WO2014032542A9 - Method and system for setting up multiple connections - Google Patents

Method and system for setting up multiple connections Download PDF

Info

Publication number
WO2014032542A9
WO2014032542A9 PCT/CN2013/082101 CN2013082101W WO2014032542A9 WO 2014032542 A9 WO2014032542 A9 WO 2014032542A9 CN 2013082101 W CN2013082101 W CN 2013082101W WO 2014032542 A9 WO2014032542 A9 WO 2014032542A9
Authority
WO
WIPO (PCT)
Prior art keywords
twag
bng
aaa server
information
access
Prior art date
Application number
PCT/CN2013/082101
Other languages
French (fr)
Chinese (zh)
Other versions
WO2014032542A1 (en
Inventor
范亮
尤建洁
王怀滨
袁博
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2014032542A1 publication Critical patent/WO2014032542A1/en
Publication of WO2014032542A9 publication Critical patent/WO2014032542A9/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/12Setup of transport tunnels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/15Setup of multiple wireless link connections

Definitions

  • the present invention relates to a multi-connection establishment technique, and more particularly to a multi-connection establishment method and system. Background technique
  • Multimode terminals can choose to access different types of access networks to carry diverse services. Because different network connections have different characteristics and transmission capabilities, they can better meet the needs of users with multiple services. Multimode terminals enable seamless connectivity between different types of wireless access networks, such as Universal Mobile Telecommunication System (UMTS) / EDGE (Enhanced Data Rate for GSM Evolution, Enhanced Data Rate for GSM (Global System) For Mobile communication, Global Technology (LTE) / General Packet Radio Service (GPRS, General Packet Radio Service) and IEEE, Institute of Electrical and Electronics Engineer 802.11 Wireless LAN (WLAN, Wireless) Local Area Network ) connection.
  • UMTS Universal Mobile Telecommunication System
  • EDGE Enhanced Data Rate for GSM Evolution, Enhanced Data Rate for GSM (Global System) For Mobile communication
  • LTE Global Technology
  • GPRS General Packet Radio Service
  • IEEE Institute of Electrical and Electronics Engineer 802.11 Wireless LAN (WLAN, Wireless) Local Area Network ) connection.
  • WLANs provide high data rates in a small range of homes and hotspots, while cellular networks offer greater flexibility and ubiquitous coverage, but at lower data rates, if combined with the advantages of both, users will Benefited from.
  • multimode terminals use WLAN for data access and Voice over Internet Protocol (VoIP) applications, while also using overlapping cellular networks for voice calls or media access.
  • VoIP Voice over Internet Protocol
  • the International Standards Organization Broadband Forum (BBF, Broadband Forum) and the 3rd Generation Partnership Project (3GPP, 3rd Generation Partnership Project) are standardizing work on Fixed Network and Mobile Network Convergence (FMC).
  • FMC Fixed Network and Mobile Network Convergence
  • the scenario includes the authentication, address allocation, and policy control of the 3GPP user equipment (UE, User Equipment) accessing from the BBF network through the residential gateway (RG, Residential Gateway).
  • the 3GPP UE initiates access authentication to the RG as the 802. lx client.
  • the RG acts as the 802. lx authenticator and the remote authentication dial in user service (RADIUS, Remote Authentication Dial In User Service) to the BBF AAA.
  • the server Authentication Authorization Accounting, Authentication, Authorization, Accounting
  • the address request message initiated by the 3GPP UE is via the broadband network.
  • Packet Data Network Gateway requests an IP address.
  • the S2a session is established between the BNG and the PDN-GW, and the GTP (GPRS Tunneling Protocol, GPRS (General Packet Radio Service) tunneling protocol) or the proxy mobile Internet protocol is used.
  • GTP GPRS Tunneling Protocol, GPRS (General Packet Radio Service) tunneling protocol
  • each user BNG needs to establish an S2a session with the PDN-GW.
  • all BNG devices need to be upgraded and have a large impact on the live network.
  • a fixed network access gateway is referenced (for example, a trusted WLAN access gateway).
  • TWAG Trusted WLAN Access Gateway
  • Figure 1 the network structure after the introduction of TWAG is shown in Figure 1. After the introduction of the fixed network access gateway, large-scale upgrades of BNG equipment are not required, and the impact on the existing network can be minimized.
  • the main purpose of the present invention is to provide a method and system for establishing a multi-connection, which can establish different sessions for different UEs in the same L2TP tunnel according to the APN information that the UE wants to access.
  • the technical solution of the present invention is achieved as follows:
  • a method for establishing multiple connections comprising:
  • the broadband network gateway BNG receives the peer-to-peer protocol PPP or the Ethernet peer-to-peer protocol PPPoE access request message initiated by the UE, and then forwards to the trusted wireless office or the network access gateway TWAG through the L2TP tunnel;
  • the PDN connection of the UE is established with the PDN gateway according to the access point name APN information that the UE wants to access, and the PDN gateway is The IP address information allocated by the UE is sent to the UE.
  • the method further includes:
  • the BNG After the BNG receives the PPP or PPPoE access request message initiated by the UE, and determines that the second layer tunneling protocol L2TP tunnel is not established between the BNG and the TWAG, the BNG needs to access according to the acquired UE.
  • the APN information or the L2TP parameter information establishes an L2TP tunnel of the UE with the TWAG.
  • the method further includes:
  • the TWAG sends the IP address information allocated by the PDN gateway to the UE through the L2TP session and sends the information to the UE via the BNG.
  • the method further includes:
  • the TWAG initiates an authentication request based on the UE to the 3GPP-certified authorized charging AAA server, and the 3GPP AAA server sends the TWAG to the TWAG through the broadband forum BBF AAA server after the authentication of the UE passes And sending the UE authentication success message or the authorization message, where the UE authentication success message or the authorization message carries the APN access list information.
  • the method further includes:
  • the PPP or PPPoE access request message carries the APN information that the UE wants to access.
  • the TWAG obtains the APN information that the UE wants to access from the PPP or PPPoE access request message initiated by the UE.
  • the method further includes:
  • the BNG initiates an authentication request based on the UE to a BBF AAA server, and the BBF AAA server sends an authentication request based on the UE to a 3GPP AAA server of the 3rd Generation Partnership Project Organization;
  • the 3GPP AAA server After the authentication by the UE is passed, the 3GPP AAA server sends the UE authentication success message or the authorization message to the BNG through the BBF AAA server; the UE authentication success message or the authorization message carries the L2TP parameter. information.
  • the method further includes:
  • the TWAG determines, according to the acquired APN information that the UE wants to access and the APN access list information, that the PDN connection of the UE is allowed to be established.
  • the method further includes:
  • the TWAG sends the IP address information allocated by the PDN gateway to the UE to the UE in an IPCP negotiation process with the UE.
  • the method further includes:
  • the different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
  • the BNG and the TWAG establish different L2TP tunnels for different UEs carrying the same APN information.
  • the method further includes:
  • the TWAG maintains the L2TP tunnel of the UE and the binding of the session to the GTP/PMIP connection
  • the GTP/PMIP connection is a connection between the BNG and the PDN gateway.
  • a multi-connection established system the system comprising a BNG, a TWAG and a PDN gateway, wherein:
  • the BNG is configured to receive the PPP or PPPoE access request message initiated by the UE, and then forward the message to the TWAG through the L2TP tunnel;
  • the TWAG configured to determine that a PDN connection of the UE is allowed to be established, establish a PDN connection of the UE with a PDN gateway according to the APN information that the UE wants to access, and allocate the PDN gateway to the UE.
  • the IP address information is sent to the UE.
  • the BNG is further configured to: when it is determined that the L2TP tunnel is not established between the BNG and the TWAG, according to the acquired UE to be accessed
  • the APN information or the L2TP parameter information establishes an L2TP tunnel of the UE with the TWAG.
  • the BNG sends an L2TP session establishment request to the BWAG for the PPP or PPPoE request of the UE in the L2TP tunnel;
  • the TWAG is further configured to: send, by the BNG, the IP address information allocated by the PDN to the UE to the UE by using the L2TP tunnel.
  • the system further comprises a 3GPP AAA server and a BBF AAA server, wherein:
  • the TWAG is further configured to initiate a UE-based authentication request to the BBF AAA server;
  • the BBF AAA server is further configured to: send the UE-based authentication request sent by the TWAG to the 3GPP AAA server, and receive a UE authentication success message or an authorization message sent by the 3GPP AAA and send the message to the TWAG ;
  • the 3GPP AAA server is further configured to: after the authentication of the UE passes, send a UE authentication success message or an authorization message to the TWAG by using the BBF AAA server, where The UE authentication success message or the authorization message carries the APN access list information.
  • the BNG is further configured to: initiate an authentication request based on the UE to the BBF AAA server, where the BBF AAA server forwards an authentication request based on the UE to the 3GPP AAA server;
  • the 3GPP AAA server is further configured to: after the authentication based on the UE passes, send the UE authentication success message or an authorization message to the BNG by using the BBF AAA server; in the UE authentication success message or the authorization message Carry L2TP parameter information.
  • the TWAG is further configured to determine, according to the acquired APN information that the UE wants to access and the APN access list information, that the PDN connection of the UE is allowed to be established.
  • the TWAG is further configured to send the IP address information allocated by the PDN gateway to the UE to the UE in an IPCP negotiation process with the UE.
  • the different UEs carrying the same APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
  • the different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
  • the BNG and the TWAG establish different L2TP tunnels for different UEs carrying the same APN information.
  • the BNG receives the Point-to-Point Protocol (PPP) or the Point-to-Point Protocol over Ethernet (PPPoE) access request message initiated by the UE.
  • PPP Point-to-Point Protocol
  • PPPoE Point-to-Point Protocol over Ethernet
  • the L2TP tunnel is forwarded to the TWAG; the TWAG determines, according to the acquired access point name (APN, Access Point Name) information and the APN access list information that the UE wants to access, the APN to be established according to the UE.
  • the PDN gateway establishes a PDN connection of the UE, and sends the IP address information allocated by the PDN gateway to the UE to the UE by using the BNG, where the BNG and the TWAG are in the same second for different UEs carrying the same APN information.
  • L2TP Layer 2 Tunneling Protocol
  • the BNG and TWAG establish different sessions in the same L2TP tunnel for different UEs carrying different APN information.
  • BNG and TWAG establish different interfaces for different UEs carrying the same APN information.
  • the TWAG maintains the binding relationship between the L2TP tunnel and the session of the UE and the GTP/PMIP connection.
  • the invention realizes the multi-connection establishment based on the APN information, expands the application of the FMC architecture, and can identify the corresponding session through the APN information.
  • FIG. 1 is a schematic diagram of the FMC architecture
  • FIG. 2 is a flowchart of a method for establishing multiple connections according to Embodiment 1 of the present invention
  • FIG. 3 is a flowchart of a method for establishing multiple connections according to Embodiment 2 of the present invention.
  • FIG. 4 is a schematic diagram of encapsulation and decapsulation of data packets of a method for establishing multiple connections according to an embodiment of the present invention. detailed description
  • the embodiment of the present invention relates to: after receiving the PPP or PPPoE access request message initiated by the UE, the BNG forwards the message to the TWAG; when the TWAG determines that the PDN connection of the UE is allowed to be established, the BNG establishes the UE according to the APN information that the UE wants to access and the PDN gateway.
  • the PDN connection is sent to the UE by the IP address information allocated by the PDN gateway for the UE.
  • the BNG and the TWAG establish different sessions in the same L2TP tunnel for different UEs carrying the same APN information. Alternatively, different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel.
  • a different L2TP tunnel is established between the BNG and the TWAG for different UEs carrying the same APN information.
  • the TWAG maintains the binding relationship between the L2TP tunnel of the UE and the session and the GTP/PMIP connection.
  • the TWAG sends an IP address assigned by the PDN gateway to the UE to the UE during the IPCP (IP (Internet Protocol) Control Protocol) negotiation process with the UE.
  • IPCP Internet Protocol
  • the mobile network user equipment (UE) initiates a PPP or PPPoE access request, and carries the APN information that needs to be accessed.
  • the BNG according to the APN information carried in the UE request packet or the authentication packet and/or the L2TP parameter information carried in the UE authentication success message or the authorization message sent by the AAA server (3GPP AAA server) server to the BNG to the TWAG Request to establish an L2TP tunnel of the UE. That is, if there is no corresponding L2TP tunnel between the BNG and the TWAG, the L2TP tunnel is established first.
  • the TWAG is based on the UE identity information carried in the UE request packet or the authentication packet, the APN information, and/or the APN access carried in the UE authentication success message or the authorization message sent by the AAA server (3GPP AAA server) server to the TWAG.
  • the list information determines whether the user establishes a PDN connection with the 3GPP network gateway. If the TWAG determines that the PDN connection of the UE is allowed to be established, the TWAG requests the mobile network gateway (including the PDN GW) to establish a PDN connection of the UE according to the UE information and the APN information carried in the UE request message or the authentication message. And sending the obtained user IP address to the UE via the BNG through the L2TP protocol.
  • the TWAG maintains the binding relationship between the UE's L2TP tunnel and the session and the GTP/PMIP connection.
  • FIG. 2 is a flowchart of a method for establishing multiple connections according to Embodiment 1 of the present invention. As shown in FIG. 2, the method for establishing multiple connections in this example includes the following steps:
  • Step 201 The UE initiates a PPPoE session ID.
  • the PPPoE session ID is obtained between the UE and the BNG.
  • Step 202 The PPP Link Control Protocol (LCP) negotiation is completed between the UE and the BNG.
  • LCP Link Control Protocol
  • Step 203 The UE carries the APN information and cooperates with the BNG, the BBF AAA server, and the 3GPPAAA.
  • the server interacts to complete the UE identity local authentication, and the 3GPP AAA server sends the Layer 2 Tunneling Protocol (L2TP) parameter information to the BNG.
  • L2TP Layer 2 Tunneling Protocol
  • Step 204 Perform an L2TP tunnel establishment between the BNG and the TWAG.
  • step 203 If an L2TP tunnel or a tunnel with the same APN information already exists between the BNG and the TWAG, this step is omitted. Of course, if there is already an L2TP tunnel or a tunnel with the same APN information between the BNG and the TWAG, the L2TP parameter information is not sent in step 203.
  • Step 205 The UE carries the APN information and interacts with the TWAG, the BBF AAA server, and the 3GPP AAA server to complete the UE identity local authentication, and establishes an L2TP session between the BNG and the TWAG.
  • the 3GPP AAA server confirms whether the UE user is allowed to access the APN while authenticating the user identity. If the authentication is successful, the 3GPP AAA server returns an authentication success response message to the TWAG through the BBF AAA server.
  • Step 206 The TWAG compares the APN information carried in the UE authentication request with the APN access list sent by the 3GPP AAA server through the BBF AAA server. If the comparison succeeds, the TWAG and the PDN GW interact to complete the GTP session establishment. In this step, it is determined whether the UE is allowed to access according to the APN information and the APN access list.
  • Step 207 The UE interacts with the TWAG to complete the IP address allocation, that is, the TWAG sends the IP address to the UE during the IPCP negotiation process with the UE.
  • FIG. 3 is a flowchart of a method for establishing multiple connections according to Embodiment 2 of the present invention. As shown in FIG. 3, the method for establishing multiple connections in this example includes the following steps: Step 301: A 3GPP UE sends an authentication protocol to an RG (EAPoL- Start) The message is authenticated by the 802.1X protocol. The UE is an 802.1X client and the RG is an 802.1X authenticator.
  • Step 302 After receiving the EAPoL Start message sent by the UE, the RG sends the authentication to the UE.
  • the EAP Identity Request message is used to notify the UE to report the username.
  • the UE After receiving the EAP Identity Request message sent by the RG, the UE sends an EAP Identity Response message to the RG, where the message carries the user name.
  • the RG encapsulates the received EAP Identity Response message into the RADIUS Access Request message, and the RG also encapsulates the MAC address of the UE into the RADIUS Access Request message, and then sends the message to the RADIUS Access Request message. BNG.
  • Step 303 The BNG acts as a RADIUS proxy (Proxy), and sends a RADIUS Access Request message (NAI, Network Address Identifier) received from the RG to the corresponding TWAG.
  • NAI Network Address Identifier
  • Step 314 The TWAG sends the RADIUS Access Request message received from the BNG to the BBF AAA server according to the NAI of the UE, or the TWAG sends the message according to the NAI of the UE in a scenario where the TWAG has an interface with the 3GPP AAA server.
  • the 3GPP AAA server To the 3GPP AAA server;
  • Step 305 The BBF AAA server forwards the RADIUS Access Request message received by the BNG to the 3GPP AAA server according to the NAI of the UE. If the BBF network uses the RADIUS protocol and the 3GPP network uses the DIAMETER protocol, there is a translation agent (TA) between the BBF AAA server and the 3GPP AAA server for protocol conversion.
  • TA translation agent
  • the 3GPP AAA server If the 3GPP AAA server successfully authenticates the 3GPP AAA server, the 3GPP AAA server returns an authentication success response message to the BBF AAA server and carries the APN access list, and the BBF AAA server returns the authentication success effect message to the TWAG and carries the APN access list. Further, The TWAG replies to the BNG authentication successfully, the BNG returns the authentication to the RG, and the RG replies to the UE successfully. At the same time, under the condition that the UE is authenticated, RG, BNG, and TWAG record the UE's International Mobile Equipment Identity (IMSE).
  • IMSE International Mobile Equipment Identity
  • Step 306 The UE initiates a PPPoE session request, and the PPPoE session is completed between the UE and the BNG to obtain a PPPoE Session ID.
  • Step 307 The PPP LCP negotiation is completed between the UE and the BNG.
  • Step 308 The UE carries the APN information and interacts with the BNG and BBFAAA servers to complete the UE identity local authentication, and the BNG receives the L2TP parameters sent by the 3GPP AAA server through the BBF AAA server.
  • Step 309 An L2TP tunnel is established between the BNG and the TWAG.
  • the step may be skipped, and the L2TP parameter information may not be sent in the foregoing step 308.
  • Step 310 The UE, the TWAG, and the BBF AAA server interact to complete the UE identity local authentication. An L2TP session is established between the BNG and the TWAG.
  • TWAG may choose not to directly return the authentication success message to the user without interacting with the BBF AAA server.
  • Step 311 The TWAG compares the APN information carried in the UE authentication request with the APN access list sent by the BBF AAA server. If the comparison succeeds, the TWAG and the PDN GW interact to complete the GTP session establishment.
  • Step 312 The UE interacts with the TWAG to complete the IP address allocation, that is, the TWAG sends the IP address to the UE during the IPCP negotiation process with the UE.
  • the foregoing authentication success message may also be an authorization message.
  • This embodiment provides a process of encapsulating, decapsulating, and transmitting a UE data packet after a 3GPP UE connection established by a fixed network is established.
  • 4 is a schematic diagram of encapsulation and decapsulation of a data packet according to a method for establishing a multi-connection according to an embodiment of the present invention. As shown in FIG. 4, the application steps of the multi-connection establishment method in the embodiment of the present invention include:
  • Step 401 After the 3GPP UE successfully establishes a connection according to the first embodiment or the second embodiment, the data packet is sent. Specifically, the 3GPP UE puts the corresponding PPPoE encapsulation according to the service type and sends it to the BNG. The format of the data packet is shown in Figure 4, and the structural details thereof will not be described here.
  • Step 402 After receiving the data packet of the UE, the RG directly forwards the data packet.
  • Step 403 After receiving the data packet of the UE, the BNG performs L2TP encapsulation according to the PPPoE encapsulation information of the packet, and sends the packet to the corresponding TWAG (which is consistent with the TWAG participating in the authentication and connection establishment process).
  • the format of the data packet is shown in Figure 4, and the structural details thereof will not be described here.
  • Step 404 After receiving the data packet of the UE, the TWAG decapsulates the data packet, obtains the tunnel ID and the session ID in the L2TP header of the packet, and re-encapsulates the IP packet in the packet, and passes between the TWAG and the PND GW. Tunnels (such as GTP tunnels, PMIP tunnels) are sent to the PND GW.
  • Tunnels such as GTP tunnels, PMIP tunnels
  • Step 405 The PDN GW receives the data packet of the 3GPP UE.
  • the invention also describes a system for establishing multiple connections, the system comprising BNG, TWAG and PDN gateways, wherein:
  • the BNG is configured to receive the PPP or PPPoE access request message initiated by the UE, and then forward the message to the TWAG through the L2TP tunnel;
  • the TWAG configured to determine that a PDN connection of the UE is allowed to be established, establish a PDN connection of the UE with a PDN gateway according to the APN information that the UE wants to access, and allocate the PDN gateway to the UE.
  • the IP address information is sent to the UE.
  • the BNG After receiving the PPP or PPPoE access request message initiated by the UE, the BNG is configured to determine that the acquired APN is to be accessed by the UE when the L2TP tunnel is not established between the BNG and the TWAG.
  • the information or the L2TP parameter information is used to establish an L2TP tunnel of the UE with the TWAG.
  • the TWAG sends the IP address information allocated by the PDN gateway to the UE through the L2TP session and sends the information to the UE via the BNG.
  • the system also includes a 3GPP AAA server and a BBF AAA server, wherein: the TWAG is further configured to initiate UE-based authentication to the BBF AAA server Request
  • the BBF AAA server is further configured to: send the UE-based authentication request sent by the TWAG to the 3GPP AAA server, and receive a UE authentication success message or an authorization message sent by the 3GPP AAA and send the message to the TWAG ;
  • the 3GPP AAA server is further configured to: after the authentication of the UE is passed, send a UE authentication success message or an authorization message to the TWAG by using the BBF AAA server, where the UE authentication success message or the authorization message carries an APN connection. Enter the list information.
  • the TWAG obtains the APN information that the UE wants to access from the PPP or PPPoE access request message initiated by the UE.
  • the BNG is further configured to initiate an authentication request based on the UE to the BBF AAA server, where the BBF AAA server forwards an authentication request based on the UE to the 3GPP AAA server;
  • the 3GPP AAA server is further configured to: after the authentication based on the UE passes, send the UE authentication success message or an authorization message to the BNG by using the BBF AAA server; in the UE authentication success message or the authorization message Carry L2TP parameter information.
  • the TWAG is further configured to determine, according to the acquired APN information that the UE wants to access and the APN access list information, that the PDN connection of the UE is allowed to be established.
  • the TWAG is further configured to: send the IP address information allocated by the PDN gateway to the UE to the UE in an IPCP negotiation process with the UE.
  • the different UEs carrying the same APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
  • the different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
  • the BNG and the TWAG establish different L2TP tunnels for different UEs carrying the same APN information.
  • the multi-connection established system of the present invention is implemented on the basis of an existing mobile communication network, and the structure of the system is the same as that of the existing FMC architecture, and the multi-connection established system of the present invention is present. Some related network elements in the mobile communication network are implemented by corresponding function expansion. In the present invention, only the network elements whose functions are extended are mainly described.
  • the multi-connection establishment system of the present invention can be understood by referring to the foregoing description of the multi-connection establishment method of the present invention, and its network architecture can be understood with reference to the existing mobile communication network structure such as the structure shown based on FIG.
  • the BNG receives the peer-to-peer protocol or the Ethernet point-to-point protocol access request message initiated by the UE, and then forwards the message to the TWAG through the L2TP tunnel; the TWAG receives the access point name information and the APN according to the obtained UE to access.
  • the in-list information determines that the PDN connection of the UE is allowed to be established
  • the PDN connection of the UE is established with the PDN gateway according to the APN information that the UE wants to access, and the IP address information allocated by the PDN gateway for the UE is sent to the UE through the BNG.
  • the different UEs carrying the same APN information between the BNG and the TWAG establish different sessions in the same Layer 2 tunneling protocol tunnel.
  • the BNG and the TWAG are established in the same L2TP tunnel for different UEs carrying different APN information. Different sessions; or, BNG and TWAG establish different L2TP tunnels for different UEs carrying the same APN information.
  • the TWAG maintains the binding relationship between the L2TP tunnel and the session of the UE and the GTP/PMIP connection.

Abstract

Disclosed is a method for setting up multiple connections, including: after a BNG has received a PPP or PPPoE access request message initiated by a UE, forwarding same to a TWAG via an L2TP tunnel; and when the TWAG determines that the setup of a PDN connection for the UE is allowed according to the acquired information about an APN which the UE wants to access and the access list information about the APN, setting up the PDN connection with a PDN gateway for the UE according to the information about the APN which the UE wants to access, and sending to the UE the IP address information allocated to the UE by the PDN gateway via the BNG. Between the BNG and the TWAG, different sessions are set up on one and the same L2TP parameter connection for different UEs carrying information about the same APN; or between the BNG and the TWAG, different sessions are set up on one and the same L2TP tunnel for different UEs carrying information about different APNs. Disclosed at the same time is a system for setting up multiple connections. The present invention realizes the setup of multiple connections based on the information about an APN, and expands the application of the FMC architecture.

Description

多连接建立的方法及系统 技术领域  Method and system for establishing multiple connections
本发明涉及多连接建立技术, 尤其涉及一种多连接建立的方法及系统。 背景技术  The present invention relates to a multi-connection establishment technique, and more particularly to a multi-connection establishment method and system. Background technique
随着网络技术的发展和用户对业务需求的不断加强, 终端逐渐向多模 化发展。 多模终端可以选择在不同类型的接入网络接入, 以承载多样性的 业务。 由于不同的网络连接具有不同的特性和传输能力, 从而能更好地满 足用户多业务多样性的需求。 多模终端可以实现不同类型的无线访问网络 之间的无缝连接, 如蜂窝通用移动通信系统 ( UMTS , Universal Mobile Telecommunication System ) /EDGE ( Enhanced Data Rate for GSM Evolution, 增强型数据速率 GSM ( Global System for Mobile communication, 全球移动 通信系统) 演进技术) /通用分组无线服务(GPRS , General Packet Radio Service )技术与美国电气和电子工程师协会 ( IEEE, Institute of Electrical and Electronics Engineer ) 802.11 无线局域网 ( WLAN , Wireless Local Area Network )的连接。 WLAN可在小范围的家庭和热点区域提供很高的数据速 率, 而蜂窝网络可以提供更高的灵活性和无处不在的覆盖, 但数据速率较 低, 如果能够结合两者的优点, 用户将从中受益。 在 WLAN访问点的覆盖 范围内, 多模终端利用 WLAN进行数据访问和网络电话( VoIP , Voice over Internet Protocol )应用, 同时还能使用重叠的蜂窝网络, 进行语音呼叫或媒 体访问。  With the development of network technology and the increasing demand of users for business, terminals are gradually developing into multi-modality. Multimode terminals can choose to access different types of access networks to carry diverse services. Because different network connections have different characteristics and transmission capabilities, they can better meet the needs of users with multiple services. Multimode terminals enable seamless connectivity between different types of wireless access networks, such as Universal Mobile Telecommunication System (UMTS) / EDGE (Enhanced Data Rate for GSM Evolution, Enhanced Data Rate for GSM (Global System) For Mobile communication, Global Technology (LTE) / General Packet Radio Service (GPRS, General Packet Radio Service) and IEEE, Institute of Electrical and Electronics Engineer 802.11 Wireless LAN (WLAN, Wireless) Local Area Network ) connection. WLANs provide high data rates in a small range of homes and hotspots, while cellular networks offer greater flexibility and ubiquitous coverage, but at lower data rates, if combined with the advantages of both, users will Benefited from. Within the coverage of WLAN access points, multimode terminals use WLAN for data access and Voice over Internet Protocol (VoIP) applications, while also using overlapping cellular networks for voice calls or media access.
目前, 国际性标准组织宽带论坛(BBF, Broadband Forum )和第三代 合作伙伴计划 ( 3GPP, 3rd Generation Partnership Project )正在进行固定网 络与移动网络融合(FMC, Fixed Mobile Convergence ) 的标准化工作, 涉 及的场景包括 3GPP用户设备 ( UE, User Equipment )通过住宅网关( RG, Residential Gateway )从 BBF网络接入的认证、 地址分配以及策略控制。 在 认证过程中, 3GPP UE作为 802. lx客服端向 RG发起接入认证, 此时 RG 作为 802. lx 认证器及远程用户拨号认证系统 ( RADIUS , Remote Authentication Dial In User Service ) 客服端向 BBF AAA 服务器 ( Authentication Authorization Accounting, 认证、 授权、 计费)服务器发起 认证请求。 在地址请求过程中, 3GPP UE发起的地址请求消息经由宽带网 Currently, the International Standards Organization Broadband Forum (BBF, Broadband Forum) and the 3rd Generation Partnership Project (3GPP, 3rd Generation Partnership Project) are standardizing work on Fixed Network and Mobile Network Convergence (FMC). And the scenario includes the authentication, address allocation, and policy control of the 3GPP user equipment (UE, User Equipment) accessing from the BBF network through the residential gateway (RG, Residential Gateway). During the authentication process, the 3GPP UE initiates access authentication to the RG as the 802. lx client. At this time, the RG acts as the 802. lx authenticator and the remote authentication dial in user service (RADIUS, Remote Authentication Dial In User Service) to the BBF AAA. The server (Authentication Authorization Accounting, Authentication, Authorization, Accounting) initiates an authentication request. In the address request process, the address request message initiated by the 3GPP UE is via the broadband network.
Packet Data Network Gateway )请求 IP地址。 其中, BNG与 PDN-GW之间 建立 S2a会话,并通过 GTP( GPRS Tunneling Protocol, GPRS( General Packet Radio Service, 通用分组无线业务) 隧道协议) 或代理移动因特网协议Packet Data Network Gateway) requests an IP address. The S2a session is established between the BNG and the PDN-GW, and the GTP (GPRS Tunneling Protocol, GPRS (General Packet Radio Service) tunneling protocol) or the proxy mobile Internet protocol is used.
( PMIP, Proxy Mobile IP ) 隧道实现。 (PMIP, Proxy Mobile IP) tunnel implementation.
现有技术中, 每个用户 BNG都需要与 PDN-GW之间建立 S2a会话。 为了在现网中支持该场景, 需要对所有 BNG设备进行升级, 对现网影响较 大, 为解决该问题, 引用了固网接入网关 (例如信任 WLAN接入网关 In the prior art, each user BNG needs to establish an S2a session with the PDN-GW. In order to support the scenario on the live network, all BNG devices need to be upgraded and have a large impact on the live network. To solve this problem, a fixed network access gateway is referenced (for example, a trusted WLAN access gateway).
( TWAG, Trusted WLAN Access Gateway ) ), 引入 TWAG后的网络结构示 意图如图 1所示。 引入固网接入网关后能够不需要对 BNG设备进行大规模 升级, 能尽量减少对现网的影响。 (TWAG, Trusted WLAN Access Gateway)), the network structure after the introduction of TWAG is shown in Figure 1. After the introduction of the fixed network access gateway, large-scale upgrades of BNG equipment are not required, and the impact on the existing network can be minimized.
移动用户通过固网接入后, 有可能会同时访问不同的移动业务分组网 络, 此时会建立多个分组数据网络( PDN, Packet Data Network )连接。 在 现有架构下, 如何区分不同的 PDN连接的问题尚未解决。 发明内容  After the mobile user accesses through the fixed network, it may access different mobile service packet networks at the same time. At this time, multiple packet data network (PDN, Packet Data Network) connections are established. Under the existing architecture, the problem of how to distinguish between different PDN connections has not been resolved. Summary of the invention
有鉴于此, 本发明的主要目的在于提供一种多连接建立的方法及系统, 能根据 UE欲接入的 APN信息为不同 UE在同一 L2TP隧道建立不同的会 话。 为达到上述目的, 本发明的技术方案是这样实现的: In view of this, the main purpose of the present invention is to provide a method and system for establishing a multi-connection, which can establish different sessions for different UEs in the same L2TP tunnel according to the APN information that the UE wants to access. In order to achieve the above object, the technical solution of the present invention is achieved as follows:
一种多连接建立的方法, 所述方法包括:  A method for establishing multiple connections, the method comprising:
宽带网络网关 BNG接收到用户设备 UE发起的点对点协议 PPP或以太 网点对点协议 PPPoE接入请求消息后, 通过 L2TP隧道转发给信任无线局 或网接入网关 TWAG;  The broadband network gateway BNG receives the peer-to-peer protocol PPP or the Ethernet peer-to-peer protocol PPPoE access request message initiated by the UE, and then forwards to the trusted wireless office or the network access gateway TWAG through the L2TP tunnel;
所述 TWAG确定允许建立所述 UE的分组数据网络 PDN连接时,根据 所述 UE欲接入的接入点名称 APN信息与 PDN网关建立所述 UE的 PDN 连接, 并将所述 PDN网关为所述 UE分配的 IP地址信息发送给所述 UE。  When the TWAG determines that the packet data network PDN connection of the UE is allowed to be established, the PDN connection of the UE is established with the PDN gateway according to the access point name APN information that the UE wants to access, and the PDN gateway is The IP address information allocated by the UE is sent to the UE.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 BNG接收到所述 UE发起的 PPP或 PPPoE接入请求消息后,确定 所述 BNG与所述 TWAG之间未建立第二层隧道协议 L2TP隧道时,根据获 取的所述 UE欲接入的 APN信息或 L2TP参数信息, 与所述 TWAG之间建 立所述 UE的 L2TP隧道。  After the BNG receives the PPP or PPPoE access request message initiated by the UE, and determines that the second layer tunneling protocol L2TP tunnel is not established between the BNG and the TWAG, the BNG needs to access according to the acquired UE. The APN information or the L2TP parameter information establishes an L2TP tunnel of the UE with the TWAG.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 BNG与所述 BWAG之间在所述 L2TP隧道中为所述 UE的 PPP 或 PPPoE请求建立 L2TP会话;  Establishing, by the BNG and the BWAG, an L2TP session for the PPP or PPPoE request of the UE in the L2TP tunnel;
所述 TWAG将所述 PDN网关为所述 UE分配的 IP地址信息通过所述 L2TP会话并经所述 BNG发送给所述 UE。  The TWAG sends the IP address information allocated by the PDN gateway to the UE through the L2TP session and sends the information to the UE via the BNG.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 TWAG向第三代合作伙伴计划组织 3GPP认证授权计费 AAA服务 器发起基于所述 UE的认证请求,所述 3GPP AAA服务器在所述 UE的认证 通过后通过宽带论坛 BBF AAA服务器向所述 TWAG发送所述 UE认证成 功消息或授权消息, 所述 UE认证成功消息或授权消息中携带有 APN接入 列表信息。  The TWAG initiates an authentication request based on the UE to the 3GPP-certified authorized charging AAA server, and the 3GPP AAA server sends the TWAG to the TWAG through the broadband forum BBF AAA server after the authentication of the UE passes And sending the UE authentication success message or the authorization message, where the UE authentication success message or the authorization message carries the APN access list information.
优选地, 所述方法还包括: 所述 PPP或 PPPoE接入请求消息中携带有所述 UE欲接入的 APN信息; 所述 TWAG从所述 UE发起的 PPP或 PPPoE接入请求消息获取所述 UE欲 接入的 APN信息。 Preferably, the method further includes: The PPP or PPPoE access request message carries the APN information that the UE wants to access. The TWAG obtains the APN information that the UE wants to access from the PPP or PPPoE access request message initiated by the UE.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 BNG向 BBF AAA服务器发起基于所述 UE的认证请求,所述 BBF AAA服务器向第三代合作伙伴计划组织 3GPP AAA服务器发送基于所述 UE的认证请求;  The BNG initiates an authentication request based on the UE to a BBF AAA server, and the BBF AAA server sends an authentication request based on the UE to a 3GPP AAA server of the 3rd Generation Partnership Project Organization;
所述 3GPP AAA服务器在基于所述 UE的认证通过后, 通过所述 BBF AAA服务器向所述 BNG发送所述 UE认证成功消息或授权消息; 所述 UE 认证成功消息或授权消息中携带有 L2TP参数信息。  After the authentication by the UE is passed, the 3GPP AAA server sends the UE authentication success message or the authorization message to the BNG through the BBF AAA server; the UE authentication success message or the authorization message carries the L2TP parameter. information.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 TWAG根据所获取的所述 UE欲接入的 APN信息以及 APN接入 列表信息确定允许建立所述 UE的 PDN连接。  The TWAG determines, according to the acquired APN information that the UE wants to access and the APN access list information, that the PDN connection of the UE is allowed to be established.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 TWAG在与所述 UE进行的因特网协议控制协议 IPCP协商过程 中, 将所述 PDN网关为所述 UE分配的 IP地址信息发送给所述 UE。  The TWAG sends the IP address information allocated by the PDN gateway to the UE to the UE in an IPCP negotiation process with the UE.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE在同一 L2TP隧道中建立不同的会话;  Establishing different sessions between the BNG and the TWAG in different L2TP tunnels for different UEs carrying the same APN information;
或者, 所述 BNG和所述 TWAG之间为携带不同 APN信息的不同 UE 在同一 L2TP隧道中建立不同的会话;  Or, the different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
或者, 所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE 建立不同的 L2TP隧道。  Or, the BNG and the TWAG establish different L2TP tunnels for different UEs carrying the same APN information.
优选地, 所述方法还包括:  Preferably, the method further includes:
所述 TWAG维护所述 UE的 L2TP隧道及会话与 GTP/PMIP连接的绑 定关系; 所述 GTP/PMIP连接为所述 BNG与所述 PDN网关之间的连接。 一种多连接建立的系统, 所述系统包括 BNG、 TWAG和 PDN网关 , 其中: The TWAG maintains the L2TP tunnel of the UE and the binding of the session to the GTP/PMIP connection The GTP/PMIP connection is a connection between the BNG and the PDN gateway. A multi-connection established system, the system comprising a BNG, a TWAG and a PDN gateway, wherein:
BNG, 配置为接收到 UE发起的 PPP或 PPPoE接入请求消息后, 通过 L2TP隧道转发给 TWAG;  The BNG is configured to receive the PPP or PPPoE access request message initiated by the UE, and then forward the message to the TWAG through the L2TP tunnel;
所述 TWAG, 配置为确定允许建立所述 UE的 PDN连接时, 根据所述 UE欲接入的 APN信息与 PDN网关建立所述 UE的 PDN连接, 并将所述 PDN网关为所述 UE分配的 IP地址信息发送给所述 UE。  The TWAG, configured to determine that a PDN connection of the UE is allowed to be established, establish a PDN connection of the UE with a PDN gateway according to the APN information that the UE wants to access, and allocate the PDN gateway to the UE. The IP address information is sent to the UE.
优选地,所述 BNG在接收到 UE发起的 PPP或 PPPoE接入请求消息后 还配置为, 确定所述 BNG与所述 TWAG之间未建立 L2TP隧道时,根据获 取的所述 UE欲接入的 APN信息或 L2TP参数信息, 与所述 TWAG之间建 立所述 UE的 L2TP隧道。  Preferably, after receiving the PPP or PPPoE access request message initiated by the UE, the BNG is further configured to: when it is determined that the L2TP tunnel is not established between the BNG and the TWAG, according to the acquired UE to be accessed The APN information or the L2TP parameter information establishes an L2TP tunnel of the UE with the TWAG.
优选地,所述 BNG在所述 L2TP隧道中为所述 UE的 PPP或 PPPoE请 求向所述 BWAG发送 L2TP会话建立请求;  Preferably, the BNG sends an L2TP session establishment request to the BWAG for the PPP or PPPoE request of the UE in the L2TP tunnel;
所述 TWAG还配置为, 将所述 PDN为所述 UE分配的 IP地址信息通 过所述 L2TP隧道并经所述 BNG发送给所述 UE。  The TWAG is further configured to: send, by the BNG, the IP address information allocated by the PDN to the UE to the UE by using the L2TP tunnel.
优选地, 所述系统还包括 3GPP AAA服务器和 BBF AAA服务器, 其 中:  Preferably, the system further comprises a 3GPP AAA server and a BBF AAA server, wherein:
所述 TWAG还配置为, 向所述 BBF AAA服务器发起基于 UE的认证 请求;  The TWAG is further configured to initiate a UE-based authentication request to the BBF AAA server;
所述 BBF AAA服务器还配置为, 将所述 TWAG发送的基于 UE的认 证请求发送给所述 3GPP AAA服务器, 以及接收到所述 3GPP AAA发送的 UE认证成功消息或授权消息并发送给所述 TWAG;  The BBF AAA server is further configured to: send the UE-based authentication request sent by the TWAG to the 3GPP AAA server, and receive a UE authentication success message or an authorization message sent by the 3GPP AAA and send the message to the TWAG ;
所述 3GPP AAA服务器还配置为, 在所述 UE的认证通过后通过所述 BBF AAA服务器向所述 TWAG发送 UE认证成功消息或授权消息, 所述 UE认证成功消息或授权消息中携带有 APN接入列表信息。 The 3GPP AAA server is further configured to: after the authentication of the UE passes, send a UE authentication success message or an authorization message to the TWAG by using the BBF AAA server, where The UE authentication success message or the authorization message carries the APN access list information.
优选地, 所述 BNG还配置为, 向所述 BBF AAA服务器发起基于所述 UE的认证请求, 所述 BBF AAA服务器向所述 3GPP AAA服务器转发发起 基于所述 UE的认证请求;  Preferably, the BNG is further configured to: initiate an authentication request based on the UE to the BBF AAA server, where the BBF AAA server forwards an authentication request based on the UE to the 3GPP AAA server;
所述 3GPP AAA服务器还配置为, 在基于所述 UE的认证通过后, 通 过所述 BBF AAA服务器向所述 BNG发送所述 UE认证成功消息或授权消 息; 所述 UE认证成功消息或授权消息中携带有 L2TP参数信息。  The 3GPP AAA server is further configured to: after the authentication based on the UE passes, send the UE authentication success message or an authorization message to the BNG by using the BBF AAA server; in the UE authentication success message or the authorization message Carry L2TP parameter information.
优选地, 所述 TWAG还配置为, 根据所获取的所述 UE欲接入的 APN 信息以及 APN接入列表信息确定允许建立所述 UE的 PDN连接。  Preferably, the TWAG is further configured to determine, according to the acquired APN information that the UE wants to access and the APN access list information, that the PDN connection of the UE is allowed to be established.
优选地,所述 TWAG还配置为,在与所述 UE进行的 IPCP协商过程中, 将所述 PDN网关为所述 UE分配的 IP地址信息发送给所述 UE。  Preferably, the TWAG is further configured to send the IP address information allocated by the PDN gateway to the UE to the UE in an IPCP negotiation process with the UE.
优选地, 所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE在同一 L2TP隧道中建立不同的会话;  Preferably, the different UEs carrying the same APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
或者, 所述 BNG和所述 TWAG之间为携带不同 APN信息的不同 UE 在同一 L2TP隧道中建立不同的会话;  Or, the different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
或者, 所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE 建立不同的 L2TP隧道。  Or, the BNG and the TWAG establish different L2TP tunnels for different UEs carrying the same APN information.
本发明中, BNG接收到 UE发起的点对点协议(PPP, Point-to-Point Protocol )或以太网点 ^"点十办议( PPPoE, Point-to-Point Protocol over Ethernet ) 接入请求消息后, 通过 L2TP隧道转发给 TWAG; TWAG根据所获取的 UE 欲接入的接入点名称( APN, Access Point Name )信息以及 APN接入列表 信息确定允许建立 UE的 PDN连接时,根据 UE欲接入的 APN信息与 PDN 网关建立所述 UE的 PDN连接, 并将 PDN网关为 UE分配的 IP地址信息 通过 BNG发送给所述 UE。 其中, BNG和 TWAG之间为携带相同 APN信 息的不同 UE在同一第二层隧道协议 ( L2TP, Layer 2 Tunneling Protocol ) 隧道中建立不同的会话; 或者, BNG和 TWAG之间为携带不同 APN信息 的不同 UE在同一 L2TP隧道中建立不同的会话; 或者, BNG和 TWAG之 间为携带相同 APN信息的不同 UE建立不同的 L2TP隧道。 TWAG维护 UE 的 L2TP隧道及会话与 GTP/PMIP连接的绑定关系。本发明实现了基于 APN 信息的多连接建立, 拓展了 FMC架构的应用, 能通过 APN信息标识相应 的会话。 附图说明 In the present invention, the BNG receives the Point-to-Point Protocol (PPP) or the Point-to-Point Protocol over Ethernet (PPPoE) access request message initiated by the UE. The L2TP tunnel is forwarded to the TWAG; the TWAG determines, according to the acquired access point name (APN, Access Point Name) information and the APN access list information that the UE wants to access, the APN to be established according to the UE. And the PDN gateway establishes a PDN connection of the UE, and sends the IP address information allocated by the PDN gateway to the UE to the UE by using the BNG, where the BNG and the TWAG are in the same second for different UEs carrying the same APN information. Layer 2 Tunneling Protocol (L2TP, Layer 2 Tunneling Protocol) A different session is established in the tunnel. The BNG and TWAG establish different sessions in the same L2TP tunnel for different UEs carrying different APN information. Alternatively, BNG and TWAG establish different interfaces for different UEs carrying the same APN information. L2TP tunnel. The TWAG maintains the binding relationship between the L2TP tunnel and the session of the UE and the GTP/PMIP connection. The invention realizes the multi-connection establishment based on the APN information, expands the application of the FMC architecture, and can identify the corresponding session through the APN information. DRAWINGS
图 1为 FMC架构示意图;  Figure 1 is a schematic diagram of the FMC architecture;
图 2为本发明实施例一的多连接建立的方法的流程图;  2 is a flowchart of a method for establishing multiple connections according to Embodiment 1 of the present invention;
图 3为本发明实施例二的多连接建立的方法的流程图;  3 is a flowchart of a method for establishing multiple connections according to Embodiment 2 of the present invention;
图 4为根据本发明实施例多连接建立的方法的数据包的封装与解封装 示意图。 具体实施方式  4 is a schematic diagram of encapsulation and decapsulation of data packets of a method for establishing multiple connections according to an embodiment of the present invention. detailed description
本发明实施例涉及: BNG接收到 UE发起的 PPP或 PPPoE接入请求消 息后, 转发给 TWAG; TWAG确定允许建立 UE的 PDN连接时, 根据 UE 欲接入的 APN信息与 PDN网关建立所述 UE的 PDN连接,并将 PDN网关 为 UE分配的 IP地址信息发送给所述 UE。 其中, BNG和 TWAG之间为携 带相同 APN信息的不同 UE在同一 L2TP隧道中建立不同的会话; 或者, BNG和 TWAG之间为携带不同 APN信息的不同 UE在同一 L2TP隧道中建 立不同的会话; 或者, BNG和 TWAG之间为携带相同 APN信息的不同 UE 建立不同的 L2TP隧道。 TWAG维护 UE的 L2TP隧道及会话与 GTP/PMIP 连接的绑定关系。 TWAG在与 UE进行的 IPCP ( IP ( Internet Protocol, 因 特网协议 ) Control Protocol, 因特网协议控制协议 )协商过程中, 将 PDN 网关为 UE分配的 IP地址发送给所述 UE。 具体地: 移动网络用户设备 UE发起 PPP或 PPPoE接入请求, 携带需 要接入的 APN信息。 The embodiment of the present invention relates to: after receiving the PPP or PPPoE access request message initiated by the UE, the BNG forwards the message to the TWAG; when the TWAG determines that the PDN connection of the UE is allowed to be established, the BNG establishes the UE according to the APN information that the UE wants to access and the PDN gateway. The PDN connection is sent to the UE by the IP address information allocated by the PDN gateway for the UE. The BNG and the TWAG establish different sessions in the same L2TP tunnel for different UEs carrying the same APN information. Alternatively, different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel. Alternatively, a different L2TP tunnel is established between the BNG and the TWAG for different UEs carrying the same APN information. The TWAG maintains the binding relationship between the L2TP tunnel of the UE and the session and the GTP/PMIP connection. The TWAG sends an IP address assigned by the PDN gateway to the UE to the UE during the IPCP (IP (Internet Protocol) Control Protocol) negotiation process with the UE. Specifically, the mobile network user equipment (UE) initiates a PPP or PPPoE access request, and carries the APN information that needs to be accessed.
BNG根据所述 UE请求报文或认证报文中携带的 APN信息和 /或 AAA 服务器(3GPP AAA服务器)服务器发送给 BNG的所述 UE认证成功消息 或授权消息中携带的 L2TP参数信息, 向 TWAG请求建立所述 UE的 L2TP 隧道。即 ,若 BNG和 TWAG之间不存在对应的 L2TP隧道,则先建立 L2TP 隧道。  The BNG according to the APN information carried in the UE request packet or the authentication packet and/or the L2TP parameter information carried in the UE authentication success message or the authorization message sent by the AAA server (3GPP AAA server) server to the BNG to the TWAG Request to establish an L2TP tunnel of the UE. That is, if there is no corresponding L2TP tunnel between the BNG and the TWAG, the L2TP tunnel is established first.
TWAG根据 UE请求报文或认证报文中携带的 UE身份标识信息、 APN 信息和 /或 AAA服务器( 3GPP AAA服务器)服务器发送给 TWAG的所述 UE认证成功消息或授权消息中携带的 APN接入列表信息, 判断是否为用 户与 3GPP网络网关建立 PDN连接。 若 TWAG判断允许建立所述 UE的所 述 PDN连接, 则 TWAG根据 UE信息和 UE请求报文或认证报文中携带的 APN信息向移动网网关(包括 PDN GW )请求建立所述 UE的 PDN连接, 并将获取到的用户 IP地址通过 L2TP协议经由 BNG发送给 UE。 TWAG维 护 UE的 L2TP隧道及会话与 GTP/PMIP连接的绑定关系。  The TWAG is based on the UE identity information carried in the UE request packet or the authentication packet, the APN information, and/or the APN access carried in the UE authentication success message or the authorization message sent by the AAA server (3GPP AAA server) server to the TWAG. The list information determines whether the user establishes a PDN connection with the 3GPP network gateway. If the TWAG determines that the PDN connection of the UE is allowed to be established, the TWAG requests the mobile network gateway (including the PDN GW) to establish a PDN connection of the UE according to the UE information and the APN information carried in the UE request message or the authentication message. And sending the obtained user IP address to the UE via the BNG through the L2TP protocol. The TWAG maintains the binding relationship between the UE's L2TP tunnel and the session and the GTP/PMIP connection.
为使本发明的目的、 技术方案和优点更加清楚明白, 以下举实施例并 参照附图, 对本发明进一步详细说明。  The present invention will be further described in detail below with reference to the accompanying drawings.
实施例一  Embodiment 1
图 2为本发明实施例一的多连接建立的方法的流程图, 如图 2所示, 本示例的多连接建立的方法包括以下步驟:  2 is a flowchart of a method for establishing multiple connections according to Embodiment 1 of the present invention. As shown in FIG. 2, the method for establishing multiple connections in this example includes the following steps:
步驟 201 , UE发起 PPPoE接入请求; UE与 BNG之间完成 PPPoE协 商, 获得 PPPoE会话标识( PPPoE Session ID )。  Step 201: The UE initiates a PPPoE session ID. The PPPoE session ID is obtained between the UE and the BNG.
步驟 202, UE与 BNG之间完成 PPP链路控制协议( LCP, Link Control Protocol )协商。  Step 202: The PPP Link Control Protocol (LCP) negotiation is completed between the UE and the BNG.
步驟 203, UE携带 APN信息并与 BNG, BBF AAA月良务器、 3GPPAAA 服务器交互, 完成 UE身份本地认证, 3GPP AAA服务器向 BNG下发第二 层隧道协议 ( L2TP, Layer 2 Tunneling Protocol )参数信息。 Step 203: The UE carries the APN information and cooperates with the BNG, the BBF AAA server, and the 3GPPAAA. The server interacts to complete the UE identity local authentication, and the 3GPP AAA server sends the Layer 2 Tunneling Protocol (L2TP) parameter information to the BNG.
步驟 204, BNG和 TWAG之间进行 L2TP隧道建立。  Step 204: Perform an L2TP tunnel establishment between the BNG and the TWAG.
若该 BNG和 TWAG之间已存在 L2TP隧道或具有相同 APN信息的隧 道, 则该步驟省略。 当然, 如果 BNG和 TWAG之间已存在 L2TP隧道或具 有相同 APN信息的隧道, 步驟 203中不再发送 L2TP参数信息。  If an L2TP tunnel or a tunnel with the same APN information already exists between the BNG and the TWAG, this step is omitted. Of course, if there is already an L2TP tunnel or a tunnel with the same APN information between the BNG and the TWAG, the L2TP parameter information is not sent in step 203.
步驟 205 , UE携带 APN信息并与 TWAG、 BBF AAA服务器、 3GPP AAA 服务器交互, 完成 UE身份本地认证, BNG与 TWAG之间建立 L2TP会话。 3GPP AAA服务器在认证用户身份的同时确认该 UE用户是否允许接入该 APN, 若认证成功, 则 3GPP AAA服务器通过 BBF AAA服务器向 TWAG 回复认证成功响应消息。  Step 205: The UE carries the APN information and interacts with the TWAG, the BBF AAA server, and the 3GPP AAA server to complete the UE identity local authentication, and establishes an L2TP session between the BNG and the TWAG. The 3GPP AAA server confirms whether the UE user is allowed to access the APN while authenticating the user identity. If the authentication is successful, the 3GPP AAA server returns an authentication success response message to the TWAG through the BBF AAA server.
步驟 206 , TWAG将 UE认证请求中携带的 APN信息与 3GPP AAA服 务器通过 BBF AAA服务器下发的 APN接入列表进行比对, 比对成功则 TWAG与 PDN GW交互完成 GTP会话建立。 本步驟即根据 APN信息及 APN接入列表确定是否允许 UE接入。  Step 206: The TWAG compares the APN information carried in the UE authentication request with the APN access list sent by the 3GPP AAA server through the BBF AAA server. If the comparison succeeds, the TWAG and the PDN GW interact to complete the GTP session establishment. In this step, it is determined whether the UE is allowed to access according to the APN information and the APN access list.
步驟 207, UE与 TWAG交互完成 IP地址分配, 即 TWAG在与 UE进 行的 IPCP协商过程中将 IP地址发送给 UE。  Step 207: The UE interacts with the TWAG to complete the IP address allocation, that is, the TWAG sends the IP address to the UE during the IPCP negotiation process with the UE.
实施二  Implementation two
本实施例提供了从固网接入的 3GPP UE的用户认证 (方法二, APN连 接建立前认证) 以及一个 APN连接建立的方法, 其中 3GPP UE为 802. IX 客户端, RG为 802.1X认证器。 图 3为本发明实施例二的多连接建立的方 法的流程图, 如图 3所示, 本示例的多连接建立的方法包括以下步驟: 步驟 301 , 3GPP UE向 RG发送认证协议开始 (EAPoL-Start )报文, 通过 802.1X协议进行认证。 UE为 802.1X客户端, RG为 802.1X认证器。  The embodiment provides the user authentication of the 3GPP UE accessed from the fixed network (method 2, APN connection pre-establishment authentication) and an APN connection establishment method, where the 3GPP UE is an 802. IX client, and the RG is an 802.1X authenticator. . FIG. 3 is a flowchart of a method for establishing multiple connections according to Embodiment 2 of the present invention. As shown in FIG. 3, the method for establishing multiple connections in this example includes the following steps: Step 301: A 3GPP UE sends an authentication protocol to an RG (EAPoL- Start) The message is authenticated by the 802.1X protocol. The UE is an 802.1X client and the RG is an 802.1X authenticator.
步驟 302, 接收到 UE发送的 EAPoL Start报文后, RG向 UE发送认证 协议 ID请求( EAP Identity Request )报文, 用于通知 UE上报用户名。 其中, 接收到 RG发送的 EAP Identity Request报文后, UE回复认证协 议 ID应答( EAP Identity Response )报文给 RG , 其中报文中携带用户名。 Step 302: After receiving the EAPoL Start message sent by the UE, the RG sends the authentication to the UE. The EAP Identity Request message is used to notify the UE to report the username. After receiving the EAP Identity Request message sent by the RG, the UE sends an EAP Identity Response message to the RG, where the message carries the user name.
随后, RG将接收到的 EAP Identity Response 4艮文封装到认证接入请求 ( RADIUS Access Request )报文中, 同时, RG还将 UE的 MAC地址也封 装到 RADIUS Access Request报文中, 然后发送给 BNG。  Then, the RG encapsulates the received EAP Identity Response message into the RADIUS Access Request message, and the RG also encapsulates the MAC address of the UE into the RADIUS Access Request message, and then sends the message to the RADIUS Access Request message. BNG.
步驟 303, BNG作为 RADIUS代理( Proxy )将从 RG接收到的 RADIUS Access Request 4艮文 居 UE 的网络地址标识 (NAI, Network Address Identifier )发送给对应的 TWAG;  Step 303: The BNG acts as a RADIUS proxy (Proxy), and sends a RADIUS Access Request message (NAI, Network Address Identifier) received from the RG to the corresponding TWAG.
步驟 304, TWAG作为 RADIUS Proxy将从 BNG收到的 RADIUS Access Request报文根据 UE的 NAI发送给 BBF AAA服务器, 或者在 TWAG与 3GPP AAA服务器有接口的场景下, TWAG将报文根据 UE的 NAI发送给 3GPPAAA服务器;  Step 314: The TWAG sends the RADIUS Access Request message received from the BNG to the BBF AAA server according to the NAI of the UE, or the TWAG sends the message according to the NAI of the UE in a scenario where the TWAG has an interface with the 3GPP AAA server. To the 3GPP AAA server;
步驟 305 , BBF AAA服务器根据 UE的 NAI将从 BNG收到的 RADIUS Access Request报文转发给 3GPP AAA服务器。 若 BBF网络使用 RADIUS 协议,而 3GPP网络使用 DIAMETER协议,则 BBF AAA服务器和 3GPP AAA 服务器之间存在翻译代理(TA, Translation Agent )来进行协议转换。  Step 305: The BBF AAA server forwards the RADIUS Access Request message received by the BNG to the 3GPP AAA server according to the NAI of the UE. If the BBF network uses the RADIUS protocol and the 3GPP network uses the DIAMETER protocol, there is a translation agent (TA) between the BBF AAA server and the 3GPP AAA server for protocol conversion.
若 3GPP UE在 3GPP AAA服务器认证成功, 则 3GPP AAA服务器向 BBF AAA服务器回复认证成功响应消息并携带 APN接入列表, BBF AAA 服务器向 TWAG回复认证成功效应消息并携带 APN接入列表, 进一步地, TWAG回复 BNG认证成功, BNG向 RG回复认证成功, RG向 UE回复认 证成功。 同时在 UE通过认证的条件下, RG、 BNG, TWAG都记录 UE的 国际移动设备标 i只 ( IMSE, International Mobile Equipment Identity )。  If the 3GPP AAA server successfully authenticates the 3GPP AAA server, the 3GPP AAA server returns an authentication success response message to the BBF AAA server and carries the APN access list, and the BBF AAA server returns the authentication success effect message to the TWAG and carries the APN access list. Further, The TWAG replies to the BNG authentication successfully, the BNG returns the authentication to the RG, and the RG replies to the UE successfully. At the same time, under the condition that the UE is authenticated, RG, BNG, and TWAG record the UE's International Mobile Equipment Identity (IMSE).
步驟 306, UE发起 PPPoE接入请求, UE与 BNG之间完成 PPPoE协 商, 获得 PPPoE Session ID。 步驟 307 , UE与 BNG之间完成 PPP LCP协商。 Step 306: The UE initiates a PPPoE session request, and the PPPoE session is completed between the UE and the BNG to obtain a PPPoE Session ID. Step 307: The PPP LCP negotiation is completed between the UE and the BNG.
步驟 308, UE携带 APN信息并与 BNG、 BBFAAA服务器交互, 完成 UE身份本地认证, BNG接收 3GPP AAA服务器通过 BBF AAA服务器下发 的 L2TP参数。  Step 308: The UE carries the APN information and interacts with the BNG and BBFAAA servers to complete the UE identity local authentication, and the BNG receives the L2TP parameters sent by the 3GPP AAA server through the BBF AAA server.
步驟 309, BNG和 TWAG之间进行 L2TP隧道建立。  Step 309: An L2TP tunnel is established between the BNG and the TWAG.
若该 BNG和 TWAG之间已存在 L2TP隧道或具有相同 APN信息的隧 道, 则可跳过该步驟, 上述步驟 308中也可以不再发送 L2TP参数信息。  If an L2TP tunnel or a tunnel having the same APN information already exists between the BNG and the TWAG, the step may be skipped, and the L2TP parameter information may not be sent in the foregoing step 308.
步驟 310, UE、 TWAG, BBF AAA服务器进行交互, 完成 UE身份本 地认证。 BNG与 TWAG之间建立 L2TP会话。  Step 310: The UE, the TWAG, and the BBF AAA server interact to complete the UE identity local authentication. An L2TP session is established between the BNG and the TWAG.
此步驟中, TWAG可以选择不与 BBF AAA服务器交互直接返回认证成 功消息给用户。  In this step, TWAG may choose not to directly return the authentication success message to the user without interacting with the BBF AAA server.
步驟 311 , TWAG将 UE认证请求中携带的 APN信息与 BBF AAA月良 务器下发的 APN接入列表进行比对, 比对成功则 TWAG与 PDN GW交互 完成 GTP会话建立。  Step 311: The TWAG compares the APN information carried in the UE authentication request with the APN access list sent by the BBF AAA server. If the comparison succeeds, the TWAG and the PDN GW interact to complete the GTP session establishment.
步驟 312, UE与 TWAG交互完成 IP地址分配, 即 TWAG在与 UE进 行的 IPCP协商过程中将 IP地址发送给 UE。  Step 312: The UE interacts with the TWAG to complete the IP address allocation, that is, the TWAG sends the IP address to the UE during the IPCP negotiation process with the UE.
本发明中, 上述认证成功消息也可以是授权消息  In the present invention, the foregoing authentication success message may also be an authorization message.
实施三  Implementation three
本实施例提供了从固网接入的 3GPP UE连接建立后, UE数据包的封 装与解封装及传送流程。 图 4为根据本发明实施例多连接建立的方法的数 据包的封装与解封装示意图, 如图 4所示, 本发明实施例的多连接建立的 方法的应用下步驟包括:  This embodiment provides a process of encapsulating, decapsulating, and transmitting a UE data packet after a 3GPP UE connection established by a fixed network is established. 4 is a schematic diagram of encapsulation and decapsulation of a data packet according to a method for establishing a multi-connection according to an embodiment of the present invention. As shown in FIG. 4, the application steps of the multi-connection establishment method in the embodiment of the present invention include:
步驟 401 , 3GPP UE基于实施例一或实施例二成功建立连接后,发送数 据包。 具体地, 3GPP UE根据业务类型打上对应的 PPPoE封装并发送给 BNG。 数据包的格式参见图 4, 这里不再赘述其结构细节。 步驟 402, RG收到 UE的数据包后, 直接转发。 Step 401: After the 3GPP UE successfully establishes a connection according to the first embodiment or the second embodiment, the data packet is sent. Specifically, the 3GPP UE puts the corresponding PPPoE encapsulation according to the service type and sends it to the BNG. The format of the data packet is shown in Figure 4, and the structural details thereof will not be described here. Step 402: After receiving the data packet of the UE, the RG directly forwards the data packet.
步驟 403, BNG收到 UE的数据包后, 根据报文的 PPPoE封装信息进 行 L2TP封装,发送给对应的 TWAG(与认证和连接建立过程参与的 TWAG 一致)。 数据包的格式参见图 4, 这里不再赘述其结构细节。  Step 403: After receiving the data packet of the UE, the BNG performs L2TP encapsulation according to the PPPoE encapsulation information of the packet, and sends the packet to the corresponding TWAG (which is consistent with the TWAG participating in the authentication and connection establishment process). The format of the data packet is shown in Figure 4, and the structural details thereof will not be described here.
步驟 404, TWAG收到 UE的数据包后, 解封装数据包, 获取报文的 L2TP头中的 Tunnel ID 和 Session ID, 并将报文中的 IP包重新封装, 通过 TWAG与 PND GW之间的隧道(如 GTP隧道、 PMIP隧道)发送给 PND GW。  Step 404: After receiving the data packet of the UE, the TWAG decapsulates the data packet, obtains the tunnel ID and the session ID in the L2TP header of the packet, and re-encapsulates the IP packet in the packet, and passes between the TWAG and the PND GW. Tunnels (such as GTP tunnels, PMIP tunnels) are sent to the PND GW.
步驟 405 , PDN GW接收 3GPP UE的数据包。  Step 405: The PDN GW receives the data packet of the 3GPP UE.
本发明还记载了一种多连接建立的系统, 所述系统包括 BNG、 TWAG 和 PDN网关, 其中:  The invention also describes a system for establishing multiple connections, the system comprising BNG, TWAG and PDN gateways, wherein:
BNG, 配置为接收到 UE发起的 PPP或 PPPoE接入请求消息后, 通过 L2TP隧道转发给 TWAG;  The BNG is configured to receive the PPP or PPPoE access request message initiated by the UE, and then forward the message to the TWAG through the L2TP tunnel;
所述 TWAG, 配置为确定允许建立所述 UE的 PDN连接时, 根据所述 UE欲接入的 APN信息与 PDN网关建立所述 UE的 PDN连接, 并将所述 PDN网关为所述 UE分配的 IP地址信息发送给所述 UE。  The TWAG, configured to determine that a PDN connection of the UE is allowed to be established, establish a PDN connection of the UE with a PDN gateway according to the APN information that the UE wants to access, and allocate the PDN gateway to the UE. The IP address information is sent to the UE.
其中,所述 BNG在接收到 UE发起的 PPP或 PPPoE接入请求消息后还 配置为,确定所述 BNG与所述 TWAG之间未建立 L2TP隧道时,根据获取 的所述 UE欲接入的 APN信息或 L2TP参数信息, 与所述 TWAG之间建立 所述 UE的 L2TP隧道。  After receiving the PPP or PPPoE access request message initiated by the UE, the BNG is configured to determine that the acquired APN is to be accessed by the UE when the L2TP tunnel is not established between the BNG and the TWAG. The information or the L2TP parameter information is used to establish an L2TP tunnel of the UE with the TWAG.
所述 BNG与所述 BWAG之间在所述 L2TP隧道中为所述 UE的 PPP 或 PPPoE请求建立 L2TP会话;  Establishing, by the BNG and the BWAG, an L2TP session for the PPP or PPPoE request of the UE in the L2TP tunnel;
所述 TWAG将所述 PDN网关为所述 UE分配的 IP地址信息通过所述 L2TP会话并经所述 BNG发送给所述 UE。  The TWAG sends the IP address information allocated by the PDN gateway to the UE through the L2TP session and sends the information to the UE via the BNG.
所述系统还包括 3GPP AAA服务器和 BBF AAA服务器, 其中: 所述 TWAG还配置为, 向所述 BBF AAA服务器发起基于 UE的认证 请求; The system also includes a 3GPP AAA server and a BBF AAA server, wherein: the TWAG is further configured to initiate UE-based authentication to the BBF AAA server Request
所述 BBF AAA服务器还配置为, 将所述 TWAG发送的基于 UE的认 证请求发送给所述 3GPP AAA服务器, 以及接收到所述 3GPP AAA发送的 UE认证成功消息或授权消息并发送给所述 TWAG;  The BBF AAA server is further configured to: send the UE-based authentication request sent by the TWAG to the 3GPP AAA server, and receive a UE authentication success message or an authorization message sent by the 3GPP AAA and send the message to the TWAG ;
所述 3GPP AAA服务器还配置为, 在所述 UE的认证通过后通过所述 BBF AAA服务器向所述 TWAG发送 UE认证成功消息或授权消息, 所述 UE认证成功消息或授权消息中携带有 APN接入列表信息。  The 3GPP AAA server is further configured to: after the authentication of the UE is passed, send a UE authentication success message or an authorization message to the TWAG by using the BBF AAA server, where the UE authentication success message or the authorization message carries an APN connection. Enter the list information.
TWAG从所述 UE发起的 PPP或 PPPoE接入请求消息获取所述 UE欲 接入的 APN信息。  The TWAG obtains the APN information that the UE wants to access from the PPP or PPPoE access request message initiated by the UE.
其中,所述 BNG还配置为,向所述 BBF AAA服务器发起基于所述 UE 的认证请求, 所述 BBF AAA服务器向所述 3GPP AAA服务器转发发起基 于所述 UE的认证请求;  The BNG is further configured to initiate an authentication request based on the UE to the BBF AAA server, where the BBF AAA server forwards an authentication request based on the UE to the 3GPP AAA server;
所述 3GPP AAA服务器还配置为, 在基于所述 UE的认证通过后, 通 过所述 BBF AAA服务器向所述 BNG发送所述 UE认证成功消息或授权消 息; 所述 UE认证成功消息或授权消息中携带有 L2TP参数信息。  The 3GPP AAA server is further configured to: after the authentication based on the UE passes, send the UE authentication success message or an authorization message to the BNG by using the BBF AAA server; in the UE authentication success message or the authorization message Carry L2TP parameter information.
其中, 所述 TWAG还配置为, 根据所获取的所述 UE欲接入的 APN信 息以及 APN接入列表信息确定允许建立所述 UE的 PDN连接。  The TWAG is further configured to determine, according to the acquired APN information that the UE wants to access and the APN access list information, that the PDN connection of the UE is allowed to be established.
其中, 所述 TWAG还配置为, 在与所述 UE进行的 IPCP协商过程中, 将所述 PDN网关为所述 UE分配的 IP地址信息发送给所述 UE。  The TWAG is further configured to: send the IP address information allocated by the PDN gateway to the UE to the UE in an IPCP negotiation process with the UE.
其中, 所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE 在同一 L2TP隧道中建立不同的会话;  The different UEs carrying the same APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
或者, 所述 BNG和所述 TWAG之间为携带不同 APN信息的不同 UE 在同一 L2TP隧道中建立不同的会话;  Or, the different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
或者, 所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE 建立不同的 L2TP隧道。 本领域技术人员应当理解, 本发明的多连接建立的系统是在现有的移 动通信网络基础上实现的, 系统的结构与现有的 FMC架构相同, 本发明的 多连接建立的系统是对现有的移动通信网络中的相关网元进行了相应的功 能拓展而实现的, 本发明中, 仅对功能扩展了的网元进行了重点描述。 本 发明的多连接建立的系统可参照前述的本发明的多连接建立的方法的相关 描述而理解, 其网络架构可参照现有的移动通信网络结构如基于图 1 所示 的结构而理解。 Or, the BNG and the TWAG establish different L2TP tunnels for different UEs carrying the same APN information. It should be understood by those skilled in the art that the multi-connection established system of the present invention is implemented on the basis of an existing mobile communication network, and the structure of the system is the same as that of the existing FMC architecture, and the multi-connection established system of the present invention is present. Some related network elements in the mobile communication network are implemented by corresponding function expansion. In the present invention, only the network elements whose functions are extended are mainly described. The multi-connection establishment system of the present invention can be understood by referring to the foregoing description of the multi-connection establishment method of the present invention, and its network architecture can be understood with reference to the existing mobile communication network structure such as the structure shown based on FIG.
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。  The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.
工业实用性  Industrial applicability
本发明实施例中, BNG接收到 UE发起的点对点协议或以太网点对点 协议接入请求消息后, 通过 L2TP隧道转发给 TWAG; TWAG根据所获取 的 UE欲接入的接入点名称信息以及 APN接入列表信息确定允许建立 UE 的 PDN连接时, 根据 UE欲接入的 APN信息与 PDN网关建立所述 UE的 PDN连接, 并将 PDN网关为 UE分配的 IP地址信息通过 BNG发送给所述 UE。 其中, BNG和 TWAG之间为携带相同 APN信息的不同 UE在同一第 二层隧道协议隧道中建立不同的会话; 或者, BNG和 TWAG之间为携带不 同 APN信息的不同 UE在同一 L2TP隧道中建立不同的会话; 或者, BNG 和 TWAG之间为携带相同 APN信息的不同 UE建立不同的 L2TP隧道。  In the embodiment of the present invention, the BNG receives the peer-to-peer protocol or the Ethernet point-to-point protocol access request message initiated by the UE, and then forwards the message to the TWAG through the L2TP tunnel; the TWAG receives the access point name information and the APN according to the obtained UE to access. When the in-list information determines that the PDN connection of the UE is allowed to be established, the PDN connection of the UE is established with the PDN gateway according to the APN information that the UE wants to access, and the IP address information allocated by the PDN gateway for the UE is sent to the UE through the BNG. The different UEs carrying the same APN information between the BNG and the TWAG establish different sessions in the same Layer 2 tunneling protocol tunnel. Alternatively, the BNG and the TWAG are established in the same L2TP tunnel for different UEs carrying different APN information. Different sessions; or, BNG and TWAG establish different L2TP tunnels for different UEs carrying the same APN information.
TWAG维护 UE的 L2TP隧道及会话与 GTP/PMIP连接的绑定关系。 The TWAG maintains the binding relationship between the L2TP tunnel and the session of the UE and the GTP/PMIP connection.

Claims

权利要求书 Claim
1、 一种多连接建立的方法, 包括:  1. A method for establishing multiple connections, comprising:
宽带网络网关 BNG接收到用户设备 UE发起的点对点协议 PPP或以太 网点对点协议 PPPoE接入请求消息后, 通过 L2TP隧道转发给信任无线局 或网接入网关 TWAG;  The broadband network gateway BNG receives the peer-to-peer protocol PPP or the Ethernet peer-to-peer protocol PPPoE access request message initiated by the UE, and then forwards to the trusted wireless office or the network access gateway TWAG through the L2TP tunnel;
所述 TWAG确定允许建立所述 UE的分组数据网络 PDN连接时,根据 所述 UE欲接入的接入点名称 APN信息与 PDN网关建立所述 UE的 PDN 连接, 并将所述 PDN网关为所述 UE分配的 IP地址信息发送给所述 UE。  When the TWAG determines that the packet data network PDN connection of the UE is allowed to be established, the PDN connection of the UE is established with the PDN gateway according to the access point name APN information that the UE wants to access, and the PDN gateway is The IP address information allocated by the UE is sent to the UE.
2、 根据权利要求 1所述的方法, 其中, 所述方法还包括:  2. The method according to claim 1, wherein the method further comprises:
所述 BNG接收到所述 UE发起的 PPP或 PPPoE接入请求消息后,确定 所述 BNG与所述 TWAG之间未建立第二层隧道协议 L2TP隧道时,根据获 取的所述 UE欲接入的 APN信息或 L2TP参数信息, 与所述 TWAG之间建 立所述 UE的 L2TP隧道。  After the BNG receives the PPP or PPPoE access request message initiated by the UE, and determines that the second layer tunneling protocol L2TP tunnel is not established between the BNG and the TWAG, the BNG needs to access according to the acquired UE. The APN information or the L2TP parameter information establishes an L2TP tunnel of the UE with the TWAG.
3、 根据权利要求 1所述的方法, 其中, 所述方法还包括:  3. The method according to claim 1, wherein the method further comprises:
所述 BNG与所述 BWAG之间在所述 L2TP隧道中为所述 UE的 PPP 或 PPPoE请求建立 L2TP会话;  Establishing, by the BNG and the BWAG, an L2TP session for the PPP or PPPoE request of the UE in the L2TP tunnel;
所述 TWAG将所述 PDN网关为所述 UE分配的 IP地址信息通过所述 L2TP会话并经所述 BNG发送给所述 UE。  The TWAG sends the IP address information allocated by the PDN gateway to the UE through the L2TP session and sends the information to the UE via the BNG.
4、 根据权利要求 1至 3任一项所述的方法, 其中, 所述方法还包括: 所述 TWAG向第三代合作伙伴计划组织 3GPP认证授权计费 AAA服务 器发起基于所述 UE的认证请求,所述 3GPP AAA服务器在所述 UE的认证 通过后通过宽带论坛 BBF AAA服务器向所述 TWAG发送所述 UE认证成 功消息或授权消息, 所述 UE认证成功消息或授权消息中携带有 APN接入 列表信息。  The method according to any one of claims 1 to 3, wherein the method further comprises: the TWAG initiating an authentication request based on the UE to a 3GPP partner organization organization 3GPP authentication and authorization charging AAA server After the authentication of the UE is passed, the 3GPP AAA server sends the UE authentication success message or the authorization message to the TWAG through the broadband forum BBF AAA server, where the UE authentication success message or the authorization message carries the APN access. List information.
5、 根据权利要求 4所述的方法, 其中, 所述方法还包括: 所述 PPP或 PPPoE接入请求消息中携带有所述 UE欲接入的 APN信息; 所述 TWAG从所述 UE发起的 PPP或 PPPoE接入请求消息获取所述 UE欲 接入的 APN信息。 5. The method according to claim 4, wherein the method further comprises: The PPP or PPPoE access request message carries the APN information that the UE wants to access. The TWAG obtains the APN information that the UE wants to access from the PPP or PPPoE access request message initiated by the UE.
6、 根据权利要求 4所述的方法, 其中, 所述方法还包括:  The method according to claim 4, wherein the method further comprises:
所述 BNG向 BBF AAA服务器发起基于所述 UE的认证请求,所述 BBF AAA服务器向第三代合作伙伴计划组织 3GPP AAA服务器发送基于所述 UE的认证请求;  The BNG initiates an authentication request based on the UE to a BBF AAA server, and the BBF AAA server sends an authentication request based on the UE to a 3GPP AAA server of the 3rd Generation Partnership Project Organization;
所述 3GPP AAA服务器在基于所述 UE的认证通过后, 通过所述 BBF AAA服务器向所述 BNG发送所述 UE认证成功消息或授权消息; 所述 UE 认证成功消息或授权消息中携带有 L2TP参数信息。  After the authentication by the UE is passed, the 3GPP AAA server sends the UE authentication success message or the authorization message to the BNG through the BBF AAA server; the UE authentication success message or the authorization message carries the L2TP parameter. information.
7、 根据权利要求 1所述的方法, 其中, 所述方法还包括:  7. The method according to claim 1, wherein the method further comprises:
所述 TWAG根据所获取的所述 UE欲接入的 APN信息以及 APN接入 列表信息确定允许建立所述 UE的 PDN连接。  The TWAG determines, according to the acquired APN information that the UE wants to access and the APN access list information, that the PDN connection of the UE is allowed to be established.
8、 根据权利要求 1所述的方法, 其中, 所述方法还包括:  8. The method according to claim 1, wherein the method further comprises:
所述 TWAG在与所述 UE进行的因特网协议控制协议 IPCP协商过程 中, 将所述 PDN网关为所述 UE分配的 IP地址信息发送给所述 UE。  The TWAG sends the IP address information allocated by the PDN gateway to the UE to the UE in an IPCP negotiation process with the UE.
9、 根据权利要求 5所述的方法, 其中, 所述方法还包括:  The method according to claim 5, wherein the method further comprises:
所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE在同一 L2TP隧道中建立不同的会话;  Establishing different sessions between the BNG and the TWAG in different L2TP tunnels for different UEs carrying the same APN information;
或者, 所述 BNG和所述 TWAG之间为携带不同 APN信息的不同 UE 在同一 L2TP隧道中建立不同的会话;  Or, the different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
或者, 所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE 建立不同的 L2TP隧道。  Or, the BNG and the TWAG establish different L2TP tunnels for different UEs carrying the same APN information.
10、 根据权利要求 6或 7所述的方法, 其中, 所述方法还包括: 所述 TWAG维护所述 UE的 L2TP隧道及会话与 GTP/PMIP连接的绑 定关系; 所述 GTP/PMIP连接为所述 BNG与所述 PDN网关之间的连接。The method according to claim 6 or 7, wherein the method further comprises: the TWAG maintaining the L2TP tunnel of the UE and the binding of the session to the GTP/PMIP connection The GTP/PMIP connection is a connection between the BNG and the PDN gateway.
11、 一种多连接建立的系统, 包括 BNG、 TWAG和 PDN网关, 其中: BNG, 配置为接收到 UE发起的 PPP或 PPPoE接入请求消息后, 通过A system for establishing a multi-connection, including a BNG, a TWAG, and a PDN gateway, where: the BNG is configured to receive a PPP or PPPoE access request message initiated by the UE,
L2TP隧道转发给 TWAG; The L2TP tunnel is forwarded to the TWAG;
所述 TWAG, 配置为确定允许建立所述 UE的 PDN连接时, 根据所述 UE欲接入的 APN信息与 PDN网关建立所述 UE的 PDN连接, 并将所述 PDN网关为所述 UE分配的 IP地址信息发送给所述 UE。  The TWAG, configured to determine that a PDN connection of the UE is allowed to be established, establish a PDN connection of the UE with a PDN gateway according to the APN information that the UE wants to access, and allocate the PDN gateway to the UE. The IP address information is sent to the UE.
12、 根据权利要求 11所述的系统, 其中:  12. The system of claim 11 wherein:
所述 BNG在接收到 UE发起的 PPP或 PPPoE接入请求消息后还配置为, 确定所述 BNG与所述 TWAG之间未建立 L2TP隧道时, 根据获取的所述 UE欲接入的 APN信息或 L2TP参数信息,与所述 TWAG之间建立所述 UE 的 L2TP隧道。  After receiving the PPP or PPPoE access request message initiated by the UE, the BNG is further configured to: when determining that the L2TP tunnel is not established between the BNG and the TWAG, according to the acquired APN information that the UE wants to access or The L2TP parameter information is used to establish an L2TP tunnel of the UE with the TWAG.
13、 根据权利要求 11所述的系统, 其中:  13. The system of claim 11 wherein:
BWAG发送 L2TP会话建立请求; The BWAG sends an L2TP session establishment request.
所述 TWAG还配置为, 将所述 PDN为所述 UE分配的 IP地址信息通 过所述 L2TP隧道并经所述 BNG发送给所述 UE。  The TWAG is further configured to: send, by the BNG, the IP address information allocated by the PDN to the UE to the UE by using the L2TP tunnel.
14、 根据权利要求 11至 13任一项所述的系统, 所述系统还包括 3GPP AAA服务器和 BBF AAA服务器, 其中:  14. The system according to any one of claims 11 to 13, the system further comprising a 3GPP AAA server and a BBF AAA server, wherein:
所述 TWAG还配置为, 向所述 BBF AAA服务器发起基于 UE的认证 请求;  The TWAG is further configured to initiate a UE-based authentication request to the BBF AAA server;
所述 BBF AAA服务器还配置为, 将所述 TWAG发送的基于 UE的认 证请求发送给所述 3GPP AAA服务器, 以及接收到所述 3GPP AAA发送的 UE认证成功消息或授权消息并发送给所述 TWAG;  The BBF AAA server is further configured to: send the UE-based authentication request sent by the TWAG to the 3GPP AAA server, and receive a UE authentication success message or an authorization message sent by the 3GPP AAA and send the message to the TWAG ;
所述 3GPP AAA服务器还配置为, 在所述 UE的认证通过后通过所述 BBF AAA服务器向所述 TWAG发送 UE认证成功消息或授权消息, 所述 UE认证成功消息或授权消息中携带有 APN接入列表信息。 The 3GPP AAA server is further configured to: after the authentication of the UE passes, pass the The BBF AAA server sends a UE authentication success message or an authorization message to the TWAG, where the UE authentication success message or the authorization message carries the APN access list information.
15、 根据权利要求 14所述的系统, 其中, 所述 BNG还配置为, 向所 述 BBF AAA服务器发起基于所述 UE的认证请求, 所述 BBF AAA服务器 向所述 3GPP AAA服务器转发发起基于所述 UE的认证请求;  The system according to claim 14, wherein the BNG is further configured to initiate an authentication request based on the UE to the BBF AAA server, and the BBF AAA server forwards the originating basis to the 3GPP AAA server. Said UE authentication request;
所述 3GPP AAA服务器还配置为, 在基于所述 UE的认证通过后, 通 过所述 BBF AAA服务器向所述 BNG发送所述 UE认证成功消息或授权消 息; 所述 UE认证成功消息或授权消息中携带有 L2TP参数信息。  The 3GPP AAA server is further configured to: after the authentication based on the UE passes, send the UE authentication success message or an authorization message to the BNG by using the BBF AAA server; in the UE authentication success message or the authorization message Carry L2TP parameter information.
16、 根据权利要求 15所述的系统, 其中, 所述 TWAG还配置为, 根据 所获取的所述 UE欲接入的 APN信息以及 APN接入列表信息确定允许建立 所述 UE的 PDN连接。  The system according to claim 15, wherein the TWAG is further configured to determine, according to the acquired APN information that the UE wants to access and the APN access list information, that the PDN connection of the UE is allowed to be established.
17、 根据权利要求 15所述的系统, 其中, 所述 TWAG还配置为, 在与 所述 UE进行的 IPCP协商过程中, 将所述 PDN网关为所述 UE分配的 IP 地址信息发送给所述 UE。  The system according to claim 15, wherein the TWAG is further configured to: send, in the IPCP negotiation process with the UE, IP address information allocated by the PDN gateway to the UE to the UE.
18、 根据权利要求 15所述的系统, 其中:  18. The system of claim 15 wherein:
所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE在同一 L2TP隧道中建立不同的会话;  Establishing different sessions between the BNG and the TWAG in different L2TP tunnels for different UEs carrying the same APN information;
或者, 所述 BNG和所述 TWAG之间为携带不同 APN信息的不同 UE 在同一 L2TP隧道中建立不同的会话;  Or, the different UEs carrying different APN information between the BNG and the TWAG establish different sessions in the same L2TP tunnel;
或者, 所述 BNG和所述 TWAG之间为携带相同 APN信息的不同 UE 建立不同的 L2TP隧道。  Or, the BNG and the TWAG establish different L2TP tunnels for different UEs carrying the same APN information.
PCT/CN2013/082101 2012-08-30 2013-08-22 Method and system for setting up multiple connections WO2014032542A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210315435.6 2012-08-30
CN201210315435.6A CN103687049B (en) 2012-08-30 2012-08-30 The method and system that multi-connection is established

Publications (2)

Publication Number Publication Date
WO2014032542A1 WO2014032542A1 (en) 2014-03-06
WO2014032542A9 true WO2014032542A9 (en) 2014-04-10

Family

ID=50182489

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/082101 WO2014032542A1 (en) 2012-08-30 2013-08-22 Method and system for setting up multiple connections

Country Status (2)

Country Link
CN (1) CN103687049B (en)
WO (1) WO2014032542A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108738013B (en) * 2017-04-18 2021-11-19 华为技术有限公司 Network access method, device and network equipment
CN115396510B (en) * 2022-08-12 2024-03-15 西安广和通无线通信有限公司 Communication method and communication module

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090043902A1 (en) * 2007-04-12 2009-02-12 Stefano Faccin Packet data network connectivity domain selection and bearer setup
CN101471840B (en) * 2007-12-27 2011-04-20 华为技术有限公司 Network connection method and network system
CN101494638A (en) * 2008-01-25 2009-07-29 华为技术有限公司 Method, system and device for fixing movable fusion FMC
CN101631354B (en) * 2008-07-18 2011-12-28 华为技术有限公司 Method, device and system for selecting packet data network
CN102316602B (en) * 2010-07-09 2016-04-13 中兴通讯股份有限公司 A kind of system, Apparatus and method for of subscriber equipment access to mobile network
CN102457444B (en) * 2010-10-22 2016-09-07 中兴通讯股份有限公司 A kind of converging fixed network and the system and method for mobile network

Also Published As

Publication number Publication date
WO2014032542A1 (en) 2014-03-06
CN103687049A (en) 2014-03-26
CN103687049B (en) 2019-07-09

Similar Documents

Publication Publication Date Title
US10021566B2 (en) Non-mobile authentication for mobile network gateway connectivity
JP4865805B2 (en) Method and apparatus for supporting different authentication certificates
CN108029017B (en) Method for secure wifi call connection through managed public WLAN access
US9549317B2 (en) Methods and apparatuses to provide secure communication between an untrusted wireless access network and a trusted controlled network
KR101814969B1 (en) Systems and methods for accessing a network
US8769626B2 (en) Web authentication support for proxy mobile IP
EP3154306B1 (en) Establishment of network connection
WO2005039110A1 (en) A method of analyzing the accessing process of the selected service in the wireless local area network
WO2013131483A1 (en) Method and trusted gateway for wifi terminal to access packet data ps service domain
WO2012126291A1 (en) Data routing method and system
WO2014063530A1 (en) Method and system for mobile user to access fixed network
WO2011116713A2 (en) Method, device and system for machine type communication (mtc) terminal communicating with network through gateway
WO2008009227A1 (en) A method for the user equipment accessing the telecommunication system and the telecommunication system
WO2014000520A1 (en) Method, apparatus and system for policy control
WO2014067420A1 (en) Packet data network type management method, device, and system
WO2014101755A1 (en) Service data shunting method and system
WO2004051930A1 (en) A communication system and method of authentication therefor
WO2012130133A1 (en) Access point and terminal access method
WO2009094910A1 (en) Method, system and apparatus for fixed mobile convergence
US8458773B2 (en) Method, device, and system for authentication
WO2011134102A1 (en) Method, apparatus and system for correlating session
WO2013107243A1 (en) Session establishing method and device
WO2010091589A1 (en) Security authentication method
WO2012142867A1 (en) Authentication notification method and system
WO2014032542A9 (en) Method and system for setting up multiple connections

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13832692

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13832692

Country of ref document: EP

Kind code of ref document: A1