关联策略会话和定位 HeNB/HNB 在固网中的位置等。 T3 接口用于 HeNB/HNB GW/MME向 HeNB/HNB PF及固网传递相关的策略协商控制信令 及对应策略, 对 HeNB/HNB上的用户数据实现 QoS控制等。  The T1 interface is used to transmit related HeNB/HNB system messages, such as HeNB/HNB address, HeNB/HNB identifier, etc., to the HeNB/HNB PF and the fixed network when the HeNB/HNB is powered on, for association policy session and positioning. The location of the HeNB/HNB in the fixed network, etc. The T3 interface is used by the HeNB/HNB GW/MME to transmit related policy negotiation control signaling and corresponding policies to the HeNB/HNB PF and the fixed network, and implement QoS control on the user data on the HeNB/HNB.
当前网络 HeNB/HNB接入的时候,在 QoS控制方面存在如下问题。在用 户通过 HeNB/HNB接入核心网的场景下, 由于 HeNB/HNB接入的固网线路 的 QoS通常是受到 HeNB/HNB的拥有者与固网运营商的签约限制的,用户业 务数据在经过 IPsec隧道封装后再由固网链路传输时,固网能否保证业务数据 的 QoS是完全取决于固网资源状况。当前接入同一个 HeNB/HNB的所有终端 的、 所有 PDN连接的、 所有数据业务(例如语音、 视频等各种不同的数据业 务)都是通过同一个的 IPSec隧道传输的, 这样对不同的业务就无法针对其 特性为其保证其需要的 QoS。 特别是在固网资源不充足的情况下, 如果针对 不同类的业务没有 QoS区分,导致了对 QoS要求高的业务的无法进行甚至失 败。 举例来说: 数据下载等一类 BE ( Best Effort, 尽力而为)业务, 对 QoS 要求不是很高, 而语音等一类业务对 QoS要求非常高, 但是因为没有 QoS区 分机制,资源不足的时候,以上两类业务却获得了同样的带宽(统计上来说), 这样的带宽对数据下载这一类 BE业务来说足够了, 但是这样的带宽可能无 法满足语音等业务的要求,导致语音一类业务的传输质量极差甚至业务失败。 发明内容 When the current network HeNB/HNB is connected, the following problems exist in QoS control. In the scenario where the user accesses the core network through the HeNB/HNB, the QoS of the fixed line of the HeNB/HNB is usually restricted by the signing of the owner of the HeNB/HNB and the fixed network operator, and the user service data is passed. When an IPsec tunnel is encapsulated and transmitted by a fixed network link, whether the fixed network can guarantee the QoS of the service data depends entirely on the condition of the fixed network resource. All data services (such as voice, video, and other data services) that are connected to all PDNs of all the terminals of the same HeNB/HNB are transmitted through the same IPSec tunnel, so that different services are used. It is impossible to guarantee the QoS it needs for its characteristics. Especially in the case where the fixed network resources are insufficient, if there is no QoS distinction for different types of services, the services with high QoS requirements cannot be performed or even failed. For example, a type of BE (Best Effort) service such as data downloading is not very demanding on QoS, and a type of service such as voice has very high QoS requirements, but because there is no QoS differentiation mechanism, when resources are insufficient. The above two types of services have obtained the same bandwidth (statistically speaking). Such bandwidth is sufficient for data downloading such BE services, but such bandwidth may not meet the requirements of voice and other services, resulting in voice. The transmission quality of the service is extremely poor or even the business fails. Summary of the invention
本发明要解决的技术问题提出一种实现 Q 0 S控制的方法和系统, 以实现 针对不同的业务保证相应的 QoS。 The technical problem to be solved by the present invention proposes a method and system for implementing Q 0 S control to realize Guarantee the corresponding QoS for different services.
为了解决上述问题, 本发明提供一种实现服务质量控制的方法, 包括: 安全网关( SeGW )通过第二网元将下行方向的因特网协议安全性( IPsec ) 隧道信息和 IP数据流信息之间的对应关系信息上报给固网网元, SeGW或第 一网元通过第二网元将上行方向的 IPsec隧道信息和 IP数据流信息之间的对 应关系信息上报给固网网元, 由固网网元执行服务质量( QoS )控制;  In order to solve the above problem, the present invention provides a method for implementing quality of service control, comprising: a security gateway (SeGW) passing a downlink network protocol security (IPsec) tunnel information and IP data stream information through a second network element The corresponding relationship information is reported to the fixed network element, and the SeGW or the first network element reports the correspondence between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element through the second network element, and the fixed network element is used by the fixed network. Meta-execution quality of service (QoS) control;
其中, 所述第一网元为演进家庭基站(HeNB ) , 第二网元为演进家庭基 站策略功能(HeNB PF ) ; 或者, 所述第一网元为家庭基站( HNB ) , 第二 网元为家庭基站策略功能(HNB PF ) 。  The first network element is an evolved home base station (HeNB), and the second network element is an evolved home base station policy function (HeNB PF); or the first network element is a home base station (HNB), and the second network element For the Home Base Station Policy Function (HNB PF).
优选地, 上述方法具有以下特点:  Preferably, the above method has the following characteristics:
在 SeGW通过第二网元将下行方向的 IPsec隧道信息和 IP数据流信息之 间的对应关系信息上报给固网网元, SeGW或第一网元通过第二网元将上行 方向的 IPsec隧道信息和 IP数据流信息之间的对应关系信息上报给固网网元 之前, 所述方法还包括:  The information about the correspondence between the IPsec tunnel information and the IP data flow information in the downlink direction is reported to the fixed network element by the second network element, and the SeGW or the first network element sends the IPsec tunnel information in the uplink direction by using the second network element. Before the mapping relationship between the information and the IP data stream information is reported to the fixed network element, the method further includes:
第一网元与 SeGW之间建立一条以上的 IPsec隧道。  More than one IPsec tunnel is established between the first network element and the SeGW.
优选地, 上述方法具有以下特点:  Preferably, the above method has the following characteristics:
第一网元与 SeGW之间釆用静态或者动态的方式, 建立 IPsec隧道。 优选地, 上述方法具有以下特点:  An IPsec tunnel is established between the first network element and the SeGW in a static or dynamic manner. Preferably, the above method has the following characteristics:
在将下行方向和上行方向的对应关系信息上报给固网网元之前, 所述方 法还包括:  Before reporting the correspondence information in the downlink direction and the uplink direction to the fixed network element, the method further includes:
所述第一网元和 /或 SeGW接收到从核心网下发的 IP数据流信息, 建立 IPsec隧道信息和 IP数据流信息之间的对应关系。  The first network element and/or the SeGW receive the IP data flow information sent from the core network, and establish a correspondence between the IPsec tunnel information and the IP data flow information.
优选地, 上述方法具有以下特点:  Preferably, the above method has the following characteristics:
所述 IPsec隧道信息为安全参数索引( SPI )或者差分服务代码点( DSCP ) 信息;  The IPsec tunnel information is a Security Parameter Index (SPI) or a Differentiated Service Code Point (DSCP) information;
所述 IP数据流信息为如下信息中的一种或多种: 五元组信息、 隧道端点 标识 ( TEID ) 、 无线承载标识 ( RB-ID ) 、 QoS规则、 业务流模板 ( TFT ) 或数据包过滤器(PF ) , 其中, 五元组信息包括源地址、 目的地址, 源端口 号、 目的端口号和协议号的信息。 The IP data stream information is one or more of the following information: quintuple information, tunnel endpoint identifier (TEID), radio bearer identifier (RB-ID), QoS rule, service flow template (TFT) Or a packet filter (PF), wherein the quintuple information includes information of a source address, a destination address, a source port number, a destination port number, and a protocol number.
优选地, 上述方法具有以下特点:  Preferably, the above method has the following characteristics:
固网网元接收到的所述对应关系信息为 SPI和 QoS规则之间的对应关系 信息。  The corresponding relationship information received by the fixed network element is the correspondence information between the SPI and the QoS rule.
优选地, 上述方法具有以下特点:  Preferably, the above method has the following characteristics:
所述固网网元执行 QoS控制是指: 固网网元依据不同的 SPI及其对应的 QoS规则, 为传输数据包提供区分等级的 QoS保证。  The QoS control performed by the fixed network element refers to: The fixed network element provides a hierarchical QoS guarantee for transmitting data packets according to different SPIs and their corresponding QoS rules.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述第一网元根据 RB-ID或者五元组信息和 QoS信息, 以及 QoS信息 和 SPI之间的对应关系创建上行方向的映射表或过滤器, 映射或过滤上行数 据;  The first network element creates an uplink mapping table or a filter according to the RB-ID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and maps or filters the uplink data.
所述 SeGW根据 TEID或者五元组信息和 QoS信息, 以及 QoS信息和 SPI之间的对应关系创建下行方向的映射表或过滤器, 映射或过滤下行数据。  The SeGW creates a mapping table or a filter in the downlink direction according to the TEID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and maps or filters the downlink data.
优选地, 上述方法具有以下特点:  Preferably, the above method has the following characteristics:
接收所述 IPsec隧道信息和 IP数据流信息之间的对应关系信息的固网网 元为宽带论坛策略控制功能(BPCF ) , 由所述 BPCF为传输数据提供区分等 级的 QoS保证, 或者所述 BPCF与固网网元宽带网络网关(BNG )或宽带远 程接入服务器(BRAS )为传输数据提供区分等级的 QoS保证。  The fixed network element that receives the correspondence information between the IPsec tunnel information and the IP data flow information is a Broadband Forum Policy Control Function (BPCF), and the BPCF provides a hierarchical QoS guarantee for the transmission data, or the BPCF A fixed-line QoS guarantee is provided for transmission data with a fixed network element broadband network gateway (BNG) or a broadband remote access server (BRAS).
优选地, 上述方法具有以下特点:  Preferably, the above method has the following characteristics:
在 SeGW通过第二网元将下行方向的 IPsec隧道信息和 IP数据流信息之 间的对应关系信息上报给固网网元的步骤中, 所述 SeGW通过通知请求消息 将所述对应关系信息发送给第二网元; 所述第二网元通过 S9*接口会话消息 将所述对应关系信息发送给固网网元;  In the step that the SeGW reports the correspondence information between the IPsec tunnel information and the IP data flow information in the downlink direction to the fixed network element by using the second network element, the SeGW sends the corresponding relationship information to the request information through the notification request message. a second network element; the second network element sends the corresponding relationship information to the fixed network element by using an S9* interface session message;
在 SeGW或第一网元通过第二网元将上行方向的 IPsec隧道信息和 IP数 据流信息之间的对应关系信息上报给固网网元的步骤中, 所述 SeGW通过通 知请求消息将所述对应关系信息发送给第二网元, 或者, 所述第一网元通过 资源请求消息或资源修改请求消息将所述对应关系信息发送给第二网元; 所 述第二网元通过 S9*接口会话消息将所述对应关系信息发送给固网网元。 In the step of reporting, by the second network element, the correspondence information between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element by the second network element, the SeGW, by using the notification request message, Corresponding relationship information is sent to the second network element, or the first network element sends the corresponding relationship information to the second network element by using a resource request message or a resource modification request message; The second network element sends the corresponding relationship information to the fixed network element by using an S9* interface session message.
本发明要解决的技术问题提出一种实现服务质量控制的系统, 包括: 第 一网元、 第二网元、 SeGW和固网网元, 其中,  The technical problem to be solved by the present invention is to provide a system for implementing quality of service control, including: a first network element, a second network element, a SeGW, and a fixed network element, where
所述 SeGW设置为: 通过第二网元将下行方向的 IPsec隧道信息和 IP数 据流信息之间的对应关系信息上报给固网网元;  The SeGW is configured to: report, by the second network element, the correspondence information between the IPsec tunnel information and the IP data flow information in the downlink direction to the fixed network element;
所述 SeGW或第一网元设置为: 通过第二网元将上行方向的 IPsec隧道 信息和 IP数据流信息之间的对应关系信息上报给固网网元;  The SeGW or the first network element is configured to: report the correspondence information between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element by using the second network element;
所述固网网元设置为: 根据下行方向和上行方向的所述对应关系信息, 保证相 IPsec隧道中传输数据的 QoS;  The fixed network element is configured to: ensure the QoS of the data transmitted in the phase IPsec tunnel according to the correspondence information in the downlink direction and the uplink direction;
其中, 所述第一网元为 HeNB, 第二网元为 HeNB PF; 或者, 所述第一 网元为 HNB, 第二网元为 HNB PF。  The first network element is an HeNB, and the second network element is an HeNB PF; or the first network element is an HNB, and the second network element is an HNB PF.
优选地, 上述系统具有以下特点:  Preferably, the above system has the following characteristics:
所述第一网元还设置为: 与 SeGW之间建立一条以上的 IPsec隧道。 优选地, 上述系统具有以下特点:  The first network element is further configured to: establish more than one IPsec tunnel with the SeGW. Preferably, the above system has the following characteristics:
所述 IPsec隧道信息为安全参数索引( SPI )或者差分良务代码点( DSCP ) 信息;  The IPsec tunnel information is a Security Parameter Index (SPI) or a Differential Service Code Point (DSCP) information;
所述 IP数据流信息为如下信息中的一种或多种: 五元组信息、 隧道端点 标识 ( TEID ) 、 无线承载标识 ( RB-ID ) 、 QoS规则、 业务流模板 ( TFT ) 或数据包过滤器(PF ) , 其中, 五元组信息包括源地址、 目的地址, 源端口 号、 目的端口号和协议号的信息。  The IP data stream information is one or more of the following information: quintuple information, tunnel endpoint identifier (TEID), radio bearer identifier (RB-ID), QoS rule, service flow template (TFT), or data packet. a filter (PF), wherein the quintuple information includes information of a source address, a destination address, a source port number, a destination port number, and a protocol number.
优选地, 上述系统具有以下特点:  Preferably, the above system has the following characteristics:
所述第一网元还设置为: 根据 RB-ID或者五元组信息和 QoS信息, 以及 QoS信息和 SPI之间的对应关系创建上行方向的映射表或过滤器, 映射或过 滤上行数据;  The first network element is further configured to: create an uplink mapping table or a filter according to the RB-ID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and map or filter the uplink data;
所述 SeGW还设置为:根据 TEID或者五元组信息和 QoS信息,以及 QoS 信息和 SPI之间的对应关系创建下行方向的映射表或过滤器, 映射或过滤下 行数据。 本发明实施例能够保证终端在从 HeNB/HNB接入时,对不同的业务实现 QoS区分, 对 QoS要求高的业务, 优先满足其 QoS需求, 提高用户体验。 附图概述 The SeGW is further configured to: create a mapping table or filter in the downlink direction according to TEID or quintuple information and QoS information, and a correspondence between the QoS information and the SPI, and map or filter the downlink data. The embodiments of the present invention can ensure that the QoS is differentiated for different services when the terminal accesses from the HeNB/HNB, and the QoS requirements are preferentially met to improve the user experience. BRIEF abstract
图 1为根据相关技术的 HeNB接入 EPS的架构示意图;  1 is a schematic structural diagram of an HeNB accessing an EPS according to the related art;
图 2为根据相关技术的 HNB接入 UMTS的架构示意图;  2 is a schematic structural diagram of an HNB accessing UMTS according to the related art;
图 2a为根据相关技术的 HNB接入 EPS的架构示意图;  2a is a schematic structural diagram of an HNB accessing an EPS according to the related art;
图 3为本发明的静态建立多个 SA并实现 QoS控制的流程示意图; 图 4为本发明的动态建立多个 SA并实现 QoS控制的流程示意图; 图 5为本发明的上行映射关系结构示意图;  3 is a schematic flowchart of statically establishing multiple SAs and implementing QoS control according to the present invention; FIG. 4 is a schematic flowchart of dynamically establishing multiple SAs and implementing QoS control according to the present invention; FIG.
图 6为本发明的下行映射关系结构示意图;  6 is a schematic structural diagram of a downlink mapping relationship according to the present invention;
图 7为本发明上下行过滤器结构示意图;  Figure 7 is a schematic structural view of the upper and lower filters of the present invention;
图 8为本发明实施例一流程图 ( SeGW解析 Sl/Iuh消息, 基于 T1-T2架 构) ;  8 is a flowchart of Embodiment 1 of the present invention (SeGW parses Sl/Iuh messages, based on T1-T2 architecture);
图 9为本发明是实例二流程图 ( SeGW解析 Sl/Iuh消息, 基于 T1-T3架 构) ;  9 is a flow chart of the second embodiment of the present invention (SeGW parses Sl/Iuh messages, based on the T1-T3 architecture);
图 10为本发明实施例三流程图 ( SeGW不解析 Sl/Iuh消息, 基于 T1-T2 架构) ;  10 is a flowchart of Embodiment 3 of the present invention (SeGW does not parse Sl/Iuh messages, based on T1-T2 architecture);
图 11为本发明实施例四流程图 ( SeGW不解析 Sl/Iuh消息, 基于 T1-T2 架构) 。 本发明的较佳实施方式  FIG. 11 is a flowchart of Embodiment 4 of the present invention (the SeGW does not parse the Sl/Iuh message, and is based on the T1-T2 architecture). Preferred embodiment of the invention
针对现有技术中, 不同的业务无法针对其特性为其保证其需要的 QoS的 问题, 最直接的解决方案就是在 HeNB/HNB和 SeGW之间建立多条 IPsec隧 道, 不同的 IPsec隧道传输不同的业务, 以达到区分的对待的目的。  In the prior art, different services cannot guarantee the QoS required for their characteristics. The most direct solution is to establish multiple IPsec tunnels between the HeNB/HNB and the SeGW, and different IPsec tunnels transmit different. Business, to achieve the purpose of distinguishing treatment.
现有技术中, IPSec隧道 /SA ( Security Association, 安全联盟 )的建立过 程为: 在两网元之间进行 IKEv2 ( Internet Key exchange , 因特网密钥交换) 初始化协商, 建立一个 IKE— SA, 之后可以建立多个子 SA ( Child— SA ) 。 每 个 SA (包括子 SA )都是单向的, 每一个 SA都有一个特定的 SPI ( Security Parameter Index, 安全参数索引)标识。 因为 SA是单向的, 故其标识 SPI也 分为上行和下行的 SPI。 当前 HeNB/HNB系统中,只支持单个 IPSec隧道(一 对 SA ) , 还不支持多 IPsec隧道(多对 SA ) 。 In the prior art, an IPSec tunnel/SA (Security Association) has been established. Cheng Wei: IKEv2 (Internet Key exchange) initialization negotiation between two network elements, establish an IKE-SA, and then establish multiple sub-SAs (Child-SA). Each SA (including sub-SAs) is unidirectional, and each SA has a specific SPI (Security Parameter Index) identifier. Because the SA is unidirectional, its identity SPI is also divided into uplink and downlink SPI. In the current HeNB/HNB system, only a single IPSec tunnel (a pair of SAs) is supported, and multiple IPsec tunnels (multiple pairs of SAs) are not supported.
本发明的基本思想是: HeNB/HNB与 SeGW建立多个 IPSec隧道 /SA对, 不同的 IPsec隧道 /SA对由不同的 SPI (对)标识, 由固网根据 SPI (对)提 供不同的 QoS保证。  The basic idea of the present invention is: HeNB/HNB and SeGW establish multiple IPSec tunnel/SA pairs, different IPsec tunnel/SA pairs are identified by different SPIs (pairs), and fixed network provides different QoS guarantees according to SPI (pair) .
具体地, 包括: 第一网元与 SeGW之间建立一条以上的 IPsec隧道; Specifically, the method includes: establishing one or more IPsec tunnels between the first network element and the SeGW;
SeGW通过第二网元将下行方向的 IPsec隧道信息和 IP数据流信息之间 的对应关系信息上报给固网网元, SeGW或第一网元通过第二网元将上行方 向的 IPsec隧道信息和 IP数据流信息之间的对应关系信息上报给固网网元; 由固网网元执行 QoS控制。 The SeGW reports the correspondence between the IPsec tunnel information and the IP data flow information in the downlink direction to the fixed network element by using the second network element, and the SeGW or the first network element sends the IPsec tunnel information in the uplink direction by using the second network element. The correspondence information between the IP data stream information is reported to the fixed network element; the QoS control is performed by the fixed network element.
其中, 所述第一网元为 HeNB, 第二网元为 HeNB PF; 或者, 所述第一 网元为 HNB, 第二网元为 HNB PF。  The first network element is an HeNB, and the second network element is an HeNB PF; or the first network element is an HNB, and the second network element is an HNB PF.
第一网元与 SeGW之间可釆用静态或者动态的方式, 建立 IPsec隧道。 通过核心网下发, 第一网元和 /或 SeGW获得 IP数据流信息, 进而建立 IPsec隧道信息和 IP数据流信息之间的对应关系。  An IPsec tunnel can be established between the first network element and the SeGW in a static or dynamic manner. The core network sends the IP data stream information to the first network element and/or the SeGW, and establishes a correspondence between the IPsec tunnel information and the IP data stream information.
IPsec隧道信息可以是 SPI或者 DSCP信息;  The IPsec tunnel information can be SPI or DSCP information;
所述 IP数据流信息为如下信息中的一种或多种: 五元组信息、 TEID ( Tunnel End Point Identifier, 隧道端点标识) 、 RB-ID (无线 载的标识) 、 QoS规则、 TFT或 PF, 其中, 五元组信息包括源地址、 目的地址, 源端口号、 目的端口号和协议号的信息。  The IP data stream information is one or more of the following information: quintuple information, TEID (Tunnel End Point Identifier), RB-ID (radio-mounted identifier), QoS rule, TFT or PF The quintuple information includes information of a source address, a destination address, a source port number, a destination port number, and a protocol number.
在一具体的实施例中, 发送给固网网元的对应关系信息为 SPI和 QoS规 则之间的对应关系信息。 IPsec 隧道 /SA建立生成后, HeNB/HNB 子系统将 SPI和 QoS的对应关系上 4艮给固网网元, 固网网元依据不同的 SPI及其对应 的 QoS规则, 为传输数据包提供区分等级的 QoS保证。 所述第一网元根据 RB-ID或者五元组信息和 QoS信息, 以及 QoS信息 和 SPI之间的对应关系创建上行方向的映射表或过滤器, 映射或过滤上行数 据; In a specific embodiment, the correspondence information sent to the fixed network element is correspondence information between the SPI and the QoS rule. After the IPsec tunnel/SA is established, the HeNB/HNB subsystem sends the SPI and QoS relationship to the fixed network element. The fixed network element provides a distinction between the transport packets based on different SPIs and their corresponding QoS rules. Level QoS guarantee. The first network element creates an uplink mapping table or a filter according to the RB-ID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and maps or filters the uplink data.
所述 SeGW根据 TEID或者五元组信息和 QoS信息, 以及 QoS信息和 SP1之间的对应关系创建下行方向的映射表或过滤器, 映射或过滤下行数据。  The SeGW creates a mapping table or a filter in the downlink direction according to the TEID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SP1, and maps or filters the downlink data.
上述接收所述 Psec隧道信息和 IP数据流信息之间的对应关系信息的固 控制功能) , 由所述 BPCF为传输数据提供区分等级的 QoS保证, 或者所述 BPCF与其他固网网元, 比如 BNG/BRAS ( Broadband Network Gateway宽带 网络网关/ Broadband Remote Access Server宽带远程接入服务器)为传输数据 提供区分等级的 QoS保证。  And the solid control function for receiving the correspondence information between the Psec tunnel information and the IP data stream information, the BPCF provides a hierarchical QoS guarantee for the transmission data, or the BPCF and other fixed network elements, for example BNG/BRAS (Broadband Network Gateway/Broadband Remote Access Server) provides a differentiated QoS guarantee for transmitting data.
另外, 在 SeGW通过第二网元将下行方向的 IPsec隧道信息和 IP数据流 信息之间的对应关系信息上报给固网网元的步骤中, 所述 SeGW通过通知请 求消息将所述对应关系信息发送给第二网元; 所述第二网元通过 S9*接口会 话消息将所述对应关系信息发送给固网网元;  In addition, in the step that the SeGW reports the correspondence information between the IPsec tunnel information and the IP data flow information in the downlink direction to the fixed network element by using the second network element, the SeGW sends the corresponding relationship information by using a notification request message. Sending to the second network element; the second network element sends the corresponding relationship information to the fixed network element by using the S9* interface session message;
在 SeGW或第一网元通过第二网元将上行方向的 IPsec隧道信息和 IP数 据流信息之间的对应关系信息上报给固网网元的步骤中, 所述 SeGW通过通 知请求消息将所述对应关系信息发送给第二网元, 或者, 所述第一网元通过 资源请求消息或资源修改请求消息将所述对应关系信息发送给第二网元; 所 述第二网元通过 S9*接口会话消息将所述对应关系信息发送给固网网元。  In the step of reporting, by the second network element, the correspondence information between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element by the second network element, the SeGW, by using the notification request message, Corresponding relationship information is sent to the second network element, or the first network element sends the corresponding relationship information to the second network element by using a resource request message or a resource modification request message; the second network element passes the S9* interface. The session message sends the corresponding relationship information to the fixed network element.
其中, S9*接口指修改或增强的 S9接口。  The S9* interface refers to the modified or enhanced S9 interface.
相应地, 本发明实施例的实现服务质量控制的系统, 包括: 第一网元、 第二网元、 SeGW和固网网元, 其实现如上所述。  Correspondingly, the system for implementing the quality of service control in the embodiment of the present invention includes: a first network element, a second network element, an SeGW, and a fixed network element, which are implemented as described above.
下面对本发明的关键技术进行论述 The key technologies of the present invention are discussed below.
(一 ) IPSec隧道 /SA的创建(静态 )  (a) IPSec tunnel / SA creation (static)
该场景中, He B/HNB上电后,就与 SeGW—次性建立多个(比如 m个) IPsec隧道,每个隧道对应不同的 QoS规则范围,每个隧道对应上下行的 SA, 每个 SA对应其各自的 SPI, 对应图 3。 In this scenario, after the He B/HNB is powered on, multiple (such as m) IPsec tunnels are established with the SeGW. Each tunnel corresponds to a different QoS rule range, and each tunnel corresponds to the uplink and downlink SA. Each SA corresponds to its respective SPI, corresponding to Figure 3.
m个不同的 IPsec通道,按照一定的优先次序排列, 当用户数据到来的时 候, 按照优先级的次序把数据包往 IPsec隧道 /SA上映射 /匹配, 映射 /匹配到 哪个隧道上, 就用哪个隧道传输。  m different IPsec channels are arranged according to a certain priority. When user data arrives, the data packets are mapped/matched to the IPsec tunnel/SA according to the priority order, and which tunnel is mapped/matched, which one is used. Tunnel transmission.
作为一种具体实现, 可以设置一个优先级最低的 IPsec隧道, 服务于 BE As a specific implementation, you can set a lower priority IPsec tunnel to serve the BE.
( Best Effort, 尽力而为)的业务或者不能映射 /匹配的业务。 也就是说: M-1 个隧道都对应特定 QoS或者 QoS范围, 这 M-1个隧道称为 "专有隧道" , 一个 IPsec隧道没有特定的 QoS要求, 称为 "默认 /缺省隧道" 。 用户数据到 达后, 逐一往这 M个隧道上映射 /匹配, 映射 /匹配到哪个隧道上, 就用哪个 隧道传输, 如果前 M-1个 IPsec隧道都不适合传输某个业务或者对该业务根 本没有特定的 QoS要求务, 该业务可以默认的被映射 /匹配到 "默认 /缺省隧 道" 上。 ( Best Effort, best-effort) business or business that cannot be mapped/matched. That is to say: M-1 tunnels correspond to specific QoS or QoS ranges. These M-1 tunnels are called "private tunnels". An IPsec tunnel has no specific QoS requirements, which is called "default/default tunnel". After the user data arrives, map/match to the M tunnels one by one, and which tunnel is mapped/matched to which tunnel, if the former M-1 IPsec tunnels are not suitable for transmitting a certain service or the service is fundamental. Without specific QoS requirements, the service can be mapped/matched to the "default/default tunnel" by default.
作为一种特定的实现方式, 从 M个隧道中选定一个特定的隧道(一般情 况下, 该隧道的优先级和 QoS要求最高)作为 "信令隧道" , 所有通过 IPsec 通道传输的 3GPP控制面信令, 都通过该特定的 "信令隧道" 传输。  As a specific implementation, a specific tunnel is selected from M tunnels (in general, the tunnel has the highest priority and QoS requirements) as a "signaling tunnel", and all 3GPP control planes transmitted through the IPsec tunnel. Signaling is transmitted through this particular "signaling tunnel".
如果存在 "信令隧道" 的时候, 信令隧道优先于其他隧道建立, 即: 在 HeNB/HNB接入认证之后就建立信令隧道, 为传输后续的 HeNB发往其他网 络的注册信令或者其他控制面信令服务。  If there is a "signaling tunnel", the signaling tunnel is prioritized over other tunnels, that is, a signaling tunnel is established after the HeNB/HNB access authentication, and the registration signaling or other information sent to other networks by the subsequent HeNB is transmitted. Control plane signaling service.
隧道的建立可以由 HeNB/HNB或者 SeGW发起。 不同的 IPsec隧道可以 是独立的 IPsec隧道,也可以是属于同一族的多 IPSec隧道 /子 SA( CMd-SA )。  The establishment of the tunnel can be initiated by the HeNB/HNB or the SeGW. Different IPsec tunnels can be independent IPsec tunnels or multiple IPSec tunnels/sub-SAs (CMd-SAs) belonging to the same family.
(二 ) IPSec隧道 /SA的创建(动态)  (ii) Creation of IPSec tunnel/SA (dynamic)
该场景中, 当某个用户有 Sl/Iuh接口消息(例如: 附着/ PDN连接建立 / 承载建立 /承载修改请求)到达后,要求特定的 QoS规则时, HeNB/HNB/SeGW 根据相关规则, 决定该 QoS需要建立 /修改 /删除专有的 SA/IPsec隧道为其保 证 QoS。 即, 该方案不同与 (一)之处在于, 不是 HeNB—上电的时候就建 立多条 QoS不同的 IPsec隧道, 而是当有业务的特定 QoS需求的时候, 再决 定新建 IPSec隧道。 参见图 4。  In this scenario, when a certain user has a S1/Iuh interface message (for example, an attach/PDN connection setup/bearer setup/bearer modification request) and a specific QoS rule is required, the HeNB/HNB/SeGW determines according to the relevant rules. This QoS requires the establishment/modification/deletion of a proprietary SA/IPsec tunnel to guarantee QoS. That is, the solution differs from (1) in that it is not the HeNB that establishes multiple IPsec tunnels with different QoS when powering up, but decides to create a new IPSec tunnel when there is a specific QoS requirement for the service. See Figure 4.
类似(一) , 每个 IPsec隧道对应不同的 QoS范围, 每个 IPsec隧道的 SA对应其各自的 SPI。 Similar to (1), each IPsec tunnel corresponds to a different QoS range, for each IPsec tunnel. SAs correspond to their respective SPIs.
作为一种具体实现, 可以在 HeNB/HNB—上电的时候就建立一个 "默认 /缺省隧道",该隧道服务于 BE业务或者当所有专有的 IPsec隧道都无法映射 /匹配的业务。  As a specific implementation, a "default/default tunnel" can be established when the HeNB/HNB is powered on. The tunnel serves the BE service or when all proprietary IPsec tunnels cannot be mapped/matched.
作为一种具体实现,可以在 HeNB/HNB—上电的时候就建立一个特定的 隧道(一般情况下, 该隧道的优先级和 QoS要求最高)作为 "信令隧道" , 所有通过 IPsec通道传输的 3GPP控制面信令, 都通过该特定的 "信令隧道" 传输。  As a specific implementation, a specific tunnel can be established when the HeNB/HNB is powered on (generally, the tunnel has the highest priority and QoS requirements) as a "signaling tunnel", all transmitted through the IPsec channel. 3GPP control plane signaling is transmitted over this particular "signaling tunnel".
如果存在 "信令隧道" 的时候, 信令隧道优先于其他隧道建立, 即: 在 HeNB/HNB接入认证之后就建立信令隧道,为传输后续的 HeNB/HNB发往其 他网络的注册信令或者其他控制面信令服务。  If there is a "signaling tunnel", the signaling tunnel is prioritized over other tunnels, that is, a signaling tunnel is established after the HeNB/HNB access authentication, and the registration signaling for the subsequent HeNB/HNB to other networks is transmitted. Or other control plane signaling services.
隧道的建立可以由 HeNB/HNB或 SeGW发起。 不同的 IPsec隧道可以是 独立的 IPsec隧道, 也可以是属于同一族的多 IPSec隧道 /子 SA ( Child-SA ) 。  The establishment of the tunnel can be initiated by the HeNB/HNB or SeGW. Different IPsec tunnels can be independent IPsec tunnels or multiple IPSec tunnels/child SAs belonging to the same family.
(三) 映射表 /过滤器的结构  (iii) Mapping table / filter structure
HeNB/HNB作为 IPsec隧道的一个端点, 存有上行数据映射表 /过滤器, 该映射表 /过滤器的作用是将数据包(上行) 映射 /匹配到合适的 IPsec隧道上 去。 该过滤器的结构如图 5所示。 图中, 无线承载和 QoS范围存在一对一或 者多对一的关系,而 QoS范围和 IPsec隧道的上行 SA(SPI)存在一对一的关系。 这样, 就建立了无线承载的标识(在此用 RB-ID, Radio Bearer Identity来标 识)和 SPI的对应关系。  The HeNB/HNB acts as an endpoint of the IPsec tunnel and stores an upstream data mapping table/filter. The mapping table/filter is used to map/match the data packet (uplink) to the appropriate IPsec tunnel. The structure of the filter is shown in Figure 5. In the figure, there is a one-to-one or many-to-one relationship between the radio bearer and the QoS range, and the QoS range has a one-to-one relationship with the uplink SA (SPI) of the IPsec tunnel. In this way, the correspondence between the identity of the radio bearer (here identified by RB-ID, Radio Bearer Identity) and SPI is established.
无线承载和 QoS范围, 以及无线承载和上行的 SA/SPI未必是——对应 的关系, 可能多个 RB-ID对应同一个 SPI (如图 5所示) , 或者反之。 这取 决于无线承载的 QoS和 IPsec隧道的 QoS区分的粒度的粗细。但 QoS范围和 SPI是——对应的关系。 下面 SeGW类同。  The radio bearer and QoS range, as well as the radio bearer and uplink SA/SPI are not necessarily the corresponding relationship. It is possible that multiple RB-IDs correspond to the same SPI (as shown in Figure 5), or vice versa. This depends on the granularity of the QoS of the radio bearer and the QoS of the IPsec tunnel. But the QoS scope and SPI are - the corresponding relationship. The following SeGW is the same.
SeGW作为 IPsec隧道的另外一个端点, 存有下行数据映射表 /过滤器, 该映射表 /过滤器的作用是将数据包(下行) 映射 /匹配到合适的 IPsec隧道上 去。该映射表 /过滤器的结构如图 6所示。 图中, Sl/Iuh承载(属于 GTP承载) 和 QoS范围存在一对一或者多对一的关系, 而 QoS范围和 IPsec隧道 /SPI存 在一对一的关系。 这样, 就建立了 Sl/Iuh承载的标识 TEID和 SPI的一对一 或者多对一的关系。 As another endpoint of the IPsec tunnel, the SeGW stores a downlink data mapping table/filter, which is used to map/match the data packet (downlink) to the appropriate IPsec tunnel. The structure of the mapping table/filter is as shown in FIG. 6. In the figure, there is a one-to-one or many-to-one relationship between the Sl/Iuh bearer (belonging to the GTP bearer) and the QoS range, and the QoS range and IPsec tunnel/SPI storage. In a one-to-one relationship. Thus, a one-to-one or many-to-one relationship between the identifier TEID and the SPI carried by the Sl/Iuh is established.
映射表 /过滤器还可以有另外一种结构(在此称为结构二) , 不同于上述 的 RB-ID或者 TEID与 SPI建立多对一或者一对一的对应关系 (上述结构称 作结构一) , 而是数据包的五元组 (数据包的源地址、 目的地址、 源端口号、 目的端口号、 协议号)建立与 SPI的一对一或者多对一的对应关系。 如图 7所 示。 结构二的映射表 /过滤器既可以用于 SeGW上也可以用于 HeNB/HNB上, 只是对应的 QoS范围、 SPI、 五元组分别是下行、 上行的即可。  The mapping table/filter may have another structure (referred to herein as structure 2), which is different from the RB-ID or TEID described above and establishes a one-to-one or one-to-one correspondence relationship with the SPI (the above structure is called structure one). ), but the quintuple of the data packet (source address, destination address, source port number, destination port number, protocol number of the data packet) establishes a one-to-one or many-to-one correspondence with the SPI. As shown in Figure 7. The mapping table/filter of the structure 2 can be used on the SeGW or the HeNB/HNB, but the corresponding QoS range, SPI, and quintuple are downlink and uplink respectively.
(四 ) 映射表 /过滤器的生成  (4) Mapping table / filter generation
在 EPS/UMTS系统中, 终端接入 EPS/UMTS、 或者建立 PDN连接、 或 者发起专有承载建立、 或者网络侧发起专有承载建立, 最后的操作都会归结 到 EPS/UMTS网络的网元 MME/SGSN给 HeNB/HNB发送 S 1/Iuh接口上的消 息 (比如: 初始上下文建立请求 /附着接受 /承载建立请求 /PDN连接接受 ) , 该消息中携带了承载的 QoS(默认承载除外)规则(还可能包括五元组信息)。 根据现有技术, HeNB/HNB在收到该消息后, 根据该携带的 QoS决定修改 / 创建 /删除无线承载( RB ) , 也就是该 QoS和无线承载之间存在了对应关系。 在此发明中, HeNB/HNB会根据该 QoS找到对应的 IPSec隧道对应的 "QoS 范围" , 这样就建立了该 QoS和 IPSec隧道的 SA标识 SPI的对应关系。 这 样一来, 无线承载的标识、 承载的 QoS以及 SPI就建立了对应关系。 这个对 应关系就是该承载的映射表 /过滤器。 当然, 不同的承载有不同的承载映射表 /过滤器, 不同的终端上的映射表 /过滤器也不同。  In the EPS/UMTS system, the terminal accesses the EPS/UMTS, or establishes a PDN connection, or initiates a dedicated bearer setup, or initiates a dedicated bearer setup on the network side. The final operation is attributed to the network element MME of the EPS/UMTS network. The SGSN sends a message on the S1/Iuh interface to the HeNB/HNB (for example: initial context setup request/attach accept/bearer setup request/PDN connection accept), and the message carries the bearer QoS (except the default bearer) rule (also May include quintuple information). According to the prior art, after receiving the message, the HeNB/HNB determines to modify/create/delete a radio bearer (RB) according to the carried QoS, that is, there is a correspondence between the QoS and the radio bearer. In this invention, the HeNB/HNB finds the "QoS range" corresponding to the corresponding IPSec tunnel according to the QoS, so that the correspondence between the QoS and the SA identifier SPI of the IPSec tunnel is established. In this way, the identity of the radio bearer, the QoS of the bearer, and the SPI establish a correspondence. This corresponding relationship is the mapping table/filter of the bearer. Of course, different bearers have different bearer mapping tables/filters, and different mapping tables/filters on different terminals are also different.
如果 SeGW截获 Sl/Iuh消息时, SeGW在截获 Sl/Iuh接口上的消息(例 如: 初始上下文建立请求 /附着接受 /承载建立请求 /PDN连接接受)后, 获取 了承载的 QoS (默认承载除外)规则和承载标识 TEID (或者五元组信息) 。 SeGW会根据该 QoS找到对应的 IPSec隧道对应的 "QoS范围" , 这样就建 立了该 QoS和 IPSec隧道的下行 SA标识 SPI的对应关系。从而建立了 TEID、 承载的 QoS和 SPI的对应关系, 这个对应关系就是该承载的映射表 /过滤器。 当然, 不同的承载有不同的承载映射表 /过滤器, 不同的终端上的映射 /过滤 器也不同。 如果 SeGW不截获 Sl/Iuh消息时,下行的映射表 /过滤器可以委托其他网 元生成, 比如 HeNB/HNB PF或者 HeNB/HNB。 If the SeGW intercepts the Sl/Iuh message, the SeGW acquires the QoS of the bearer after intercepting the message on the Sl/Iuh interface (for example: initial context setup request/attach accept/bearer setup request/PDN connection acceptance) (except the default bearer) Rules and bearers identify TEID (or quintuple information). Based on the QoS, the SeGW finds the corresponding QoS scope of the IPSec tunnel. This establishes the correspondence between the QoS and the downlink SA identifier SPI of the IPSec tunnel. Thereby, the correspondence between the TEID, the bearer QoS and the SPI is established, and the corresponding relationship is the mapping table/filter of the bearer. Of course, different bearers have different bearer mapping tables/filters, and different mappings/filters on different terminals are also different. If the SeGW does not intercept the Sl/Iuh message, the downlink mapping table/filter may be trusted by other network elements, such as HeNB/HNB PF or HeNB/HNB.
同样, HeNB/HNB 上的映射表 /过滤器也可以委托其他网元生成, 比如 SeGW, HeNB/HNB PF等。 具体的操作取决于具体的实现方案, 在后面的流 程实施例中会介绍到。  Similarly, the mapping table/filter on the HeNB/HNB can also be commissioned by other network elements, such as SeGW, HeNB/HNB PF, and so on. The specific operation depends on the specific implementation, which will be introduced in the following process examples.
对于映射表 /过滤器的另外一种形式, Sl/Iuh消息(例如: 初始上下文建 立请求 /附着接受 /承载建立请求 /PDN连接接受) 消息中携带了该业务数据包 的五元组信息和 QoS信息。 因此 SeGW和 HeNB都可以建立五元组、 QoS和 SPI的对应关系, 该对应就可以作为该承载的过滤器。  For another form of mapping table/filter, the Sl/Iuh message (eg: initial context setup request/attach accept/bearer setup request/PDN connection accept) message carries the quintuple information and QoS of the service data packet. information. Therefore, both the SeGW and the HeNB can establish a correspondence between quintuple, QoS, and SPI, and the correspondence can be used as a filter for the bearer.
(五) 映射表 /过滤器的应用  (5) Mapping table / filter application
根据(四)所述, HeNB/HNB/SeGW上的映射表 /过滤器即为: 无线承载 的标识 /TEID、 承载的 QoS以及 SPI的对应关系。 所以当 HeNB/HNB从无线 承载上获得上行数据后, 根据该数据包所在无线承载的 RB-ID就能对应找到 IPsec隧道, 将数据包映射 /匹配到了合适的 IPSec隧道中。 SeGW从 Sl/Iuh承 载上获得下行数据后, 根据该数据包所在 Sl/Iuh承载的 TEID就能对应找到 IPsec隧道, 将数据包映射 /匹配到了合适的 IPSec隧道中。  According to (4), the mapping table/filter on the HeNB/HNB/SeGW is: the identifier/TEID of the radio bearer, the QoS of the bearer, and the correspondence between the SPI. Therefore, after the HeNB/HNB obtains the uplink data from the radio bearer, the IPsec tunnel can be found according to the RB-ID of the radio bearer of the data packet, and the data packet is mapped/matched into the appropriate IPSec tunnel. After obtaining the downlink data from the Sl/Iuh bearer, the SeGW can find the IPsec tunnel according to the TEID carried by the Sl/Iuh of the data packet, and map/match the data packet to the appropriate IPSec tunnel.
对应过滤器的另外一种形式,当 HeNB/HNB/SeGW接收到上 /下行数据包 后, 根据数据包的五元组找到对应的 SPI, 将数据包匹配到了合适的 IPSec隧 道中。  Another form of the corresponding filter, when the HeNB/HNB/SeGW receives the uplink/downlink data packet, finds the corresponding SPI according to the quintuple of the data packet, and matches the data packet to the appropriate IPSec tunnel.
(六)对应关系的上报  (6) Reporting of correspondence
HeNB/HNB/SeGW在生成了映射关系 /过滤器后,用于本地映射 /过滤数据 包, 并且需要将 QoS和 SPI的对应关系通过 HeNB/HNB PF上报给固网, 这 样固网获知了 SPI和 QoS的对应关系, 才能保证不同的 IPSec隧道中传输的 数据包的 QoS。  After the mapping/filter is generated, the HeNB/HNB/SeGW is used to locally map/filter the data packets, and the QoS and SPI correspondences need to be reported to the fixed network through the HeNB/HNB PF, so that the fixed network learns the SPI and the SPI. The QoS relationship can guarantee the QoS of data packets transmitted in different IPSec tunnels.
其中 HeNB/HNB在通过 HeNB/HNB PF向固网上报 "SPI和 QoS的对应 关系" 时, HeNB HNB首先通过 T2接口的 "资源请求 /修改请求 /释放请求" 消息将 "对应关系 " 上报给 HeNB/HNB PF , HeNB/HNB PF通过 S9*接口会 话消息上报给固网的 BPCF ,由 BPCF及固网的其他网元执根据该对应关系执 行区分不同等级的 QoS控制。 When the HeNB/HNB reports the "Relationship between SPI and QoS" to the fixed network through the HeNB/HNB PF, the HeNB HNB first reports the "correspondence" to the HeNB through the "Resource Request/Modify Request/Release Request" message of the T2 interface. /HNB PF, the HeNB/HNB PF reports the S9* interface session message to the BPCF of the fixed network, and the other network elements of the BPCF and the fixed network are executed according to the corresponding relationship. Lines distinguish between different levels of QoS control.
作为具体的实施方式, PF除了是向固网上报 QoS和 SPI对应关系的中介 网元外, 在某些场景下还是 HeNB/HNB和 SeGW互通映射关系 /过滤器、 IP 数据流信息的中间网元, 具体体现在后续的流程中。  As a specific implementation manner, the PF is an intermediate network element of the HeNB/HNB and the SeGW interworking mapping relationship/filter and IP data flow information, in addition to the intermediate network element that reports the QoS and SPI correspondence to the fixed network. , embodied in the subsequent process.
在本发明中, IPsec隧道信息是指标识该 IPsec隧道 /SA的标识信息, 比 如: SPI。也可以是其他唯一标识 IPSec隧道的信息,比如 DSCP( Differentiated Services Code Point, 差分服务代码点)等。 在本发明的实施例及关键技术论 述中, 一般只提到了 SPI作为 IPsec隧道信息, 但不排除可以釆用 DSCP等其 他隧道信息的可能。 也就是说, 可以等价替换成 DSCP等其他隧道信息, 该 方案也可以运行, 也是本发明的内容。 In the present invention, the IPsec tunnel information refers to identification information identifying the IPsec tunnel/SA, such as: SPI. It can also be other information that uniquely identifies an IPSec tunnel, such as DSCP (Differential Services Code Point). In the embodiments and key technical descriptions of the present invention, SPI is generally only mentioned as IPsec tunnel information, but the possibility of using other tunnel information such as DSCP is not excluded. That is to say, it can be equivalently replaced with other tunnel information such as DSCP, and the scheme can also be operated, which is also the content of the present invention.
IP数据流信息是能够描述某个 IP数据流的标识信息, 策略信息等, 包括 但不限于以下信息中的一种或者几种: 五元组(源地址, 目的地址, 源端口 号, 目的端口号, 协议号) 、 TEID、 QoS规则、 TFT/PF等。  The IP data stream information is identification information, policy information, and the like that can describe an IP data stream, including but not limited to one or more of the following information: a quintuple (source address, destination address, source port number, destination port) No., protocol number), TEID, QoS rules, TFT/PF, etc.
IPsec隧道信息和 IP数据流信息的对应关系为任意一种 IPsec隧道信息 The correspondence between IPsec tunnel information and IP data stream information is any kind of IPsec tunnel information.
( SPI或者 DSCP或者其他 )和任意一种或者几种 IP数据流信息 (五元组、 TEID、 QoS规则、 TFT/PF )的对应关系。 在本发明的实施例及关键技术论述 中, SPI和 QoS的对应关系是一种典型的实现。 但不排除可以釆用 DSCP等 其他隧道信息和 QoS规则以及其他 IP数据流信息建立对应关系的可能。也就 是说, SPI可以等价替换成 DSCP等其他 IPsec隧道信息, QoS规则可以等价 的替换成其他 IP数据流信息, 从而建立对应关系, 该方案也可以运行, 也是 本发明的内容。 Correspondence between (either SPI or DSCP or other) and any one or several kinds of IP data stream information (quintuple, TEID, QoS rule, TFT/PF). In the embodiments of the present invention and the discussion of key technologies, the correspondence between SPI and QoS is a typical implementation. However, it is not excluded that other tunnel information such as DSCP and other QoS rules and other IP data stream information can be used to establish a correspondence. That is to say, the SPI can be equivalently replaced with other IPsec tunnel information such as DSCP, and the QoS rule can be equivalently replaced with other IP data stream information to establish a correspondence, and the scheme can also be operated, which is also the content of the present invention.
流程实施例 Process embodiment
实施例一: SeGW解析 Sl/Iuh接口消息, 基于 T1T2架构 (图 8 ) 步骤 801 : UE发起附着/ PDN连接建立操作, 无线侧及核心网的相关处 理, 此是现有技术。  Embodiment 1: The SeGW parses the Sl/Iuh interface message, based on the T1T2 architecture (Fig. 8). Step 801: The UE initiates an attach/PDN connection establishment operation, and the related processing of the wireless side and the core network. This is a prior art.
步骤 802: 终端通过 HeNB/HNB接入到 EPS/UMTS之后, 无论是附着, PDN连接建立、 终端发起的或者是网络侧发起的专有承载建立, 最终都会由 网络侧发送对应的消息给 HeNB/HNB , 该消息为 Sl/Iuh接口的 GTP ( GPRS tunnel Protocol, GPRS隧道协议)控制信令, 如图中所示的消息: 初始上下 文建立请求 /附着接受 /承载建立请求 /PDN连接接受。 该消息中携带了所要创 建 /修改 /释放的承载所对应的 QoS规则和上下行 TEID、 五元组等信息, 也即 IP数据流信息。 Step 802: After the terminal accesses the EPS/UMTS through the HeNB/HNB, whether it is attached or not, PDN connection establishment, terminal initiated or private bearer setup initiated by the network side, and finally the corresponding message is sent by the network side to the HeNB/HNB, which is the GTP (GPRS Tunnel Protocol) of the Sl/Iuh interface. Control signaling, as shown in the message: Initial context setup request/attach accept/bearer setup request/PDN connection accept. The message carries the QoS rules corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple, and the like, that is, the IP data stream information.
Sl/Iuh接口的信令在经过 SeGW时, 由 SeGW截获, 并获取信令中的 IP 数据流信息后再将 Sl/Iuh消息发送给 HeNB/HNB。  The signaling of the Sl/Iuh interface is intercepted by the SeGW when the SeGW passes through the SeGW, and the IP data stream information in the signaling is obtained, and then the Sl/Iuh message is sent to the HeNB/HNB.
步骤 803: SeGW根据从 GTP消息中获取 IP数据流信息, 并根据相关策 略决定创建新 SA (动态方案)或者选择 SA (动态或者静态方案)  Step 803: The SeGW obtains the IP data flow information from the GTP message, and determines to create a new SA (dynamic scheme) or select the SA (dynamic or static scheme) according to the relevant policy.
如果是创建新的 SA, SeGW发送 IKEv2消息的 "创建子 SA请求" 给 HeNB/HNB, 并在消息中携带了由 SeGW选定的下行 SA的 SPI。  If a new SA is created, the SeGW sends a "Create Sub-AS Request" to the HeNB/HNB of the IKEv2 message, and carries the SPI of the downlink SA selected by the SeGW in the message.
SeGW从 Sl/Iuh接口的 GTP消息中获取了 QoS规则、 TEID和 /或五元组 信息, SeGW根据自身配置的信息,判断接收到的 QoS规则是否需要新建 SA 或者是现有的 SA就能满足该 QoS规则的需求。 这样新建或者选择的 SA的 SPI就能与 QoS规则建立对应关系; 而在 GTP消息中, QoS规则和 TEID又 存在对应关系, 于是 TEID 和 SPI 就建立了对应关系, 或者说是映射 ( MAPPING ) 关系, 参见图 6。  The SeGW obtains QoS rules, TEIDs, and/or quintuple information from the GTP messages of the Sl/Iuh interface. The SeGW determines whether the received QoS rules need to be newly created or existing SAs according to the information configured by the SeGW. The requirements of this QoS rule. The SPI of the newly created or selected SA can be associated with the QoS rule. In the GTP message, the QoS rule and the TEID have a corresponding relationship, so the TEID and the SPI establish a correspondence, or a mapping (MAPPING) relationship. , see Figure 6.
如果不是建立 SPI和 TEID的对应关系, 而是根据 QoS规则建立了 SPI 和五元组的对应关系, 则该对应关系称作 "过滤器" , 参见图 7。  If the correspondence between SPI and TEID is not established, but the correspondence between SPI and quintuple is established according to QoS rules, the correspondence is called "filter", see Figure 7.
在 SeGW上生成的映射表 /过滤器用于过滤 /映射下行数据包, 称作下行 ( downlink, DL ) 映射 /过滤器。  The mapping table/filter generated on the SeGW is used to filter/map downstream packets, called downlink (DL) mapping/filters.
步骤 804: SeGW发送 "创建子 SA请求" 给 HeNB/HNB, 并在消息中 携带了由 SeGW选定的下行 SA的 SPI; HeNB/HNB收到请求后, 选择上行 SA的 SPI, 并通过 "创建子 SA回应" 消息发送给 SeGW。  Step 804: The SeGW sends a "Create Sub-SA Request" to the HeNB/HNB, and carries the SPI of the downlink SA selected by the SeGW in the message; after receiving the request, the HeNB/HNB selects the SPI of the uplink SA, and "creates" The child SA responds with a "message sent to SeGW.
步骤 805: HeNB/HNB收到了 Sl/Iuh消息, 并获取了其中的 QoS规则、 TEID和 /或五元组信息。  Step 805: The HeNB/HNB receives the Sl/Iuh message and obtains the QoS rule, TEID, and/or quintuple information.
HeNB/HNB根据 QoS规则能判断将该 GTP承载对应到哪个无线承载上, 即和无线承载标识 RB-ID建立了对应关系 (现有技术); HeNB/HNB自身配 置的信息, 判断接收到的 QoS规则是否需要新建 SA或者是现有的 SA就能 满足该 QoS规则的需求。 这样新建或者选择的 SA的 SPI就能与 QoS规则建 立对应关系; 如此一来 RB-ID和 SPI就通过 QoS规则建立了对应关系 (映射 关系 /映射表) , 如图 5所示。 The HeNB/HNB can determine, according to the QoS rule, which radio bearer the GTP bearer corresponds to, That is, the corresponding relationship is established with the radio bearer identifier RB-ID (prior art); the information configured by the HeNB/HNB itself determines whether the received QoS rule needs to create a new SA or an existing SA to satisfy the requirement of the QoS rule. . The SPI of the newly created or selected SA can be associated with the QoS rule; thus, the RB-ID and the SPI establish a correspondence (mapping relationship/mapping table) through the QoS rule, as shown in FIG. 5.
如果不是建立 SPI和 RB-ID的对应关系, 而是根据 QoS规则建立了 SPI 和五元组的对应关系, 则该对应关系称作 "过滤器" , 参见图 7。  If the correspondence between SPI and RB-ID is not established, but the correspondence between SPI and quintuple is established according to QoS rules, the correspondence is called "filter", see Figure 7.
在 HeNB/HNB上生成的映射表 /过滤器用于过滤 /映射上行数据包, 称作 上行(uplink, UL ) 映射 /过滤器。  The mapping table/filter generated on the HeNB/HNB is used to filter/map the upstream packets, called the uplink (UL) mapping/filter.
以上步骤 803-805 中, 没有特定的先后关系。 子 SA的建立发起可能是 In the above steps 803-805, there is no specific sequence relationship. The initiation of the establishment of the sub SA may be
SeGW也可能是 HeNB/HNB, 而且一对 IKEv2消息建立的上下行 SA可能但 未必一定服务于同一个承载上的上下行数据流。 当 SeGW或者 HeNB/HNB发 现新接收到的 QoS规则后, 先去查看已经存在的 SA中有没有 "与 QoS无关 联" 的 SA, 如果有, 就与该 SA建立关联关系; 如果没有, 则发起新建, 并 与之建立关联关系; The SeGW may also be a HeNB/HNB, and the uplink and downlink SAs established by a pair of IKEv2 messages may not necessarily serve the uplink and downlink data streams on the same bearer. After the SeGW or the HeNB/HNB discovers the newly received QoS rule, it first checks whether there is an SA that is not associated with the QoS in the existing SA. If yes, it establishes an association with the SA; if not, it initiates Newly built and associated with it;
上述提到可能存在 "与 QoS无关联" 的 SA, 在几种场景下可以出现这 种情况: 1 ) 因为 IKEv2消息是成对发送的 (请求 +回应) , 因此, 请求方选 择了 SPI (对应一个 SA )可以建立 SPI和 QoS的对应关系; 但是回应方不知 道其选择的 SPI对应的 SA应该关联什么样的 QoS,因此就存在了一个与 QoS 无关联关系的 SA。 当接收方收到 QoS后, 就可以建立该 QoS与该 "没有做 关联的 SA" 的关联关系。 2 ) EPS/UMTS核心网除了发送新建承载请求外, 还可能发送释放承载的请求, 因此某个承载释放后, 该 SA就可能是空闲的 (与 QoS无绑定关系) 了。  The above mentioned may have "SAs not associated with QoS". This can happen in several scenarios: 1) Because the IKEv2 messages are sent in pairs (request + response), the requester chooses SPI (corresponding A SA can establish the correspondence between SPI and QoS; however, the responder does not know what QoS the SA corresponding to the selected SPI should be associated with, so there is an SA that is not associated with QoS. When the receiver receives the QoS, it can establish the association between the QoS and the "unavailable SA". 2) The EPS/UMTS core network may send a request to release the bearer in addition to the new bearer request. Therefore, after a bearer is released, the SA may be idle (no binding relationship with QoS).
步骤 806: HeNB/HNB 通过 T2接口的 "资源请求 /修改请求" 消息向 HeNB/HNB PF 上才艮下行 "SPI 和 QoS 对应关系" 。 HeNB/HNB PF 向 HeNB/HNB回复应答消息;  Step 806: The HeNB/HNB forwards the "SPI and QoS correspondence" to the HeNB/HNB PF through the "resource request/modification request" message of the T2 interface. The HeNB/HNB PF replies with a response message to the HeNB/HNB;
步骤 807, SeGW通过 T1接口的 "通知请求" 消息向 HeNB/HNB PF上 报上行 " SPI和 QoS对应关系 " 。 HeNB/HNB PF向 SeGW回复应答消息; HeNB/HNB PF收到 806步和 807步的消息后,对两会话上报的对应关系 作关联(现有技术中 T1会话和 T2会话已经可以关联, 因此根据会话的关联 关系, 可以将上报的上下行 "SPI和 QoS对应关系" 关联), 并通过 S9*接口 报告给固网 BPCF,由 BPCF或者 BPCF委托其他固网网元为传输在不同 IPsec 隧道中的数据包保证 QoS。 In step 807, the SeGW reports the uplink "SPI and QoS correspondence" to the HeNB/HNB PF through the "Notification Request" message of the T1 interface. The HeNB/HNB PF replies with a response message to the SeGW; After receiving the messages of steps 806 and 807, the HeNB/HNB PF associates the corresponding relationship reported by the two sessions. In the prior art, the T1 session and the T2 session can be associated with each other. Therefore, according to the association relationship of the session, the reported upper and lower levels can be reported. The line "SPI and QoS correspondence" is associated with and reported to the fixed network BPCF through the S9* interface. The BPCF or BPCF entrusts other fixed network elements to guarantee QoS for the data packets transmitted in different IPsec tunnels.
注: 如果是静态建立 SA的场景, 可以釆用在步骤 S806上 ^艮该 "SPI和 QoS对应关系" , 也可以釆用一种优化方式, 即该 SPI和 QoS规则的对应关 系可以在初始建立完所有 SA的时候就上报给 HeNB/HNB PF。  Note: If it is a static SA establishment scenario, you can use the "SPI and QoS correspondence" in step S806. You can also use an optimization method, that is, the correspondence between the SPI and QoS rules can be established initially. When all SAs are completed, they are reported to the HeNB/HNB PF.
步骤 808: HeNB/HNB向 EPS核心网回应 Sl/Iuh接口的 GTP消息。  Step 808: The HeNB/HNB responds to the EPS core network with the GTP message of the Sl/Iuh interface.
实施例二: SeGW解析 Sl/Iuh消息, 基于 T1T3架构 (图 9 ) Embodiment 2: SeGW parsing Sl/Iuh message, based on T1T3 architecture (Fig. 9)
步骤 901 : UE发起附着/ PDN连接建立操作, 无线侧及核心网的相关处 理, 此是现有技术。  Step 901: The UE initiates an attach/PDN connection establishment operation, and the related processing of the wireless side and the core network, which is a prior art.
步骤 902: 终端通过 HeNB/HNB接入到 EPC/UMTS之后, 无论是附着, PDN连接建立、 终端发起的或者是网络侧发起的专有承载建立, 最终都会由 网络侧发送对应的消息给 HeNB/HNB ,该消息为 Sl/Iuh接口的 GTP控制信令。 即图中所示的消息: 初始上下文建立请求 /附着接受 /承载建立请求 /PDN连接 接受, 如消息中携带了所要创建 /修改 /释放的承载所对应的 QoS规则和上下 行 TEID、 五元组等信息, 也即 IP数据流信息。  Step 902: After the terminal accesses the EPC/UMTS through the HeNB/HNB, whether it is an attachment, a PDN connection establishment, a terminal initiated, or a dedicated bearer initiated by the network side, the network side sends a corresponding message to the HeNB/ HNB, this message is the GTP control signaling of the Sl/Iuh interface. That is, the message shown in the figure: initial context establishment request/attach acceptance/bearer establishment request/PDN connection acceptance, for example, the message carries the QoS rule corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple And other information, that is, IP data stream information.
Sl/Iuh接口的 GTP信令在经过 SeGW时, 由 SeGW截获, 并获取信令中 的 IP数据流信息后再将 Sl/Iuh消息发送给 HeNB/HNB。  The GTP signaling of the Sl/Iuh interface is intercepted by the SeGW when the SeGW is passed, and the IP data stream information in the signaling is obtained, and then the Sl/Iuh message is sent to the HeNB/HNB.
步骤 903: SeGW根据从 GTP消息中获取 IP数据流信息, 并根据相关策 略决定创建新 SA (动态方案)或者选择 SA (动态或者静态方案)  Step 903: The SeGW obtains the IP data flow information from the GTP message, and determines to create a new SA (dynamic scheme) or select the SA (dynamic or static scheme) according to the relevant policy.
如果是创建新的 SA, SeGW发送 IKEv2消息的 "创建子 SA请求" 给 HeNB/HNB, 并在消息中携带了由 SeGW选定的下行 SA的 SPI。  If a new SA is created, the SeGW sends a "Create Sub-AS Request" to the HeNB/HNB of the IKEv2 message, and carries the SPI of the downlink SA selected by the SeGW in the message.
SeGW从 Sl/Iuh接口的 GTP消息中获取了 QoS规则、 TEID和 /或五元组 信息, SeGW根据自身配置的信息,判断接收到的 QoS规则是否需要新建 SA 或者是现有的 SA就能满足该 QoS规则的需求。 这样新建或者选择的 SA的 SPI就能与 QoS规则建立对应关系; 而在 GTP消息中, QoS规则和 TEID又 存在对应关系, 于是 TEID 和 SPI 就建立了对应关系, 或者说是映射 ( MAPPING ) 关系, 参见图 6。 The SeGW obtains QoS rules, TEIDs, and/or quintuple information from the GTP messages of the Sl/Iuh interface. The SeGW determines whether the received QoS rules need to be newly created or existing SAs according to the information configured by the SeGW. The requirements of this QoS rule. This new or selected SA The SPI can be associated with the QoS rules. In the GTP message, the QoS rule and the TEID have a corresponding relationship. Therefore, the TEID and the SPI establish a correspondence, or a mapping (MAPPING) relationship, as shown in FIG. 6.
如果不是建立 SPI和 TEID的对应关系, 而是根据 QoS规则建立了 SPI 和五元组的对应关系, 则该对应关系称作 "过滤器" , 参见图 7。  If the correspondence between SPI and TEID is not established, but the correspondence between SPI and quintuple is established according to QoS rules, the correspondence is called "filter", see Figure 7.
在 SeGW上生成的映射表 /过滤器用于过滤 /映射下行数据包的, 称作下 行(downlink, DL ) 映射表 /过滤器。  The mapping table/filter generated on the SeGW is used to filter/map the downstream packets, which is called the downlink (DL) mapping table/filter.
步骤 904: SeGW发送 "创建子 SA请求" 给 HeNB/HNB, 并在消息中 携带了由 SeGW选定的下行 SA的 SPI; HeNB/HNB收到请求后, 选择上行 SA的 SPI, 并通过 "创建子 SA回应" 消息发送给 SeGW。  Step 904: The SeGW sends a "Create Sub-SA Request" to the HeNB/HNB, and carries the SPI of the downlink SA selected by the SeGW in the message; after receiving the request, the HeNB/HNB selects the SPI of the uplink SA, and "creates" The child SA responds with a "message sent to SeGW.
步骤 905: SeGW在新创建的或者已选择的 SA 中将在 902 步截获的 Sl/Iuh消息发送给 HeNB/HNB„  Step 905: The SeGW sends the Sl/Iuh message intercepted in step 902 to the HeNB/HNB in the newly created or selected SA.
或者, Sl/Iuh消息发送时未必经过新创建的或者选择的 SA, 但在 Sl/Iuh 消息中携带新创建的或者选择的 SA的 SPI。  Alternatively, the Sl/Iuh message does not necessarily pass through the newly created or selected SA, but carries the newly created or selected SA SPI in the Sl/Iuh message.
步骤 906: HeNB/HNB根据该 Sl/Iuh消息来自哪一个 SA就能判断该 Step 906: The HeNB/HNB can determine the SA according to the SA from which the Sl/Iuh message is sent.
Sl/Iuh消息所要建立的承载上的 IP流信息与 SA的对应关系; Corresponding relationship between the IP flow information and the SA on the bearer to be established by the Sl/Iuh message;
或者 HeNB/HNB根据 Sl/Iuh消息中携带的 SPI, 就能判断该 Sl/Iuh消息 所要建立的承载上的 IP流信息与 SA的对应关系。  Or the HeNB/HNB can determine the correspondence between the IP flow information and the SA on the bearer to be established by the Sl/Iuh message according to the SPI carried in the Sl/Iuh message.
HeNB/HNB 根据上述关系釆用同 S805 相同的机制生成上行数据 MAPPING表。  Based on the above relationship, the HeNB/HNB generates an uplink data MAPPING table using the same mechanism as the S805.
步骤 907: 因为在 902步 SeGW获取了 Sl/Iuh消息内容, 并在 904步建 立了 SA, 获取了对应的 SPI, SeGW生成下行 MAPPING表;  Step 907: Because the SeGW acquires the Sl/Iuh message content in step 902, and establishes the SA in step 904, and obtains the corresponding SPI, the SeGW generates a downlink MAPPING table;
步骤 908: 根据上述操作, SeGW可以同时生成上下行 QoS规则和 SPI 的对应关系 , 并通过通知请求消息上 ^艮给 HeNB/HNB PF。  Step 908: According to the foregoing operation, the SeGW may simultaneously generate the correspondence between the uplink and downlink QoS rules and the SPI, and send the HeNB/HNB PF through the notification request message.
SeGW通过 T 1接口的 "通知请求 "消息向 HeNB/HNB PF上报上下行 " SPI 和 QoS对应关系 " 。 HeNB/HNB PF向 SeGW回复应答消息;  The SeGW reports the uplink and downlink "SPI and QoS correspondence" to the HeNB/HNB PF through the "Notification Request" message of the T1 interface. The HeNB/HNB PF replies with a response message to the SeGW;
HeNB/HNB PF通过 S9*接口报告给固网 BPCF, 由 BPCF或者 BPCF委 托其他固网网元为传输在不同 IPsec隧道中的数据包保证 QoS。 注:如果是静态建立 SA的场景,可以釆用在步骤 S908上 ^艮该对应关系 , 也可以釆用一种优化方式, 即该 SPI和 QoS规则的对应关系可以在初始建立 完所有 SA的时候就上 PF。 The HeNB/HNB PF reports to the fixed network BPCF through the S9* interface, and the BPCF or BPCF entrusts other fixed network elements to guarantee QoS for transmitting data packets in different IPsec tunnels. Note: If the scene is statically established, you can use the corresponding relationship in step S908. You can also use an optimization method. That is, the correspondence between the SPI and the QoS rule can be used when all SAs are initially established. Just go to the PF.
步骤 909: HeNB/HNB向 EPS核心网回应 Sl/Iuh接口的 GTP消息。  Step 909: The HeNB/HNB responds to the EPS core network with the GTP message of the Sl/Iuh interface.
实施例三: SeGW不解析 Sl/Iuh消息, 基于 T1T2架构 (图 10 ) 步骤 1001 : UE发起附着/ PDN连接建立操作, 无线侧及核心网的相关处 理, 此是现有技术。 Embodiment 3: The SeGW does not parse the Sl/Iuh message, based on the T1T2 architecture (Fig. 10). Step 1001: The UE initiates an attach/PDN connection establishment operation, and the related processing of the wireless side and the core network. This is a prior art.
步骤 1002: 终端通过 HeNB/HNB接入到 EPS/UMTS之后, 无论是附着, PDN连接建立、 终端发起的或者是网络侧发起的专有承载建立, 最终都会由 网络侧发送对应的消息给 HeNB/HNB ,该消息为 Sl/Iuh接口的 GTP控制信令。 即图中所示的消息: 初始上下文建立请求 /附着接受 /承载建立请求 /PDN连接 接受, 如消息中携带了所要创建 /修改 /释放的承载所对应的 QoS规则和上下 行 TEID、 五元组等信息, 也即 IP数据流信息。  Step 1002: After the terminal accesses the EPS/UMTS through the HeNB/HNB, whether it is an attachment, a PDN connection establishment, a terminal initiated, or a dedicated bearer initiated by the network side, the corresponding message is sent by the network side to the HeNB/ HNB, this message is the GTP control signaling of the Sl/Iuh interface. That is, the message shown in the figure: initial context establishment request/attach acceptance/bearer establishment request/PDN connection acceptance, for example, the message carries the QoS rule corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple And other information, that is, IP data stream information.
步骤 1003: HeNB/HNB根据从 GTP消息中获取相关信息, 并根据相关 策略决定创建新 SA (动态方案)或者选择 SA (动态或者静态方案)  Step 1003: The HeNB/HNB obtains related information according to the GTP message, and determines to create a new SA (dynamic scheme) or select an SA (dynamic or static scheme) according to the related policy.
如果是创建新的 SA, HeNB/HNB发送 IKEv2消息的 "创建子 SA请求" 给 SeGW, 并在消息中携带了由 HeNB/HNB选定的上行 SA的 SPI。  If a new SA is created, the HeNB/HNB sends a "Create Sub SA Request" of the IKEv2 message to the SeGW, and carries the SPI of the uplink SA selected by the HeNB/HNB in the message.
HeNB/HNB从 Sl/Iuh接口的 GTP消息中获取了 QoS规则、 TEID和 /或五 元组信息, HeNB HNB根据 QoS规则能判断将该 GTP承载对应到哪个无线 承载上, 即和无线承载标识 RB-ID建立了对应关系(现有技术 ); HeNB/HNB 自身配置的信息,判断接收到的 QoS规则是否需要新建 SA或者是现有的 SA 就能满足该 QoS规则的需求。 这样新建或者选择的 SA的 SPI就能与 QoS规 则建立对应关系;如此一来 RB-ID和 SPI就通过 QoS规则建立了对应关系(映 射关系 /映射表) , 如图 5所示。  The HeNB/HNB obtains the QoS rule, the TEID, and/or the quintuple information from the GTP message of the Sl/Iuh interface, and the HeNB HNB can determine, according to the QoS rule, which radio bearer the GTP bearer corresponds to, that is, the radio bearer identifier RB. -ID establishes the correspondence (prior art); the information configured by the HeNB/HNB itself determines whether the received QoS rule needs to create a new SA or an existing SA to satisfy the requirements of the QoS rule. The SPI of the newly created or selected SA can be associated with the QoS rule; thus, the RB-ID and the SPI establish a correspondence (map relationship/mapping table) through the QoS rule, as shown in FIG. 5.
如果不是建立 SPI和 RB-ID的对应关系, 而是根据 QoS规则建立了 SPI 和五元组的对应关系, 则该对应关系称作 "过滤器" , 参见图 7。  If the correspondence between SPI and RB-ID is not established, but the correspondence between SPI and quintuple is established according to QoS rules, the correspondence is called "filter", see Figure 7.
在 HeNB/HNB上生成的映射表 /过滤器用于过滤 /映射上行数据包, 称作 上行(uplink, UL ) 映射表 /过滤器。 A mapping table/filter generated on the HeNB/HNB is used to filter/map uplink data packets, called Uplink (UL) mapping table/filter.
步骤 1004: HeNB/HNB发送 "创建子 SA请求" 给 SeGW, 并在消息中 携带了由 HeNB/HNB选定的上行 SA的 SPI; SeGW收到请求后, 选择下行 SA的 SPI, 并通过 "创建子 SA回应" 消息发送给 HeNB/HNB。  Step 1004: The HeNB/HNB sends a "Create Sub-SA Request" to the SeGW, and carries the SPI of the uplink SA selected by the HeNB/HNB in the message; after receiving the request, the SeGW selects the SPI of the downlink SA, and "creates" The sub-SA responds with a "message sent to the HeNB/HNB.
步骤 1005: HeNB/HNB通过 T 1接口向 HeNB/HNB PF上报上行 SPI和 Step 1005: The HeNB/HNB reports the uplink SPI and the HeNB/HNB PF through the T1 interface.
QoS的对应关系, 并携带下行的 QoS规则; Correspondence between QoS and carrying downlink QoS rules;
步骤 1006: HeNB/HNB PF向 SeGW发送下行 QoS规则;  Step 1006: The HeNB/HNB PF sends a downlink QoS rule to the SeGW.
步骤 1007, SeGW根据下行的 QoS规则选择一个 SA,并建立 SPI和 QoS 的对应关系, 即下行的 SPI和 QoS的对应关系。  Step 1007: The SeGW selects an SA according to the downlink QoS rule, and establishes a correspondence between SPI and QoS, that is, a correspondence between the downlink SPI and the QoS.
步骤 1008, SeGW通过 T2接口向 He B/HNBPF上 4艮下行的 SPI和 QoS 的对应关系。  Step 1008: The SeGW sends a downlink SPI and QoS correspondence to the He B/HNBPF through the T2 interface.
HeNB/HNB PF将 1008步和 1005步获取的上下行 SPI和 QoS的对应关系 后, 对两会话上报的对应关系作关联(现有技术, 同图 8 ) , 并通过 S9*接口 报告给固网 BPCF,由 BPCF或者 BPCF委托其他固网网元为传输在不同 IPsec 隧道中的数据包保证 QoS。  The HeNB/HNB PF associates the correspondence between the uplink and downlink SPI and the QoS obtained in steps 1008 and 1005, and associates the corresponding relationship reported by the two sessions (prior art, the same as FIG. 8), and reports to the fixed network through the S9* interface. BPCF, the BPCF or BPCF entrusts other fixed network elements to guarantee QoS for transmitting data packets in different IPsec tunnels.
步骤 1009: HeNB/HNB向 EPS核心网回应 Sl/Iuh接口的 GTP消息。  Step 1009: The HeNB/HNB responds to the EPS core network with the GTP message of the Sl/Iuh interface.
实施例四: SeGW不解析 Sl/Iuh消息, 基于 T1T2架构 (图 11 ) 步骤 1101 : UE发起附着/ PDN连接建立操作, 无线侧及核心网的相关处 理, 此是现有技术。 Embodiment 4: The SeGW does not parse the Sl/Iuh message, and is based on the T1T2 architecture (FIG. 11). Step 1101: The UE initiates an attach/PDN connection establishment operation, and the related processing of the wireless side and the core network. This is a prior art.
步骤 1102: 终端通过 HeNB/HNB接入到 EPS/UMTS之后, 无论是附着, PDN连接建立、 终端发起的或者是网络侧发起的专有承载建立, 最终都会由 网络侧发送对应的消息给 HeNB/HNB ,该消息为 Sl/Iuh接口的 GTP控制信令。 即图中所示的消息: 初始上下文建立请求 /附着接受 /承载建立请求 /PDN连接 接受, 如消息中携带了所要创建 /修改 /释放的承载所对应的 QoS规则和上下 行 TEID、 五元组等信息, 也即 IP数据流信息。  Step 1102: After the terminal accesses the EPS/UMTS through the HeNB/HNB, whether it is an attachment, a PDN connection establishment, a terminal initiated, or a dedicated bearer initiated by the network side, the network side sends a corresponding message to the HeNB/ HNB, this message is the GTP control signaling of the Sl/Iuh interface. That is, the message shown in the figure: initial context establishment request/attach acceptance/bearer establishment request/PDN connection acceptance, for example, the message carries the QoS rule corresponding to the bearer to be created/modified/released, and the uplink and downlink TEID, quintuple And other information, that is, IP data stream information.
步骤 1103: HeNB/HNB根据从 GTP消息中获取相关信息, 并根据相关 策略决定创建新 SA (动态方案)或者选择 SA (动态或者静态方案) 如果是创建新的 SA, HeNB/HNB发送 IKEv2消息的 "创建子 SA请求" 给 SeGW, 并在消息中携带了由 HeNB/HNB选定的上行 SA的 SPI。 Step 1103: The HeNB/HNB obtains related information according to the GTP message, and determines to create a new SA (dynamic scheme) or select an SA (dynamic or static scheme) according to the relevant policy. If a new SA is created, the HeNB/HNB sends a "Create Sub-SA Request" of the IKEv2 message to the SeGW, and carries the SPI of the uplink SA selected by the HeNB/HNB in the message.
HeNB/HNB从 Sl/Iuh接口的 GTP消息中获取了 QoS规则、 TEID和 /或五 元组信息, HeNB HNB根据 QoS规则能判断将该 GTP承载对应到哪个无线 承载上, 即和无线承载标识 RB-ID建立了对应关系(现有技术 ); HeNB/HNB 自身配置的信息,判断接收到的 QoS规则是否需要新建 SA或者是现有的 SA 就能满足该 QoS规则的需求。 这样新建或者选择的 SA的 SPI就能与 QoS规 则建立对应关系;如此一来 RB-ID和 SPI就通过 QoS规则建立了对应关系(映 射关系 /映射表) , 如图 5所示。  The HeNB/HNB obtains the QoS rule, the TEID, and/or the quintuple information from the GTP message of the Sl/Iuh interface, and the HeNB HNB can determine, according to the QoS rule, which radio bearer the GTP bearer corresponds to, that is, the radio bearer identifier RB. -ID establishes the correspondence (prior art); the information configured by the HeNB/HNB itself determines whether the received QoS rule needs to create a new SA or an existing SA to satisfy the requirements of the QoS rule. The SPI of the newly created or selected SA can be associated with the QoS rule; thus, the RB-ID and the SPI establish a correspondence (map relationship/mapping table) through the QoS rule, as shown in FIG. 5.
如果不是建立 SPI和 RB-ID的对应关系, 而是根据 QoS规则建立了 SPI 和五元组的对应关系, 则该对应关系称作 "过滤器" , 参见图 7。 上行(uplink, UL ) 映射 /过滤器。  If the correspondence between SPI and RB-ID is not established, but the correspondence between SPI and quintuple is established according to QoS rules, the correspondence is called "filter", see Figure 7. Uplink (UL) mapping/filter.
步骤 1104: HeNB/HNB发送 "创建子 SA请求" 给 SeGW, 并在消息中 携带了由 HeNB/HNB选定的上行 SA的 SPI; SeGW收到请求后, 选择下行 SA的 SPI, 并通过 "创建子 SA回应" 消息发送给 HeNB/HNB。  Step 1104: The HeNB/HNB sends a "Create Sub-SA Request" to the SeGW, and carries the SPI of the uplink SA selected by the HeNB/HNB in the message; after receiving the request, the SeGW selects the SPI of the downlink SA, and "creates" The sub-SA responds with a "message sent to the HeNB/HNB.
步骤 1105: 在 1104步之后, HeNB/HNB可以获取下行 SA的 SPI, 并且 HeNB/HNB获取了下行的 QoS规则, HeNB/HNB可以生成下行 QoS和 SPI 的对应关系。  Step 1105: After step 1104, the HeNB/HNB can acquire the SPI of the downlink SA, and the HeNB/HNB acquires the downlink QoS rule, and the HeNB/HNB can generate the correspondence between the downlink QoS and the SPI.
HeNB/HNB通过 T1接口向 HeNB/HNB PF上报上行和下行的 SPI和 QoS 的对应关系;  The HeNB/HNB reports the correspondence between the uplink and downlink SPI and QoS to the HeNB/HNB PF through the T1 interface.
HeNB/HNB PF将 1105步获取的上下行 SPI和 QoS的对应关系后, 通过 S9*接口报告给固网 BPCF , 由 BPCF或者 BPCF委托其他固网网元为传输在 不同 IPsec隧道中的数据包保证 QoS。  The HeNB/HNB PF reports the correspondence between the uplink and downlink SPI and QoS obtained in step 1105, and reports it to the fixed network BPCF through the S9* interface. The BPCF or BPCF entrusts other fixed network elements to ensure the data packets in different IPsec tunnels. QoS.
步骤 1106: He B/HNBPF向 SeGW发送下行 QoS规则和 SPI的对应关 系;  Step 1106: The He B/HNBPF sends a corresponding relationship between the downlink QoS rule and the SPI to the SeGW.
步骤 1107: SeGW根据下行的 QoS规则, 并建立下行 MAPPING表或者 过滤器。 步骤 1008: He B/HNB向 EPS核心网回应 Sl/Iuh接口的 GTP消息。 Step 1107: The SeGW establishes a downlink MAPPING table or a filter according to the downlink QoS rule. Step 1008: The He B/HNB responds to the EPS core network with the GTP message of the Sl/Iuh interface.
实施例五: Embodiment 5:
以上是实例中, 上下行的映射表 /过滤器, SPI和 QoS的对应关系的生成 都是由 HeNB/HNB和 SeGW分别生成的, 或者是有 HeNB/HNB分别生成上 下行的, 通过 PF中介通告给对端 SeGW。 最终由 HeNB/HNB和 SeGW分别 将 SPI和 QoS的对应关系上报个 PF最后到固网( T1T2架构 ) ,或者由 SeGW 上报给 PF最后到固网 (T1T3架构) 。 以下的方案可以在前述实施例的流程 才匡架下, #文如下描述的处理, 形成新的实施例。  In the above example, the uplink/downlink mapping table/filter, the SPI and QoS correspondence are generated by the HeNB/HNB and the SeGW respectively, or the HeNB/HNB respectively generate the uplink and downlink, and the PF mediation is advertised. Give the peer SeGW. Finally, the corresponding relationship between the SPI and the QoS is reported by the HeNB/HNB and the SeGW to the PF and finally to the fixed network (T1T2 architecture), or reported by the SeGW to the PF and finally to the fixed network (T1T3 architecture). The following scheme can be formed in the flow of the foregoing embodiment, and the processing described below is used to form a new embodiment.
1 ) 作为针对 T1T3架构的另外一种实现方式, SeGW和 HeNB/HNB可 以分别生成各自的映射表 /过滤器和 "SPI和 QoS的对应关系" , HeNB/HNB 将上行的 "SPI和 QoS的对应关系" 通过扩展的 IKEv2消息发送给 SeGW, 并由 SeGW通过 T1接口上报给 PF最后到固网。  1) As another implementation for the T1T3 architecture, the SeGW and the HeNB/HNB can respectively generate respective mapping tables/filters and "correspondence between SPI and QoS", and the HeNB/HNB will respond to the uplink "SPI and QoS". The relationship is sent to the SeGW through the extended IKEv2 message, and is reported by the SeGW to the PF through the T1 interface to the fixed network.
2 )针对 SeGW不解析 Sl/Iuh消息的情况, HeNB/HNB可以获取了 Sl/Iuh 消息的内容, 并通过扩展的 IKEv2消息发送给 SeGW, 供 SeGW生成下行映 射^/过滤器和下行 SPI和 QoS的对应关系。  2) For the case where the SeGW does not parse the Sl/Iuh message, the HeNB/HNB can acquire the content of the Sl/Iuh message and send it to the SeGW through the extended IKEv2 message for the SeGW to generate the downlink mapping/filter and downlink SPI and QoS. Correspondence.
3 ) 作为一种具体实现, 当 HeNB/HNB生成了上行 "SPI和 QoS的对应 关系"但无法向 PF直接上报时(T1T3架构, 无 T2接口), SeGW可以基于 "反映射" 上行数据获取上行 "SPI和 QoS的对应关系" 。 当 SeGW生成 / 获取了上行" SPI和 QoS的对应关系"后,但无法通告 HeNB/HNB, HeNB/HNB 可以基于 "反映射" 下行数据制获取上行 "SPI和 QoS的对应关系" 。 也就 是说, SeGW和 HeNB/HNB可以通过反映射机制协商 "SPI和 QoS的对应关 系,, 。  3) As a specific implementation, when the HeNB/HNB generates the uplink "relationship between SPI and QoS" but cannot report directly to the PF (T1T3 architecture, no T2 interface), the SeGW can obtain uplink based on "anti-mapping" uplink data. "Relationship between SPI and QoS". After the SeGW generates/acquires the uplink "Relationship between SPI and QoS", but cannot advertise the HeNB/HNB, the HeNB/HNB can obtain the uplink "Relationship between SPI and QoS" based on the "anti-mapping" downlink data system. That is to say, SeGW and HeNB/HNB can negotiate the correspondence between SPI and QoS through the demapping mechanism.
所述的反映射是指: 当 SeGW或者 HeNB/HNB接受到对端(HeNB/HNB 或者 SeGW )的数据包后,用该数据包外层封装的 IPSec头的 SPI去查找与其 成对产生的 SPI, 作为反向的 SPI, 把数据包对应的 QoS规则、 TEID, 五元 组等信息做反向处理: 上 /下行 QoS/TEID映射为下 /上行 QoS/TEID, 五元组 信息中的源 /目的地址 /端口号交换。之后把查找到的 SPI和反向处理后的 QoS 规则、 TEID, 五元组等信息作关联, 上述就是反映射机制。 通过在这样的操 作, 就可以生成对端的 "映射表 /过滤器" 和 "SPI和 QoS的对应关系" 。 The demapping refers to: after the SeGW or the HeNB/HNB receives the data packet of the opposite end (HeNB/HNB or SeGW), the SPI of the IPSec header encapsulated by the data packet is used to search for the SPI generated by the pair. As the reverse SPI, the QoS rule, TEID, quintuple and other information corresponding to the data packet are reversed: Up/down QoS/TEID is mapped to lower/uplink QoS/TEID, source in quintuple information/ Destination address/port number exchange. After finding the SPI and the reverse processed QoS Rules, TEID, quintuple and other information are associated. The above is the anti-mapping mechanism. By doing so, it is possible to generate a "mapping table/filter" and "correspond relationship between SPI and QoS" of the peer.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序 来指令相关硬件完成, 所述程序可以存储于计算机可读存储介质中, 如只读 存储器、 磁盘或光盘等。 可选地, 上述实施例的全部或部分步骤也可以使用 一个或多个集成电路来实现, 相应地, 上述实施例中的各模块 /单元可以釆用 硬件的形式实现, 也可以釆用软件功能模块的形式实现。 本发明不限制于任 何特定形式的硬件和软件的结合。 One of ordinary skill in the art will appreciate that all or a portion of the above steps may be accomplished by a program instructing the associated hardware, such as a read-only memory, a magnetic disk, or an optical disk. Optionally, all or part of the steps of the foregoing embodiments may also be implemented by using one or more integrated circuits. Accordingly, each module/unit in the foregoing embodiment may be implemented in the form of hardware, or may use software functions. The form of the module is implemented. The invention is not limited to any specific form of combination of hardware and software.
以上所述仅为本发明的优选实施例而已, 并不用于限制本发明, 对于本 领域的技术人员来说, 本发明可以有各种更改和变化。 凡在本发明的精神和 原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发明的保护 范围之内。  The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
工业实用性 Industrial applicability
本发明实施例能够保证终端在从 He B/HNB接入时,对不同的业务实现 QoS区分, 对 QoS要求高的业务, 优先满足其 QoS需求, 提高用户体验。  The embodiments of the present invention can ensure that the QoS is differentiated for different services when the terminal accesses from the He B/HNB, and the services with high QoS requirements are prioritized to meet the QoS requirements and improve the user experience.

Claims

权 利 要 求 书 Claim
1、 一种实现服务质量控制的方法, 包括:  1. A method of implementing quality of service control, comprising:
安全网关( SeGW )通过第二网元将下行方向的因特网协议安全性( IPsec ) 隧道信息和 IP数据流信息之间的对应关系信息上报给固网网元, SeGW或第 一网元通过第二网元将上行方向的 IPsec隧道信息和 IP数据流信息之间的对 应关系信息上报给固网网元, 由固网网元执行服务质量(QoS )控制;  The security gateway (SeGW) reports the correspondence between the Internet Protocol security (IPsec) tunnel information and the IP data flow information in the downlink direction to the fixed network element through the second network element, and the SeGW or the first network element passes the second The network element reports the correspondence between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element, and the quality of service (QoS) is controlled by the fixed network element;
其中, 所述第一网元为演进家庭基站(HeNB ) , 第二网元为演进家庭基 站策略功能(HeNB PF ) ; 或者, 所述第一网元为家庭基站( HNB ) , 第二 网元为家庭基站策略功能(HNB PF ) 。  The first network element is an evolved home base station (HeNB), and the second network element is an evolved home base station policy function (HeNB PF); or the first network element is a home base station (HNB), and the second network element For the Home Base Station Policy Function (HNB PF).
2、 如权利要求 1所述方法, 其中,  2. The method of claim 1 wherein
在 SeGW通过第二网元将下行方向的 IPsec隧道信息和 IP数据流信息之 间的对应关系信息上 4艮给固网网元, SeGW或第一网元通过第二网元将上行 方向的 IPsec隧道信息和 IP数据流信息之间的对应关系信息上报给固网网元 之前, 所述方法还包括:  The SeGW sends the correspondence information between the IPsec tunnel information and the IP data flow information in the downlink direction to the fixed network element through the second network element, and the SeGW or the first network element passes the IPsec in the uplink direction through the second network element. Before the mapping between the tunnel information and the IP data stream information is reported to the fixed network element, the method further includes:
第一网元与 SeGW之间建立一条以上的 IPsec隧道。  More than one IPsec tunnel is established between the first network element and the SeGW.
3、 如权利要求 2所述方法, 其中,  3. The method of claim 2, wherein
第一网元与 SeGW之间釆用静态或者动态的方式, 建立 IPsec隧道。 An IPsec tunnel is established between the first network element and the SeGW in a static or dynamic manner.
4、 如权利要求 1 ~ 3中任意一项所述方法, 其中, 在将下行方向和上行 方向的对应关系信息上报给固网网元之前, 所述方法还包括: The method according to any one of claims 1 to 3, wherein before the reporting of the correspondence information in the downlink direction and the uplink direction to the fixed network element, the method further includes:
所述第一网元和 /或 SeGW接收到从核心网下发的 IP数据流信息, 建立 The first network element and/or the SeGW receive the IP data flow information sent from the core network, and establish
IPsec隧道信息和 IP数据流信息之间的对应关系。 Correspondence between IPsec tunnel information and IP data stream information.
5、 如权利要求 1 ~ 3中任意一项所述方法, 其中,  5. The method according to any one of claims 1 to 3, wherein
所述 IPsec隧道信息为安全参数索引( SPI )或者差分服务代码点( DSCP ) 信息;  The IPsec tunnel information is a Security Parameter Index (SPI) or a Differentiated Service Code Point (DSCP) information;
所述 IP数据流信息为如下信息中的一种或多种: 五元组信息、 隧道端点 标识 ( TEID ) 、 无线承载标识 ( RB-ID ) 、 QoS规则、 业务流模板 ( TFT ) 或数据包过滤器(PF ) , 其中, 五元组信息包括源地址、 目的地址, 源端口 号、 目的端口号和协议号的信息。 The IP data stream information is one or more of the following information: quintuple information, tunnel endpoint identifier (TEID), radio bearer identifier (RB-ID), QoS rule, service flow template (TFT), or data packet. a filter (PF), wherein the quintuple information includes a source address, a destination address, and a source port Number, destination port number, and protocol number information.
6、 如权利要求 5所述方法, 其中, 固网网元接收到的所述对应关系信 息为 SPI和 QoS规则之间的对应关系信息。  The method according to claim 5, wherein the correspondence information received by the fixed network element is correspondence information between the SPI and the QoS rule.
7、 如权利要求 6所述方法, 其中,  7. The method of claim 6, wherein
所述固网网元执行 QoS控制是指: 固网网元依据不同的 SPI及其对应的 The QoS control performed by the fixed network element refers to: the fixed network element is based on different SPIs and their corresponding
QoS规则, 为传输数据包提供区分等级的 QoS保证。 QoS rules provide differentiated QoS guarantees for transporting packets.
8、 如权利要求 5中任意一项所述方法, 其中, 所述方法还包括: 所述第一网元根据 RB-ID或者五元组信息和 QoS信息, 以及 QoS信息 和 SPI之间的对应关系创建上行方向的映射表或过滤器, 映射或过滤上行数 据;  The method according to any one of claims 5, wherein the method further comprises: the first network element according to RB-ID or quintuple information and QoS information, and correspondence between QoS information and SPI The relationship creates an upstream mapping table or filter, and maps or filters the uplink data.
所述 SeGW根据 TEID或者五元组信息和 QoS信息, 以及 QoS信息和 SPI之间的对应关系创建下行方向的映射表或过滤器, 映射或过滤下行数据。  The SeGW creates a mapping table or a filter in the downlink direction according to the TEID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and maps or filters the downlink data.
9、 如权利要求 1 ~ 3中任意一项所述的方法, 其中,  9. The method according to any one of claims 1 to 3, wherein
接收所述 IPsec隧道信息和 IP数据流信息之间的对应关系信息的固网网 元为宽带论坛策略控制功能(BPCF ) , 由所述 BPCF为传输数据提供区分等 级的 QoS保证, 或者所述 BPCF与固网网元宽带网络网关(BNG )或宽带远 程接入服务器(BRAS )为传输数据提供区分等级的 QoS保证。  The fixed network element that receives the correspondence information between the IPsec tunnel information and the IP data flow information is a Broadband Forum Policy Control Function (BPCF), and the BPCF provides a hierarchical QoS guarantee for the transmission data, or the BPCF A fixed-line QoS guarantee is provided for transmission data with a fixed network element broadband network gateway (BNG) or a broadband remote access server (BRAS).
10、 如权利要求 1 ~ 3中任意一项所述的方法, 其中,  10. The method according to any one of claims 1 to 3, wherein
在 SeGW通过第二网元将下行方向的 IPsec隧道信息和 IP数据流信息之 间的对应关系信息上 ^艮给固网网元的步骤中, 所述 SeGW通过通知请求消息 将所述对应关系信息发送给第二网元; 所述第二网元通过 S9*接口会话消息 将所述对应关系信息发送给固网网元;  In the step that the SeGW sends the correspondence information between the IPsec tunnel information and the IP data stream information in the downlink direction to the fixed network element by using the second network element, the SeGW sends the corresponding relationship information by using a notification request message. Sending to the second network element; the second network element sends the corresponding relationship information to the fixed network element by using the S9* interface session message;
在 SeGW或第一网元通过第二网元将上行方向的 IPsec隧道信息和 IP数 据流信息之间的对应关系信息上报给固网网元的步骤中, 所述 SeGW通过通 知请求消息将所述对应关系信息发送给第二网元, 或者, 所述第一网元通过 资源请求消息或资源修改请求消息将所述对应关系信息发送给第二网元; 所 述第二网元通过 S9*接口会话消息将所述对应关系信息发送给固网网元。  In the step of reporting, by the second network element, the correspondence information between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element by the second network element, the SeGW, by using the notification request message, Corresponding relationship information is sent to the second network element, or the first network element sends the corresponding relationship information to the second network element by using a resource request message or a resource modification request message; the second network element passes the S9* interface. The session message sends the corresponding relationship information to the fixed network element.
11、 一种实现服务质量控制的系统, 包括: 第一网元、 第二网元、 SeGW 和固网网元, 其中, 11. A system for implementing quality of service control, comprising: a first network element, a second network element, and a SeGW And fixed network elements, wherein
所述 SeGW设置为: 通过第二网元将下行方向的 IPsec隧道信息和 IP数 据流信息之间的对应关系信息上报给固网网元;  The SeGW is configured to: report, by the second network element, the correspondence information between the IPsec tunnel information and the IP data flow information in the downlink direction to the fixed network element;
所述 SeGW或第一网元设置为: 通过第二网元将上行方向的 IPsec隧道 信息和 IP数据流信息之间的对应关系信息上报给固网网元;  The SeGW or the first network element is configured to: report the correspondence information between the IPsec tunnel information and the IP data flow information in the uplink direction to the fixed network element by using the second network element;
所述固网网元设置为: 根据下行方向和上行方向的所述对应关系信息, 保证相 IPsec隧道中传输数据的 QoS;  The fixed network element is configured to: ensure the QoS of the data transmitted in the phase IPsec tunnel according to the correspondence information in the downlink direction and the uplink direction;
其中, 所述第一网元为 HeNB, 第二网元为 HeNB PF; 或者, 所述第一 网元为 HNB, 第二网元为 HNB PF。  The first network element is an HeNB, and the second network element is an HeNB PF; or the first network element is an HNB, and the second network element is an HNB PF.
12、 如权利要求 11所述的系统, 其中,  12. The system of claim 11 wherein:
所述第一网元还设置为: 与 SeGW之间建立一条以上的 IPsec隧道。 The first network element is further configured to: establish more than one IPsec tunnel with the SeGW.
13、 如权利要求 11或 12所述的系统, 其中, 13. The system of claim 11 or 12, wherein
所述 IPsec隧道信息为安全参数索引( SPI )或者差分服务代码点( DSCP ) 信息;  The IPsec tunnel information is a Security Parameter Index (SPI) or a Differentiated Service Code Point (DSCP) information;
所述 IP数据流信息为如下信息中的一种或多种: 五元组信息、 隧道端点 标识 ( TEID ) 、 无线承载标识 ( RB-ID ) 、 QoS规则、 业务流模板 ( TFT ) 或数据包过滤器(PF ) , 其中, 五元组信息包括源地址、 目的地址, 源端口 号、 目的端口号和协议号的信息。  The IP data stream information is one or more of the following information: quintuple information, tunnel endpoint identifier (TEID), radio bearer identifier (RB-ID), QoS rule, service flow template (TFT), or data packet. a filter (PF), wherein the quintuple information includes information of a source address, a destination address, a source port number, a destination port number, and a protocol number.
14、 如权利要求 12所述的系统, 其中,  14. The system of claim 12, wherein
所述第一网元还设置为: 根据 RB-ID或者五元组信息和 QoS信息, 以及 The first network element is further configured to: according to RB-ID or quintuple information and QoS information, and
QoS信息和 SPI之间的对应关系创建上行方向的映射表或过滤器, 映射或过 滤上行数据; The mapping between the QoS information and the SPI creates an upstream mapping table or filter, and maps or filters the uplink data.
所述 SeGW还设置为:根据 TEID或者五元组信息和 QoS信息,以及 QoS 信息和 SPI之间的对应关系创建下行方向的映射表或过滤器, 映射或过滤下 行数据。  The SeGW is further configured to: create a mapping table or a filter in the downlink direction according to the TEID or the quintuple information and the QoS information, and the correspondence between the QoS information and the SPI, and map or filter the downlink data.
PCT/CN2011/081246 2010-11-17 2011-10-25 Method and system for realizing service quality control WO2012065499A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2010105476317A CN102469087A (en) 2010-11-17 2010-11-17 Method and system for realizing control of quality of service,
CN201010547631.7 2010-11-17

Publications (1)

Publication Number Publication Date
WO2012065499A1 true WO2012065499A1 (en) 2012-05-24

Family

ID=46072261

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/081246 WO2012065499A1 (en) 2010-11-17 2011-10-25 Method and system for realizing service quality control

Country Status (2)

Country Link
CN (1) CN102469087A (en)
WO (1) WO2012065499A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230128433A1 (en) * 2021-10-22 2023-04-27 Qualcomm Incorporated Reflective quality of service for encapsulating security payload packets

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102572932B (en) * 2010-12-14 2015-07-22 中兴通讯股份有限公司 Method and system for achieving domestic base station network source differentiated management and control
CN103906146B (en) * 2012-12-27 2018-08-03 南京中兴新软件有限责任公司 A kind of method of QoS alignment between WLAN and packet-based core networks
CN104283812B (en) * 2013-07-08 2017-10-31 中国电信股份有限公司 A kind of method and system for identifying user's access bandwidth
CN103475598A (en) * 2013-08-23 2013-12-25 天津汉柏汉安信息技术有限公司 Method for partitioning user priorities through SPI (serial peripheral interface)
CN104639457A (en) * 2013-11-11 2015-05-20 中兴通讯股份有限公司 Policy control method, policy control device and gateway equipment
CN107295564B (en) * 2016-04-11 2023-12-05 中兴通讯股份有限公司 Stream-based bearer management method, data transmission method and device
CN109792434B (en) * 2016-10-10 2021-02-26 华为技术有限公司 Communication method, security node network element and terminal
WO2018068209A1 (en) 2016-10-11 2018-04-19 华为技术有限公司 Data transmission method and apparatus therefor
CN108471629B (en) * 2017-02-23 2021-04-20 华为技术有限公司 Method, equipment and system for controlling service quality in transmission network
CN106982427B (en) * 2017-04-14 2020-08-18 北京佰才邦技术有限公司 Connection establishment method and device
CN109379391B (en) * 2018-12-25 2021-06-01 北京物芯科技有限责任公司 Communication method, device, equipment and storage medium based on IPSec
CN115022981A (en) * 2019-02-15 2022-09-06 华为技术有限公司 Method and device for establishing bearing and readable storage medium
CN111436081B (en) * 2019-03-06 2023-06-30 维沃移动通信有限公司 Data transmission guaranteeing method and communication equipment
CN115551019A (en) * 2021-06-30 2022-12-30 华为技术有限公司 Data stream transmission method and transmission device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101572719A (en) * 2008-04-30 2009-11-04 华为技术有限公司 Policy decision-making functional entity, home gateway and method and system for controlling quality of service
CN101729452A (en) * 2009-05-13 2010-06-09 中兴通讯股份有限公司 Control system and method of home gateway strategy
CN101854268A (en) * 2009-04-04 2010-10-06 华为技术有限公司 Method, device and system of IP (Internet Protocol) network performance measurement as well as method, device and system of IP network service quality control

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101572719A (en) * 2008-04-30 2009-11-04 华为技术有限公司 Policy decision-making functional entity, home gateway and method and system for controlling quality of service
CN101854268A (en) * 2009-04-04 2010-10-06 华为技术有限公司 Method, device and system of IP (Internet Protocol) network performance measurement as well as method, device and system of IP network service quality control
CN101729452A (en) * 2009-05-13 2010-06-09 中兴通讯股份有限公司 Control system and method of home gateway strategy

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230128433A1 (en) * 2021-10-22 2023-04-27 Qualcomm Incorporated Reflective quality of service for encapsulating security payload packets
US11792677B2 (en) * 2021-10-22 2023-10-17 Qualcomm Incorporated Reflective quality of service for encapsulating security payload packets

Also Published As

Publication number Publication date
CN102469087A (en) 2012-05-23

Similar Documents

Publication Publication Date Title
WO2012065499A1 (en) Method and system for realizing service quality control
JP5528563B2 (en) Call Admission Control Method for Home Femtocell
KR101575223B1 (en) Method and system for requesting local breakout in session home enhanced node b
EP2475142B1 (en) Method and system for acquiring route strategies
WO2012136167A2 (en) Local network and method for establishing connection between local gateway and home nodeb
WO2012006909A1 (en) Method and system for reporting fixed network access information
WO2011079782A1 (en) Policy and charging control method, gateway and mobile terminal thereof
WO2012094919A1 (en) Policy control method and system
WO2011015147A1 (en) Data transmission method, equipment and communication system
WO2012041073A1 (en) Method and system for carrying out flow transfer
WO2010130174A1 (en) Method for enabling local access control and corresponding communication system
WO2012062183A1 (en) Method and system for controlling service quality and charging policy of data flow
WO2011095025A1 (en) Policy control method and system for local access of mobile user
WO2008128459A1 (en) Method for establishing wireless network default bearers and system thereof
WO2012116623A1 (en) Mobile communication system and networking method
US8874079B2 (en) Control method for home base station access and home base station gateway
WO2011085620A1 (en) Method and system for implementing quality of service control
WO2012171430A1 (en) Method for obtaining tunnel information, a security gateway(segw) and an evolved home base station/ a home base station
WO2012003781A1 (en) Method and system for controlling service admission
WO2014071790A1 (en) Method, device and system for policy control of fixed-mobile convergence
WO2013082987A1 (en) Method and system for performing resource control on local offload data
WO2012024997A1 (en) Method and system for controlling service admission
WO2012100606A1 (en) Method and system for managing resource
WO2012174977A1 (en) Method and device for processing service data streams
WO2013037141A1 (en) Method for controlling qos of home nodeb back haul network, device and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11842218

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11842218

Country of ref document: EP

Kind code of ref document: A1