WO2019144719A1 - Remote terminal device dynamic access method and apparatus - Google Patents

Remote terminal device dynamic access method and apparatus Download PDF

Info

Publication number
WO2019144719A1
WO2019144719A1 PCT/CN2018/120719 CN2018120719W WO2019144719A1 WO 2019144719 A1 WO2019144719 A1 WO 2019144719A1 CN 2018120719 W CN2018120719 W CN 2018120719W WO 2019144719 A1 WO2019144719 A1 WO 2019144719A1
Authority
WO
WIPO (PCT)
Prior art keywords
mac address
session
identifier
remote device
terminal
Prior art date
Application number
PCT/CN2018/120719
Other languages
French (fr)
Chinese (zh)
Inventor
姚琦
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2019144719A1 publication Critical patent/WO2019144719A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2854Wide area networks, e.g. public data networks
    • H04L12/2856Access arrangements, e.g. Internet access
    • H04L12/2869Operational details of access network equipments
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery

Definitions

  • the present application relates to the field of mobile communications technologies, and in particular, to a dynamic access method and apparatus for a remote device.
  • the terminal device may not have an internet protocol (IP) address, especially for traditional industrial devices, and Ethernet Layer 2 communication is often used.
  • IP internet protocol
  • these devices need to be connected to external networks for information exchange and communication to enable intelligent identification, location, tracking, monitoring and management of items.
  • household products are closely related to human food and entertainment. In recent years, smart homes have received more and more attention. Each type of household products may come from different manufacturers and adopt different standards. Communication between them may be incompatible.
  • a bridge mode terminal connects each remote device to implement hardware intelligent upgrade and interoperability between intelligent hardware. For each remote device behind the terminal, how to access and transmit data becomes the primary problem.
  • the access method of the remote device is generally given.
  • the MAC address of the remote device accessing the terminal is authorized to be assigned to each network element in the network, and subsequent network elements are based on these authorized
  • the MAC address implements forwarding or processing of data packets or signaling to the remote device.
  • the present application provides a dynamic access method and device for a remote device, which is used to dynamically access a new remote device on the terminal.
  • the present application provides a dynamic access method for a remote device, where the method includes: receiving, by a terminal, a data packet from a remote device, where the data packet includes a media access control of a remote device. a MAC address; if the terminal does not record the MAC address, the terminal sends a session modification request message to the session management network element, where the session modification request message includes the MAC address; the terminal receives an indication message from the session management network element, where the indication message is used Indicates that the session modification is successful; the terminal records the MAC address.
  • the terminal determines that the MAC address in the data packet is not recorded, it is determined that the remote device corresponding to the MAC address is a new remote device, that is, a remote device that is not connected to the terminal, and therefore, the terminal manages the session.
  • the network element sends a session modification request message for requesting to modify the session, and if the terminal receives the indication message sent by the session management network element to indicate that the session modification is successful, the terminal records the MAC address. Therefore, it is relatively flexible to connect the remote device that dynamically requests access to the terminal.
  • the terminal records the MAC address, including: the terminal adds the MAC address to the MAC address list, the MAC address list includes at least one MAC address, and one MAC address corresponds to one remote device, and one remote device Corresponds to at least one MAC address.
  • the terminal records the MAC address, including: the terminal records the correspondence between the identifier of the terminal and the MAC address.
  • the terminal records the MAC address, including: the terminal records the correspondence between the identifier of the remote device and the MAC address.
  • the present application provides a dynamic access method for a remote device, where the method includes: receiving, by a terminal, a data packet from a remote device, where the data packet includes a MAC address of the remote device; Sending the data packet; the terminal receives an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful; the terminal records the MAC address.
  • the terminal receives the data packet sent by the remote device, and sends the data packet to the user plane network element.
  • the user plane network element determines the MAC address in the unrecorded data packet
  • the session management network element is triggered to modify the session, if the session management network After the meta-modification session is successful, the terminal sends an indication message indicating that the session modification is successful.
  • the terminal After receiving the indication message sent by the session management network element, the terminal records the MAC address. Therefore, the remote device that dynamically requests the access is accessed to the terminal, which is relatively flexible.
  • the terminal records the MAC address, including: the terminal adds the MAC address to the MAC address list, the MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address.
  • the terminal records the MAC address, including: the terminal records the correspondence between the identifier of the terminal and the MAC address.
  • the present application provides a dynamic access method of a remote device, where the method includes: first, a session management network element receives a session modification request message from a terminal, where the session modification request message includes an identifier and a remote end of the session of the terminal.
  • the MAC address of the device; or, the session management network element receives the notification message from the user plane network element, where the notification message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session; then, the session management network
  • the element generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the user plane network element.
  • the session management network element when the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, the session management network element may determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message. Then, the session management network element generates a new forwarding rule according to the MAC address and the identifier of the session, and sends the new forwarding rule to the user plane network element. Therefore, the MAC address of the remote device that is dynamically applied for is sent to the corresponding network element, such as the user plane network element, so that the data packet sent by the remote device corresponding to the MAC address can be processed later.
  • the method is more flexible.
  • the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including: the session management network element generates a forwarding rule according to the identifier and the MAC address of the downlink tunnel corresponding to the identifier of the session, and the forwarding rule is generated.
  • the rule is the correspondence between the MAC address and the identifier of the downlink tunnel.
  • the above provides a specific implementation manner of generating a forwarding rule, which is relatively simple and easy to implement.
  • the method further includes: the session management network element records the correspondence between the identifier of the downlink tunnel corresponding to the identifier of the session and the MAC address.
  • the session management network element can manage the remote device corresponding to the MAC address according to the MAC address.
  • the method further includes: the session management network element sends the MAC address to the policy control network element.
  • the policy control network element can manage the remote device corresponding to the MAC address according to the MAC address.
  • the method further includes: the session management network element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device; and the session management network element receives the authentication response message from the authentication server.
  • the authentication response message is used to indicate that the authentication is successful.
  • the session management network element further requests the authentication server to perform authentication on the remote device corresponding to the MAC address. Only when the authentication succeeds, it is determined to access the remote device and record the MAC address, thereby facilitating communication security. .
  • the authentication request message includes a MAC address, where the MAC address is used to authenticate the remote device, or the session modification request message includes the identifier of the remote device or the notification message includes the identifier of the remote device,
  • the authentication request message includes a MAC address and an identifier of the remote device, and the identifier of the remote device is used to authenticate the remote device.
  • One method is to use the MAC address to authenticate the remote device, and the other is to use the identifier of the remote device to authenticate the remote device. You can select one according to the actual situation and compare flexible.
  • the present application provides a dynamic access method of a remote device, where the method includes: a session management network element receives a session modification request message from a terminal, where the session modification request message includes an identifier of a session of the terminal and a remote device.
  • the media access control MAC address; or the session management network element receives the notification message from the user plane network element, where the notification message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session; the session management network The element sends an indication message to the terminal, where the indication message is used to indicate that the session modification is successful.
  • the session management network element When the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, it may determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message, and further The session management network element sends an indication message to the terminal, which is used to indicate that the session modification is successful, so that the terminal can record the MAC address, thereby implementing the remote device that dynamically requests the access to the terminal, and thus the method is compared. flexible.
  • the present application provides a dynamic access method of a remote device, where the method includes: a session management network element receives a session modification request message from a terminal, where the session modification request message includes an identifier of a session of the terminal and a remote device.
  • the media access control MAC address; or the session management network element receives the notification message from the user plane network element, where the notification message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session; the session management network The element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device; the session management network element receives the authentication response message from the authentication server, and the authentication response message is used to indicate that the authentication is successful; the session management network element is based on the session.
  • the identifier of the downlink tunnel corresponding to the identifier and the MAC address are generated, and a forwarding rule is generated.
  • the session management network element When the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, it can determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message, and the session is The management network element requests the authentication server to authenticate the remote device corresponding to the MAC address. If the authentication succeeds, the session management network element generates a new forwarding rule according to the MAC address and the identifier of the session, and sends the new forwarding rule to the user plane network element. Therefore, the MAC address of the remote device that is dynamically applied for is sent to the corresponding network element, such as the user plane network element, so that the data packet sent or received by the remote device corresponding to the MAC address can be processed later. Therefore, it is more flexible.
  • the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including: the session management network element generates a forwarding rule and a forwarding rule according to the identifier and MAC address of the downlink tunnel corresponding to the identifier of the session. Correspondence between the MAC address and the identifier of the downlink tunnel.
  • the above provides a specific implementation manner of generating a forwarding rule, which is relatively simple and easy to implement.
  • the method further includes: the session management network element records the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
  • the session management network element can manage the remote device corresponding to the MAC address according to the MAC address.
  • the method further includes: the session management network element sends the MAC address to the policy control network element.
  • the policy control network element can manage the remote device corresponding to the MAC address according to the MAC address.
  • the authentication request message includes a MAC address, where the MAC address is used to authenticate the remote device, or the session modification request message includes the identifier of the remote device or the notification message includes the identifier of the remote device,
  • the authentication request message includes a MAC address and an identifier of the remote device, and the identifier of the remote device is used to authenticate the remote device.
  • One method is to use the MAC address to authenticate the remote device, and the other is to use the identifier of the remote device to authenticate the remote device. You can select one according to the actual situation.
  • the present application provides a dynamic access method of a remote device, where the method includes: a user plane network element receives a data packet from a terminal by using an uplink tunnel, where the data packet includes a media access control MAC address of the remote device.
  • the user plane network element determines the identifier of the session of the terminal according to the identifier of the uplink tunnel and the identifier of the identifier of the uplink tunnel and the session identifier of the terminal; if the user plane network element does not record the MAC address, the notification is sent to the session management network element.
  • the message, the notification message includes the identifier of the MAC address and the session, and the notification message is used to notify the modification session.
  • the user plane network element receives the forwarding rule from the session management network element, and the forwarding rule is the identifier and MAC address of the downlink tunnel corresponding to the identifier of the session. Correspondence.
  • the user plane network element determines that the MAC address associated with the identifier of the downlink tunnel corresponding to the identifier of the session does not record the MAC address in the data packet.
  • the user plane network element determines the identifier of the downlink tunnel corresponding to the identifier of the session according to the identifier of the session; determines the MAC address associated with the identifier of the downlink tunnel according to the identifier of the downlink tunnel, and then determines the MAC associated with the identifier of the downlink tunnel. Whether the MAC address carried in the data packet is included in the address, if included, indicating that the user plane network element records the MAC address in the data packet. If not included, it indicates that the user plane network element does not record the MAC address in the data packet.
  • the application provides a device, which may be a terminal or a chip.
  • the device has the functionality to implement the various embodiments of the first aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the first Aspect or dynamic access method of a remote device in any implementation method of the first aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the first aspect or the first aspect according to the instruction A dynamic access method of a remote device in the implementation method.
  • the application provides a device, which may be a terminal or a chip.
  • the device has the functionality to implement the various embodiments of the second aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing
  • the dynamic access method of the remote device in any of the implementation methods of the second aspect or the second aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the second aspect or the second aspect according to the instruction A dynamic access method of a remote device in an implementation method.
  • the application provides a device, which may be a session management network element or a chip.
  • the device has the functionality to implement the various embodiments of the third aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the present application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing
  • the dynamic access method of the remote device in any of the implementation methods of the third aspect or the third aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the third aspect or the third aspect according to the instruction A dynamic access method of a remote device in an implementation method.
  • the application provides a device, which may be a session management network element or a chip.
  • the device has the functionality to implement the various embodiments of the fourth aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the present application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing
  • the dynamic access method of the remote device in any of the implementation methods of the fourth aspect or the fourth aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the fourth aspect or the fourth aspect according to the instruction A dynamic access method of a remote device in an implementation method.
  • the application provides a device, which may be a session management network element or a chip.
  • the device has the functionality to implement the various embodiments of the fifth aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the present application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing
  • the dynamic access method of the remote device in any of the implementation methods of the fifth aspect or the fifth aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the fifth aspect or the fifth aspect according to the instruction A dynamic access method of a remote device in any implementation method.
  • the present application provides a device, which may be a user plane network element or a chip.
  • the device has the function of implementing the various embodiments of the sixth aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the application provides an apparatus, comprising: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the above
  • the dynamic access method of the remote device in any of the implementation methods of the sixth aspect or the sixth aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the sixth aspect or the sixth aspect according to the instruction A dynamic access method of a remote device in any implementation method.
  • the present application further provides a system, where the system includes a session management network element, where the session management network element can be used to perform the foregoing third, fourth, fifth, and third aspects, and fourth The steps performed by the session management network element in any of the methods of the fifth aspect.
  • the system may further include a user plane network element, where the user plane network element may be used to perform the method in any of the sixth and sixth aspects, or the solution provided by the embodiment of the present invention. The steps performed by the user plane network element.
  • the system may further include other devices, such as terminals, and the like that interact with the session management network element and/or the user plane network element in the solution provided by the embodiment of the present invention.
  • the present application further provides a computer readable storage medium having stored therein a program or an instruction, when executed on a computer, causing the computer to perform the method described in the above aspects .
  • the present application also provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the methods described in the above aspects.
  • FIG. 1(a) is a schematic diagram of a possible network architecture provided by the present application.
  • FIG. 1(b) is a schematic diagram of still another possible network architecture provided by the present application.
  • FIG. 2 is a schematic diagram of a dynamic access method of a remote device according to the present application.
  • FIG. 3 is a schematic diagram of still another method for dynamically accessing a remote device according to the present application.
  • FIG. 4 is a schematic diagram of a device provided by the present application.
  • FIG. 5 is a schematic diagram of still another apparatus provided by the present application.
  • FIG. 6 is a schematic diagram of still another apparatus provided by the present application.
  • FIG. 7 is a schematic diagram of a terminal provided by the present application.
  • FIG. 8 is a schematic diagram of still another apparatus provided by the present application.
  • the network architecture and the service scenario described in the embodiments of the present application are for the purpose of more clearly illustrating the technical solutions of the embodiments of the present application, and do not constitute a limitation of the technical solutions provided by the embodiments of the present application.
  • the technical solutions provided by the embodiments of the present application are equally applicable to similar technical problems.
  • the network architecture includes a session management network element and a user plane network element.
  • the network architecture further includes a terminal.
  • the network architecture may also include a remote device.
  • the session management network element is mainly used for session management in a mobile network, such as session establishment, modification, and release. Specific functions include assigning an IP address to a user, and selecting a user plane function network element that provides a packet forwarding function.
  • the session management network element may be a session management function (SMF) network element.
  • SMF session management function
  • the session management network element may still be an SMF.
  • the network element, or other name, is not limited in this application.
  • the user plane network element is mainly responsible for processing user packets, such as forwarding and accounting.
  • the network slice selection network element may be a user plane function (UPF) network element.
  • UPF user plane function
  • the user plane network element may still be a UPF network element, or have other names. This application is not limited.
  • the terminal is a relay capable device, and may be, for example, a relay user equipment (relay user equipment, bridge user equipment, bridge UE).
  • relay user equipment relay user equipment, bridge user equipment, bridge UE.
  • the remote device can access the network through a terminal having a relay capability, for example, a remote user equipment (remote user equipment).
  • a terminal having a relay capability for example, a remote user equipment (remote user equipment).
  • the present application can implement dynamic access of a remote device based on the network architecture shown in FIG. 1(a).
  • the remote device is connected to the terminal and the core network.
  • the session management network element and the user plane network element in this application may have the following functions.
  • the session management network element receives the session modification request message from the terminal, where the session modification request message includes the identifier of the session of the terminal and the MAC address of the remote device; or the session management network element receives the notification message from the user plane network element, and the notification The message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session. Then, the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the user plane network element. .
  • the session management network element When the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, it can determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message, and the session is The management network element generates a new forwarding rule based on the MAC address and the identifier of the session, and sends the new forwarding rule to the user plane network element. Therefore, the MAC address of the remote device that is dynamically applied for is sent to the corresponding network element, such as the user plane network element, so that the data packet sent or received by the remote device corresponding to the MAC address can be processed later. Therefore, it is more flexible.
  • the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including: the session management network element generates a forwarding rule according to the identifier and the MAC address of the downlink tunnel corresponding to the identifier of the session, and the forwarding rule is generated.
  • the rule is the correspondence between the MAC address and the identifier of the downlink tunnel.
  • the method further includes: the session management network element records the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
  • the method further includes: the session management network element sends the MAC address to the policy control network element.
  • the method further includes: the session management network element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device; and the session management network element receives the authentication response message from the authentication server.
  • the authentication response message is used to indicate that the authentication is successful.
  • the user plane network element is configured to receive the data packet from the terminal by using the uplink tunnel, where the data packet includes the media access control MAC address of the remote device; and the identifier of the uplink tunnel and the identifier of the uplink tunnel correspond to the identifier of the session of the terminal.
  • the relationship determines the identifier of the session of the terminal; if the user plane network element does not record the MAC address, sends a notification message to the session management network element, where the notification message includes the MAC address and the identifier of the session, and the notification message is used to notify the modification session;
  • the forwarding rule of the session management network element, the forwarding rule is the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
  • FIG. 1(b) is a schematic diagram of still another possible network architecture provided by the present application.
  • the network architecture is based on the network architecture shown in Figure 1 (a), adding some other network elements.
  • the SMF network element and the UPF network element are respectively a specific example of the session management network element and the user plane network element shown in FIG. 1(a).
  • four remote devices are exemplarily shown in FIG. 1(b), which are the remote device 1, the remote device 2, the remote device 3, and the remote device 4.
  • the remote device 1 and the remote device 3 are remote devices that are fixedly connected to the terminal, that is, accessed during the process of establishing a session, and the remote device 4 needs to be dynamically accessed, that is, A remote device that dynamically requests access after the terminal establishes a session.
  • This application mainly introduces a method for dynamically accessing the remote device 4.
  • the mobility management network element is mainly used for mobility management in a mobile network, such as user location update, user registration network, or user handover.
  • the mobility management network element may be an access and mobility management function (AMF) network element.
  • AMF access and mobility management function
  • future communications such as 6G, the mobility management network element may still be an AMF network element.
  • the mobility management network element is taken as an AMF network element as an example.
  • the policy controls the network element including the user subscription data management function, the policy control function, the charging policy control function, or the quality of service (QoS) control.
  • the policy control network element may be a policy control function (PCF) network element.
  • PCF policy control function
  • the policy control network element may still be a PCF network element, or have other names. Make a limit.
  • FIG. 1(b) illustrates a case where a policy control network element is a PCF network element.
  • a radio access network (RAN) device is a device that provides wireless communication functions for a terminal, including but not limited to: a next generation base station (bNB), a radio network controller (radio network controller). , RNC), base station controller (BSC), base transceiver station (BTS), home base station (for example, home evolved node B, or home node B, HNB), baseband unit (BBU) ), transmitting and receiving point (TRP), transmitting point (TP), mobile switching center, and the like.
  • the base station in this application may also be a device that provides wireless communication functions for terminals in other communication systems that may occur in the future.
  • An authentication server is a physical entity or logical unit with authentication capabilities.
  • an authentication server is used as a data network-authentication (authorization and accounting, DN-AAA) server as an example.
  • the DN-AAA server can be deployed in the network deployed by the operator or deployed independently in the external data network.
  • each of the foregoing network elements can be either a network component in a hardware device, a software function running on dedicated hardware, or a virtualization function instantiated on a platform (eg, a cloud platform).
  • the present application uses the session management network element as the SMF network element, the user plane network element as the UPF network element, and the policy control network element as the PCF network element as an example for description.
  • the SMF network element, the UPF network element, and the PCF network element are simply referred to as SMF, UPF, and PCF, respectively.
  • the SMF, the UPF, and the PCF described in any of the following embodiments may be replaced by a session management network element, a user plane network element, and a policy control network element, respectively.
  • FIG. 2 is a schematic diagram of a dynamic access method of a remote device provided by the present application. The method includes the following steps:
  • Step 201 The remote device sends a data packet to the terminal, and accordingly, the terminal receives the data packet from the remote device.
  • the packet includes the MAC address of the remote device.
  • the terminal after receiving the data packet, the terminal has two processing modes.
  • the first processing mode corresponds to the following step 202a
  • the second processing mode corresponds to the following step 202b. That is, one of the two processing methods of step 202a and step 202b can be selected.
  • step 202c may be further performed.
  • step 202a the present application will perform step 202a or perform steps 202b-202c.
  • Step 202a If the terminal determines that the MAC address in the data packet is not recorded, the terminal sends a session modification request message to the SMF, and accordingly, the SMF receives the session modification request message from the terminal.
  • the terminal may obtain the MAC address of the remote device from the data packet, and determine whether the MAC address is recorded.
  • the manner in which the terminal records the MAC address may be a record of the correspondence between the identifier of the terminal and the MAC address. Further, if there are multiple MAC addresses in the terminal, the terminal may also generate an associated MAC address list, and then record the correspondence between the MAC address list and the identifier of the terminal.
  • the method of recording the MAC address of the terminal will be described below in the form of a table. It should be noted that, in practical applications, it is not limited to recording the MAC address in the form of a table.
  • the identifier of the terminal is the terminal ID1, and the MAC address list recorded by the terminal currently includes MAC1, MAC2, and MAC3, where MAC1 is the MAC address of the remote device 1, and MAC2 is the MAC address of the remote device 2.
  • MAC3 is the MAC address of the remote device 3. That is, a MAC address corresponds to a remote device. In this case, the MAC address can also be used to uniquely identify a remote device.
  • a remote device may correspond to multiple MAC addresses.
  • MAC1 and MAC2 are the MAC addresses of the remote device 1
  • MAC3 is the MAC address of the remote device 2.
  • the MAC address cannot be used to uniquely identify a remote device.
  • other identifiers such as the identity of the remote device, can be used to uniquely identify a remote device.
  • the terminal can obtain the identifier of the remote device, and the method for obtaining the identifier of the remote device is not limited in this application.
  • the MAC address currently recorded by the terminal includes MAC1, MAC2, and MAC3, indicating that the remote device corresponding to MAC1, MAC2, and MAC3 has been connected to the terminal.
  • the identifiers of the sessions corresponding to MAC1, MAC2, and MAC3, respectively, may also be recorded.
  • the terminal After receiving the data packet sent by the remote device, the terminal needs to send the data packet to the UPF through the tunnel of the user plane through a certain session. Therefore, the mapping between the MAC address and the identifier of the session needs to be recorded. For example, referring to Table 1-1, since the session corresponding to MAC1 is session ID1, after the data packet sent by the remote device 1 arrives at the terminal, the terminal will send the data packet to the UPF through the session corresponding to the session ID1.
  • the identifier of the session may also be other information mapped to the session, such as the tunnel information corresponding to the session. It should be noted that if there is only one session in the terminal, the identifier of the corresponding session may not be recorded.
  • the identifier of the remote device corresponding to each MAC address may be recorded.
  • a column may be further added to the foregoing table 1-1 for recording the identifier of the remote device corresponding to the MAC address, for example, corresponding to MAC1.
  • ID of the remote device 1 MAC2 corresponds to the identifier of the remote device 2
  • MAC3 corresponds to the identifier of the remote device 3.
  • each session may correspond to one or more MAC addresses, and one MAC address corresponds to one remote device.
  • the manner in which the terminal is configured to bind the MAC address is not limited.
  • the MAC address may be bound to a suitable session according to factors such as the current load of the session and the number of MAC addresses currently associated with the session.
  • the remote device that sends the data packet to the terminal is the remote device 4, and the MAC address of the remote device 4 is MAC4, and the data packet sent by the remote device 4 includes the MAC4.
  • the terminal After receiving the data packet sent by the remote device 4, the terminal can obtain the MAC4 from the data packet, and determine whether the terminal records the MAC address 4.
  • the terminal can determine that the MAC4 in the unrecorded packet is not recorded, and thus the remote device 4 can be determined to be a new one.
  • the remote device that is, a new remote device requesting access to the terminal.
  • the terminal may bind a corresponding session to the remote device 4.
  • the session bound by the terminal to the remote device 4 is also the session corresponding to the session ID1 (the session may be referred to as session 1) ).
  • the terminal sends a session modification request message to the SMF, where the session modification request message includes the identifier of the session of the terminal and the MAC address of the remote device.
  • the session modification request message includes session ID1 and MAC4.
  • the session modification request message is used to request a modification session, that is, information for requesting to modify the session.
  • the information of the session includes information such as a MAC address corresponding to the session. It can be understood that the session modification request message will trigger the SMF to verify the remote device corresponding to the new MAC address, and determine whether to record the new MAC address.
  • step 202a may not be performed, but the following steps 202b to 202c are performed.
  • Step 202b The terminal sends a data packet to the UPF through the RAN device, and accordingly, the UPF receives the data packet from the terminal through the uplink tunnel.
  • the terminal After receiving the data packet sent by the remote device, the terminal sends the data packet to the UPF through the RAN device. It can also be understood that the terminal sends the data packet to the UPF through the tunnel of the user plane. Specifically, the terminal first sends a data packet to the RAN device, and then the RAN device sends the data packet to the UPF through an uplink tunnel.
  • the manner in which the RAN device selects the uplink tunnel may be that the corresponding uplink tunnel is selected according to the session bound by the terminal for the MAC address.
  • the SMF or the UPF allocates the uplink tunnel resource, including the IP address of the UPF and the identifier of the tunnel. For example, a tunnel endpoint identifier (TEID), and the allocated uplink tunnel resource is sent to the RAN device. Therefore, the correspondence between the identifier of the session and the uplink tunnel resource is recorded in the RAN device.
  • TEID tunnel endpoint identifier
  • the RAN device saves the mapping relationship between the air interface transmission channel (the transmission channel between the terminal and the RAN device) and the uplink tunnel resource, and therefore, the terminal moves to the RAN device.
  • the RAN device can determine the corresponding uplink tunnel according to the air interface transmission channel, and then send the data packet to the UPF through the determined uplink tunnel.
  • Step 202c If the UPF determines that the MAC address is not recorded, the UPF sends a notification message to the SMF, and accordingly, the SMF receives the notification message from the UPF.
  • the UPF After receiving the data packet through the uplink tunnel, the UPF obtains the MAC address in the data packet and determines whether the MAC address is recorded in the UPF.
  • the UPF can directly find out whether the MAC address is recorded from the MAC address list recorded by the UPF. For example, the UPF can traverse the recorded MAC address list and sequentially search for whether the MAC address is recorded.
  • the UPF may determine the identifier of the downlink tunnel corresponding to the identifier of the uplink tunnel according to the identifier of the uplink tunnel that sends the data packet, and then determine whether the data is included in the MAC address corresponding to the identifier of the downlink tunnel.
  • the resources of the downlink tunnel are allocated by the RAN device during the establishment of the session, and the resources of the downlink tunnel include the IP address of the RAN device and the identifier of the tunnel (for example, TEID).
  • the resources of the downlink tunnel allocated by the RAN device are sent to the SMF and the UPF.
  • a session corresponds to a tunnel, and the tunnel includes an uplink tunnel and a downlink tunnel
  • the uplink tunnel can be indicated by the identifier of the uplink tunnel, and the resources of the uplink tunnel include the IP address of the UPF and the identifier of the uplink tunnel
  • the downlink tunnel can be indicated by the identifier of the downlink tunnel, and the resources of the downlink tunnel include the IP address of the RAN device and the identifier of the downlink tunnel.
  • the terminal in the process of establishing session 1, the terminal associates MAC1, MAC2, and MAC3 with the session ID1.
  • the UPF records the downlink tunnel corresponding to the session. ID, the correspondence with the MAC address.
  • Table 2-1 the correspondence between the identifier of the downlink tunnel and the MAC address recorded in the UPF.
  • the method for determining whether to record the MAC4 in the data packet is as follows: the UPF determines the identifier of the uplink tunnel according to the identifier of the uplink tunnel in which the RAN device sends the data packet.
  • the downlink tunnel identifier is, for example, the downlink tunnel identifier 1.
  • the corresponding MAC addresses are determined: MAC1, MAC2, and MAC3. Since MAC4 is not included therein, the UPF determines that MAC4 is not recorded.
  • the UPF first determines a partial MAC address from all the MAC addresses recorded, and the partial MAC address may include a MAC address in the data packet, and then further determines whether the MAC address in the data packet is included in the partial MAC address.
  • the UPF determines that the MAC address in the data packet is not recorded, the UPF sends a notification message to the SMF, where the notification message includes the identifier of the session and the MAC address.
  • the notification message is used to notify the modification of the session. It can also be understood that the notification message is used to notify the information of the modification session, or it can be understood that the notification message can be used to trigger the SMF to verify the remote device corresponding to the MAC address.
  • step 202a it can be understood that the SMF is triggered by the control plane to verify the remote device corresponding to the MAC address. If the above steps 202b-202c are used, it can be understood that the SMF is triggered by the user plane to verify the remote device corresponding to the MAC address.
  • the SMF After receiving the session modification request message sent by the terminal or the notification message sent by the UPF, the SMF verifies the remote device corresponding to the MAC address by using the authentication server. That is, the following steps 203 to 204 are performed.
  • the SMF may not perform verification on the remote device corresponding to the MAC address, that is, the SMF may default to the remote end.
  • the device is legal.
  • the following steps 203 to 204 are not required to be performed.
  • the SMF may also determine whether the MAC address is recorded locally. If the SMF locally records the MAC address, the SMF determines that the MAC address is not a new MAC address, and the process ends. If the SMF does not record the MAC address locally, the SMF determines that the MAC address is a new MAC address, and the SMF continues the subsequent process, for example, steps 203-209 are performed, or steps 205-209 are performed.
  • Step 203 The SMF sends an authentication request message to the authentication server. Accordingly, the authentication server receives the authentication request message from the SMF.
  • the authentication request message is used to request authentication of the remote device.
  • a remote device can be identified by using a MAC address.
  • the authentication request message may include a MAC address, and the authentication server may verify the remote device corresponding to the MAC address by using the MAC address. For example, an authentication information (such as a verification code, etc.) may be sent to the remote device. When the authentication server receives the correct authentication information replied by the remote device, the verification succeeds. Otherwise, the authentication fails.
  • the authentication request message may carry the MAC address and the identifier of the remote device, where the identifier of the remote device is used for the remote device.
  • the device is certified.
  • the authentication server can authenticate the remote device by using the identifier of the remote device. For example, an authentication information (such as a verification code, etc.) may be sent to the remote device. When the authentication server receives the correct authentication information replied by the remote device, the verification succeeds. Otherwise, the authentication fails.
  • the identifier of the remote device may be carried in the session modification request message and sent to the SMF, or carried in the notification message and sent to the SMF.
  • Step 204 The authentication server sends an authentication response message to the SMF, and accordingly, the SMF receives the authentication response message from the authentication server.
  • the authentication response message is sent to the SMF, and the authentication response message is used to indicate that the authentication is successful.
  • the authentication response message further carries a MAC address, where the MAC address is the MAC address carried in the authentication request message in the foregoing step 203.
  • Steps 203 - 204 are optional.
  • the SMF may also perform step 205 after receiving the 202c notification message. If the above steps 203 to 204 are performed, the authentication of the terminal device by the authentication server is successful. If the above steps 203-204 are not performed, it can be considered that the SMF defaults that the remote device is trusted.
  • Step 205 The SMF sends an indication message to the terminal, and accordingly, the terminal receives the indication message from the SMF.
  • the indication message is used to indicate that the session modification was successful.
  • step 206 the terminal records the MAC address.
  • the manner in which the terminal records the MAC address is: the terminal adds the MAC address to the associated MAC address list, and the associated MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address. .
  • the terminal records the correspondence between the identifier of the terminal and the MAC address.
  • a new MAC address can be added to Table 1-1 as shown in Table 1-1.
  • the new MAC address is MAC4
  • the session bound by the MAC4 is also the session ID1
  • the MAC4 is added to the table 1-1, and Table 1-2 is obtained.
  • Terminal identification MAC address Session identifier Terminal ID1 MAC1 Session ID1 Terminal ID1 MAC2 Session ID1
  • the terminal determines that the remote device corresponding to the MAC address is a new remote device, that is, is not accessed.
  • the remote device of the terminal the terminal sends a session modification request message to the session management network element, and is used to request to modify the session.
  • the session management network element modifies the session according to the MAC address.
  • Related information and inform the terminal to record the MAC address. Therefore, the remote device that dynamically requests the access is accessed to the terminal, which is relatively flexible.
  • the terminal sends the data packet to the user plane network element by using the foregoing step 201, step 202b, step 202c, step 205, and step 206.
  • the user plane network element determines the MAC address in the unrecorded data packet
  • the user plane The network element triggers the session management network element to modify the related information of the session according to the MAC address, and notifies the terminal to record the MAC address. Therefore, the remote device that dynamically requests the access is accessed to the terminal, which is relatively flexible.
  • Step 207 The SMF records the correspondence between the MAC address and the identifier of the session.
  • the SMF records the correspondence between the MAC address and the identifier of the session, where the SMF records the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
  • the way the SMF records the MAC address can be the same as the way the UPF records the MAC address.
  • Table 2-1 the information in Table 2-1 above is also recorded in the SMF. If the packet terminal MAC address in each of the above steps is MAC4, the SMF records the MAC4 and obtains Table 2-2.
  • Step 208 The SMF generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the UPF. Accordingly, the UPF receives the forwarding rule from the SMF.
  • the forwarding rule may be a correspondence between an identifier of a downlink tunnel and a MAC address corresponding to the identifier of the session. Therefore, if the MAC address of the data packet terminal in the above steps is MAC4, the forwarding rule sent by the SMF to the UPF is (MAC4, downlink tunnel identifier 1). After receiving the forwarding rule, the UPF stores the forwarding rule.
  • the UPF may update the above table 2-1 according to the forwarding rule to obtain the foregoing Table 2-2.
  • step 209 the SMF sends the MAC address to the PCF.
  • the correspondence between the MAC address and the SMF information (such as identification information or address information, etc.) can be recorded on the PCF.
  • step 205 there is no strict execution order between steps 205 and 209 in the above method.
  • step 207 the order between step 205, step 207, step 208, and step 209 may be arbitrary, and for step 206, it may be performed after step 205.
  • FIG. 3 is a schematic diagram of another dynamic access method of a remote device provided by the present application.
  • the MAC address of the remote device 1 is MAC1
  • the MAC address of the remote device 2 is MAC2
  • the MAC address of the remote device 3 is MAC3
  • the MAC address of the remote device 4 is MAC4.
  • the remote device 1, the remote device 2, and the remote device 3 are accessed during the process of establishing a session, and the remote device 4 is dynamically requested to access.
  • the MAC address and MAC of the remote device 1, the remote device 2, and the remote device 3 are pre-configured (for example, may be manually configured) on the DN-AAA (DN-AAA is a specific example of the authentication server).
  • the identifier of the terminal corresponding to the address is: (identity of the terminal, MAC1, MAC2, MAC3).
  • the method comprises three parts, wherein the first part is an access process of the remote device 1, the remote device 2 and the remote device 3, including the following steps 1 - 4; the second part is the dynamic connection of the remote device 4 The process includes the following steps 5 - 10d; the third part is the normal processing flow of the uplink and downlink data packets, including the following steps 11 - 15.
  • Step 1 The terminal sends a session establishment request message to the AMF, and accordingly, the AMF receives the session establishment request message from the terminal.
  • the session establishment request message carries the identifier of the terminal, the identifier of the session (such as the identifier of a protocol data unit (PDU) session), the network slice, the data network name (DNN), the Ethernet session type, and the like. .
  • PDU protocol data unit
  • DNN data network name
  • Ethernet session type and the like.
  • the identifier of the session is used to indicate the session established by the terminal.
  • the network slice and DNN are used by the AMF to select the appropriate SMF.
  • the Ethernet session type is used to indicate that the established session is an Ethernet session.
  • step 2 the AMF forwards the session establishment request message to the selected SMF.
  • the AMF selects a suitable SMF according to the DNN and the network slice, and then forwards the session establishment request message to the SMF.
  • step 3a the SMF decides to send a session authentication/authorization request message to the DN-AAA according to the local policy (such as receiving the DNN session request or the Ethernet type session).
  • the session authentication/authorization request message includes an identifier of the terminal.
  • step 3b the DN-AAA sends a session authentication/authorization reply message to the SMF.
  • the session authentication/authorization reply message carries a MAC address corresponding to the identifier of the terminal pre-configured on the DN-AAA.
  • the session authentication/authorization reply message includes MAC1, MAC2, and MAC3.
  • Step 4 The SMF establishes an uplink and downlink tunnel corresponding to the session, and stores a correspondence between the MAC address and the identifier of the session on the UPF.
  • the operations that need to be performed mainly include:
  • the SMF initiates an N4 session establishment request to the UPF.
  • the SMF or the UPF allocates UPF uplink tunnel resources (including the IP addresses of the TEID and the UPF), and notifies the RAN device of the uplink tunnel resources.
  • the RAN device allocates downlink tunnel resources (including the TEID and the IP address of the RAN device), and notifies the UPF of the downlink tunnel resource. This establishes the upstream and downstream tunnels of the session.
  • the UPF records the correspondence between the MAC address and the identity of the session.
  • the SMF sends the forwarding rule, that is, the correspondence between the MAC address and the downlink tunnel identifier to the UPF.
  • the MAC address here is the MAC address that the DN-AAA sends to the SMF through step 3b.
  • the SMF notifies the UPF of the MAC address, and the UPF generates a forwarding rule, that is, a correspondence between the MAC address and the downlink tunnel identifier.
  • the MAC address here is the MAC address that the DN-AAA sends to the SMF through step 3b.
  • the contents of the UPF record are as shown in Table 2-1 above.
  • the correspondence between the MAC address and the downlink tunnel identifier may also be recorded in the SMF. If the correspondence between the MAC address of the SMF record and the downlink tunnel identifier is expressed in the form of a table, the content of the SMF record is also as shown in Table 2-1 above.
  • it also includes:
  • the SMF notifies the PCF of the MAC address, and the PCF records the correspondence between the MAC address and the SMF.
  • the PCF records the correspondence between the MAC address and the SMF so that the subsequent PCF can find the corresponding session according to the MAC address.
  • the message sent by the application function (AF) network element to the PCF may not carry the identifier of the terminal, but carries the information such as the MAC address, the DNN, and the network slice, and the PCF may find the corresponding SMF according to the MAC address.
  • the MAC address is sent to the corresponding SMF, and the SMF finds the identifier of the corresponding session according to the MAC address, and sends the identifier of the session to the PCF, so that the PCF can obtain the identifier of the session by using the above method.
  • step 5 - step 10d if there is a new remote device, such as the remote device 4, which needs to dynamically access the terminal, it can be implemented by the following step 5 - step 10d.
  • Step 5 The terminal receives the data packet sent by the remote device 4.
  • the data packet includes the MAC address of the remote device 4, that is, MAC4.
  • step 6a and step 7 - step 10d are performed, wherein step 6a is information for triggering the SMF to modify the session by the control plane; or, step 6b - step 6c and step 7 - step 10d are performed, wherein step 6b - step 6c is The SMF is used to modify the session information through the user plane.
  • step 6a the terminal sends a session modification request message to the SMF, and accordingly, the SMF receives the session modification request message.
  • the terminal determines that MAC4 is not recorded, thereby determining that a new remote device is attempting to access. Then, the terminal sends a session modification request message to the SMF, where the session modification request message carries a MAC address (the MAC address of the remote device 4 is MAC4) and the identifier of the session. For example, the identifier of the session that the terminal associates with the remote device is session ID1.
  • the session modification request message further includes an identifier of the remote device 4.
  • step 6b the terminal sends the data packet to the UPF, and correspondingly, the UPF receives the data packet sent by the terminal.
  • the data packet includes the MAC address of the remote device 4, that is, MAC4.
  • step 6c the UPF determines that the MAC4 is not recorded, and then sends a notification message to the SMF, and accordingly, the SMF receives the notification message from the UPF.
  • the notification message includes the identity of the MAC4 and the session (ie, session ID1). For example, the UPF determines that MAC4 is not recorded by looking up the above table 2-1 of the record.
  • the UPF records the correspondence between the uplink tunnel identifier and the identifier of the session in the session establishment process of Step 1 to Step 4. Therefore, the UPF may determine, according to the identifier of the uplink tunnel of the received data packet, the identifier of the session corresponding to the identifier of the uplink tunnel. For example, taking the record form of the table as an example, the correspondence between the uplink tunnel identifier and the identifier of the session as shown in Table 3-1 is recorded on the UPF.
  • the UPF may record the correspondence between the uplink tunnel identifier and the N4 session identifier in the session establishment process of Step 1 to Step 4, and record the identifier between the N4 session identifier and the session. Correspondence. Therefore, the UPF may determine the N4 session identifier corresponding to the identifier of the uplink tunnel according to the identifier of the uplink tunnel that receives the data packet, and then determine the identifier of the session corresponding to the N4 session identifier according to the N4 session identifier.
  • the correspondence between the uplink tunnel identifier and the N4 session identifier as shown in Table 3-2 is recorded on the UPF, and the N4 session identifier as shown in Table 3-3 is recorded. Correspondence with the identity of the session.
  • N4 refers to the interface between the UPF and the SMF
  • the N4 session refers to the identifier of the session used by the communication between the UPF and the SMF.
  • a blacklist can also be maintained in the UPF, and the blacklist is used to record the forbidden MAC address.
  • the UPF receives a packet including the MAC address in the blacklist, it directly discards the packet without notifying the SMF.
  • step 7 the SMF decides to initiate a session secondary authentication authorization.
  • the SMF may determine whether to initiate the session secondary authentication authorization according to the following manner: the SMF determines whether to record the MAC address (ie, MAC4), and if the MAC address is recorded, the SMF decides not to initiate the session secondary authentication and authorization, and proceeds to step 10d; If the MAC address is not recorded, it is decided to initiate a session secondary authentication authorization.
  • the SMF determines whether to record the MAC address (ie, MAC4), and if the MAC address is recorded, the SMF decides not to initiate the session secondary authentication and authorization, and proceeds to step 10d; If the MAC address is not recorded, it is decided to initiate a session secondary authentication authorization.
  • the step 7 is an optional step. If the step 7 is not performed, the SMF needs to initiate a session secondary authentication and authorization by default.
  • step 8a the SMF sends a session authentication/authorization request message to the DN-AAA, and accordingly, the DN-AAA receives the session authentication/authorization request message from the SMF.
  • the session authentication/authorization request message includes a MAC 4, which is used to identify the remote device 4.
  • the session authentication/authorization request message includes the identifiers of the MAC 4 and the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4.
  • the session authentication/authorization request message includes an identifier of the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4.
  • the DN-AAA authenticates the remote device 4.
  • the DN-AAA authenticates the remote device 4.
  • the session authentication/authorization request message includes the identifiers of the MAC4 and the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4, the DN-AAA is based on the identifier of the remote device 4.
  • the remote device 4 performs verification.
  • the session authentication/authorization request message includes MAC4, and the MAC4 is used to identify the remote device 4, the DN-AAA authenticates the remote device 4 based on the MAC4.
  • the session authentication/authorization request message includes the identifiers of the MAC4 and the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4, and the DN-AAA is based on the identifier of the remote device 4 to the remote device 4. authenticating.
  • the session authentication/authorization request message includes the identifier of the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4, and the DN-AAA authenticates the remote device 4 based on the identifier of the remote device 4. .
  • step 8b the DN-AAA sends a session authentication/authorization reply message to the SMF, and accordingly, the SMF receives the session authentication/authorization reply message from the DN-AAA.
  • the session authentication/authorization reply message indicates that the authentication is successful.
  • the MAC4 may be carried in the session authentication/authorization reply message, and when the SMF receives the session authentication/authorization reply message, determining When MAC4 is included, the authentication is determined to be successful.
  • the session authentication/authorization reply message may carry the indication information, where the indication information is used to indicate that the authentication succeeds, when the SMF receives Go to the session authentication/authorization reply message and determine the authentication success according to the indication information.
  • the session authentication/authorization request message and the session authentication/authorization reply message are respectively a specific example of the authentication request message and the authentication response message in the embodiment shown in FIG. 2 .
  • steps 8a to 8c are optional steps.
  • step 8a to step 8c the SMF authenticates the remote device 4 by default.
  • step 9a the SMF sends a session management policy request message to the PCF, and accordingly, the PCF receives the session management policy request message from the SMF.
  • MAC4 is included in the session management policy request message.
  • step 9b the PCF sends a session management policy reply message to the SMF, and accordingly, the SMF receives the session management policy reply message from the PCF.
  • the PCF may generate a new policy according to the MAC4 and carry it in the session management policy reply message and send it to the SMF.
  • This step 9b is an optional step.
  • step 10a the SMF records the correspondence between the MAC address and the identity of the session.
  • the SMF records the correspondence between the identifier of the downlink tunnel (ie, the downlink tunnel identifier 1) and the MAC address (ie, MAC4) corresponding to the identifier of the session.
  • the SMF also sends a session modification request message to the UPF, and accordingly, the UPF receives the session modification request message from the SMF.
  • the session modification request message includes a forwarding rule, where the forwarding rule is a correspondence between the MAC4 and the downlink tunnel identifier 1.
  • the SMF determines the downlink tunnel identifier 1 corresponding to the session ID1 according to the session ID1, and then generates the correspondence between the MAC4 and the downlink tunnel identifier 1, and carries it in the session modification request message and sends it to the UPF.
  • the SMF sends a failure indication to the UPF, and the UPF adds the MAC4 to the blacklist according to the failure indication. Subsequently, when the UPF receives the data packet of the MAC4, it directly discards the data packet.
  • step 10b the UPF sends a session modification reply message to the SMF, and accordingly, the SMF receives the session modification reply message from the UPF.
  • This step 10b is an optional step.
  • step 10c the SMF sends an indication message to the terminal, and accordingly, the terminal receives the indication message from the SMF.
  • the indication message is used to indicate that the session modification is successful.
  • the indication message includes MAC4.
  • the indication message of the step 10c may be a session modification reply message in a specific implementation.
  • step 10d the terminal records the information of the remote device 4.
  • the information of the remote device 4 recorded by the terminal includes, for example, MAC4, the identifier of the remote device 4, and the like.
  • Step 11 The remote device 4 sends an uplink data packet to the UPF through the terminal.
  • the uplink packet includes MAC4.
  • Step 12 After receiving the uplink data packet, the UPF detects whether the source MAC address is authorized.
  • the source MAC address is the MAC address of the remote device 4 in the uplink data packet, that is, MAC4.
  • the UPF determines whether the source MAC address is authorized by determining whether the source MAC address is recorded. If it is logged, it is determined to be authorized, and if it is not recorded, it is determined to be unauthorized.
  • the uplink data packet is discarded. If it is determined that it is authorized, the uplink data packet is sent to a data network (DN).
  • DN data network
  • the UPF determines that the MAC4 is authorized, and therefore sends the upstream packet to the DN.
  • step 13 the DN sends a downlink data packet to the UPF.
  • the downlink data packet includes a destination MAC address, for example, the destination MAC address is the MAC address of the remote device 4, that is, MAC4.
  • Step 14 After receiving the downlink data packet, the UPF detects whether the destination MAC address is authorized.
  • the method for detecting whether the destination MAC address is authorized by the UPF is the same as the method for determining whether the source MAC address is authorized by the UPF.
  • Step 15 If the UPF determines that the destination MAC address is authorized, the downlink data packet is sent to the corresponding remote device through the downlink tunnel.
  • a method for accessing a new remote device which can realize that a new remote device will be dynamically accessed to the terminal, and thus is more flexible.
  • each of the foregoing network elements includes a hardware structure and/or a software module corresponding to each function.
  • the present invention can be implemented in a combination of hardware or hardware and computer software in combination with the elements and algorithm steps of the various examples described in the embodiments disclosed herein. Whether a function is implemented in hardware or computer software to drive hardware depends on the specific application and design constraints of the solution. A person skilled in the art can use different methods for implementing the described functions for each particular application, but such implementation should not be considered to be beyond the scope of the present invention.
  • FIG. 4 a schematic diagram of a device provided by the present application, which may be a user plane network element, a session management network element or a chip, may perform the method of any of the foregoing embodiments.
  • the apparatus 400 includes at least one processor 401, a communication line 402, a memory 403, and at least one communication interface 404.
  • the processor 401 can be a general central processing unit (CPU), a microprocessor, an application specific integrated circuit (ASIC), or one or more integrated systems for controlling the execution of the program of the present application. Circuit.
  • CPU central processing unit
  • ASIC application specific integrated circuit
  • Communication line 402 can include a path for communicating information between the components described above.
  • Communication interface 404 using any type of transceiver, for communicating with other devices or communication networks, such as Ethernet, radio access network (RAN), wireless local area networks (WLAN), etc. .
  • RAN radio access network
  • WLAN wireless local area networks
  • the memory 403 may be a read-only memory (ROM) or other type of static storage device that can store static information and instructions, a random access memory (RAM) or other type that can store information and instructions.
  • the dynamic storage device may also be an electrically EEPROM programmable programmable read-only memory (EEPROM), a compact disc read-only memory (CD-ROM) or other optical disk storage.
  • EEPROM electrically EEPROM programmable programmable read-only memory
  • CD-ROM compact disc read-only memory
  • Optical disc storage including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.
  • magnetic disk storage media or other magnetic storage devices or capable of carrying or storing desired program code in the form of instructions or data structures and capable of Any other medium accessed by a computer, but is not limited thereto.
  • the memory may be stand-alone and connected to the processor via communication line 402. The memory can also be integrated with the processor.
  • the memory 403 is used to store computer execution instructions for executing the solution of the present application, and is controlled by the processor 401 for execution.
  • the processor 401 is configured to execute a computer-executed instruction stored in the memory 403, so as to implement a method for transmitting a multicast message provided by the following embodiments of the present application.
  • the computer-executed instructions in the embodiment of the present application may also be referred to as an application code, which is not specifically limited in this embodiment of the present application.
  • the processor 401 may include one or more CPUs, such as CPU0 and CPU1 in FIG.
  • apparatus 400 can include multiple processors, such as processor 401 and processor 408 in FIG. Each of these processors can be a single-CPU processor or a multi-core processor.
  • processors herein may refer to one or more devices, circuits, and/or processing cores for processing data, such as computer program instructions.
  • the chip shown in FIG. 4 is a chip, for example, a chip of a user plane network element or a chip of a session management network element
  • the chip includes a processor 401 (which may further include a processor 408), a communication line 402, and a memory.
  • 403 and communication interface 404 can be an input interface, a pin or a circuit, or the like.
  • Memory 403 can be a register, a cache, or the like.
  • Processor 401 and processor 408 may be a general purpose CPU, microprocessor, ASIC, or one or more integrated circuits for controlling the execution of the dynamic access method of the remote device of any of the above embodiments.
  • the present application may divide a functional module into a device according to the above method example.
  • each functional module may be divided according to each function, or two or more functions may be integrated into one processing module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • FIG. 5 shows a schematic diagram of a device, which may be the session management network element involved in the foregoing embodiment, or in the session management network element.
  • the device 500 includes a receiving unit 501, a transmitting unit 502, and a processing unit 503.
  • the receiving unit 501 is configured to receive a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or, the receiving unit 501 And receiving a notification message from the user plane network element, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
  • the processing unit 503 is configured to generate a forwarding rule according to the MAC address and the identifier of the session;
  • the sending unit 502 is configured to send the forwarding rule to the user plane network element.
  • the processing unit 503 is specifically configured to: generate the forwarding rule according to the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session, where the forwarding rule is the MAC Correspondence between the address and the identifier of the downlink tunnel.
  • the processing unit 503 is further configured to record a correspondence between the identifier of the downlink tunnel corresponding to the identifier of the session and the MAC address.
  • the sending unit 502 is further configured to send the MAC address to a policy control network element.
  • the sending unit 502 is further configured to send an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device, and the receiving unit 501 is further used. Receiving an authentication response message from the authentication server, the authentication response message is used to indicate that the authentication is successful.
  • the authentication request message includes the MAC address, where the MAC address is used to authenticate the remote device, or if the session modification request message includes the remote device.
  • the identifier or the notification message includes an identifier of the remote device, where the authentication request message includes the MAC address and an identifier of the remote device, and the identifier of the remote device is used for the remote device Certify.
  • the receiving unit 501 is configured to receive a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or, the receiving unit 501 And receiving a notification message from the user plane network element, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
  • the sending unit 502 is configured to send an indication message to the terminal, where the indication message is used to indicate that the session modification is successful.
  • the device may be used to implement the steps performed by the session management network element in the method of the embodiment of the present application.
  • the session management network element may be used to implement the steps performed by the session management network element in the method of the embodiment of the present application.
  • the function/implementation process of the receiving unit 501, the processing unit 503, and the transmitting unit 502 in FIG. 5 can be implemented by the processor 501 in FIG. 5 calling a computer executing instruction stored in the memory 503.
  • the function/implementation process of the processing unit 503 in FIG. 5 can be implemented by the processor 501 in FIG. 5 calling the computer execution instruction stored in the memory 503, and the function/implementation of the receiving unit 501 and the transmitting unit 502 in FIG.
  • the process can be implemented by communication interface 504 in FIG.
  • the function/implementation process of the receiving unit 501 and the transmitting unit 502 can also be implemented by a pin or a circuit or the like.
  • the memory 503 may be a memory unit within the chip, such as a register, a cache, or the like.
  • the memory 503 may be a storage unit located outside the chip in the session management network element, which is not specifically limited in this embodiment of the present application.
  • the present application may divide a functional module into a device according to the above method example.
  • each functional module may be divided according to each function, or two or more functions may be integrated into one processing module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • FIG. 6 shows a schematic diagram of a device, which may be the user plane network element involved in the foregoing embodiment, or in the user plane network element.
  • the device 600 includes a receiving unit 601, a transmitting unit 602, and a processing unit 603.
  • the receiving unit 601 is configured to receive, by using an uplink tunnel, a data packet from a terminal, where the data packet includes a media access control MAC address of the remote device;
  • the processing unit 603 is configured to determine an identifier of the session of the terminal according to the identifier of the uplink tunnel and the identifier of the uplink tunnel and the identifier of the session of the terminal;
  • the sending unit 602 is configured to: if the MAC address is not recorded, send a notification message to the session management network element, where the notification message includes the MAC address and an identifier of the session, where the notification message is used to notify the modification.
  • the receiving unit 601 is further configured to receive a forwarding rule from the session management network element, where the forwarding rule is a correspondence between an identifier of a downlink tunnel corresponding to the identifier of the session and the MAC address.
  • the processing unit 602 is further configured to determine that the MAC address is not recorded in the MAC address associated with the identifier of the downlink tunnel corresponding to the identifier of the session.
  • the device may be used to implement the steps performed by the user plane network element in the method of the embodiment of the present application.
  • the device may be used to implement the steps performed by the user plane network element in the method of the embodiment of the present application.
  • the function/implementation process of the receiving unit 601, the processing unit 603, and the transmitting unit 602 in FIG. 6 can be implemented by the processor 601 in FIG. 6 calling a computer executing instruction stored in the memory 603.
  • the function/implementation process of the processing unit 603 in FIG. 6 can be implemented by the processor 601 in FIG. 6 calling the computer execution instruction stored in the memory 603, and the function/implementation of the receiving unit 601 and the transmitting unit 602 in FIG.
  • the process can be implemented by the communication interface 604 of FIG.
  • the function/implementation process of the receiving unit 601 and the transmitting unit 602 may also be implemented by a pin or a circuit or the like.
  • the memory 603 may be a memory unit within the chip, such as a register, a cache, or the like.
  • the memory 603 may be a storage unit located outside the chip in the user plane network element, which is not specifically limited in this embodiment of the present application.
  • FIG. 7 shows a simplified schematic diagram of one possible design structure of a terminal involved in an embodiment of the present invention.
  • the terminal 700 includes a transmitter 701, a receiver 702, and a processor 703.
  • the processor 703 may also be a controller, and is represented as "controller/processor 703" in FIG.
  • the terminal 700 may further include a modem processor 705, where the modem processor 705 may include an encoder 706, a modulator 707, a decoder 708, and a demodulator 709.
  • the transmitter 701 conditions (eg, analog conversion, filtering, amplifying, upconverting, etc.) output samples and generates an uplink signal that is transmitted via an antenna to the RAN device described in the above embodiments. .
  • the antenna receives the downlink signal transmitted by the RAN device in the above embodiment.
  • Receiver 702 conditions (eg, filters, amplifies, downconverts, digitizes, etc.) the signals received from the antenna and provides input samples.
  • encoder 706 receives the traffic data and signaling messages to be transmitted on the uplink and processes (e.g., formats, codes, and interleaves) the traffic data and signaling messages.
  • Modulator 707 further processes (e.g., symbol maps and modulates) the encoded traffic data and signaling messages and provides output samples.
  • Demodulator 709 processes (e.g., demodulates) the input samples and provides symbol estimates.
  • the decoder 708 processes (e.g., deinterleaves and decodes) the symbol estimates and provides decoded data and signaling messages that are sent to the terminal 700.
  • Encoder 706, modulator 707, demodulator 709, and decoder 708 may be implemented by a composite modem processor 705. These units are processed according to the radio access technology employed by the radio access network. It should be noted that when the terminal 700 does not include the modem processor 705, the above functions of the modem processor 705 can also be completed by the processor 703.
  • the processor 703 controls and manages the actions of the terminal 700 for performing the processing performed by the terminal 700 in the embodiment of the present invention.
  • the processor 703 is further configured to perform the processes related to the terminal in the method shown in FIG. 2 to FIG. 3 and/or other processes of the technical solutions described in the present application.
  • the terminal 700 may further include a memory 704 for storing program codes and data for the terminal 700.
  • the present application may divide a functional module into a device according to the above method example.
  • each functional module may be divided according to each function, or two or more functions may be integrated into one processing module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • the division of modules in the present application is schematic, and is only a logical function division, and may be further divided in actual implementation.
  • FIG. 8 shows a schematic diagram of a device, which may be the terminal involved in the above embodiment, or a chip in the terminal, and the device 800 includes The receiving unit 801, the transmitting unit 802, and the processing unit 803.
  • the receiving unit 801 is configured to receive a data packet from a remote device, where the data packet includes a media access control MAC address of the remote device;
  • the sending unit 802 is configured to: if the device does not record the MAC address, send a session modification request message to the session management network element, where the session modification request message includes the MAC address;
  • the receiving unit 801 is further configured to receive an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful;
  • the processing unit 803 is configured to record the MAC address.
  • the processing unit 803 is specifically configured to: add the MAC address to a MAC address list, where the MAC address list includes at least one MAC address, and one MAC address corresponds to one remote device, one far The end device corresponds to at least one MAC address.
  • the processing unit 803 is specifically configured to: record a correspondence between an identifier of the terminal and the MAC address.
  • the receiving unit 801 is configured to receive a data packet from a remote device, where the data packet includes a media access control MAC address of the remote device;
  • the sending unit 802 is configured to send the data packet to a user plane network element
  • the receiving unit 801 is further configured to receive an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful.
  • the processing unit 803 is configured to record the MAC address.
  • the processing unit 803 is specifically configured to: add the MAC address to a MAC address list, where the MAC address list includes at least one MAC address, and one MAC address corresponds to one remote device, one far The end device corresponds to at least one MAC address.
  • the processing unit 803 is specifically configured to: record a correspondence between an identifier of the terminal and the MAC address.
  • the device may be used to implement the steps performed by the terminal in the method of the embodiment of the present invention.
  • the device may be used to implement the steps performed by the terminal in the method of the embodiment of the present invention.
  • the function/implementation process of the receiving unit 801, the processing unit 803, and the transmitting unit 802 in FIG. 8 can be implemented by the processor 801 in FIG. 8 calling a computer execution instruction stored in the memory 803.
  • the function/implementation process of the processing unit 803 in FIG. 8 can be implemented by the processor 801 in FIG. 8 calling the computer execution instruction stored in the memory 803, and the function/implementation of the receiving unit 801 and the transmitting unit 802 in FIG.
  • the process can be implemented by the communication interface 804 in FIG.
  • the function/implementation process of the receiving unit 801 and the transmitting unit 802 may also be implemented by a pin or a circuit or the like.
  • the memory 803 may be a memory unit within the chip, such as a register, a cache, or the like.
  • the memory 803 may be a storage unit located outside the chip in the terminal, which is not specifically limited in this embodiment of the present application.
  • the above embodiments it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof.
  • software it may be implemented in whole or in part in the form of a computer program product.
  • the computer program product includes one or more computer instructions.
  • the computer program instructions When the computer program instructions are loaded and executed on a computer, the processes or functions described in accordance with embodiments of the present invention are generated in whole or in part.
  • the computer can be a general purpose computer, a special purpose computer, a computer network, or other programmable device.
  • the computer instructions can be stored in a computer readable storage medium or transferred from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions can be from a website site, computer, server or data center Transfer to another website site, computer, server, or data center by wire (eg, coaxial cable, fiber optic, digital subscriber line (DSL), or wireless (eg, infrared, wireless, microwave, etc.).
  • the computer readable storage medium can be any available media that can be accessed by a computer or a data storage device such as a server, data center, or the like that includes one or more available media.
  • the usable medium may be a magnetic medium (eg, a floppy disk, a hard disk, a magnetic tape), an optical medium (eg, a DVD), or a semiconductor medium (such as a Solid State Disk (SSD)) or the like.
  • a magnetic medium eg, a floppy disk, a hard disk, a magnetic tape
  • an optical medium eg, a DVD
  • a semiconductor medium such as a Solid State Disk (SSD)
  • a general purpose processor may be a microprocessor.
  • the general purpose processor may be any conventional processor, controller, microcontroller, or state machine.
  • the processor may also be implemented by a combination of computing devices, such as a digital signal processor and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a digital signal processor core, or any other similar configuration. achieve.
  • the steps of the method or algorithm described in the embodiments of the present application may be directly embedded in hardware, a software unit executed by a processor, or a combination of the two.
  • the software unit can be stored in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, removable disk, CD-ROM, or any other form of storage medium in the art.
  • the storage medium can be coupled to the processor such that the processor can read information from the storage medium and can write information to the storage medium.
  • the storage medium can also be integrated into the processor.
  • the processor and the storage medium may be disposed in the ASIC, and the ASIC may be disposed in the terminal device. Alternatively, the processor and the storage medium may also be disposed in different components in the terminal device.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.

Abstract

Provided in the present application are a remote terminal device dynamic access method and apparatus. The method comprises: when a terminal determines that a MAC address in a data packet is not recorded, namely determining that a remote terminal device corresponding to the MAC address is a new remote terminal device, i.e. a remote terminal device that has not accessed the terminal, the terminal sends a session modification request message to a session management network element and, if the terminal receives an indication message sent by the session management network element for indicating that the session modification is successful, the terminal records the MAC address. A remote terminal dynamically applying for access thus accesses the terminal, which is more flexible.

Description

一种远端设备的动态接入方法及装置Dynamic access method and device for remote device
本申请要求于2018年1月26日提交中国国家知识产权局、申请号为201810077566.2、发明名称为“一种远端设备的动态接入方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application filed on January 26, 2018, the Chinese National Intellectual Property Office, the application number is 201810077566.2, and the invention is entitled "A Dynamic Access Method and Device for Remote Devices". This is incorporated herein by reference.
技术领域Technical field
本申请涉及移动通信技术领域,尤其涉及一种远端设备的动态接入方法及装置。The present application relates to the field of mobile communications technologies, and in particular, to a dynamic access method and apparatus for a remote device.
背景技术Background technique
在物联网通信场景中,终端设备可能没有网络协议(internet protocol,IP)地址,尤其对于传统的工业设备,多采用以太网二层通信。在万物互联的时代,这些设备需要与外部网络相连接,进行信息交换和通信,以实现对物品的智能化识别、定位、跟踪、监控和管理。此外,家居产品与人类的饮食娱乐息息相关,近年来,智能家居越来越得到人们的关注,每类家居产品可能来自不同厂商、采用不同的标准,相互之间通信可能存在不兼容的情况,需要一个桥接模式的终端将各远端设备连接起来,实现硬件智能化升级和智能硬件之间的互联互通。对于终端后面的各远端设备,如何接入并进行数据传输则成为首要解决的问题。In the IoT communication scenario, the terminal device may not have an internet protocol (IP) address, especially for traditional industrial devices, and Ethernet Layer 2 communication is often used. In the era of Internet of Everything, these devices need to be connected to external networks for information exchange and communication to enable intelligent identification, location, tracking, monitoring and management of items. In addition, household products are closely related to human food and entertainment. In recent years, smart homes have received more and more attention. Each type of household products may come from different manufacturers and adopt different standards. Communication between them may be incompatible. A bridge mode terminal connects each remote device to implement hardware intelligent upgrade and interoperability between intelligent hardware. For each remote device behind the terminal, how to access and transmit data becomes the primary problem.
目前给出远端设备的接入方法,一般是在终端建立会话时,将接入到该终端的远端设备的MAC地址授权分配到网络中的各个网元,后续各个网元基于这些授权的MAC地址实现对远端设备的数据包或信令的转发或处理。The access method of the remote device is generally given. Generally, when the terminal establishes a session, the MAC address of the remote device accessing the terminal is authorized to be assigned to each network element in the network, and subsequent network elements are based on these authorized The MAC address implements forwarding or processing of data packets or signaling to the remote device.
上述方案只适用于远端设备固定的场景,不能动态接入新的远端设备,因而不够灵活。The above solution is applicable only to the scenario where the remote device is fixed, and cannot dynamically access the new remote device, so it is not flexible enough.
发明内容Summary of the invention
本申请提供一种远端设备的动态接入方法及装置,用以实现在终端上动态接入新的远端设备。The present application provides a dynamic access method and device for a remote device, which is used to dynamically access a new remote device on the terminal.
第一方面,本申请提供一种远端设备的动态接入方法,该方法包括:终端接收来自远端设备的数据包,该数据包中包括远端设备的媒体接入控制(media access control,MAC)地址;终端若未记录该MAC地址,则向会话管理网元发送会话修改请求消息,该会话修改请求消息包括该MAC地址;终端接收来自会话管理网元的指示消息,该指示消息用于指示会话修改成功;终端记录所述MAC地址。In a first aspect, the present application provides a dynamic access method for a remote device, where the method includes: receiving, by a terminal, a data packet from a remote device, where the data packet includes a media access control of a remote device. a MAC address; if the terminal does not record the MAC address, the terminal sends a session modification request message to the session management network element, where the session modification request message includes the MAC address; the terminal receives an indication message from the session management network element, where the indication message is used Indicates that the session modification is successful; the terminal records the MAC address.
当终端确定未记录数据包中的MAC地址时,即确定该MAC地址对应的远端设备是新的远端设备,也即是未接入该终端的远端设备,因此,该终端向会话管理网元发送会话修改请求消息,用于请求修改会话,以及,若终端接收到会话管理网元发送的用于指示会话修改成功的指示消息,则终端记录该MAC地址。由此,实现了将动态申请接入的远 端设备接入到该终端,比较灵活。When the terminal determines that the MAC address in the data packet is not recorded, it is determined that the remote device corresponding to the MAC address is a new remote device, that is, a remote device that is not connected to the terminal, and therefore, the terminal manages the session. The network element sends a session modification request message for requesting to modify the session, and if the terminal receives the indication message sent by the session management network element to indicate that the session modification is successful, the terminal records the MAC address. Therefore, it is relatively flexible to connect the remote device that dynamically requests access to the terminal.
在一种可能的实现方式中,终端记录所述MAC地址,包括:终端将MAC地址加入MAC地址列表,该MAC地址列表包括至少一个MAC地址,一个MAC地址对应一个远端设备,一个远端设备对应至少一个MAC地址。In a possible implementation, the terminal records the MAC address, including: the terminal adds the MAC address to the MAC address list, the MAC address list includes at least one MAC address, and one MAC address corresponds to one remote device, and one remote device Corresponds to at least one MAC address.
在又一种可能的实现方式中,终端记录所述MAC地址,包括:终端记录终端的标识与MAC地址的对应关系。In another possible implementation manner, the terminal records the MAC address, including: the terminal records the correspondence between the identifier of the terminal and the MAC address.
在又一种可能的实现方式中,终端记录所述MAC地址,包括:终端记录远端设备的标识与MAC地址的对应关系。In another possible implementation, the terminal records the MAC address, including: the terminal records the correspondence between the identifier of the remote device and the MAC address.
第二方面,本申请提供一种远端设备的动态接入方法,该方法包括:终端接收来自远端设备的数据包,该数据包中包括远端设备的MAC地址;终端向用户面网元发送该数据包;终端接收来自会话管理网元的指示消息,指示消息用于指示会话修改成功;终端记录该MAC地址。In a second aspect, the present application provides a dynamic access method for a remote device, where the method includes: receiving, by a terminal, a data packet from a remote device, where the data packet includes a MAC address of the remote device; Sending the data packet; the terminal receives an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful; the terminal records the MAC address.
终端接收远端设备发送的数据包,并将数据包发送至用户面网元,当用户面网元确定未记录数据包中的MAC地址时,则触发会话管理网元修改会话,若会话管理网元修改会话成功,则向终端发送用于指示会话修改成功的指示消息,当终端接收到会话管理网元发送的指示消息后,则记录该MAC地址。由此,实现了将动态申请接入的远端设备接入到该终端,比较灵活。The terminal receives the data packet sent by the remote device, and sends the data packet to the user plane network element. When the user plane network element determines the MAC address in the unrecorded data packet, the session management network element is triggered to modify the session, if the session management network After the meta-modification session is successful, the terminal sends an indication message indicating that the session modification is successful. After receiving the indication message sent by the session management network element, the terminal records the MAC address. Therefore, the remote device that dynamically requests the access is accessed to the terminal, which is relatively flexible.
在一种可能的实现方式中,终端记录MAC地址,包括:终端将MAC地址加入MAC地址列表,MAC地址列表包括至少一个MAC地址,一个MAC地址对应一个远端设备,一个远端设备对应至少一个MAC地址。In a possible implementation, the terminal records the MAC address, including: the terminal adds the MAC address to the MAC address list, the MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address.
在又一种可能的实现方式中,终端记录所述MAC地址,包括:终端记录终端的标识与MAC地址的对应关系。In another possible implementation manner, the terminal records the MAC address, including: the terminal records the correspondence between the identifier of the terminal and the MAC address.
第三方面,本申请提供一种远端设备的动态接入方法,该方法包括:首先,会话管理网元接收来自终端的会话修改请求消息,会话修改请求消息包括终端的会话的标识和远端设备的MAC地址;或者,会话管理网元接收来自用户面网元的通知消息,通知消息包括终端的会话的标识和远端设备的MAC地址,通知消息用于通知修改会话;然后,会话管理网元根据MAC地址和会话的标识生成转发规则,并将转发规则发送给用户面网元。In a third aspect, the present application provides a dynamic access method of a remote device, where the method includes: first, a session management network element receives a session modification request message from a terminal, where the session modification request message includes an identifier and a remote end of the session of the terminal. The MAC address of the device; or, the session management network element receives the notification message from the user plane network element, where the notification message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session; then, the session management network The element generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the user plane network element.
上述方法,当会话管理网元接收到终端的会话修改请求消息或接收到用户面网元的通知消息时,即可确定需要根据会话修改请求消息或通知消息中携带的MAC地址修改会话的相关信息,则会话管理网元根据MAC地址和会话的标识生成新的转发规则,并发送给用户面网元。从而实现了将动态申请接入的远端设备的MAC地址发送至相应的网元,如用户面网元,以便于后续可以对该MAC地址对应的远端设备发送的数据包进行处理,因而该方法比较灵活。In the above method, when the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, the session management network element may determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message. Then, the session management network element generates a new forwarding rule according to the MAC address and the identifier of the session, and sends the new forwarding rule to the user plane network element. Therefore, the MAC address of the remote device that is dynamically applied for is sent to the corresponding network element, such as the user plane network element, so that the data packet sent by the remote device corresponding to the MAC address can be processed later. The method is more flexible.
在一种可能的实现方式中,会话管理网元根据MAC地址和会话的标识生成转发规则,包括:会话管理网元根据会话的标识对应的下行隧道的标识和MAC地址,生成转发规则,该转发规则为MAC地址与下行隧道的标识的对应关系。In a possible implementation manner, the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including: the session management network element generates a forwarding rule according to the identifier and the MAC address of the downlink tunnel corresponding to the identifier of the session, and the forwarding rule is generated. The rule is the correspondence between the MAC address and the identifier of the downlink tunnel.
上述给出了一种生成转发规则的具体实现方式,该方式比较简单易实现。The above provides a specific implementation manner of generating a forwarding rule, which is relatively simple and easy to implement.
在一种可能的实现方式中,进一步还包括:会话管理网元记录会话的标识对应的下 行隧道的标识与MAC地址的对应关系。In a possible implementation, the method further includes: the session management network element records the correspondence between the identifier of the downlink tunnel corresponding to the identifier of the session and the MAC address.
如此,会话管理网元可根据MAC地址,对该MAC地址对应的远端设备进行管理。In this way, the session management network element can manage the remote device corresponding to the MAC address according to the MAC address.
在一种可能的实现方式中,进一步还包括:会话管理网元将MAC地址发送至策略控制网元。In a possible implementation manner, the method further includes: the session management network element sends the MAC address to the policy control network element.
如此,策略控制网元可根据MAC地址,对该MAC地址对应的远端设备进行管理。In this way, the policy control network element can manage the remote device corresponding to the MAC address according to the MAC address.
在一种可能的实现方式中,进一步还包括:会话管理网元向认证服务器发送认证请求消息,认证请求消息用于请求对远端设备进行认证;会话管理网元接收来自认证服务器的认证响应消息,认证响应消息用于指示认证成功。In a possible implementation manner, the method further includes: the session management network element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device; and the session management network element receives the authentication response message from the authentication server. The authentication response message is used to indicate that the authentication is successful.
上述方法,会话管理网元还请求认证服务器对MAC地址对应的远端设备进行认证,只有认证成功时,才确定接入该远端设备并记录该MAC地址,因而有利于提升通信时的安全性。In the above method, the session management network element further requests the authentication server to perform authentication on the remote device corresponding to the MAC address. Only when the authentication succeeds, it is determined to access the remote device and record the MAC address, thereby facilitating communication security. .
在一种可能的实现方式中,认证请求消息包括MAC地址,MAC地址用于对远端设备进行认证;或者,若会话修改请求消息包括远端设备的标识或通知消息包括远端设备的标识,则认证请求消息包括MAC地址和远端设备的标识,远端设备的标识用于对远端设备进行认证。In a possible implementation, the authentication request message includes a MAC address, where the MAC address is used to authenticate the remote device, or the session modification request message includes the identifier of the remote device or the notification message includes the identifier of the remote device, The authentication request message includes a MAC address and an identifier of the remote device, and the identifier of the remote device is used to authenticate the remote device.
以上给出了两种认证方法,一种方式是使用MAC地址对远端设备进行认证,另一种方式是使用远端设备的标识对远端设备进行认证,可根据实际情况选择一种,比较灵活。The above two methods are provided. One method is to use the MAC address to authenticate the remote device, and the other is to use the identifier of the remote device to authenticate the remote device. You can select one according to the actual situation and compare flexible.
第四方面,本申请提供一种远端设备的动态接入方法,该方法包括:会话管理网元接收来自终端的会话修改请求消息,会话修改请求消息包括终端的会话的标识和远端设备的媒体接入控制MAC地址;或者,会话管理网元接收来自用户面网元的通知消息,通知消息包括终端的会话的标识和远端设备的MAC地址,通知消息用于通知修改会话;会话管理网元向终端发送指示消息,指示消息用于指示会话修改成功。In a fourth aspect, the present application provides a dynamic access method of a remote device, where the method includes: a session management network element receives a session modification request message from a terminal, where the session modification request message includes an identifier of a session of the terminal and a remote device. The media access control MAC address; or the session management network element receives the notification message from the user plane network element, where the notification message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session; the session management network The element sends an indication message to the terminal, where the indication message is used to indicate that the session modification is successful.
当会话管理网元接收到终端的会话修改请求消息或接收到用户面网元的通知消息时,即可确定需要根据会话修改请求消息或通知消息中携带的MAC地址修改会话的相关信息,进一步地,会话管理网元向终端发送指示消息,用于指示会话修改成功,从而终端可记录该MAC地址,由此,实现了将动态申请接入的远端设备接入到该终端,因而该方法比较灵活。When the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, it may determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message, and further The session management network element sends an indication message to the terminal, which is used to indicate that the session modification is successful, so that the terminal can record the MAC address, thereby implementing the remote device that dynamically requests the access to the terminal, and thus the method is compared. flexible.
第五方面,本申请提供一种远端设备的动态接入方法,该方法包括:会话管理网元接收来自终端的会话修改请求消息,会话修改请求消息包括终端的会话的标识和远端设备的媒体接入控制MAC地址;或者,会话管理网元接收来自用户面网元的通知消息,通知消息包括终端的会话的标识和远端设备的MAC地址,通知消息用于通知修改会话;会话管理网元向认证服务器发送认证请求消息,认证请求消息用于请求对远端设备进行认证;会话管理网元接收来自认证服务器的认证响应消息,认证响应消息用于指示认证成功;会话管理网元根据会话的标识对应的下行隧道的标识和MAC地址,生成转发规则。In a fifth aspect, the present application provides a dynamic access method of a remote device, where the method includes: a session management network element receives a session modification request message from a terminal, where the session modification request message includes an identifier of a session of the terminal and a remote device. The media access control MAC address; or the session management network element receives the notification message from the user plane network element, where the notification message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session; the session management network The element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device; the session management network element receives the authentication response message from the authentication server, and the authentication response message is used to indicate that the authentication is successful; the session management network element is based on the session. The identifier of the downlink tunnel corresponding to the identifier and the MAC address are generated, and a forwarding rule is generated.
当会话管理网元接收到终端的会话修改请求消息或接收到用户面网元的通知消息时,即可确定需要根据会话修改请求消息或通知消息中携带的MAC地址修改会话的相关信息,则会话管理网元请求认证服务器对该MAC地址对应的远端设备进行认证,若认证通过,则会话管理网元根据MAC地址和会话的标识生成新的转发规则,并发送给用户面 网元。从而实现了将动态申请接入的远端设备的MAC地址发送至相应的网元,如用户面网元,以便于后续可以对该MAC地址对应的远端设备发送或接收的数据包进行处理,因而比较灵活。When the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, it can determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message, and the session is The management network element requests the authentication server to authenticate the remote device corresponding to the MAC address. If the authentication succeeds, the session management network element generates a new forwarding rule according to the MAC address and the identifier of the session, and sends the new forwarding rule to the user plane network element. Therefore, the MAC address of the remote device that is dynamically applied for is sent to the corresponding network element, such as the user plane network element, so that the data packet sent or received by the remote device corresponding to the MAC address can be processed later. Therefore, it is more flexible.
在一种可能的实现方式中,会话管理网元根据MAC地址和会话的标识生成转发规则,包括:会话管理网元根据会话的标识对应的下行隧道的标识和MAC地址,生成转发规则,转发规则为MAC地址与下行隧道的标识的对应关系。In a possible implementation, the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including: the session management network element generates a forwarding rule and a forwarding rule according to the identifier and MAC address of the downlink tunnel corresponding to the identifier of the session. Correspondence between the MAC address and the identifier of the downlink tunnel.
上述给出了一种生成转发规则的具体实现方式,该方式比较简单易实现。The above provides a specific implementation manner of generating a forwarding rule, which is relatively simple and easy to implement.
在一种可能的实现方式中,进一步还包括:会话管理网元记录会话的标识对应的下行隧道的标识与MAC地址的对应关系。In a possible implementation manner, the method further includes: the session management network element records the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
如此,会话管理网元可根据MAC地址,对该MAC地址对应的远端设备进行管理。In this way, the session management network element can manage the remote device corresponding to the MAC address according to the MAC address.
在一种可能的实现方式中,进一步还包括:会话管理网元将MAC地址发送至策略控制网元。In a possible implementation manner, the method further includes: the session management network element sends the MAC address to the policy control network element.
如此,策略控制网元可根据MAC地址,对该MAC地址对应的远端设备进行管理。In this way, the policy control network element can manage the remote device corresponding to the MAC address according to the MAC address.
在一种可能的实现方式中,认证请求消息包括MAC地址,MAC地址用于对远端设备进行认证;或者,若会话修改请求消息包括远端设备的标识或通知消息包括远端设备的标识,则认证请求消息包括MAC地址和远端设备的标识,远端设备的标识用于对远端设备进行认证。In a possible implementation, the authentication request message includes a MAC address, where the MAC address is used to authenticate the remote device, or the session modification request message includes the identifier of the remote device or the notification message includes the identifier of the remote device, The authentication request message includes a MAC address and an identifier of the remote device, and the identifier of the remote device is used to authenticate the remote device.
以上给出了两种认证方法,一种方式是使用MAC地址对远端设备进行认证,另一种方式是使用远端设备的标识对远端设备进行认证,可根据实际情况选择一种。The above two authentication methods are provided. One method is to use the MAC address to authenticate the remote device, and the other is to use the identifier of the remote device to authenticate the remote device. You can select one according to the actual situation.
第六方面,本申请提供一种远端设备的动态接入方法,该方法包括:用户面网元通过上行隧道接收来自终端的数据包,数据包中包括远端设备的媒体接入控制MAC地址;用户面网元根据上行隧道的标识,及上行隧道的标识与终端的会话的标识对应关系,确定终端的会话的标识;用户面网元若未记录MAC地址,则向会话管理网元发送通知消息,通知消息包括MAC地址和会话的标识,通知消息用于通知修改会话;用户面网元接收到来自会话管理网元的转发规则,转发规则为会话的标识对应的下行隧道的标识与MAC地址的对应关系。In a sixth aspect, the present application provides a dynamic access method of a remote device, where the method includes: a user plane network element receives a data packet from a terminal by using an uplink tunnel, where the data packet includes a media access control MAC address of the remote device. The user plane network element determines the identifier of the session of the terminal according to the identifier of the uplink tunnel and the identifier of the identifier of the uplink tunnel and the session identifier of the terminal; if the user plane network element does not record the MAC address, the notification is sent to the session management network element. The message, the notification message includes the identifier of the MAC address and the session, and the notification message is used to notify the modification session. The user plane network element receives the forwarding rule from the session management network element, and the forwarding rule is the identifier and MAC address of the downlink tunnel corresponding to the identifier of the session. Correspondence.
在一种可能的实现方式中,还包括:用户面网元确定会话的标识对应的下行隧道的标识关联的MAC地址中,未记录上述数据包中的MAC地址。In a possible implementation manner, the user plane network element determines that the MAC address associated with the identifier of the downlink tunnel corresponding to the identifier of the session does not record the MAC address in the data packet.
也即,用户面网元根据会话的标识,确定会话的标识对应的下行隧道的标识;根据下行隧道的标识,确定该下行隧道的标识关联的MAC地址,然后判断该下行隧道的标识关联的MAC地址中是否包括该数据包中携带的MAC地址,若包括,表明用户面网元记录了该数据包中的MAC地址,若不包括,表明用户面网元未记录该数据包中的MAC地址。That is, the user plane network element determines the identifier of the downlink tunnel corresponding to the identifier of the session according to the identifier of the session; determines the MAC address associated with the identifier of the downlink tunnel according to the identifier of the downlink tunnel, and then determines the MAC associated with the identifier of the downlink tunnel. Whether the MAC address carried in the data packet is included in the address, if included, indicating that the user plane network element records the MAC address in the data packet. If not included, it indicates that the user plane network element does not record the MAC address in the data packet.
第七方面,本申请提供一种装置,该装置可以是终端,也可以是芯片。该装置具有实现上述第一方面的各实施例的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。In a seventh aspect, the application provides a device, which may be a terminal or a chip. The device has the functionality to implement the various embodiments of the first aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
第八方面,本申请提供一种装置,包括:处理器和存储器;该存储器用于存储指令,当该装置运行时,该处理器执行该存储器存储的该指令,以使该装置执行上述第一方面或第一方面的任一实现方法中的远端设备的动态接入方法。需要说明的是,该存储器可 以集成于处理器中,也可以是独立于处理器之外。In an eighth aspect, the application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the first Aspect or dynamic access method of a remote device in any implementation method of the first aspect. It should be noted that the memory may be integrated in the processor or may be independent of the processor.
第九方面,本申请提供一种装置,该装置包括处理器,所述处理器用于与存储器耦合,并读取存储器中的指令并根据所述指令执行上述第一方面或第一方面的任一实现方法中的远端设备的动态接入方法。In a ninth aspect, the application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the first aspect or the first aspect according to the instruction A dynamic access method of a remote device in the implementation method.
第十方面,本申请提供一种装置,该装置可以是终端,也可以是芯片。该装置具有实现上述第二方面的各实施例的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。In a tenth aspect, the application provides a device, which may be a terminal or a chip. The device has the functionality to implement the various embodiments of the second aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
第十一方面,本申请提供一种装置,包括:处理器和存储器;该存储器用于存储指令,当该装置运行时,该处理器执行该存储器存储的该指令,以使该装置执行上述第二方面或第二方面的任一实现方法中的远端设备的动态接入方法。需要说明的是,该存储器可以集成于处理器中,也可以是独立于处理器之外。In an eleventh aspect, the application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing The dynamic access method of the remote device in any of the implementation methods of the second aspect or the second aspect. It should be noted that the memory may be integrated in the processor or may be independent of the processor.
第十二方面,本申请提供一种装置,该装置包括处理器,所述处理器用于与存储器耦合,并读取存储器中的指令并根据所述指令执行上述第二方面或第二方面的任一实现方法中的远端设备的动态接入方法。In a twelfth aspect, the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the second aspect or the second aspect according to the instruction A dynamic access method of a remote device in an implementation method.
第十三方面,本申请提供一种装置,该装置可以是会话管理网元,也可以是芯片。该装置具有实现上述第三方面的各实施例的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。In a thirteenth aspect, the application provides a device, which may be a session management network element or a chip. The device has the functionality to implement the various embodiments of the third aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
第十四方面,本申请提供一种装置,包括:处理器和存储器;该存储器用于存储指令,当该装置运行时,该处理器执行该存储器存储的该指令,以使该装置执行上述第三方面或第三方面的任一实现方法中的远端设备的动态接入方法。需要说明的是,该存储器可以集成于处理器中,也可以是独立于处理器之外。In a fourteenth aspect, the present application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing The dynamic access method of the remote device in any of the implementation methods of the third aspect or the third aspect. It should be noted that the memory may be integrated in the processor or may be independent of the processor.
第十五方面,本申请提供一种装置,该装置包括处理器,所述处理器用于与存储器耦合,并读取存储器中的指令并根据所述指令执行上述第三方面或第三方面的任一实现方法中的远端设备的动态接入方法。In a fifteenth aspect, the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the third aspect or the third aspect according to the instruction A dynamic access method of a remote device in an implementation method.
第十六方面,本申请提供一种装置,该装置可以是会话管理网元,也可以是芯片。该装置具有实现上述第四方面的各实施例的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。In a sixteenth aspect, the application provides a device, which may be a session management network element or a chip. The device has the functionality to implement the various embodiments of the fourth aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
第十七方面,本申请提供一种装置,包括:处理器和存储器;该存储器用于存储指令,当该装置运行时,该处理器执行该存储器存储的该指令,以使该装置执行上述第四方面或第四方面的任一实现方法中的远端设备的动态接入方法。需要说明的是,该存储器可以集成于处理器中,也可以是独立于处理器之外。In a seventeenth aspect, the present application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing The dynamic access method of the remote device in any of the implementation methods of the fourth aspect or the fourth aspect. It should be noted that the memory may be integrated in the processor or may be independent of the processor.
第十八方面,本申请提供一种装置,该装置包括处理器,所述处理器用于与存储器耦合,并读取存储器中的指令并根据所述指令执行上述第四方面或第四方面的任一实现方法中的远端设备的动态接入方法。In an eighteenth aspect, the application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the fourth aspect or the fourth aspect according to the instruction A dynamic access method of a remote device in an implementation method.
第十九方面,本申请提供一种装置,该装置可以是会话管理网元,也可以是芯片。该装置具有实现上述第五方面的各实施例的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。In a nineteenth aspect, the application provides a device, which may be a session management network element or a chip. The device has the functionality to implement the various embodiments of the fifth aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
第二十方面,本申请提供一种装置,包括:处理器和存储器;该存储器用于存储指 令,当该装置运行时,该处理器执行该存储器存储的该指令,以使该装置执行上述第五方面或第五方面的任一实现方法中的远端设备的动态接入方法。需要说明的是,该存储器可以集成于处理器中,也可以是独立于处理器之外。In a twentieth aspect, the present application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing The dynamic access method of the remote device in any of the implementation methods of the fifth aspect or the fifth aspect. It should be noted that the memory may be integrated in the processor or may be independent of the processor.
第二十一方面,本申请提供一种装置,该装置包括处理器,所述处理器用于与存储器耦合,并读取存储器中的指令并根据所述指令执行上述第五方面或第五方面的任一实现方法中的远端设备的动态接入方法。In a twenty-first aspect, the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the fifth aspect or the fifth aspect according to the instruction A dynamic access method of a remote device in any implementation method.
第二十二方面,本申请提供一种装置,该装置可以是用户面网元,也可以是芯片。该装置具有实现上述第六方面的各实施例的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。In a twenty-second aspect, the present application provides a device, which may be a user plane network element or a chip. The device has the function of implementing the various embodiments of the sixth aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
第二十三方面,本申请提供一种装置,包括:处理器和存储器;该存储器用于存储指令,当该装置运行时,该处理器执行该存储器存储的该指令,以使该装置执行上述第六方面或第六方面的任一实现方法中的远端设备的动态接入方法。需要说明的是,该存储器可以集成于处理器中,也可以是独立于处理器之外。In a twenty-third aspect, the application provides an apparatus, comprising: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the above The dynamic access method of the remote device in any of the implementation methods of the sixth aspect or the sixth aspect. It should be noted that the memory may be integrated in the processor or may be independent of the processor.
第二十四方面,本申请提供一种装置,该装置包括处理器,所述处理器用于与存储器耦合,并读取存储器中的指令并根据所述指令执行上述第六方面或第六方面的任一实现方法中的远端设备的动态接入方法。In a twenty-fourth aspect, the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the sixth aspect or the sixth aspect according to the instruction A dynamic access method of a remote device in any implementation method.
第二十五方面,本申请还提供一种系统,该系统包括会话管理网元,所述会话管理网元可用于执行上述第三方面、第四方面、第五方面及第三方面、第四方面、第五方面的任一方法中由会话管理网元执行的步骤。在一个可能的设计中,所述系统还可以包括用户面网元,所述用户面网元可用于执行上述第六方面及第六方面的任一方法中或者本发明实施例提供的方案中由用户面网元执行的步骤。在一个可能的设计中,该系统还可以包括本发明实施例提供的方案中与该会话管理网元和/或用户面网元进行交互的其他设备,例如终端,等等。In a twenty-fifth aspect, the present application further provides a system, where the system includes a session management network element, where the session management network element can be used to perform the foregoing third, fourth, fifth, and third aspects, and fourth The steps performed by the session management network element in any of the methods of the fifth aspect. In a possible design, the system may further include a user plane network element, where the user plane network element may be used to perform the method in any of the sixth and sixth aspects, or the solution provided by the embodiment of the present invention. The steps performed by the user plane network element. In a possible design, the system may further include other devices, such as terminals, and the like that interact with the session management network element and/or the user plane network element in the solution provided by the embodiment of the present invention.
第二十六方面,本申请还提供一种计算机可读存储介质,所述计算机可读存储介质中存储有程序或指令,当其在计算机上运行时,使得计算机执行上述各方面所述的方法。In a twenty-sixth aspect, the present application further provides a computer readable storage medium having stored therein a program or an instruction, when executed on a computer, causing the computer to perform the method described in the above aspects .
第二十七方面,本申请还提供一种包括指令的计算机程序产品,当其在计算机上运行时,使得计算机执行上述各方面所述的方法。In a twenty-seventh aspect, the present application also provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the methods described in the above aspects.
本申请的这些方面或其他方面在以下实施例的描述中会更加简明易懂。These and other aspects of the present application will be more readily apparent from the following description of the embodiments.
附图说明DRAWINGS
图1(a)为本申请提供的一种可能的网络架构示意图;FIG. 1(a) is a schematic diagram of a possible network architecture provided by the present application;
图1(b)为本申请提供的又一种可能的网络架构示意图;FIG. 1(b) is a schematic diagram of still another possible network architecture provided by the present application;
图2为本申请提供的一种远端设备的动态接入方法示意图;2 is a schematic diagram of a dynamic access method of a remote device according to the present application;
图3为本申请提供的又一种远端设备的动态接入方法示意图;FIG. 3 is a schematic diagram of still another method for dynamically accessing a remote device according to the present application; FIG.
图4为本申请提供的一种装置示意图;4 is a schematic diagram of a device provided by the present application;
图5为本申请提供的又一种装置示意图;FIG. 5 is a schematic diagram of still another apparatus provided by the present application; FIG.
图6为本申请提供的又一种装置示意图;Figure 6 is a schematic diagram of still another apparatus provided by the present application;
图7为本申请提供的一种终端示意图;FIG. 7 is a schematic diagram of a terminal provided by the present application;
图8为本申请提供的又一种装置示意图。FIG. 8 is a schematic diagram of still another apparatus provided by the present application.
具体实施方式Detailed ways
为了使本申请的目的、技术方案和优点更加清楚,下面将结合附图对本申请作进一步地详细描述。方法实施例中的具体操作方法也可以应用于装置实施例或系统实施例中。其中,在本申请的描述中,除非另有说明,“多个”的含义是两个或两个以上,“/”的含义为“或”。In order to make the objects, technical solutions and advantages of the present application more clear, the present application will be further described in detail below with reference to the accompanying drawings. The specific method of operation in the method embodiments can also be applied to device embodiments or system embodiments. In the description of the present application, unless otherwise stated, the meaning of "a plurality" is two or more, and the meaning of "/" is "or".
本申请实施例描述的网络架构以及业务场景是为了更加清楚的说明本申请实施例的技术方案,并不构成对于本申请实施例提供的技术方案的限定,本领域普通技术人员可知,随着网络架构的演变和新业务场景的出现,本申请实施例提供的技术方案对于类似的技术问题,同样适用。The network architecture and the service scenario described in the embodiments of the present application are for the purpose of more clearly illustrating the technical solutions of the embodiments of the present application, and do not constitute a limitation of the technical solutions provided by the embodiments of the present application. The technical solutions provided by the embodiments of the present application are equally applicable to similar technical problems.
如图1(a)所示,为本申请适用的一种可能的网络架构示意图。该网络架构包括会话管理网元和用户面网元。可选地,该网络架构还包括终端。进一步地,该网络架构还可以包括远端设备。As shown in FIG. 1(a), a possible network architecture diagram applicable to the present application is shown. The network architecture includes a session management network element and a user plane network element. Optionally, the network architecture further includes a terminal. Further, the network architecture may also include a remote device.
其中,会话管理网元,主要用于移动网络中的会话管理,如会话建立、修改、释放。具体功能如为用户分配IP地址、选择提供报文转发功能的用户面功能网元等。在5G中,会话管理网元可以是会话管理功能(session management function,SMF)网元,当然,在未来通信,如第6代网络(6th generation,6G)中,会话管理网元仍可以是SMF网元,或有其它的名称,本申请不做限定。The session management network element is mainly used for session management in a mobile network, such as session establishment, modification, and release. Specific functions include assigning an IP address to a user, and selecting a user plane function network element that provides a packet forwarding function. In 5G, the session management network element may be a session management function (SMF) network element. Of course, in future communication, such as a 6th generation (6th generation, 6G), the session management network element may still be an SMF. The network element, or other name, is not limited in this application.
用户面网元,主要负责对用户报文进行处理,如转发、计费等。在5G中,网络切片选择网元可以是用户面功能(user plane function,UPF)网元,当然,在未来通信,如6G中,用户面网元仍可以是UPF网元,或有其它的名称,本申请不做限定。The user plane network element is mainly responsible for processing user packets, such as forwarding and accounting. In 5G, the network slice selection network element may be a user plane function (UPF) network element. Of course, in future communications, such as 6G, the user plane network element may still be a UPF network element, or have other names. This application is not limited.
终端,是一种具有中继能力的设备,例如可以是中继用户设备(relay user equipment,relay UE,)、桥接用户设备(bridge user equipment,bridge UE)等。The terminal is a relay capable device, and may be, for example, a relay user equipment (relay user equipment, bridge user equipment, bridge UE).
远端设备,可以通过具有中继能力的终端接入到网络,例如可以是远端用户设备(remote user equipment,remote UE)等。The remote device can access the network through a terminal having a relay capability, for example, a remote user equipment (remote user equipment).
本申请,基于图1(a)所示的网络架构,可实现远端设备的动态接入,具体地,将远端设备接入到终端和核心网。具体地,本申请中的会话管理网元、用户面网元可以具有以下功能。The present application can implement dynamic access of a remote device based on the network architecture shown in FIG. 1(a). Specifically, the remote device is connected to the terminal and the core network. Specifically, the session management network element and the user plane network element in this application may have the following functions.
首先,会话管理网元接收来自终端的会话修改请求消息,会话修改请求消息包括终端的会话的标识和远端设备的MAC地址;或者,会话管理网元接收来自用户面网元的通知消息,通知消息包括终端的会话的标识和远端设备的MAC地址,通知消息用于通知修改会话;然后,会话管理网元根据MAC地址和会话的标识生成转发规则,并将转发规则发送给用户面网元。First, the session management network element receives the session modification request message from the terminal, where the session modification request message includes the identifier of the session of the terminal and the MAC address of the remote device; or the session management network element receives the notification message from the user plane network element, and the notification The message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session. Then, the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the user plane network element. .
当会话管理网元接收到终端的会话修改请求消息或接收到用户面网元的通知消息时,即可确定需要根据会话修改请求消息或通知消息中携带的MAC地址修改会话的相关信息,则会话管理网元根据MAC地址和会话的标识生成新的转发规则,并发送给用户面网元。从而实现了将动态申请接入的远端设备的MAC地址发送至相应的网元,如用户面 网元,以便于后续可以对该MAC地址对应的远端设备发送或接收的数据包进行处理,因而比较灵活。When the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, it can determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message, and the session is The management network element generates a new forwarding rule based on the MAC address and the identifier of the session, and sends the new forwarding rule to the user plane network element. Therefore, the MAC address of the remote device that is dynamically applied for is sent to the corresponding network element, such as the user plane network element, so that the data packet sent or received by the remote device corresponding to the MAC address can be processed later. Therefore, it is more flexible.
在一种可能的实现方式中,会话管理网元根据MAC地址和会话的标识生成转发规则,包括:会话管理网元根据会话的标识对应的下行隧道的标识和MAC地址,生成转发规则,该转发规则为MAC地址与下行隧道的标识的对应关系。In a possible implementation manner, the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including: the session management network element generates a forwarding rule according to the identifier and the MAC address of the downlink tunnel corresponding to the identifier of the session, and the forwarding rule is generated. The rule is the correspondence between the MAC address and the identifier of the downlink tunnel.
在一种可能的实现方式中,进一步还包括:会话管理网元记录会话的标识对应的下行隧道的标识与MAC地址的对应关系。In a possible implementation manner, the method further includes: the session management network element records the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
在一种可能的实现方式中,进一步还包括:会话管理网元将MAC地址发送至策略控制网元。In a possible implementation manner, the method further includes: the session management network element sends the MAC address to the policy control network element.
在一种可能的实现方式中,进一步还包括:会话管理网元向认证服务器发送认证请求消息,认证请求消息用于请求对远端设备进行认证;会话管理网元接收来自认证服务器的认证响应消息,认证响应消息用于指示认证成功。In a possible implementation manner, the method further includes: the session management network element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device; and the session management network element receives the authentication response message from the authentication server. The authentication response message is used to indicate that the authentication is successful.
用户面网元,用于通过上行隧道接收来自终端的数据包,数据包中包括远端设备的媒体接入控制MAC地址;根据上行隧道的标识,及上行隧道的标识与终端的会话的标识对应关系,确定终端的会话的标识;用户面网元若未记录MAC地址,则向会话管理网元发送通知消息,通知消息包括MAC地址和会话的标识,通知消息用于通知修改会话;接收到来自会话管理网元的转发规则,转发规则为会话的标识对应的下行隧道的标识与MAC地址的对应关系。The user plane network element is configured to receive the data packet from the terminal by using the uplink tunnel, where the data packet includes the media access control MAC address of the remote device; and the identifier of the uplink tunnel and the identifier of the uplink tunnel correspond to the identifier of the session of the terminal. The relationship determines the identifier of the session of the terminal; if the user plane network element does not record the MAC address, sends a notification message to the session management network element, where the notification message includes the MAC address and the identifier of the session, and the notification message is used to notify the modification session; The forwarding rule of the session management network element, the forwarding rule is the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
如图1(b)所示,为本申请提供的又一种可能的网络架构示意图。该网络架构是在图1(a)所示的网络架构的基础上,增加了部分其它网元。FIG. 1(b) is a schematic diagram of still another possible network architecture provided by the present application. The network architecture is based on the network architecture shown in Figure 1 (a), adding some other network elements.
图1(b)中,SMF网元和UPF网元分别为图1(a)所示的会话管理网元和用户面网元的一个具体示例。并且,图1(b)中示例性地给出了4个远端设备,分别为远端设备1、远端设备2、远端设备3和远端设备4。其中,远端设备1-远端设备3为固定接入到终端的远端设备,即在终端建立会话的过程中接入的,而远端设备4是需要动态接入的,也即,是在终端建立会话之后动态请求接入的远端设备。本申请,主要介绍远端设备4动态接入的方法。In FIG. 1(b), the SMF network element and the UPF network element are respectively a specific example of the session management network element and the user plane network element shown in FIG. 1(a). Also, four remote devices are exemplarily shown in FIG. 1(b), which are the remote device 1, the remote device 2, the remote device 3, and the remote device 4. The remote device 1 and the remote device 3 are remote devices that are fixedly connected to the terminal, that is, accessed during the process of establishing a session, and the remote device 4 needs to be dynamically accessed, that is, A remote device that dynamically requests access after the terminal establishes a session. This application mainly introduces a method for dynamically accessing the remote device 4.
进一步地,图1(b)中还包括以下网元:Further, the following network elements are further included in FIG. 1(b):
移动性管理网元,主要用于移动网络中的移动性管理,如用户位置更新、用户注册网络、或用户切换等。在5G中,移动性管理网元可以是接入与移动性管理功能(access and mobility management function,AMF)网元,在未来通信,如6G中,移动性管理网元仍可以是AMF网元,或者有其它名称,本申请对此不作限定。图1(b)中以移动性管理网元为AMF网元为例进行说明。The mobility management network element is mainly used for mobility management in a mobile network, such as user location update, user registration network, or user handover. In the 5G, the mobility management network element may be an access and mobility management function (AMF) network element. In future communications, such as 6G, the mobility management network element may still be an AMF network element. Or there are other names, which are not limited in this application. In FIG. 1(b), the mobility management network element is taken as an AMF network element as an example.
策略控制网元,包括用户签约数据管理功能,策略控制功能,计费策略控制功能,或服务质量(quality of service,QoS)控制等。在5G中,策略控制网元可以是策略控制功能(policy control function,PCF)网元,在未来通信如6G中,策略控制网元仍可以是PCF网元,或有其它的名称,本申请不做限定。图1(b)中以策略控制网元为PCF网元为例进行说明。The policy controls the network element, including the user subscription data management function, the policy control function, the charging policy control function, or the quality of service (QoS) control. In the 5G, the policy control network element may be a policy control function (PCF) network element. In future communication, such as 6G, the policy control network element may still be a PCF network element, or have other names. Make a limit. FIG. 1(b) illustrates a case where a policy control network element is a PCF network element.
无线接入网(RAN,Radio Access Network)设备,是一种为终端提供无线通信功能 的设备,包括但不限于:下一代基站(next generation node B,gNB)、无线网络控制器(radio network controller,RNC)、基站控制器(base station controller,BSC)、基站收发台(base transceiver station,BTS)、家庭基站(例如,home evolved nodeB,或home node B,HNB)、基带单元(baseband unit,BBU)、传输点(transmitting and receiving point,TRP)、发射点(transmitting point,TP)、移动交换中心等。本申请中的基站还可以是未来可能出现的其他通信系统中为终端提供无线通信功能的设备。A radio access network (RAN) device is a device that provides wireless communication functions for a terminal, including but not limited to: a next generation base station (bNB), a radio network controller (radio network controller). , RNC), base station controller (BSC), base transceiver station (BTS), home base station (for example, home evolved node B, or home node B, HNB), baseband unit (BBU) ), transmitting and receiving point (TRP), transmitting point (TP), mobile switching center, and the like. The base station in this application may also be a device that provides wireless communication functions for terminals in other communication systems that may occur in the future.
认证服务器,是一种具有认证能力的物理实体或逻辑单元。例如,图1(b)中以认证服务器为数据网络认证授权计费(data network-authentication,authorization and Accounting,DN-AAA)服务器为例进行说明。DN-AAA服务器可以部署在运营商部署的网络内,也可以独立部署于外部数据网络中。An authentication server is a physical entity or logical unit with authentication capabilities. For example, in FIG. 1(b), an authentication server is used as a data network-authentication (authorization and accounting, DN-AAA) server as an example. The DN-AAA server can be deployed in the network deployed by the operator or deployed independently in the external data network.
可以理解的是,上述各网元既可以是硬件设备中的网络元件,也可以是在专用硬件上运行软件功能,或者是平台(例如,云平台)上实例化的虚拟化功能。It can be understood that each of the foregoing network elements can be either a network component in a hardware device, a software function running on dedicated hardware, or a virtualization function instantiated on a platform (eg, a cloud platform).
为方便说明,本申请后续以会话管理网元为SMF网元,用户面网元为UPF网元,策略控制网元为PCF网元为例进行说明。并且,为方便说明,进一步地,将SMF网元、UPF网元、PCF网元,分别简称为SMF、UPF、PCF。后续实施例中任意地方描述的SMF、UPF和PCF,均分别可以替换为会话管理网元、用户面网元和策略控制网元。For convenience of description, the present application uses the session management network element as the SMF network element, the user plane network element as the UPF network element, and the policy control network element as the PCF network element as an example for description. Further, for convenience of explanation, the SMF network element, the UPF network element, and the PCF network element are simply referred to as SMF, UPF, and PCF, respectively. The SMF, the UPF, and the PCF described in any of the following embodiments may be replaced by a session management network element, a user plane network element, and a policy control network element, respectively.
下面结合图1(a)和图1(b),对本申请提供的远端设备的动态接入方法进行说明。The dynamic access method of the remote device provided by the present application is described below with reference to FIG. 1(a) and FIG. 1(b).
如图2所示,为本申请提供的一种远端设备的动态接入方法示意图。该方法包括以下步骤:FIG. 2 is a schematic diagram of a dynamic access method of a remote device provided by the present application. The method includes the following steps:
步骤201,远端设备向终端发送数据包,相应地,终端接收来自远端设备的数据包。Step 201: The remote device sends a data packet to the terminal, and accordingly, the terminal receives the data packet from the remote device.
数据包中包括远端设备的MAC地址。The packet includes the MAC address of the remote device.
本申请中,终端在接收到数据包之后,有两种处理方式,其中,第一种处理方式对应下述的步骤202a,第二种处理方式对应下述的步骤202b。即,可从步骤202a和步骤202b这两种处理方式中二选一。并且,若执行步骤202b,可还需要执行步骤202c。In the present application, after receiving the data packet, the terminal has two processing modes. The first processing mode corresponds to the following step 202a, and the second processing mode corresponds to the following step 202b. That is, one of the two processing methods of step 202a and step 202b can be selected. Moreover, if step 202b is performed, step 202c may be further performed.
也即,本申请将执行步骤202a,或者执行步骤202b-步骤202c。That is, the present application will perform step 202a or perform steps 202b-202c.
步骤202a,终端若确定未记录数据包中的MAC地址,则向SMF发送会话修改请求消息,相应地,SMF接收来自终端的会话修改请求消息。Step 202a: If the terminal determines that the MAC address in the data packet is not recorded, the terminal sends a session modification request message to the SMF, and accordingly, the SMF receives the session modification request message from the terminal.
终端在接收到该远端设备发送的数据包之后,可从数据包中获取到该远端设备的MAC地址,并判断是否记录了该MAC地址。After receiving the data packet sent by the remote device, the terminal may obtain the MAC address of the remote device from the data packet, and determine whether the MAC address is recorded.
其中,终端记录MAC地址的方式,可以是记录该终端的标识与MAC地址的对应关系。进一步地,若终端中有多个MAC地址,则终端还可以生成一个关联的MAC地址列表,然后记录MAC地址列表与该终端的标识之间的对应关系。The manner in which the terminal records the MAC address may be a record of the correspondence between the identifier of the terminal and the MAC address. Further, if there are multiple MAC addresses in the terminal, the terminal may also generate an associated MAC address list, and then record the correspondence between the MAC address list and the identifier of the terminal.
下面以表格的形式,对终端记录MAC地址的方法进行说明。需要说明的是,实际应用中,并不限于以表格的形式记录MAC地址。The method of recording the MAC address of the terminal will be described below in the form of a table. It should be noted that, in practical applications, it is not limited to recording the MAC address in the form of a table.
终端的标识Terminal identification MAC地址MAC address 会话的标识Session identifier
终端ID1Terminal ID1 MAC1MAC1 会话ID1Session ID1
终端ID1Terminal ID1 MAC2MAC2 会话ID1Session ID1
终端ID1Terminal ID1 MAC3MAC3 会话ID1Session ID1
表1-1 终端记录的MAC地址Table 1-1 MAC addresses recorded by the terminal
参照表1-1,假设终端的标识为终端ID1,且终端记录的MAC地址列表当前包括MAC1、MAC2和MAC3,其中,MAC1为远端设备1的MAC地址、MAC2为远端设备2的MAC地址、MAC3为远端设备3的MAC地址。即一个MAC地址对应一个远端设备,此时,MAC地址还可以用于唯一标识一个远端设备。Referring to Table 1-1, it is assumed that the identifier of the terminal is the terminal ID1, and the MAC address list recorded by the terminal currently includes MAC1, MAC2, and MAC3, where MAC1 is the MAC address of the remote device 1, and MAC2 is the MAC address of the remote device 2. MAC3 is the MAC address of the remote device 3. That is, a MAC address corresponds to a remote device. In this case, the MAC address can also be used to uniquely identify a remote device.
当然,还可以是一个远端设备对应多个MAC地址,例如,上述表1-1中MAC1和MAC2为远端设备1的MAC地址,MAC3为远端设备2的MAC地址,则在该情形中,MAC地址不能用于唯一标识一个远端设备。此时,可以用其它标识,比如远端设备的标识来唯一标识一个远端设备。需要说明的是,终端可以获取到远端设备的标识,对于终端获取到远端设备的标识的方法,本申请不做限定。Of course, a remote device may correspond to multiple MAC addresses. For example, in the foregoing Table 1-1, MAC1 and MAC2 are the MAC addresses of the remote device 1, and MAC3 is the MAC address of the remote device 2. In this case, The MAC address cannot be used to uniquely identify a remote device. At this point, other identifiers, such as the identity of the remote device, can be used to uniquely identify a remote device. It is to be noted that the terminal can obtain the identifier of the remote device, and the method for obtaining the identifier of the remote device is not limited in this application.
以表1-1为例,终端当前记录的MAC地址包括MAC1、MAC2和MAC3,表明MAC1、MAC2和MAC3分别对应的远端设备已经接入到终端。For example, in Table 1-1, the MAC address currently recorded by the terminal includes MAC1, MAC2, and MAC3, indicating that the remote device corresponding to MAC1, MAC2, and MAC3 has been connected to the terminal.
进一步地,还可以记录MAC1、MAC2和MAC3分别对应的会话的标识。由于终端接收到远端设备发送的数据包后,需要通过某个会话将该数据包通过用户面的隧道发送至UPF,因此,需要记录MAC地址与会话的标识的对应关系。例如,参考表1-1,由于MAC1对应的会话为会话ID1,因此,远端设备1发送的数据包到达终端后,则终端将通过会话ID1对应的会话,将该数据包发送至UPF。其中会话的标识也可以是与该会话一一映射的其他信息,比如该会话对应的隧道信息。需要说明的是,若终端中只有一个的会话,则还可以不记录对应会话的标识。Further, the identifiers of the sessions corresponding to MAC1, MAC2, and MAC3, respectively, may also be recorded. After receiving the data packet sent by the remote device, the terminal needs to send the data packet to the UPF through the tunnel of the user plane through a certain session. Therefore, the mapping between the MAC address and the identifier of the session needs to be recorded. For example, referring to Table 1-1, since the session corresponding to MAC1 is session ID1, after the data packet sent by the remote device 1 arrives at the terminal, the terminal will send the data packet to the UPF through the session corresponding to the session ID1. The identifier of the session may also be other information mapped to the session, such as the tunnel information corresponding to the session. It should be noted that if there is only one session in the terminal, the identifier of the corresponding session may not be recorded.
进一步地,还可以记录每个MAC地址分别对应的远端设备的标识,例如可以在上述表1-1中再增加一列,用于记录MAC地址分别对应的远端设备的标识,例如,MAC1对应远端设备1的标识,MAC2对应远端设备2的标识,MAC3对应远端设备3的标识。Further, the identifier of the remote device corresponding to each MAC address may be recorded. For example, a column may be further added to the foregoing table 1-1 for recording the identifier of the remote device corresponding to the MAC address, for example, corresponding to MAC1. ID of the remote device 1, MAC2 corresponds to the identifier of the remote device 2, and MAC3 corresponds to the identifier of the remote device 3.
需要说明的是,本申请中,终端中可以建立多个会话,每个会话可以对应一个或多个MAC地址,一个MAC地址对应一个远端设备。本申请,对于终端为MAC地址绑定对应的会话的方式不做限定,例如可以是根据会话当前的负载、会话当前已经关联的MAC地址的数量等因素,为MAC地址绑定一个合适的会话。It should be noted that, in this application, multiple sessions may be established in the terminal, each session may correspond to one or more MAC addresses, and one MAC address corresponds to one remote device. In this application, the manner in which the terminal is configured to bind the MAC address is not limited. For example, the MAC address may be bound to a suitable session according to factors such as the current load of the session and the number of MAC addresses currently associated with the session.
需要说明的是,上述表1-1中,还可以是只记录会话的标识与MAC地址之间的对应关系,不记录与终端的标识的对应关系。即上述表1-1中,可以不记录终端的标识。It should be noted that, in the foregoing Table 1-1, only the correspondence between the identifier of the session and the MAC address may be recorded, and the correspondence relationship with the identifier of the terminal is not recorded. That is, in the above Table 1-1, the identifier of the terminal may not be recorded.
例如,上述步骤201中,向终端发送数据包的远端设备为远端设备4,该远端设备4的MAC地址为MAC4,则远端设备4发送的数据包中包括MAC4。For example, in the foregoing step 201, the remote device that sends the data packet to the terminal is the remote device 4, and the MAC address of the remote device 4 is MAC4, and the data packet sent by the remote device 4 includes the MAC4.
当终端接收到远端设备4发送的数据包后,可从数据包中获取到MAC4,并判断终端是否记录了该MAC地址4。After receiving the data packet sent by the remote device 4, the terminal can obtain the MAC4 from the data packet, and determine whether the terminal records the MAC address 4.
例如,可以从上述表1-1中查找是否记录了MAC4,由于该表1中没有记录该MAC4,因此,终端可以确定未记录数据包中的MAC4,进而可以确定该远端设备4是一个新的远 端设备,即一个新的请求接入到终端的远端设备。For example, it can be found from the above table 1-1 whether MAC4 is recorded. Since the MAC4 is not recorded in the table 1, the terminal can determine that the MAC4 in the unrecorded packet is not recorded, and thus the remote device 4 can be determined to be a new one. The remote device, that is, a new remote device requesting access to the terminal.
当终端确定未记录该MAC4时,终端可以为该远端设备4绑定一个对应的会话,例如,终端为远端设备4绑定的会话也是会话ID1对应的会话(该会话可以称为会话1)。When the terminal determines that the MAC4 is not recorded, the terminal may bind a corresponding session to the remote device 4. For example, the session bound by the terminal to the remote device 4 is also the session corresponding to the session ID1 (the session may be referred to as session 1) ).
进一步地,终端向SMF发送会话修改请求消息,该会话修改请求消息中包括终端的会话的标识和远端设备的MAC地址。例如,该会话修改请求消息中包括会话ID1和MAC4。Further, the terminal sends a session modification request message to the SMF, where the session modification request message includes the identifier of the session of the terminal and the MAC address of the remote device. For example, the session modification request message includes session ID1 and MAC4.
该会话修改请求消息用于请求修改会话,也即用于请求修改会话的信息。其中,会话的信息包括会话对应的MAC地址等信息。可以理解为,该会话修改请求消息将触发SMF对该新的MAC地址对应的远端设备进行验证,以及判断是否记录该新的MAC地址。The session modification request message is used to request a modification session, that is, information for requesting to modify the session. The information of the session includes information such as a MAC address corresponding to the session. It can be understood that the session modification request message will trigger the SMF to verify the remote device corresponding to the new MAC address, and determine whether to record the new MAC address.
作为又一种实现方式,还可以是不执行上述步骤202a,而是执行下述步骤202b-步骤202c。As a further implementation manner, the above step 202a may not be performed, but the following steps 202b to 202c are performed.
步骤202b,终端通过RAN设备向UPF发送数据包,相应地,UPF通过上行隧道接收来自终端的数据包。Step 202b: The terminal sends a data packet to the UPF through the RAN device, and accordingly, the UPF receives the data packet from the terminal through the uplink tunnel.
终端接收到远端设备发送的数据包后,则通过RAN设备将该数据包发送至UPF,也可以理解为,终端通过用户面的隧道向UPF发送数据包。具体地,终端先向RAN设备发送数据包,然后RAN设备通过某个上行隧道将数据包发送至UPF。其中,RAN设备选择上行隧道的方式,可以是根据终端为该MAC地址绑定的会话来选择相应的上行隧道。After receiving the data packet sent by the remote device, the terminal sends the data packet to the UPF through the RAN device. It can also be understood that the terminal sends the data packet to the UPF through the tunnel of the user plane. Specifically, the terminal first sends a data packet to the RAN device, and then the RAN device sends the data packet to the UPF through an uplink tunnel. The manner in which the RAN device selects the uplink tunnel may be that the corresponding uplink tunnel is selected according to the session bound by the terminal for the MAC address.
以表1-1所示的示例为例,终端在建立表1-1所述的会话1的流程中,SMF或UPF为该会话分配了上行隧道资源,包括UPF的IP地址和隧道的标识(例如,隧道端点标识(tunnel endpoint identifier,TEID)),并将分配的上行隧道资源发送给RAN设备。从而RAN设备中记录了会话的标识与上行隧道资源之间的对应关系。Taking the example shown in Table 1-1 as an example, in the process of establishing the session 1 described in Table 1-1, the SMF or the UPF allocates the uplink tunnel resource, including the IP address of the UPF and the identifier of the tunnel. For example, a tunnel endpoint identifier (TEID), and the allocated uplink tunnel resource is sent to the RAN device. Therefore, the correspondence between the identifier of the session and the uplink tunnel resource is recorded in the RAN device.
终端在建立表1-1所述的会话1的流程中,RAN设备会保存空口传输通道(终端与RAN设备之间的传输通道)与上行隧道资源之间的映射关系,因此,终端向RAN设备发送数据包时,RAN设备可以根据空口传输通道确定对应的上行隧道,然后通过确定的上行隧道,将数据包发送给UPF。In the process of establishing the session 1 described in Table 1-1, the RAN device saves the mapping relationship between the air interface transmission channel (the transmission channel between the terminal and the RAN device) and the uplink tunnel resource, and therefore, the terminal moves to the RAN device. When the data packet is sent, the RAN device can determine the corresponding uplink tunnel according to the air interface transmission channel, and then send the data packet to the UPF through the determined uplink tunnel.
步骤202c,UPF若确定未记录该MAC地址,则向SMF发送通知消息,相应地,SMF接收来自UPF的通知消息。Step 202c: If the UPF determines that the MAC address is not recorded, the UPF sends a notification message to the SMF, and accordingly, the SMF receives the notification message from the UPF.
UPF通过上行隧道接收到数据包后,获取数据包中的MAC地址,并判断UPF中是否记录了该MAC地址。After receiving the data packet through the uplink tunnel, the UPF obtains the MAC address in the data packet and determines whether the MAC address is recorded in the UPF.
作为一种实现方式,UPF可以直接从UPF记录的MAC地址列表中,查找是否记录了该MAC地址。比如,UPF可以遍历记录的MAC地址列表,依次查找是否记录了该MAC地址。As an implementation manner, the UPF can directly find out whether the MAC address is recorded from the MAC address list recorded by the UPF. For example, the UPF can traverse the recorded MAC address list and sequentially search for whether the MAC address is recorded.
作为又一种实现方式,UPF可以根据发送该数据包的上行隧道的标识,确定该上行隧道的标识对应的下行隧道的标识,然后判断该下行隧道的标识对应的MAC地址中,是否包括该数据包中的MAC地址。其中,下行隧道的资源是在建立会话过程中,由RAN设备分配的,下行隧道的资源包括RAN设备的IP地址和隧道的标识(例如,TEID)。并且,RAN设备分配的下行隧道的资源会发送给SMF和UPF。可以理解为,一个会话对应一个隧道,该隧道包括上行隧道和下行隧道,其中,上行隧道可以用上行隧道的标识进行指示,上行隧道的资源包括UPF的IP地址和上行隧道的标识;相应地,下行隧道可以用下行隧 道的标识进行指示,下行隧道的资源包括RAN设备的IP地址和下行隧道的标识。As another implementation manner, the UPF may determine the identifier of the downlink tunnel corresponding to the identifier of the uplink tunnel according to the identifier of the uplink tunnel that sends the data packet, and then determine whether the data is included in the MAC address corresponding to the identifier of the downlink tunnel. The MAC address in the package. The resources of the downlink tunnel are allocated by the RAN device during the establishment of the session, and the resources of the downlink tunnel include the IP address of the RAN device and the identifier of the tunnel (for example, TEID). Moreover, the resources of the downlink tunnel allocated by the RAN device are sent to the SMF and the UPF. It can be understood that a session corresponds to a tunnel, and the tunnel includes an uplink tunnel and a downlink tunnel, where the uplink tunnel can be indicated by the identifier of the uplink tunnel, and the resources of the uplink tunnel include the IP address of the UPF and the identifier of the uplink tunnel; The downlink tunnel can be indicated by the identifier of the downlink tunnel, and the resources of the downlink tunnel include the IP address of the RAN device and the identifier of the downlink tunnel.
以上述表1-1的示例为例,终端在建立会话1的过程中,将MAC1、MAC2和MAC3对应到会话ID1,则在该会话建立过程中,UPF中记录了该会话对应的下行隧道的标识,与MAC地址的对应关系。例如,以表格的形式为例,参考表2-1,为UPF中记录的下行隧道的标识与MAC地址的对应关系。Taking the example in Table 1-1 as an example, in the process of establishing session 1, the terminal associates MAC1, MAC2, and MAC3 with the session ID1. In the process of establishing the session, the UPF records the downlink tunnel corresponding to the session. ID, the correspondence with the MAC address. For example, in the form of a table, refer to Table 2-1, which is the correspondence between the identifier of the downlink tunnel and the MAC address recorded in the UPF.
MAC地址MAC address 下行隧道的标识ID of the downstream tunnel
MAC1MAC1 下行隧道标识1 Downstream tunnel identification 1
MAC2MAC2 下行隧道标识1 Downstream tunnel identification 1
MAC3MAC3 下行隧道标识1 Downstream tunnel identification 1
表2-1 UPF记录的MAC地址与下行隧道的标识的对应关系Table 2-1 Correspondence between the MAC address of the UPF record and the identifier of the downlink tunnel
参考表2-1,假设终端发送的数据包包括MAC4,则UPF判断是否记录了数据包中的MAC4的方法为:UPF根据RAN设备发送数据包的上行隧道的标识,确定上行隧道的标识对应的下行隧道标识,例如为下行隧道标识1。然后根据下行隧道标识1,确定对应的MAC地址:MAC1、MAC2和MAC3。由于其中不包括MAC4,因而UPF确定未记录MAC4。Referring to Table 2-1, assuming that the data packet sent by the terminal includes MAC4, the method for determining whether to record the MAC4 in the data packet is as follows: the UPF determines the identifier of the uplink tunnel according to the identifier of the uplink tunnel in which the RAN device sends the data packet. The downlink tunnel identifier is, for example, the downlink tunnel identifier 1. Then, according to the downlink tunnel identifier 1, the corresponding MAC addresses are determined: MAC1, MAC2, and MAC3. Since MAC4 is not included therein, the UPF determines that MAC4 is not recorded.
上述实现方式,UPF首先从记录的所有MAC地址中确定部分MAC地址,该部分MAC地址中可能包括数据包中的MAC地址,然后进一步判断该部分MAC地址中是否包括数据包中的MAC地址。In the above implementation manner, the UPF first determines a partial MAC address from all the MAC addresses recorded, and the partial MAC address may include a MAC address in the data packet, and then further determines whether the MAC address in the data packet is included in the partial MAC address.
采用上述两种方式中的任一种方式,UPF若确定未记录该数据包中的MAC地址,则向SMF发送通知消息,通知消息包括会话的标识和上述MAC地址。In either of the above manners, if the UPF determines that the MAC address in the data packet is not recorded, the UPF sends a notification message to the SMF, where the notification message includes the identifier of the session and the MAC address.
该通知消息用于通知修改会话,也可以理解为,该通知消息用于通知修改会话的信息,或者可以理解为,该通知消息可用于触发SMF对该MAC地址对应的远端设备进行验证。The notification message is used to notify the modification of the session. It can also be understood that the notification message is used to notify the information of the modification session, or it can be understood that the notification message can be used to trigger the SMF to verify the remote device corresponding to the MAC address.
若采用上述步骤202a,则可以理解为通过控制面触发SMF验证该MAC地址对应的远端设备。若采用上述步骤202b-步骤202c,则可以理解通过用户面触发SMF验证该MAC地址对应的远端设备。If the above step 202a is adopted, it can be understood that the SMF is triggered by the control plane to verify the remote device corresponding to the MAC address. If the above steps 202b-202c are used, it can be understood that the SMF is triggered by the user plane to verify the remote device corresponding to the MAC address.
可选地,作为一种实现方式,SMF接收到终端发送的会话修改请求消息或UPF发送的通知消息后,SMF通过认证服务器对该MAC地址对应的远端设备进行验证。即执行下述步骤203-步骤204。Optionally, as an implementation manner, after receiving the session modification request message sent by the terminal or the notification message sent by the UPF, the SMF verifies the remote device corresponding to the MAC address by using the authentication server. That is, the following steps 203 to 204 are performed.
可选地,作为又一种实现方式,SMF接收到终端发送的会话修改请求消息或UPF发送的通知消息后,也可以不对该MAC地址对应的远端设备进行验证,即SMF可以默认该远端设备是合法的。则该实现方式中,不需要执行下述步骤203-步骤204。Optionally, as a further implementation manner, after receiving the session modification request message sent by the terminal or the notification message sent by the UPF, the SMF may not perform verification on the remote device corresponding to the MAC address, that is, the SMF may default to the remote end. The device is legal. In this implementation manner, the following steps 203 to 204 are not required to be performed.
进一步地,可选地,SMF还可以判断本地是否记录了该MAC地址。其中,若SMF本地记录了该MAC地址,则SMF确定该MAC地址不是新的MAC地址,则结束流程。若SMF本地未记录该MAC地址,则SMF确定该MAC地址是新的MAC地址,则SMF继续后续流程,例如执行步骤203-步骤209,或者执行步骤205-步骤209。Further, optionally, the SMF may also determine whether the MAC address is recorded locally. If the SMF locally records the MAC address, the SMF determines that the MAC address is not a new MAC address, and the process ends. If the SMF does not record the MAC address locally, the SMF determines that the MAC address is a new MAC address, and the SMF continues the subsequent process, for example, steps 203-209 are performed, or steps 205-209 are performed.
若执行步骤203-步骤204,则:If steps 203-204 are performed, then:
步骤203,SMF向认证服务器发送认证请求消息,相应地,认证服务器接收来自SMF的认证请求消息。Step 203: The SMF sends an authentication request message to the authentication server. Accordingly, the authentication server receives the authentication request message from the SMF.
认证请求消息用于请求对远端设备进行认证。The authentication request message is used to request authentication of the remote device.
作为一种实现方式,由于一个MAC地址只分配给一个远端设备,因此可以使用MAC地址标识一个远端设备。则上述认证请求消息中可以包括MAC地址,认证服务器可以通过该MAC地址,对该MAC地址对应的远端设备进行验证。例如可以向该远端设备发送一个认证信息(如验证码等),当认证服务器接收到远端设备回复的正确的认证信息,则验证成功。否则,认证失败。As an implementation, since a MAC address is only assigned to one remote device, a remote device can be identified by using a MAC address. The authentication request message may include a MAC address, and the authentication server may verify the remote device corresponding to the MAC address by using the MAC address. For example, an authentication information (such as a verification code, etc.) may be sent to the remote device. When the authentication server receives the correct authentication information replied by the remote device, the verification succeeds. Otherwise, the authentication fails.
作为另一种实现方式,若使用远端设备的标识来唯一标识一个远端设备,则可以在上述认证请求消息携带MAC地址和远端设备的标识,该远端设备的标识用于对远端设备进行认证。认证服务器可以通过该远端设备的标识,对该远端设备进行验证。例如可以向该远端设备发送一个认证信息(如验证码等),当认证服务器接收到远端设备回复的正确的认证信息,则验证成功。否则,认证失败。其中,该远端设备的标识可以是携带于会话修改请求消息中发送至SMF,或者是携带于通知消息中发送至SMF。As another implementation manner, if the identifier of the remote device is used to uniquely identify a remote device, the authentication request message may carry the MAC address and the identifier of the remote device, where the identifier of the remote device is used for the remote device. The device is certified. The authentication server can authenticate the remote device by using the identifier of the remote device. For example, an authentication information (such as a verification code, etc.) may be sent to the remote device. When the authentication server receives the correct authentication information replied by the remote device, the verification succeeds. Otherwise, the authentication fails. The identifier of the remote device may be carried in the session modification request message and sent to the SMF, or carried in the notification message and sent to the SMF.
步骤204,认证服务器向SMF发送认证响应消息,相应地,SMF接收来自认证服务器的认证响应消息。Step 204: The authentication server sends an authentication response message to the SMF, and accordingly, the SMF receives the authentication response message from the authentication server.
若认证服务器对终端设备认证成功,则向SMF发送认证响应消息,该认证响应消息用于指示认证成功。If the authentication of the terminal device is successful, the authentication response message is sent to the SMF, and the authentication response message is used to indicate that the authentication is successful.
可选地,该认证响应消息中还携带MAC地址,该MAC地址即为上述步骤203中认证请求消息中携带的MAC地址。Optionally, the authentication response message further carries a MAC address, where the MAC address is the MAC address carried in the authentication request message in the foregoing step 203.
步骤203-步骤204是可选的。SMF也可以在收到202c通知消息后,就执行步骤205。若执行了上述步骤203-步骤204,则是由认证服务器对该终端设备认证成功。若未执行上述步骤203-步骤204,可以认为SMF默认该远端设备是可信的。Steps 203 - 204 are optional. The SMF may also perform step 205 after receiving the 202c notification message. If the above steps 203 to 204 are performed, the authentication of the terminal device by the authentication server is successful. If the above steps 203-204 are not performed, it can be considered that the SMF defaults that the remote device is trusted.
步骤205,SMF向终端发送指示消息,相应地,终端接收来自SMF的指示消息。Step 205: The SMF sends an indication message to the terminal, and accordingly, the terminal receives the indication message from the SMF.
指示消息用于指示会话修改成功。The indication message is used to indicate that the session modification was successful.
步骤206,终端记录该MAC地址。In step 206, the terminal records the MAC address.
终端记录该MAC地址的方式为:终端将MAC地址加入到关联的MAC地址列表,关联的MAC地址列表包括至少一个MAC地址,一个MAC地址对应一个远端设备,一个远端设备对应至少一个MAC地址。或者,终端记录终端的标识与MAC地址的对应关系。或者,可以如表1-1所示,将新的MAC地址加入到上述表1-1。The manner in which the terminal records the MAC address is: the terminal adds the MAC address to the associated MAC address list, and the associated MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address. . Alternatively, the terminal records the correspondence between the identifier of the terminal and the MAC address. Alternatively, a new MAC address can be added to Table 1-1 as shown in Table 1-1.
例如,若新的MAC地址为MAC4,且该MAC4绑定的会话也是会话ID1,则将该MAC4加入到表1-1之后,得到表1-2。For example, if the new MAC address is MAC4, and the session bound by the MAC4 is also the session ID1, the MAC4 is added to the table 1-1, and Table 1-2 is obtained.
终端的标识Terminal identification MAC地址MAC address 会话的标识Session identifier
终端ID1Terminal ID1 MAC1MAC1 会话ID1Session ID1
终端ID1Terminal ID1 MAC2MAC2 会话ID1Session ID1
终端ID1Terminal ID1 MAC3MAC3 会话ID1Session ID1
终端ID1Terminal ID1 MAC4MAC4 会话ID1Session ID1
表1-2 终端记录的MAC地址Table 1-2 MAC addresses recorded by the terminal
通过上述步骤201、步骤202a、步骤205和步骤206,当终端确定未记录数据包中的MAC地址时,即确定该MAC地址对应的远端设备是新的远端设备,也即是未接入该终端的远端设备,因此,该终端向会话管理网元发送会话修改请求消息,用于请求修改会话,则会话管理网元在接收到该会话修改请求消息后,根据该MAC地址修改会话的相关信息,并通知终端记录该MAC地址。由此,实现了将动态申请接入的远端设备接入到该终端,比较灵活。After the terminal determines that the MAC address in the data packet is not recorded, the terminal determines that the remote device corresponding to the MAC address is a new remote device, that is, is not accessed. The remote device of the terminal, the terminal sends a session modification request message to the session management network element, and is used to request to modify the session. After receiving the session modification request message, the session management network element modifies the session according to the MAC address. Related information, and inform the terminal to record the MAC address. Therefore, the remote device that dynamically requests the access is accessed to the terminal, which is relatively flexible.
或者,通过上述步骤201、步骤202b、步骤202c、步骤205和步骤206,终端将该数据包发送至用户面网元,当用户面网元确定未记录数据包中的MAC地址时,则用户面网元触发会话管理网元根据该MAC地址修改会话的相关信息,并通知终端记录该MAC地址。由此,实现了将动态申请接入的远端设备接入到该终端,比较灵活。Alternatively, the terminal sends the data packet to the user plane network element by using the foregoing step 201, step 202b, step 202c, step 205, and step 206. When the user plane network element determines the MAC address in the unrecorded data packet, the user plane The network element triggers the session management network element to modify the related information of the session according to the MAC address, and notifies the terminal to record the MAC address. Therefore, the remote device that dynamically requests the access is accessed to the terminal, which is relatively flexible.
步骤207,SMF记录该MAC地址与会话的标识之间的对应关系。Step 207: The SMF records the correspondence between the MAC address and the identifier of the session.
作为一种实现方式,SMF记录该MAC地址与会话的标识之间的对应关系,具体为:SMF记录会话的标识对应的下行隧道的标识与MAC地址的对应关系。As an implementation manner, the SMF records the correspondence between the MAC address and the identifier of the session, where the SMF records the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
例如,SMF记录MAC地址的方式,可以同UPF记录MAC地址的方式相同。以表2-1为例,则SMF中也记录了上述表2-1的信息。若上述各步骤中的数据包终端MAC地址为MAC4,则SMF记录该MAC4之后,得到表2-2。For example, the way the SMF records the MAC address can be the same as the way the UPF records the MAC address. Taking Table 2-1 as an example, the information in Table 2-1 above is also recorded in the SMF. If the packet terminal MAC address in each of the above steps is MAC4, the SMF records the MAC4 and obtains Table 2-2.
MAC地址MAC address 下行隧道的标识ID of the downstream tunnel
MAC1MAC1 下行隧道标识1 Downstream tunnel identification 1
MAC2MAC2 下行隧道标识1 Downstream tunnel identification 1
MAC3MAC3 下行隧道标识1 Downstream tunnel identification 1
MAC4MAC4 下行隧道标识1 Downstream tunnel identification 1
表2-2 SMF记录的MAC地址与下行隧道的标识的对应关系Table 2-2 Correspondence between the MAC address of the SMF record and the identifier of the downlink tunnel
进一步地,还可以包括以下步骤:Further, the following steps may also be included:
步骤208,SMF根据MAC地址和会话的标识生成转发规则,并将转发规则发送给UPF,相应地,UPF接收来自SMF的转发规则。Step 208: The SMF generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the UPF. Accordingly, the UPF receives the forwarding rule from the SMF.
作为一种实现方式,该转发规则可以是会话的标识对应的下行隧道的标识与MAC地址的对应关系。因此,若上述各步骤中的数据包终端MAC地址为MAC4,则SMF向UPF发送的转发规则为(MAC4,下行隧道标识1)。UPF接收到该转发规则后,存储该转发规则。As an implementation manner, the forwarding rule may be a correspondence between an identifier of a downlink tunnel and a MAC address corresponding to the identifier of the session. Therefore, if the MAC address of the data packet terminal in the above steps is MAC4, the forwarding rule sent by the SMF to the UPF is (MAC4, downlink tunnel identifier 1). After receiving the forwarding rule, the UPF stores the forwarding rule.
作为示例,若UPF是以表2-1的方式记录MAC地址与下行隧道的标识的对应关系,则UPF接收到转发规则后,可以根据该转发规则更新上述表2-1,得到如上所示的表2-2。As an example, if the UPF records the correspondence between the MAC address and the identifier of the downlink tunnel in the manner of Table 2-1, after receiving the forwarding rule, the UPF may update the above table 2-1 according to the forwarding rule to obtain the foregoing Table 2-2.
进一步地,还可以包括以下步骤:Further, the following steps may also be included:
步骤209,SMF将MAC地址发送至PCF。In step 209, the SMF sends the MAC address to the PCF.
其中,PCF上可以记录MAC地址与SMF的信息(如标识信息或地址信息等)之间的对应关系。The correspondence between the MAC address and the SMF information (such as identification information or address information, etc.) can be recorded on the PCF.
需要说明的是,上述方法中的步骤205-步骤209之间没有严格的执行顺序。具体地,步骤205、步骤207、步骤208、步骤209之间的顺序可以是任意的,而对于步骤206,只要是在步骤205之后执行即可。It should be noted that there is no strict execution order between steps 205 and 209 in the above method. Specifically, the order between step 205, step 207, step 208, and step 209 may be arbitrary, and for step 206, it may be performed after step 205.
通过本申请提供的上述方法,可实现远端设备的动态接入,因而提供了一种更为灵活的通信方法。Through the above method provided by the present application, dynamic access of the remote device can be realized, thus providing a more flexible communication method.
下面给出一个具体的实施例,对上述远端设备的动态接入方法进行说明。A specific embodiment is given below to describe the dynamic access method of the remote device.
如图3所示,为本申请提供的又一种远端设备的动态接入方法示意图。作为示例,远端设备1的MAC地址为MAC1,远端设备2的MAC地址为MAC2,远端设备3的MAC地址为MAC3,远端设备4的MAC地址为MAC4。且远端设备1、远端设备2和远端设备3是在终端建立会话的过程中接入的,而远端设备4则是动态请求接入的。FIG. 3 is a schematic diagram of another dynamic access method of a remote device provided by the present application. As an example, the MAC address of the remote device 1 is MAC1, the MAC address of the remote device 2 is MAC2, the MAC address of the remote device 3 is MAC3, and the MAC address of the remote device 4 is MAC4. The remote device 1, the remote device 2, and the remote device 3 are accessed during the process of establishing a session, and the remote device 4 is dynamically requested to access.
进一步地,在DN-AAA(DN-AAA为认证服务器的一种具体示例)上预先配置(例如可以是人工配置)了远端设备1、远端设备2和远端设备3的MAC地址及MAC地址对应的终端的标识。例如,DN-AAA上记录的信息为:(终端的标识,MAC1,MAC2,MAC3)。Further, the MAC address and MAC of the remote device 1, the remote device 2, and the remote device 3 are pre-configured (for example, may be manually configured) on the DN-AAA (DN-AAA is a specific example of the authentication server). The identifier of the terminal corresponding to the address. For example, the information recorded on the DN-AAA is: (identity of the terminal, MAC1, MAC2, MAC3).
该方法包括三部分,其中第一部分为远端设备1、远端设备2和远端设备3的接入过程,包括下述的步骤1-步骤4;第二部分为远端设备4的动态接入过程,包括下述的步骤5-步骤10d;第三部分为上下行数据包的正常处理流程,包括下述的步骤11-步骤15。The method comprises three parts, wherein the first part is an access process of the remote device 1, the remote device 2 and the remote device 3, including the following steps 1 - 4; the second part is the dynamic connection of the remote device 4 The process includes the following steps 5 - 10d; the third part is the normal processing flow of the uplink and downlink data packets, including the following steps 11 - 15.
首先,介绍在建立会话的流程中,终端和各个网元记录MAC地址(MAC1、MAC2和MAC3)的流程。First, the flow of the MAC address (MAC1, MAC2, and MAC3) recorded by the terminal and each network element in the process of establishing a session is described.
步骤1,终端向AMF发送会话建立请求消息,相应地,AMF接收来自终端的会话建立请求消息。Step 1: The terminal sends a session establishment request message to the AMF, and accordingly, the AMF receives the session establishment request message from the terminal.
该会话建立请求消息中携带终端的标识,会话的标识(如协议数据单元(protocol data unit,PDU)会话的标识),网络切片,数据网络名称(data network name,DNN),以太网会话类型等。The session establishment request message carries the identifier of the terminal, the identifier of the session (such as the identifier of a protocol data unit (PDU) session), the network slice, the data network name (DNN), the Ethernet session type, and the like. .
其中,会话的标识用于表示终端建立的会话。网络切片和DNN由AMF用来选择合适的SMF。以太网会话类型用于指示建立的会话为以太网会话。The identifier of the session is used to indicate the session established by the terminal. The network slice and DNN are used by the AMF to select the appropriate SMF. The Ethernet session type is used to indicate that the established session is an Ethernet session.
步骤2,AMF将会话建立请求消息转发到选择的SMF。In step 2, the AMF forwards the session establishment request message to the selected SMF.
该步骤,AMF根据DNN和网络切片,选择一个合适的SMF,然后将会话建立请求消息转发至SMF。In this step, the AMF selects a suitable SMF according to the DNN and the network slice, and then forwards the session establishment request message to the SMF.
步骤3a,SMF根据本地策略(如接收到DNN的会话请求或以太网类型会话),决定向DN-AAA发送会话认证/授权请求消息。In step 3a, the SMF decides to send a session authentication/authorization request message to the DN-AAA according to the local policy (such as receiving the DNN session request or the Ethernet type session).
该会话认证/授权请求消息中包括终端的标识。The session authentication/authorization request message includes an identifier of the terminal.
步骤3b,DN-AAA向SMF发送会话认证/授权回复消息。In step 3b, the DN-AAA sends a session authentication/authorization reply message to the SMF.
该会话认证/授权回复消息中携带DN-AAA上预配置的,与该终端的标识对应的MAC地址。The session authentication/authorization reply message carries a MAC address corresponding to the identifier of the terminal pre-configured on the DN-AAA.
基于该实施例给出的具体示例,则该会话认证/授权回复消息中包括MAC1、MAC2和MAC3。Based on the specific example given in this embodiment, the session authentication/authorization reply message includes MAC1, MAC2, and MAC3.
步骤4,SMF建立会话对应的上下行隧道,以及,在UPF上存储MAC地址与会话的标识之间的对应关系。Step 4: The SMF establishes an uplink and downlink tunnel corresponding to the session, and stores a correspondence between the MAC address and the identifier of the session on the UPF.
该步骤中,需要执行的操作主要包括:In this step, the operations that need to be performed mainly include:
第一,建立会话对应的上下行隧道。First, establish an uplink and downlink tunnel corresponding to the session.
SMF发起N4会话建立请求到UPF,SMF或UPF分配UPF上行隧道资源(包括TEID和UPF的IP地址),并将上行隧道资源通知给RAN设备。RAN设备分配下行隧道资源(包括TEID和RAN设备的IP地址),并将下行隧道资源通知给UPF。这样就建立好了会话的上下行隧道。The SMF initiates an N4 session establishment request to the UPF. The SMF or the UPF allocates UPF uplink tunnel resources (including the IP addresses of the TEID and the UPF), and notifies the RAN device of the uplink tunnel resources. The RAN device allocates downlink tunnel resources (including the TEID and the IP address of the RAN device), and notifies the UPF of the downlink tunnel resource. This establishes the upstream and downstream tunnels of the session.
第二,UPF记录MAC地址和会话的标识的对应关系。Second, the UPF records the correspondence between the MAC address and the identity of the session.
一种实现方式为,SMF将转发规则,即MAC地址和下行隧道标识的对应关系发送给UPF。其中,这里的MAC地址为DN-AAA通过步骤3b发送至SMF的MAC地址。In an implementation manner, the SMF sends the forwarding rule, that is, the correspondence between the MAC address and the downlink tunnel identifier to the UPF. The MAC address here is the MAC address that the DN-AAA sends to the SMF through step 3b.
另一种实现方式为,SMF将MAC地址通知给UPF,UPF生成转发规则,即MAC地址和下行隧道标识的对应关系。其中,这里的MAC地址为DN-AAA通过步骤3b发送至SMF的MAC地址。In another implementation manner, the SMF notifies the UPF of the MAC address, and the UPF generates a forwarding rule, that is, a correspondence between the MAC address and the downlink tunnel identifier. The MAC address here is the MAC address that the DN-AAA sends to the SMF through step 3b.
例如,若以表格的形式表示UPF记录的MAC地址和下行隧道标识的对应关系,则UPF记录的内容如上述表2-1所示。For example, if the correspondence between the MAC address of the UPF record and the downlink tunnel identifier is expressed in the form of a table, the contents of the UPF record are as shown in Table 2-1 above.
可选地,在SMF中也可以记录MAC地址和下行隧道标识的对应关系。若以表格的形式表示SMF记录的MAC地址和下行隧道标识的对应关系,则SMF记录的内容也如上述表2-1所示。Optionally, the correspondence between the MAC address and the downlink tunnel identifier may also be recorded in the SMF. If the correspondence between the MAC address of the SMF record and the downlink tunnel identifier is expressed in the form of a table, the content of the SMF record is also as shown in Table 2-1 above.
可选地,还包括:Optionally, it also includes:
第三,SMF将MAC地址通知到PCF,PCF记录MAC地址和SMF的对应关系。Third, the SMF notifies the PCF of the MAC address, and the PCF records the correspondence between the MAC address and the SMF.
PCF记录MAC地址和SMF的对应关系,以便后续PCF可以根据MAC地址找到对应的会话。比如,应用功能(application function,AF)网元发送给PCF的消息中可能未携带终端的标识,而是携带了MAC地址、DNN和网络切片等信息,则PCF可以根据MAC地址找到对应的SMF,然后将MAC地址发送给对应的SMF,由SMF根据MAC地址找到对应的会话的标识,并将会话的标识发送给PCF,从而PCF可以通过以上方法获取到会话的标识。The PCF records the correspondence between the MAC address and the SMF so that the subsequent PCF can find the corresponding session according to the MAC address. For example, the message sent by the application function (AF) network element to the PCF may not carry the identifier of the terminal, but carries the information such as the MAC address, the DNN, and the network slice, and the PCF may find the corresponding SMF according to the MAC address. Then, the MAC address is sent to the corresponding SMF, and the SMF finds the identifier of the corresponding session according to the MAC address, and sends the identifier of the session to the PCF, so that the PCF can obtain the identifier of the session by using the above method.
接下来,如果有新的远端设备,比如远端设备4需要动态接入到终端,则可以通过下述步骤5-步骤10d来实现。Next, if there is a new remote device, such as the remote device 4, which needs to dynamically access the terminal, it can be implemented by the following step 5 - step 10d.
步骤5,终端接收远端设备4发送的数据包。Step 5: The terminal receives the data packet sent by the remote device 4.
数据包中包括远端设备4的MAC地址,即MAC4。The data packet includes the MAC address of the remote device 4, that is, MAC4.
接下来执行步骤6a及步骤7-步骤10d,其中,步骤6a是通过控制面触发SMF修改 会话的信息;或者,执行步骤6b-步骤6c及步骤7-步骤10d,其中,步骤6b-步骤6c是通过用户面触发SMF修改会话的信息。Next, step 6a and step 7 - step 10d are performed, wherein step 6a is information for triggering the SMF to modify the session by the control plane; or, step 6b - step 6c and step 7 - step 10d are performed, wherein step 6b - step 6c is The SMF is used to modify the session information through the user plane.
步骤6a,终端发送会话修改请求消息到SMF,相应地,SMF接收该会话修改请求消息。In step 6a, the terminal sends a session modification request message to the SMF, and accordingly, the SMF receives the session modification request message.
终端确定未记录MAC4,进而确定有新的远端设备尝试接入。则终端向SMF发送会话修改请求消息,会话修改请求消息中携带MAC地址(远端设备4的MAC地址为MAC4)和会话的标识。例如,终端为远端设备关联的会话的标识为会话ID1。The terminal determines that MAC4 is not recorded, thereby determining that a new remote device is attempting to access. Then, the terminal sends a session modification request message to the SMF, where the session modification request message carries a MAC address (the MAC address of the remote device 4 is MAC4) and the identifier of the session. For example, the identifier of the session that the terminal associates with the remote device is session ID1.
可选地,会话修改请求消息中还包括远端设备4的标识。Optionally, the session modification request message further includes an identifier of the remote device 4.
步骤6b,终端将数据包发送到UPF,相应地,UPF接收终端发送的数据包。In step 6b, the terminal sends the data packet to the UPF, and correspondingly, the UPF receives the data packet sent by the terminal.
数据包中包括远端设备4的MAC地址,即MAC4。The data packet includes the MAC address of the remote device 4, that is, MAC4.
步骤6c,UPF确定未记录MAC4,则发送通知消息到SMF,相应地,SMF接收来自UPF的通知消息。In step 6c, the UPF determines that the MAC4 is not recorded, and then sends a notification message to the SMF, and accordingly, the SMF receives the notification message from the UPF.
通知消息中包括MAC4和会话的标识(即会话ID1)。例如,UPF通过查找记录的上述表2-1,确定未记录MAC4。The notification message includes the identity of the MAC4 and the session (ie, session ID1). For example, the UPF determines that MAC4 is not recorded by looking up the above table 2-1 of the record.
下面说明UPF确定通知消息中携带的会话的标识的具体实现方式。The specific implementation manner of the identifier of the session carried in the UPF determination notification message is described below.
一种实现方式为,UPF在上述步骤1-步骤4的会话建立流程中,还记录了上行隧道标识与会话的标识之间的对应关系。因此,UPF可以通过步骤6b,根据接收到数据包的上行隧道的标识,确定该上行隧道的标识对应的会话的标识。例如,以表格的记录形式为例,则UPF上记录了如表3-1所示的上行隧道标识与会话的标识之间的对应关系。In an implementation manner, the UPF records the correspondence between the uplink tunnel identifier and the identifier of the session in the session establishment process of Step 1 to Step 4. Therefore, the UPF may determine, according to the identifier of the uplink tunnel of the received data packet, the identifier of the session corresponding to the identifier of the uplink tunnel. For example, taking the record form of the table as an example, the correspondence between the uplink tunnel identifier and the identifier of the session as shown in Table 3-1 is recorded on the UPF.
上行隧道的标识Identification of the uplink tunnel 会话的标识Session identifier
上行隧道标识1 Uplink tunnel identification 1 会话ID1Session ID1
上行隧道标识2Uplink tunnel identification 2 会话ID2Session ID2
表3-1 上行隧道标识与会话的标识之间的对应关系Table 3-1 Correspondence between the identifier of the uplink tunnel and the identifier of the session
作为又一种实现方式,还可以是UPF在上述步骤1-步骤4的会话建立流程中,记录了上行隧道标识与N4会话标识之前的对应关系,以及记录了N4会话标识与会话的标识之间的对应关系。因此,UPF可以通过步骤6b,根据接收到数据包的上行隧道的标识,确定该上行隧道的标识对应的N4会话标识,然后根据N4会话标识,确定该N4会话标识对应的会话的标识。例如,以表格的记录形式为例,则UPF上记录了如表3-2所示的上行隧道标识与N4会话标识之间的对应关系,以及记录了如表3-3所示的N4会话标识与会话的标识之间的对应关系。As a further implementation manner, the UPF may record the correspondence between the uplink tunnel identifier and the N4 session identifier in the session establishment process of Step 1 to Step 4, and record the identifier between the N4 session identifier and the session. Correspondence. Therefore, the UPF may determine the N4 session identifier corresponding to the identifier of the uplink tunnel according to the identifier of the uplink tunnel that receives the data packet, and then determine the identifier of the session corresponding to the N4 session identifier according to the N4 session identifier. For example, taking the form of the form of the table as an example, the correspondence between the uplink tunnel identifier and the N4 session identifier as shown in Table 3-2 is recorded on the UPF, and the N4 session identifier as shown in Table 3-3 is recorded. Correspondence with the identity of the session.
其中,N4指的是UPF与SMF之间的接口,N4会话指的是UPF与SMF之间通信所使用的的会话的标识。N4 refers to the interface between the UPF and the SMF, and the N4 session refers to the identifier of the session used by the communication between the UPF and the SMF.
上行隧道的标识Identification of the uplink tunnel N4会话标识N4 session ID
上行隧道标识1Uplink tunnel identification 1 N4会话ID1N4 session ID1
上行隧道标识2Uplink tunnel identification 2 N4会话ID2N4 session ID2
表3-2 上行隧道标识与N4会话标识之间的对应关系Table 3-2 Mapping between the uplink tunnel identifier and the N4 session identifier
会话的标识Session identifier N4会话标识N4 session ID
会话ID1Session ID1 N4会话ID1N4 session ID1
会话ID2Session ID2 N4会话ID2N4 session ID2
表3-3 会话的标识与N4会话标识之间的对应关系Table 3-3 Mappings between session IDs and N4 session IDs
可选地,UPF中还可以维护一个黑名单,黑名单用于记录禁止的MAC地址。当UPF接收到包括了黑名单中的MAC地址的数据包时,则直接将数据包丢弃,而无需通知给SMF。Optionally, a blacklist can also be maintained in the UPF, and the blacklist is used to record the forbidden MAC address. When the UPF receives a packet including the MAC address in the blacklist, it directly discards the packet without notifying the SMF.
步骤7,SMF决定发起会话二次认证授权。In step 7, the SMF decides to initiate a session secondary authentication authorization.
SMF可根据下列方式判断是否发起会话二次认证授权:SMF判断是否记录该MAC地址(即MAC4),若记录了该MAC地址,则SMF决定不发起会话二次认证授权,转到步骤10d;若未记录该MAC地址,则决定发起会话二次认证授权。The SMF may determine whether to initiate the session secondary authentication authorization according to the following manner: the SMF determines whether to record the MAC address (ie, MAC4), and if the MAC address is recorded, the SMF decides not to initiate the session secondary authentication and authorization, and proceeds to step 10d; If the MAC address is not recorded, it is decided to initiate a session secondary authentication authorization.
该步骤7为可选步骤,若不执行步骤7,则SMF默认需要发起会话二次认证授权。The step 7 is an optional step. If the step 7 is not performed, the SMF needs to initiate a session secondary authentication and authorization by default.
步骤8a,SMF向DN-AAA发送会话认证/授权请求消息,相应地,DN-AAA接收来自SMF的会话认证/授权请求消息。In step 8a, the SMF sends a session authentication/authorization request message to the DN-AAA, and accordingly, the DN-AAA receives the session authentication/authorization request message from the SMF.
该会话认证/授权请求消息包括MAC4,该MAC4用于标识远端设备4。The session authentication/authorization request message includes a MAC 4, which is used to identify the remote device 4.
或者,会话认证/授权请求消息包括MAC4和远端设备4的标识,该远端设备4的标识用于标识远端设备4。Alternatively, the session authentication/authorization request message includes the identifiers of the MAC 4 and the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4.
或者,会话认证/授权请求消息包括远端设备4的标识,该远端设备4的标识用于标识远端设备4。Alternatively, the session authentication/authorization request message includes an identifier of the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4.
DN-AAA对远端设备4进行认证。具体认证过程可参考现有技术相关方案,这里不再赘述。The DN-AAA authenticates the remote device 4. For the specific authentication process, refer to the related art related solutions, and details are not described herein again.
需要说明的是,若会话认证/授权请求消息包括MAC4和远端设备4的标识,该远端设备4的标识用于标识远端设备4,则DN-AAA基于该远端设备4的标识对远端设备4进行验证。It should be noted that, if the session authentication/authorization request message includes the identifiers of the MAC4 and the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4, the DN-AAA is based on the identifier of the remote device 4. The remote device 4 performs verification.
若该会话认证/授权请求消息包括MAC4,该MAC4用于标识远端设备4,则DN-AAA基于该MAC4对远端设备4进行验证。If the session authentication/authorization request message includes MAC4, and the MAC4 is used to identify the remote device 4, the DN-AAA authenticates the remote device 4 based on the MAC4.
或者,会话认证/授权请求消息包括MAC4和远端设备4的标识,该远端设备4的标识用于标识远端设备4,则DN-AAA基于该远端设备4的标识对远端设备4进行验证。Alternatively, the session authentication/authorization request message includes the identifiers of the MAC4 and the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4, and the DN-AAA is based on the identifier of the remote device 4 to the remote device 4. authenticating.
或者,会话认证/授权请求消息包括远端设备4的标识,该远端设备4的标识用于标 识远端设备4,则DN-AAA基于该远端设备4的标识对远端设备4进行验证。Alternatively, the session authentication/authorization request message includes the identifier of the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4, and the DN-AAA authenticates the remote device 4 based on the identifier of the remote device 4. .
步骤8b,DN-AAA向SMF发送会话认证/授权回复消息,相应地,SMF接收来自DN-AAA的会话认证/授权回复消息。In step 8b, the DN-AAA sends a session authentication/authorization reply message to the SMF, and accordingly, the SMF receives the session authentication/authorization reply message from the DN-AAA.
若认证成功,则会话认证/授权回复消息指示认证成功。If the authentication is successful, the session authentication/authorization reply message indicates that the authentication is successful.
例如,作为一种实现方式,若上述会话认证/授权请求消息包括MAC4,则当认证成功时,可在会话认证/授权回复消息中携带该MAC4,当SMF接收到会话认证/授权回复消息,确定其中包括MAC4时,则确定认证成功。For example, as an implementation manner, if the session authentication/authorization request message includes the MAC4, when the authentication succeeds, the MAC4 may be carried in the session authentication/authorization reply message, and when the SMF receives the session authentication/authorization reply message, determining When MAC4 is included, the authentication is determined to be successful.
作为又一种实现方式,若上述会话认证/授权请求消息不包括MAC4,则当认证成功时,可在会话认证/授权回复消息中携带指示信息,该指示信息用于指示认证成功,当SMF接收到会话认证/授权回复消息,根据其中的指示信息确定认证成功。As another implementation manner, if the session authentication/authorization request message does not include the MAC4, when the authentication succeeds, the session authentication/authorization reply message may carry the indication information, where the indication information is used to indicate that the authentication succeeds, when the SMF receives Go to the session authentication/authorization reply message and determine the authentication success according to the indication information.
上述会话认证/授权请求消息、会话认证/授权回复消息,分别为图2所示的实施例中的认证请求消息、认证响应消息的一个具体示例。The session authentication/authorization request message and the session authentication/authorization reply message are respectively a specific example of the authentication request message and the authentication response message in the embodiment shown in FIG. 2 .
需要说明的是,上述步骤8a-步骤8c为可选步骤。当不执行步骤8a-步骤8c时,则SMF默认对该远端设备4认证成功。It should be noted that the above steps 8a to 8c are optional steps. When step 8a to step 8c are not performed, the SMF authenticates the remote device 4 by default.
步骤9a,SMF向PCF发送会话管理策略请求消息,相应地,PCF接收来自SMF的会话管理策略请求消息。In step 9a, the SMF sends a session management policy request message to the PCF, and accordingly, the PCF receives the session management policy request message from the SMF.
该会话管理策略请求消息中包括MAC4。MAC4 is included in the session management policy request message.
步骤9b,PCF向SMF发送会话管理策略回复消息,相应地,SMF接收来自PCF的会话管理策略回复消息。In step 9b, the PCF sends a session management policy reply message to the SMF, and accordingly, the SMF receives the session management policy reply message from the PCF.
作为一种实现方式,PCF可以根据该MAC4生成新的策略,并携带于会话管理策略回复消息中发送给SMF。As an implementation manner, the PCF may generate a new policy according to the MAC4 and carry it in the session management policy reply message and send it to the SMF.
该步骤9b为可选步骤。This step 9b is an optional step.
步骤10a,SMF记录该MAC地址与会话的标识对应关系。In step 10a, the SMF records the correspondence between the MAC address and the identity of the session.
具体地,SMF记录会话的标识对应的下行隧道的标识(即下行隧道标识1)与MAC地址(即MAC4)的对应关系。SMF还向UPF发送会话修改请求消息,相应地,UPF接收来自SMF的会话修改请求消息。Specifically, the SMF records the correspondence between the identifier of the downlink tunnel (ie, the downlink tunnel identifier 1) and the MAC address (ie, MAC4) corresponding to the identifier of the session. The SMF also sends a session modification request message to the UPF, and accordingly, the UPF receives the session modification request message from the SMF.
该会话修改请求消息包括转发规则,该转发规则为MAC4与下行隧道标识1的对应关系。The session modification request message includes a forwarding rule, where the forwarding rule is a correspondence between the MAC4 and the downlink tunnel identifier 1.
即,SMF根据会话ID1,确定该会话ID1对应的下行隧道标识1,然后生成MAC4与下行隧道标识1的对应关系,并携带于会话修改请求消息中发送至UPF。That is, the SMF determines the downlink tunnel identifier 1 corresponding to the session ID1 according to the session ID1, and then generates the correspondence between the MAC4 and the downlink tunnel identifier 1, and carries it in the session modification request message and sends it to the UPF.
作为一种实现方式,若认证失败,则SMF向UPF发送失败指示,UPF根据失败指示将该MAC4加入黑名单。后续,UPF接收到MAC4的数据包时,则直接丢弃数据包。As an implementation manner, if the authentication fails, the SMF sends a failure indication to the UPF, and the UPF adds the MAC4 to the blacklist according to the failure indication. Subsequently, when the UPF receives the data packet of the MAC4, it directly discards the data packet.
步骤10b,UPF向SMF发送会话修改回复消息,相应地,SMF接收来自UPF的会话修改回复消息。In step 10b, the UPF sends a session modification reply message to the SMF, and accordingly, the SMF receives the session modification reply message from the UPF.
该步骤10b为可选步骤。This step 10b is an optional step.
步骤10c,SMF向终端发送指示消息,相应地,终端接收来自SMF的指示消息。In step 10c, the SMF sends an indication message to the terminal, and accordingly, the terminal receives the indication message from the SMF.
该指示消息用于指示会话修改成功。The indication message is used to indicate that the session modification is successful.
可选地,该指示消息中包括MAC4。Optionally, the indication message includes MAC4.
作为一种实现方式,若执行上述步骤6a,则该步骤10c的指示消息在具体实现中可以是会话修改回复消息。As an implementation manner, if the foregoing step 6a is performed, the indication message of the step 10c may be a session modification reply message in a specific implementation.
步骤10d,终端记录远端设备4的信息。In step 10d, the terminal records the information of the remote device 4.
终端记录的远端设备4的信息,例如包括MAC4,远端设备4的标识等。The information of the remote device 4 recorded by the terminal includes, for example, MAC4, the identifier of the remote device 4, and the like.
通过上述步骤5-步骤10d,实现了对远端设备4的动态接入。Through the above steps 5 - 10d, dynamic access to the remote device 4 is achieved.
下面介绍上下行数据包的正常处理流程。The following describes the normal processing flow of uplink and downlink data packets.
在上行方向,包括以下步骤11-步骤12。In the upstream direction, the following steps 11 - 12 are included.
步骤11,远端设备4通过终端,向UPF发送上行数据包。Step 11: The remote device 4 sends an uplink data packet to the UPF through the terminal.
该上行数据包中包括MAC4。The uplink packet includes MAC4.
步骤12,UPF接收到上行数据包后,检测源MAC地址是否已授权。Step 12: After receiving the uplink data packet, the UPF detects whether the source MAC address is authorized.
该源MAC地址即为上行数据包中的远端设备4的MAC地址,也即MAC4。The source MAC address is the MAC address of the remote device 4 in the uplink data packet, that is, MAC4.
UPF通过判断是否记录了该源MAC地址,来确定该源MAC地址是否已授权。若记录了,则确定已授权,若未记录,则确定未授权。The UPF determines whether the source MAC address is authorized by determining whether the source MAC address is recorded. If it is logged, it is determined to be authorized, and if it is not recorded, it is determined to be unauthorized.
其中,若确定未授权,则将该上行数据包丢弃。若确定已授权,则将该上行数据包发送至数据网络(data network,DN)。Wherein, if it is determined that the authorization is not authorized, the uplink data packet is discarded. If it is determined that it is authorized, the uplink data packet is sent to a data network (DN).
由于前述步骤已经将远端设备4接入到终端,因此UPF确定该MAC4已授权,因此会将上行数据包发送至DN。Since the foregoing step has already connected the remote device 4 to the terminal, the UPF determines that the MAC4 is authorized, and therefore sends the upstream packet to the DN.
在下行方向,包括以下步骤13-步骤15。In the downstream direction, the following steps 13 - 15 are included.
步骤13,DN向UPF发送下行数据包。In step 13, the DN sends a downlink data packet to the UPF.
该下行数据包中包括目的MAC地址,例如该目的MAC地址为远端设备4的MAC地址,即MAC4。The downlink data packet includes a destination MAC address, for example, the destination MAC address is the MAC address of the remote device 4, that is, MAC4.
步骤14,UPF接收到下行数据包后,检测目的MAC地址是否已授权。Step 14: After receiving the downlink data packet, the UPF detects whether the destination MAC address is authorized.
UPF检测目的MAC地址是否已授权的方法,与UPF检测源MAC地址是否已授权方法相同,可参考前述描述。The method for detecting whether the destination MAC address is authorized by the UPF is the same as the method for determining whether the source MAC address is authorized by the UPF.
步骤15,若UPF确定目的MAC地址已授权,则将下行数据包通过下行隧道发送至相应的远端设备。Step 15: If the UPF determines that the destination MAC address is authorized, the downlink data packet is sent to the corresponding remote device through the downlink tunnel.
以上,给出了一种接入新的远端设备的方法,可实现将将新的远端设备动态地接入到终端,因而比较灵活。In the above, a method for accessing a new remote device is provided, which can realize that a new remote device will be dynamically accessed to the terminal, and thus is more flexible.
上述主要从各个网元之间交互的角度对本申请提供的方案进行了介绍。可以理解的是,上述实现各网元为了实现上述功能,其包含了执行各个功能相应的硬件结构和/或软件模块。本领域技术人员应该很容易意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,本发明能够以硬件或硬件和计算机软件的结合形式来实现。某个功能究竟以硬件还是计算机软件驱动硬件的方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。The foregoing provides a description of the solution provided by the present application from the perspective of interaction between the various network elements. It can be understood that, in order to implement the above functions, each of the foregoing network elements includes a hardware structure and/or a software module corresponding to each function. Those skilled in the art will readily appreciate that the present invention can be implemented in a combination of hardware or hardware and computer software in combination with the elements and algorithm steps of the various examples described in the embodiments disclosed herein. Whether a function is implemented in hardware or computer software to drive hardware depends on the specific application and design constraints of the solution. A person skilled in the art can use different methods for implementing the described functions for each particular application, but such implementation should not be considered to be beyond the scope of the present invention.
基于相同的发明构思,如图4所示,为本申请提供的一种装置示意图,该装置可以是用户面网元、会话管理网元或芯片,可执行上述任一实施例的方法。Based on the same inventive concept, as shown in FIG. 4, a schematic diagram of a device provided by the present application, which may be a user plane network element, a session management network element or a chip, may perform the method of any of the foregoing embodiments.
该装置400包括至少一个处理器401,通信线路402,存储器403以及至少一个通信接口404。The apparatus 400 includes at least one processor 401, a communication line 402, a memory 403, and at least one communication interface 404.
处理器401可以是一个通用中央处理器(central processing unit,CPU),微处理器,特定应用集成电路(application specific integrated circuit,ASIC),或一个或多个用于控制本申请方案程序执行的集成电路。The processor 401 can be a general central processing unit (CPU), a microprocessor, an application specific integrated circuit (ASIC), or one or more integrated systems for controlling the execution of the program of the present application. Circuit.
通信线路402可包括一通路,在上述组件之间传送信息。Communication line 402 can include a path for communicating information between the components described above.
通信接口404,使用任何收发器一类的装置,用于与其他设备或通信网络通信,如以太网,无线接入网(radio access network,RAN),无线局域网(wireless local area networks,WLAN)等。 Communication interface 404, using any type of transceiver, for communicating with other devices or communication networks, such as Ethernet, radio access network (RAN), wireless local area networks (WLAN), etc. .
存储器403可以是只读存储器(read-only memory,ROM)或可存储静态信息和指令的其他类型的静态存储设备,随机存取存储器(random access memory,RAM)或者可存储信息和指令的其他类型的动态存储设备,也可以是电可擦可编程只读存储器(electrically er服务器able programmable read-only memory,EEPROM)、只读光盘(compact disc read-only memory,CD-ROM)或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。存储器可以是独立存在,通过通信线路402与处理器相连接。存储器也可以和处理器集成在一起。The memory 403 may be a read-only memory (ROM) or other type of static storage device that can store static information and instructions, a random access memory (RAM) or other type that can store information and instructions. The dynamic storage device may also be an electrically EEPROM programmable programmable read-only memory (EEPROM), a compact disc read-only memory (CD-ROM) or other optical disk storage. Optical disc storage (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or capable of carrying or storing desired program code in the form of instructions or data structures and capable of Any other medium accessed by a computer, but is not limited thereto. The memory may be stand-alone and connected to the processor via communication line 402. The memory can also be integrated with the processor.
其中,存储器403用于存储执行本申请方案的计算机执行指令,并由处理器401来控制执行。处理器401用于执行存储器403中存储的计算机执行指令,从而实现本申请下述实施例提供的组播报文的发送方法。The memory 403 is used to store computer execution instructions for executing the solution of the present application, and is controlled by the processor 401 for execution. The processor 401 is configured to execute a computer-executed instruction stored in the memory 403, so as to implement a method for transmitting a multicast message provided by the following embodiments of the present application.
可选的,本申请实施例中的计算机执行指令也可以称之为应用程序代码,本申请实施例对此不作具体限定。Optionally, the computer-executed instructions in the embodiment of the present application may also be referred to as an application code, which is not specifically limited in this embodiment of the present application.
在具体实现中,作为一种实施例,处理器401可以包括一个或多个CPU,例如图4中的CPU0和CPU1。In a specific implementation, as an embodiment, the processor 401 may include one or more CPUs, such as CPU0 and CPU1 in FIG.
在具体实现中,作为一种实施例,装置400可以包括多个处理器,例如图4中的处理器401和处理器408。这些处理器中的每一个可以是一个单核(single-CPU)处理器,也可以是一个多核(multi-CPU)处理器。这里的处理器可以指一个或多个设备、电路、和/或用于处理数据(例如计算机程序指令)的处理核。In a particular implementation, as an embodiment, apparatus 400 can include multiple processors, such as processor 401 and processor 408 in FIG. Each of these processors can be a single-CPU processor or a multi-core processor. A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data, such as computer program instructions.
当图4所示的装置为芯片时,例如可以是用户面网元的芯片,或会话管理网元的芯片,则该芯片包括处理器401(还可以包括处理器408)、通信线路402、存储器403和通信接口404。具体地,通信接口404可以是输入接口、管脚或电路等。存储器403可以是寄存器、缓存等。处理器401和处理器408可以是一个通用的CPU,微处理器,ASIC,或一个或多个用于控制上述任一实施例的远端设备的动态接入方法的程序执行的集成电路。When the device shown in FIG. 4 is a chip, for example, a chip of a user plane network element or a chip of a session management network element, the chip includes a processor 401 (which may further include a processor 408), a communication line 402, and a memory. 403 and communication interface 404. In particular, communication interface 404 can be an input interface, a pin or a circuit, or the like. Memory 403 can be a register, a cache, or the like. Processor 401 and processor 408 may be a general purpose CPU, microprocessor, ASIC, or one or more integrated circuits for controlling the execution of the dynamic access method of the remote device of any of the above embodiments.
本申请可以根据上述方法示例对装置进行功能模块的划分,例如,可以对应各个功能划分各个功能模块,也可以将两个或两个以上的功能集成在一个处理模块中。上述集 成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。需要说明的是,本申请中对模块的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。比如,在采用对应各个功能划分各个功能模块的情况下,图5示出了一种装置示意图,该装置500可以是上述实施例中所涉及的会话管理网元,或者为会话管理网元中的芯片,该装置500包括接收单元501、发送单元502和处理单元503。The present application may divide a functional module into a device according to the above method example. For example, each functional module may be divided according to each function, or two or more functions may be integrated into one processing module. The above integrated modules can be implemented in the form of hardware or in the form of software functional modules. It should be noted that the division of modules in the present application is schematic, and is only a logical function division, and may be further divided in actual implementation. For example, in the case of dividing each functional module by using corresponding functions, FIG. 5 shows a schematic diagram of a device, which may be the session management network element involved in the foregoing embodiment, or in the session management network element. Chip, the device 500 includes a receiving unit 501, a transmitting unit 502, and a processing unit 503.
在第一种实现方式中:In the first implementation:
所述接收单元501,用于接收来自终端的会话修改请求消息,所述会话修改请求消息包括所述终端的会话的标识和远端设备的媒体接入控制MAC地址;或者,所述接收单元501,用于接收来自用户面网元的通知消息,所述通知消息包括所述终端的会话的标识和远端设备的MAC地址,所述通知消息用于通知修改会话;The receiving unit 501 is configured to receive a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or, the receiving unit 501 And receiving a notification message from the user plane network element, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
所述处理单元503,用于根据所述MAC地址和所述会话的标识生成转发规则;The processing unit 503 is configured to generate a forwarding rule according to the MAC address and the identifier of the session;
所述发送单元502,用于将所述转发规则发送给所述用户面网元。The sending unit 502 is configured to send the forwarding rule to the user plane network element.
作为一种可能的实现方式,所述处理单元503,具体用于:根据所述会话的标识对应的下行隧道的标识和所述MAC地址,生成所述转发规则,所述转发规则为所述MAC地址与所述下行隧道的标识的对应关系。As a possible implementation, the processing unit 503 is specifically configured to: generate the forwarding rule according to the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session, where the forwarding rule is the MAC Correspondence between the address and the identifier of the downlink tunnel.
作为一种可能的实现方式,所述处理单元503,还用于记录所述会话的标识对应的下行隧道的标识与所述MAC地址的对应关系。As a possible implementation, the processing unit 503 is further configured to record a correspondence between the identifier of the downlink tunnel corresponding to the identifier of the session and the MAC address.
作为一种可能的实现方式,所述发送单元502,还用于将所述MAC地址发送至策略控制网元。As a possible implementation manner, the sending unit 502 is further configured to send the MAC address to a policy control network element.
作为一种可能的实现方式,所述发送单元502,还用于向认证服务器发送认证请求消息,所述认证请求消息用于请求对所述远端设备进行认证;所述接收单元501,还用于接收来自所述认证服务器的认证响应消息,所述认证响应消息用于指示认证成功。As a possible implementation, the sending unit 502 is further configured to send an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device, and the receiving unit 501 is further used. Receiving an authentication response message from the authentication server, the authentication response message is used to indicate that the authentication is successful.
作为一种可能的实现方式,所述认证请求消息包括所述MAC地址,所述MAC地址用于对所述远端设备进行认证;或者,若所述会话修改请求消息包括所述远端设备的标识或所述通知消息包括所述远端设备的标识,则所述认证请求消息包括所述MAC地址和所述远端设备的标识,所述远端设备的标识用于对所述远端设备进行认证。As a possible implementation manner, the authentication request message includes the MAC address, where the MAC address is used to authenticate the remote device, or if the session modification request message includes the remote device The identifier or the notification message includes an identifier of the remote device, where the authentication request message includes the MAC address and an identifier of the remote device, and the identifier of the remote device is used for the remote device Certify.
在第二种实现方式中:In the second implementation:
所述接收单元501,用于接收来自终端的会话修改请求消息,所述会话修改请求消息包括所述终端的会话的标识和远端设备的媒体接入控制MAC地址;或者,所述接收单元501,用于接收来自用户面网元的通知消息,所述通知消息包括所述终端的会话的标识和远端设备的MAC地址,所述通知消息用于通知修改会话;The receiving unit 501 is configured to receive a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or, the receiving unit 501 And receiving a notification message from the user plane network element, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
所述发送单元502,用于向所述终端发送指示消息,所述指示消息用于指示会话修改成功。The sending unit 502 is configured to send an indication message to the terminal, where the indication message is used to indicate that the session modification is successful.
应理解,该装置可以用于实现本申请实施例的方法中由会话管理网元执行的步骤,相关特征可以参照上文,此处不再赘述。It should be understood that the device may be used to implement the steps performed by the session management network element in the method of the embodiment of the present application. For related features, reference may be made to the above, and details are not described herein again.
具体的,图5中的接收单元501、处理单元503、以及发送单元502的功能/实现过程可以通过图5中的处理器501调用存储器503中存储的计算机执行指令来实现。或者,图5中的处理单元503的功能/实现过程可以通过图5中的处理器501调用存储器503中 存储的计算机执行指令来实现,图5中的接收单元501和发送单元502的功能/实现过程可以通过图5中的通信接口504来实现。Specifically, the function/implementation process of the receiving unit 501, the processing unit 503, and the transmitting unit 502 in FIG. 5 can be implemented by the processor 501 in FIG. 5 calling a computer executing instruction stored in the memory 503. Alternatively, the function/implementation process of the processing unit 503 in FIG. 5 can be implemented by the processor 501 in FIG. 5 calling the computer execution instruction stored in the memory 503, and the function/implementation of the receiving unit 501 and the transmitting unit 502 in FIG. The process can be implemented by communication interface 504 in FIG.
可选的,当该装置500是芯片或电路时,则接收单元501和发送单元502的功能/实现过程还可以通过管脚或电路等来实现。可选地,当该装置500是芯片时,存储器503可以为芯片内的存储单元,如寄存器、缓存等。当然,当该装置500是会话管理网元时,存储器503可以是会话管理网元内的位于芯片外部的存储单元,本申请实施例对此不作具体限定。Alternatively, when the device 500 is a chip or a circuit, the function/implementation process of the receiving unit 501 and the transmitting unit 502 can also be implemented by a pin or a circuit or the like. Alternatively, when the device 500 is a chip, the memory 503 may be a memory unit within the chip, such as a register, a cache, or the like. Of course, when the device 500 is a session management network element, the memory 503 may be a storage unit located outside the chip in the session management network element, which is not specifically limited in this embodiment of the present application.
本申请可以根据上述方法示例对装置进行功能模块的划分,例如,可以对应各个功能划分各个功能模块,也可以将两个或两个以上的功能集成在一个处理模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。需要说明的是,本申请中对模块的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。比如,在采用对应各个功能划分各个功能模块的情况下,图6示出了一种装置示意图,该装置600可以是上述实施例中所涉及的用户面网元,或者为用户面网元中的芯片,该装置600包括接收单元601、发送单元602和处理单元603。The present application may divide a functional module into a device according to the above method example. For example, each functional module may be divided according to each function, or two or more functions may be integrated into one processing module. The above integrated modules can be implemented in the form of hardware or in the form of software functional modules. It should be noted that the division of modules in the present application is schematic, and is only a logical function division, and may be further divided in actual implementation. For example, in the case of dividing each functional module by using corresponding functions, FIG. 6 shows a schematic diagram of a device, which may be the user plane network element involved in the foregoing embodiment, or in the user plane network element. The device 600 includes a receiving unit 601, a transmitting unit 602, and a processing unit 603.
所述接收单元601,用于通过上行隧道接收来自终端的数据包,所述数据包中包括远端设备的媒体接入控制MAC地址;The receiving unit 601 is configured to receive, by using an uplink tunnel, a data packet from a terminal, where the data packet includes a media access control MAC address of the remote device;
所述处理单元603,用于根据所述上行隧道的标识,及所述上行隧道的标识与所述终端的会话的标识对应关系,确定所述终端的会话的标识;The processing unit 603 is configured to determine an identifier of the session of the terminal according to the identifier of the uplink tunnel and the identifier of the uplink tunnel and the identifier of the session of the terminal;
所述发送单元602,用于若未记录所述MAC地址,则向会话管理网元发送通知消息,所述通知消息包括所述MAC地址和所述会话的标识,所述通知消息用于通知修改会话;The sending unit 602 is configured to: if the MAC address is not recorded, send a notification message to the session management network element, where the notification message includes the MAC address and an identifier of the session, where the notification message is used to notify the modification. Conversation
所述接收单元601,还用于接收到来自所述会话管理网元的转发规则,所述转发规则为所述会话的标识对应的下行隧道的标识与所述MAC地址的对应关系。The receiving unit 601 is further configured to receive a forwarding rule from the session management network element, where the forwarding rule is a correspondence between an identifier of a downlink tunnel corresponding to the identifier of the session and the MAC address.
作为一种可能的实现方式,所述处理单元602,还用于确定所述会话的标识对应的下行隧道的标识关联的MAC地址中未记录所述MAC地址。As a possible implementation, the processing unit 602 is further configured to determine that the MAC address is not recorded in the MAC address associated with the identifier of the downlink tunnel corresponding to the identifier of the session.
应理解,该装置可以用于实现本申请实施例的方法中由用户面网元执行的步骤,相关特征可以参照上文,此处不再赘述。It should be understood that the device may be used to implement the steps performed by the user plane network element in the method of the embodiment of the present application. For related features, reference may be made to the above, and details are not described herein again.
具体的,图6中的接收单元601、处理单元603、以及发送单元602的功能/实现过程可以通过图6中的处理器601调用存储器603中存储的计算机执行指令来实现。或者,图6中的处理单元603的功能/实现过程可以通过图6中的处理器601调用存储器603中存储的计算机执行指令来实现,图6中的接收单元601和发送单元602的功能/实现过程可以通过图6中的通信接口604来实现。Specifically, the function/implementation process of the receiving unit 601, the processing unit 603, and the transmitting unit 602 in FIG. 6 can be implemented by the processor 601 in FIG. 6 calling a computer executing instruction stored in the memory 603. Alternatively, the function/implementation process of the processing unit 603 in FIG. 6 can be implemented by the processor 601 in FIG. 6 calling the computer execution instruction stored in the memory 603, and the function/implementation of the receiving unit 601 and the transmitting unit 602 in FIG. The process can be implemented by the communication interface 604 of FIG.
可选的,当该装置600是芯片或电路时,则接收单元601和发送单元602的功能/实现过程还可以通过管脚或电路等来实现。可选地,当该装置600是芯片时,存储器603可以为芯片内的存储单元,如寄存器、缓存等。当然,当该装置600是用户面网元时,存储器603可以是用户面网元内的位于芯片外部的存储单元,本申请实施例对此不作具体限定。Alternatively, when the device 600 is a chip or a circuit, the function/implementation process of the receiving unit 601 and the transmitting unit 602 may also be implemented by a pin or a circuit or the like. Alternatively, when the device 600 is a chip, the memory 603 may be a memory unit within the chip, such as a register, a cache, or the like. Of course, when the device 600 is a user plane network element, the memory 603 may be a storage unit located outside the chip in the user plane network element, which is not specifically limited in this embodiment of the present application.
图7示出了本发明实施例中所涉及的终端的一种可能的设计结构的简化示意图。所述终端700包括发送器701,接收器702和处理器703。其中,处理器703也可以为控制器,图7中表示为“控制器/处理器703”。可选的,所述终端700还可以包括调制解调处理器705,其中,调制解调处理器705可以包括编码器706、调制器707、解码器708和解调器709。FIG. 7 shows a simplified schematic diagram of one possible design structure of a terminal involved in an embodiment of the present invention. The terminal 700 includes a transmitter 701, a receiver 702, and a processor 703. The processor 703 may also be a controller, and is represented as "controller/processor 703" in FIG. Optionally, the terminal 700 may further include a modem processor 705, where the modem processor 705 may include an encoder 706, a modulator 707, a decoder 708, and a demodulator 709.
在一个示例中,发送器701调节(例如,模拟转换、滤波、放大和上变频等)输出采样并生成上行链路信号,该上行链路信号经由天线发射给上述实施例中所述的RAN设备。在下行链路上,天线接收上述实施例中RAN设备发射的下行链路信号。接收器702调节(例如,滤波、放大、下变频以及数字化等)从天线接收的信号并提供输入采样。在调制解调处理器705中,编码器706接收要在上行链路上发送的业务数据和信令消息,并对业务数据和信令消息进行处理(例如,格式化、编码和交织)。调制器707进一步处理(例如,符号映射和调制)编码后的业务数据和信令消息并提供输出采样。解调器709处理(例如,解调)该输入采样并提供符号估计。解码器708处理(例如,解交织和解码)该符号估计并提供发送给终端700的已解码的数据和信令消息。编码器706、调制器707、解调器709和解码器708可以由合成的调制解调处理器705来实现。这些单元根据无线接入网采用的无线接入技术来进行处理。需要说明的是,当终端700不包括调制解调处理器705时,调制解调处理器705的上述功能也可以由处理器703完成。In one example, the transmitter 701 conditions (eg, analog conversion, filtering, amplifying, upconverting, etc.) output samples and generates an uplink signal that is transmitted via an antenna to the RAN device described in the above embodiments. . On the downlink, the antenna receives the downlink signal transmitted by the RAN device in the above embodiment. Receiver 702 conditions (eg, filters, amplifies, downconverts, digitizes, etc.) the signals received from the antenna and provides input samples. In modem processor 705, encoder 706 receives the traffic data and signaling messages to be transmitted on the uplink and processes (e.g., formats, codes, and interleaves) the traffic data and signaling messages. Modulator 707 further processes (e.g., symbol maps and modulates) the encoded traffic data and signaling messages and provides output samples. Demodulator 709 processes (e.g., demodulates) the input samples and provides symbol estimates. The decoder 708 processes (e.g., deinterleaves and decodes) the symbol estimates and provides decoded data and signaling messages that are sent to the terminal 700. Encoder 706, modulator 707, demodulator 709, and decoder 708 may be implemented by a composite modem processor 705. These units are processed according to the radio access technology employed by the radio access network. It should be noted that when the terminal 700 does not include the modem processor 705, the above functions of the modem processor 705 can also be completed by the processor 703.
处理器703对终端700的动作进行控制管理,用于执行上述本发明实施例中由终端700进行的处理过程。例如,处理器703还用于执行图2-图3所示方法中涉及终端的处理过程和/或本申请所描述的技术方案的其他过程。The processor 703 controls and manages the actions of the terminal 700 for performing the processing performed by the terminal 700 in the embodiment of the present invention. For example, the processor 703 is further configured to perform the processes related to the terminal in the method shown in FIG. 2 to FIG. 3 and/or other processes of the technical solutions described in the present application.
进一步的,终端700还可以包括存储器704,存储器704用于存储用于终端700的程序代码和数据。Further, the terminal 700 may further include a memory 704 for storing program codes and data for the terminal 700.
本申请可以根据上述方法示例对装置进行功能模块的划分,例如,可以对应各个功能划分各个功能模块,也可以将两个或两个以上的功能集成在一个处理模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。需要说明的是,本申请中对模块的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。比如,在采用对应各个功能划分各个功能模块的情况下,图8示出了一种装置示意图,该装置800可以是上述实施例中所涉及的终端,或者为终端中的芯片,该装置800包括接收单元801、发送单元802和处理单元803。The present application may divide a functional module into a device according to the above method example. For example, each functional module may be divided according to each function, or two or more functions may be integrated into one processing module. The above integrated modules can be implemented in the form of hardware or in the form of software functional modules. It should be noted that the division of modules in the present application is schematic, and is only a logical function division, and may be further divided in actual implementation. For example, in the case of dividing each functional module by using corresponding functions, FIG. 8 shows a schematic diagram of a device, which may be the terminal involved in the above embodiment, or a chip in the terminal, and the device 800 includes The receiving unit 801, the transmitting unit 802, and the processing unit 803.
在第一种实现方式中:In the first implementation:
所述接收单元801,用于接收来自远端设备的数据包,所述数据包中包括所述远端设备的媒体接入控制MAC地址;The receiving unit 801 is configured to receive a data packet from a remote device, where the data packet includes a media access control MAC address of the remote device;
所述发送单元802,用于若所述装置未记录所述MAC地址,则向会话管理网元发送会话修改请求消息,所述会话修改请求消息包括所述MAC地址;The sending unit 802 is configured to: if the device does not record the MAC address, send a session modification request message to the session management network element, where the session modification request message includes the MAC address;
所述接收单元801,还用于接收来自所述会话管理网元的指示消息,所述指示消息用于指示会话修改成功;The receiving unit 801 is further configured to receive an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful;
所述处理单元803,用于记录所述MAC地址。The processing unit 803 is configured to record the MAC address.
作为一种可能的实现方式,所述处理单元803,具体用于:将所述MAC地址加入MAC地址列表,所述MAC地址列表包括至少一个MAC地址,一个MAC地址对应一个远端设备,一个远端设备对应至少一个MAC地址。As a possible implementation, the processing unit 803 is specifically configured to: add the MAC address to a MAC address list, where the MAC address list includes at least one MAC address, and one MAC address corresponds to one remote device, one far The end device corresponds to at least one MAC address.
作为一种可能的实现方式,所述处理单元803,具体用于:记录所述终端的标识与所述MAC地址的对应关系。As a possible implementation manner, the processing unit 803 is specifically configured to: record a correspondence between an identifier of the terminal and the MAC address.
在第二种实现方式中:In the second implementation:
所述接收单元801,用于接收来自远端设备的数据包,所述数据包中包括所述远端设备的媒体接入控制MAC地址;The receiving unit 801 is configured to receive a data packet from a remote device, where the data packet includes a media access control MAC address of the remote device;
所述发送单元802,用于向用户面网元发送所述数据包;The sending unit 802 is configured to send the data packet to a user plane network element;
所述接收单元801,还用于接收来自会话管理网元的指示消息,所述指示消息用于指示会话修改成功;The receiving unit 801 is further configured to receive an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful.
所述处理单元803,用于记录所述MAC地址。The processing unit 803 is configured to record the MAC address.
作为一种可能的实现方式,所述处理单元803,具体用于:将所述MAC地址加入MAC地址列表,所述MAC地址列表包括至少一个MAC地址,一个MAC地址对应一个远端设备,一个远端设备对应至少一个MAC地址。As a possible implementation, the processing unit 803 is specifically configured to: add the MAC address to a MAC address list, where the MAC address list includes at least one MAC address, and one MAC address corresponds to one remote device, one far The end device corresponds to at least one MAC address.
作为一种可能的实现方式,所述处理单元803,具体用于:记录所述终端的标识与所述MAC地址的对应关系。As a possible implementation manner, the processing unit 803 is specifically configured to: record a correspondence between an identifier of the terminal and the MAC address.
应理解,该装置可以用于实现本发明实施例的方法中由终端执行的步骤,相关特征可以参照上文,此处不再赘述。It should be understood that the device may be used to implement the steps performed by the terminal in the method of the embodiment of the present invention. For related features, reference may be made to the above, and details are not described herein again.
具体的,图8中的接收单元801、处理单元803、以及发送单元802的功能/实现过程可以通过图8中的处理器801调用存储器803中存储的计算机执行指令来实现。或者,图8中的处理单元803的功能/实现过程可以通过图8中的处理器801调用存储器803中存储的计算机执行指令来实现,图8中的接收单元801和发送单元802的功能/实现过程可以通过图8中的通信接口804来实现。Specifically, the function/implementation process of the receiving unit 801, the processing unit 803, and the transmitting unit 802 in FIG. 8 can be implemented by the processor 801 in FIG. 8 calling a computer execution instruction stored in the memory 803. Alternatively, the function/implementation process of the processing unit 803 in FIG. 8 can be implemented by the processor 801 in FIG. 8 calling the computer execution instruction stored in the memory 803, and the function/implementation of the receiving unit 801 and the transmitting unit 802 in FIG. The process can be implemented by the communication interface 804 in FIG.
可选的,当该装置800是芯片或电路时,则接收单元801和发送单元802的功能/实现过程还可以通过管脚或电路等来实现。可选地,当该装置800是芯片时,存储器803可以为芯片内的存储单元,如寄存器、缓存等。当然,当该装置800是终端时,存储器803可以是终端内的位于芯片外部的存储单元,本申请实施例对此不作具体限定。Alternatively, when the device 800 is a chip or a circuit, the function/implementation process of the receiving unit 801 and the transmitting unit 802 may also be implemented by a pin or a circuit or the like. Alternatively, when the device 800 is a chip, the memory 803 may be a memory unit within the chip, such as a register, a cache, or the like. Of course, when the device 800 is a terminal, the memory 803 may be a storage unit located outside the chip in the terminal, which is not specifically limited in this embodiment of the present application.
在上述实施例中,可以全部或部分地通过软件、硬件、固件或者其任意组合来实现。当使用软件实现时,可以全部或部分地以计算机程序产品的形式实现。所述计算机程序产品包括一个或多个计算机指令。在计算机上加载和执行所述计算机程序指令时,全部或部分地产生按照本发明实施例所述的流程或功能。所述计算机可以是通用计算机、专用计算机、计算机网络、或者其他可编程装置。所述计算机指令可以存储在计算机可读存储介质中,或者从一个计算机可读存储介质向另一个计算机可读存储介质传输,例如,所述计算机指令可以从一个网站站点、计算机、服务器或数据中心通过有线(例如同轴电缆、光纤、数字用户线(DSL))或无线(例如红外、无线、微波等)方式向另一个网站站点、计算机、服务器或数据中心进行传输。所述计算机可读存储介质可以是计算机 能够存取的任何可用介质或者是包含一个或多个可用介质集成的服务器、数据中心等数据存储设备。所述可用介质可以是磁性介质,(例如,软盘、硬盘、磁带)、光介质(例如,DVD)、或者半导体介质(例如固态硬盘(Solid State Disk,SSD))等。In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, it may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, the processes or functions described in accordance with embodiments of the present invention are generated in whole or in part. The computer can be a general purpose computer, a special purpose computer, a computer network, or other programmable device. The computer instructions can be stored in a computer readable storage medium or transferred from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions can be from a website site, computer, server or data center Transfer to another website site, computer, server, or data center by wire (eg, coaxial cable, fiber optic, digital subscriber line (DSL), or wireless (eg, infrared, wireless, microwave, etc.). The computer readable storage medium can be any available media that can be accessed by a computer or a data storage device such as a server, data center, or the like that includes one or more available media. The usable medium may be a magnetic medium (eg, a floppy disk, a hard disk, a magnetic tape), an optical medium (eg, a DVD), or a semiconductor medium (such as a Solid State Disk (SSD)) or the like.
本申请实施例中所描述的各种说明性的逻辑单元和电路可以通过通用处理器,数字信号处理器,专用集成电路(ASIC),现场可编程门阵列(FPGA)或其它可编程逻辑装置,离散门或晶体管逻辑,离散硬件部件,或上述任何组合的设计来实现或操作所描述的功能。通用处理器可以为微处理器,可选地,该通用处理器也可以为任何传统的处理器、控制器、微控制器或状态机。处理器也可以通过计算装置的组合来实现,例如数字信号处理器和微处理器,多个微处理器,一个或多个微处理器联合一个数字信号处理器核,或任何其它类似的配置来实现。The various illustrative logic units and circuits described in the embodiments of the present application may be implemented by a general purpose processor, a digital signal processor, an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), or other programmable logic device. Discrete gate or transistor logic, discrete hardware components, or any combination of the above are designed to implement or operate the functions described. A general purpose processor may be a microprocessor. Alternatively, the general purpose processor may be any conventional processor, controller, microcontroller, or state machine. The processor may also be implemented by a combination of computing devices, such as a digital signal processor and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a digital signal processor core, or any other similar configuration. achieve.
本申请实施例中所描述的方法或算法的步骤可以直接嵌入硬件、处理器执行的软件单元、或者这两者的结合。软件单元可以存储于RAM存储器、闪存、ROM存储器、EPROM存储器、EEPROM存储器、寄存器、硬盘、可移动磁盘、CD-ROM或本领域中其它任意形式的存储媒介中。示例性地,存储媒介可以与处理器连接,以使得处理器可以从存储媒介中读取信息,并可以向存储媒介存写信息。可选地,存储媒介还可以集成到处理器中。处理器和存储媒介可以设置于ASIC中,ASIC可以设置于终端设备中。可选地,处理器和存储媒介也可以设置于终端设备中的不同的部件中。The steps of the method or algorithm described in the embodiments of the present application may be directly embedded in hardware, a software unit executed by a processor, or a combination of the two. The software unit can be stored in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, removable disk, CD-ROM, or any other form of storage medium in the art. Illustratively, the storage medium can be coupled to the processor such that the processor can read information from the storage medium and can write information to the storage medium. Alternatively, the storage medium can also be integrated into the processor. The processor and the storage medium may be disposed in the ASIC, and the ASIC may be disposed in the terminal device. Alternatively, the processor and the storage medium may also be disposed in different components in the terminal device.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
尽管结合具体特征及其实施例对本发明进行了描述,显而易见的,在不脱离本发明的精神和范围的情况下,可对其进行各种修改和组合。相应地,本说明书和附图仅仅是所附权利要求所界定的本发明的示例性说明,且视为已覆盖本发明范围内的任意和所有修改、变化、组合或等同物。显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。While the invention has been described with respect to the specific embodiments and embodiments thereof, various modifications and combinations may be made without departing from the spirit and scope of the invention. Accordingly, the specification and drawings are to be construed as the It is apparent that those skilled in the art can make various modifications and variations to the invention without departing from the spirit and scope of the invention. Thus, it is intended that the present invention cover the modifications and modifications of the invention

Claims (37)

  1. 一种远端设备的动态接入方法,其特征在于,包括:A dynamic access method for a remote device, comprising:
    终端接收来自远端设备的数据包,所述数据包中包括所述远端设备的媒体接入控制MAC地址;Receiving, by the terminal, a data packet from the remote device, where the data packet includes a media access control MAC address of the remote device;
    所述终端若未记录所述MAC地址,则向会话管理网元发送会话修改请求消息,所述会话修改请求消息包括所述MAC地址;If the terminal does not record the MAC address, the terminal sends a session modification request message to the session management network element, where the session modification request message includes the MAC address;
    所述终端接收来自所述会话管理网元的指示消息,所述指示消息用于指示会话修改成功;Receiving, by the terminal, an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful;
    所述终端记录所述MAC地址。The terminal records the MAC address.
  2. 根据权利要求1所述的方法,其特征在于,所述终端记录所述MAC地址,包括:The method according to claim 1, wherein the terminal records the MAC address, including:
    所述终端将所述MAC地址加入MAC地址列表,所述MAC地址列表包括至少一个MAC地址,一个MAC地址对应一个远端设备,一个远端设备对应至少一个MAC地址。The terminal adds the MAC address to the MAC address list, where the MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address.
  3. 根据权利要求1所述的方法,其特征在于,所述终端记录所述MAC地址,包括:The method according to claim 1, wherein the terminal records the MAC address, including:
    所述终端记录所述终端的标识与所述MAC地址的对应关系。The terminal records a correspondence between the identifier of the terminal and the MAC address.
  4. 一种远端设备的动态接入方法,其特征在于,包括:A dynamic access method for a remote device, comprising:
    终端接收来自远端设备的数据包,并向用户面网元发送所述数据包,所述数据包中包括所述远端设备的媒体接入控制MAC地址;The terminal receives the data packet from the remote device, and sends the data packet to the user plane network element, where the data packet includes a media access control MAC address of the remote device;
    所述终端接收来自会话管理网元的指示消息,所述指示消息用于指示会话修改成功;Receiving, by the terminal, an indication message from a session management network element, where the indication message is used to indicate that the session modification is successful;
    所述终端记录所述MAC地址。The terminal records the MAC address.
  5. 根据权利要求4所述的方法,其特征在于,所述终端记录所述MAC地址,包括:The method according to claim 4, wherein the terminal records the MAC address, including:
    所述终端将所述MAC地址加入MAC地址列表,所述MAC地址列表包括至少一个MAC地址,一个MAC地址对应一个远端设备,一个远端设备对应至少一个MAC地址。The terminal adds the MAC address to the MAC address list, where the MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address.
  6. 根据权利要求4所述的方法,其特征在于,所述终端记录所述MAC地址,包括:The method according to claim 4, wherein the terminal records the MAC address, including:
    所述终端记录所述终端的标识与所述MAC地址的对应关系。The terminal records a correspondence between the identifier of the terminal and the MAC address.
  7. 一种远端设备的动态接入方法,其特征在于,包括:A dynamic access method for a remote device, comprising:
    会话管理网元接收来自终端的会话修改请求消息,所述会话修改请求消息包括所述终端的会话的标识和远端设备的媒体接入控制MAC地址;或者,会话管理网元接收来自用户面网元的通知消息,所述通知消息包括所述终端的会话的标识和远端设备的MAC地址,所述通知消息用于通知修改会话;The session management network element receives a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or the session management network element receives the user plane network. a notification message, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
    所述会话管理网元根据所述MAC地址和所述会话的标识生成转发规则,并将所述转发规则发送给所述用户面网元。The session management network element generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the user plane network element.
  8. 根据权利要求7所述的方法,其特征在于,所述会话管理网元根据所述MAC地址和所述会话的标识生成转发规则,包括:The method according to claim 7, wherein the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including:
    所述会话管理网元根据所述会话的标识对应的下行隧道的标识和所述MAC地址,生成所述转发规则,所述转发规则为所述MAC地址与所述下行隧道的标识的对应关系。The session management network element generates the forwarding rule according to the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session, where the forwarding rule is a correspondence between the MAC address and the identifier of the downlink tunnel.
  9. 根据权利要求7或8所述的方法,其特征在于,所述方法还包括:The method according to claim 7 or 8, wherein the method further comprises:
    所述会话管理网元记录所述会话的标识对应的下行隧道的标识与所述MAC地址的 对应关系。The session management network element records the correspondence between the identifier of the downlink tunnel corresponding to the identifier of the session and the MAC address.
  10. 根据权利要求7至9中任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 7 to 9, wherein the method further comprises:
    所述会话管理网元将所述MAC地址发送至策略控制网元。The session management network element sends the MAC address to a policy control network element.
  11. 根据权利要求7至10中任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 7 to 10, wherein the method further comprises:
    所述会话管理网元向认证服务器发送认证请求消息,所述认证请求消息用于请求对所述远端设备进行认证;The session management network element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device.
    所述会话管理网元接收来自所述认证服务器的认证响应消息,所述认证响应消息用于指示认证成功。The session management network element receives an authentication response message from the authentication server, where the authentication response message is used to indicate that the authentication is successful.
  12. 根据权利要求11所述的方法,其特征在于,所述认证请求消息包括所述MAC地址,所述MAC地址用于对所述远端设备进行认证;或者,The method according to claim 11, wherein the authentication request message includes the MAC address, and the MAC address is used to authenticate the remote device; or
    若所述会话修改请求消息包括所述远端设备的标识或所述通知消息包括所述远端设备的标识,则所述认证请求消息包括所述MAC地址和所述远端设备的标识,所述远端设备的标识用于对所述远端设备进行认证。If the session modification request message includes the identifier of the remote device or the notification message includes the identifier of the remote device, the authentication request message includes the MAC address and an identifier of the remote device, where The identifier of the remote device is used to authenticate the remote device.
  13. 一种远端设备的动态接入方法,其特征在于,包括:A dynamic access method for a remote device, comprising:
    会话管理网元接收来自终端的会话修改请求消息,所述会话修改请求消息包括所述终端的会话的标识和远端设备的媒体接入控制MAC地址;或者,会话管理网元接收来自用户面网元的通知消息,所述通知消息包括所述终端的会话的标识和远端设备的MAC地址,所述通知消息用于通知修改会话;The session management network element receives a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or the session management network element receives the user plane network. a notification message, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
    所述会话管理网元向所述终端发送指示消息,所述指示消息用于指示会话修改成功。The session management network element sends an indication message to the terminal, where the indication message is used to indicate that the session modification is successful.
  14. 一种远端设备的动态接入方法,其特征在于,包括:A dynamic access method for a remote device, comprising:
    用户面网元通过上行隧道接收来自终端的数据包,所述数据包中包括远端设备的媒体接入控制MAC地址;The user plane network element receives the data packet from the terminal by using an uplink tunnel, where the data packet includes a media access control MAC address of the remote device;
    所述用户面网元根据所述上行隧道的标识,及所述上行隧道的标识与所述终端的会话的标识对应关系,确定所述终端的会话的标识;Determining, by the user plane network element, an identifier of the session of the terminal according to the identifier of the uplink tunnel and the identifier of the identifier of the uplink tunnel and the session of the terminal;
    所述用户面网元若未记录所述MAC地址,则向会话管理网元发送通知消息,所述通知消息包括所述MAC地址和所述会话的标识,所述通知消息用于通知修改会话;If the user plane network element does not record the MAC address, send a notification message to the session management network element, where the notification message includes the MAC address and the identifier of the session, and the notification message is used to notify the modification session;
    所述用户面网元接收到来自所述会话管理网元的转发规则,所述转发规则为所述会话的标识对应的下行隧道的标识与所述MAC地址的对应关系。The user plane network element receives the forwarding rule from the session management network element, where the forwarding rule is a correspondence between the identifier of the downlink tunnel corresponding to the identifier of the session and the MAC address.
  15. 根据权利要求14所述的方法,其特征在于,所述方法还包括:The method of claim 14, wherein the method further comprises:
    所述用户面网元确定所述会话的标识对应的下行隧道的标识关联的MAC地址中,未记录所述MAC地址。The user plane network element determines that the MAC address associated with the identifier of the downlink tunnel corresponding to the identifier of the session is not recorded.
  16. 一种装置,其特征在于,包括处理单元、发送单元和接收单元;An apparatus, comprising: a processing unit, a transmitting unit, and a receiving unit;
    所述接收单元,用于接收来自远端设备的数据包,所述数据包中包括所述远端设备的媒体接入控制MAC地址;The receiving unit is configured to receive a data packet from a remote device, where the data packet includes a media access control MAC address of the remote device;
    所述发送单元,用于若所述装置未记录所述MAC地址,则向会话管理网元发送会话修改请求消息,所述会话修改请求消息包括所述MAC地址;The sending unit is configured to: if the device does not record the MAC address, send a session modification request message to the session management network element, where the session modification request message includes the MAC address;
    所述接收单元,还用于接收来自所述会话管理网元的指示消息,所述指示消息用于指示会话修改成功;The receiving unit is further configured to receive an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful;
    所述处理单元,用于记录所述MAC地址。The processing unit is configured to record the MAC address.
  17. 根据权利要求16所述的装置,其特征在于,所述处理单元,具体用于:The device according to claim 16, wherein the processing unit is specifically configured to:
    将所述MAC地址加入MAC地址列表,所述MAC地址列表包括至少一个MAC地址,一个MAC地址对应一个远端设备,一个远端设备对应至少一个MAC地址。Adding the MAC address to the MAC address list, the MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address.
  18. 根据权利要求16所述的方法,其特征在于,所述处理单元,具体用于:The method according to claim 16, wherein the processing unit is specifically configured to:
    记录所述终端的标识与所述MAC地址的对应关系。Recording a correspondence between the identifier of the terminal and the MAC address.
  19. 一种装置,其特征在于,包括处理单元、发送单元和接收单元;An apparatus, comprising: a processing unit, a transmitting unit, and a receiving unit;
    所述接收单元,用于接收来自远端设备的数据包,所述数据包中包括所述远端设备的媒体接入控制MAC地址;The receiving unit is configured to receive a data packet from a remote device, where the data packet includes a media access control MAC address of the remote device;
    所述发送单元,用于向用户面网元发送所述数据包;The sending unit is configured to send the data packet to a user plane network element;
    所述接收单元,还用于接收来自会话管理网元的指示消息,所述指示消息用于指示会话修改成功;The receiving unit is further configured to receive an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful;
    所述处理单元,用于记录所述MAC地址。The processing unit is configured to record the MAC address.
  20. 根据权利要求19所述的装置,其特征在于,所述处理单元,具体用于:The device according to claim 19, wherein the processing unit is specifically configured to:
    将所述MAC地址加入MAC地址列表,所述MAC地址列表包括至少一个MAC地址,一个MAC地址对应一个远端设备,一个远端设备对应至少一个MAC地址。Adding the MAC address to the MAC address list, the MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address.
  21. 根据权利要求19所述的装置,其特征在于,所述处理单元,具体用于:The device according to claim 19, wherein the processing unit is specifically configured to:
    记录所述终端的标识与所述MAC地址的对应关系。Recording a correspondence between the identifier of the terminal and the MAC address.
  22. 一种装置,其特征在于,包括处理单元、发送单元和接收单元;An apparatus, comprising: a processing unit, a transmitting unit, and a receiving unit;
    所述接收单元,用于接收来自终端的会话修改请求消息,所述会话修改请求消息包括所述终端的会话的标识和远端设备的媒体接入控制MAC地址;或者,所述接收单元,用于接收来自用户面网元的通知消息,所述通知消息包括所述终端的会话的标识和远端设备的MAC地址,所述通知消息用于通知修改会话;The receiving unit is configured to receive a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or, the receiving unit uses Receiving a notification message from the user plane network element, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
    所述处理单元,用于根据所述MAC地址和所述会话的标识生成转发规则;The processing unit is configured to generate a forwarding rule according to the MAC address and an identifier of the session;
    所述发送单元,用于将所述转发规则发送给所述用户面网元。The sending unit is configured to send the forwarding rule to the user plane network element.
  23. 根据权利要求22所述的装置,其特征在于,所述处理单元,具体用于:The device according to claim 22, wherein the processing unit is specifically configured to:
    根据所述会话的标识对应的下行隧道的标识和所述MAC地址,生成所述转发规则,所述转发规则为所述MAC地址与所述下行隧道的标识的对应关系。The forwarding rule is generated according to the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session, where the forwarding rule is a correspondence between the MAC address and the identifier of the downlink tunnel.
  24. 根据权利要求22或23所述的装置,其特征在于,所述处理单元,还用于记录所述会话的标识对应的下行隧道的标识与所述MAC地址的对应关系。The device according to claim 22 or 23, wherein the processing unit is further configured to record a correspondence between an identifier of a downlink tunnel corresponding to the identifier of the session and the MAC address.
  25. 根据权利要求22至24中任一项所述的装置,其特征在于,所述发送单元,还用于向认证服务器发送认证请求消息,所述认证请求消息用于请求对所述远端设备进行认证;The device according to any one of claims 22 to 24, wherein the sending unit is further configured to send an authentication request message to the authentication server, where the authentication request message is used to request to perform the remote device Certification
    所述接收单元,还用于接收来自所述认证服务器的认证响应消息,所述认证响应消息用于指示认证成功。The receiving unit is further configured to receive an authentication response message from the authentication server, where the authentication response message is used to indicate that the authentication is successful.
  26. 一种装置,其特征在于,包括发送单元和接收单元;An apparatus, comprising: a transmitting unit and a receiving unit;
    所述接收单元,用于接收来自终端的会话修改请求消息,所述会话修改请求消息包括所述终端的会话的标识和远端设备的媒体接入控制MAC地址;或者,所述接收单元,用于接收来自用户面网元的通知消息,所述通知消息包括所述终端的会话的标识和远端 设备的MAC地址,所述通知消息用于通知修改会话;The receiving unit is configured to receive a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or, the receiving unit uses Receiving a notification message from the user plane network element, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
    所述发送单元,用于向所述终端发送指示消息,所述指示消息用于指示会话修改成功。The sending unit is configured to send an indication message to the terminal, where the indication message is used to indicate that the session modification is successful.
  27. 一种装置,其特征在于,包括处理单元、发送单元和接收单元;An apparatus, comprising: a processing unit, a transmitting unit, and a receiving unit;
    所述接收单元,用于通过上行隧道接收来自终端的数据包,所述数据包中包括远端设备的媒体接入控制MAC地址;The receiving unit is configured to receive, by using an uplink tunnel, a data packet from a terminal, where the data packet includes a media access control MAC address of the remote device;
    所述处理单元,用于根据所述上行隧道的标识,及所述上行隧道的标识与所述终端的会话的标识对应关系,确定所述终端的会话的标识;The processing unit is configured to determine an identifier of the session of the terminal according to the identifier of the uplink tunnel and the identifier of the identifier of the uplink tunnel and the session of the terminal;
    所述发送单元,用于若未记录所述MAC地址,则向会话管理网元发送通知消息,所述通知消息包括所述MAC地址和所述会话的标识,所述通知消息用于通知修改会话;The sending unit is configured to send a notification message to the session management network element if the MAC address is not recorded, where the notification message includes the MAC address and an identifier of the session, and the notification message is used to notify the modification session. ;
    所述接收单元,还用于接收到来自所述会话管理网元的转发规则,所述转发规则为所述会话的标识对应的下行隧道的标识与所述MAC地址的对应关系。The receiving unit is further configured to receive a forwarding rule from the session management network element, where the forwarding rule is a correspondence between an identifier of a downlink tunnel corresponding to the identifier of the session and the MAC address.
  28. 根据权利要求27所述的装置,其特征在于,所述处理单元,还用于确定所述会话的标识对应的下行隧道的标识关联的MAC地址中,未记录所述MAC地址。The device according to claim 27, wherein the processing unit is further configured to determine that the MAC address associated with the identifier of the downlink tunnel corresponding to the identifier of the session is not recorded.
  29. 一种装置,其特征在于,包括:处理器和存储器;所述存储器用于存储计算机执行指令,当所述装置运行时,所述处理器执行所述存储器存储的该计算机执行指令,以使所述装置执行如权利要求1-3任一项,或4-6任一项所述的远端设备的动态接入方法。An apparatus, comprising: a processor and a memory; the memory is configured to store a computer to execute an instruction, and when the apparatus is in operation, the processor executes the computer-executed instruction stored in the memory to cause The device performs the dynamic access method of the remote device according to any one of claims 1-3, or any of 4-6.
  30. 一种装置,其特征在于,包括:处理器和存储器;所述存储器用于存储计算机执行指令,当所述装置运行时,所述处理器执行所述存储器存储的该计算机执行指令,以使所述装置执行如权利要求7-12任一项,或13所述的远端设备的动态接入方法。An apparatus, comprising: a processor and a memory; the memory is configured to store a computer to execute an instruction, and when the apparatus is in operation, the processor executes the computer-executed instruction stored in the memory to cause The apparatus performs a dynamic access method of a remote device as claimed in any one of claims 7-12, or 13.
  31. 一种装置,其特征在于,包括:处理器和存储器;所述存储器用于存储计算机执行指令,当所述装置运行时,所述处理器执行所述存储器存储的该计算机执行指令,以使所述装置执行如权利要求14-15任一项所述的远端设备的动态接入方法。An apparatus, comprising: a processor and a memory; the memory is configured to store a computer to execute an instruction, and when the apparatus is in operation, the processor executes the computer-executed instruction stored in the memory to cause The apparatus performs the dynamic access method of the remote device according to any one of claims 14-15.
  32. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质中存储有指令,当其在计算机上运行时,使得计算机可以执行如权利要求1-3任一项,或4-6任一项所述的远端设备的动态接入方法。A computer readable storage medium, wherein the computer readable storage medium stores instructions that, when run on a computer, cause the computer to perform any of claims 1-3, or 4-6 The dynamic access method of the remote device according to any one of the preceding claims.
  33. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质中存储有指令,当其在计算机上运行时,使得计算机可以执行如权利要求7-12任一项,或13任一项所述的远端设备的动态接入方法。A computer readable storage medium, wherein the computer readable storage medium stores instructions that, when run on a computer, cause the computer to perform any of claims 7-12, or any of The dynamic access method of the remote device described in the item.
  34. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质中存储有指令,当其在计算机上运行时,使得计算机可以执行如权利要求14-15任一项所述的远端设备的动态接入方法。A computer readable storage medium, wherein the computer readable storage medium stores instructions that, when run on a computer, cause the computer to perform the remote end of any of claims 14-15 Dynamic access method of the device.
  35. 一种计算机程序产品,其特征在于,所述计算机程序产品中存储有指令,当其在计算机上运行时,使得计算机可以执行如权利要求1-3任一项,或4-6任一项所述的远端设备的动态接入方法。A computer program product, wherein the computer program product stores instructions that, when run on a computer, cause the computer to perform any of claims 1-3, or any of 4-6 The dynamic access method of the remote device.
  36. 一种用来执行权利要求1-3任一项,或4-6任一项所述的远端设备的动态接入方法。A dynamic access method for performing the remote device of any one of claims 1-3, or any of claims 4-6.
  37. 一种芯片系统,其特征在于,包括:A chip system, comprising:
    存储器,用于存储计算机程序;a memory for storing a computer program;
    处理器,用于从所述存储器调用并运行所述计算机程序,使得安装有所述芯片系统的设备执行如权利要求1-3任一项,或4-6任一项所述的远端设备的动态接入方法。a processor for calling and running the computer program from the memory, such that the device in which the chip system is installed performs the remote device according to any one of claims 1-3, or any one of 4-6 Dynamic access method.
PCT/CN2018/120719 2018-01-26 2018-12-12 Remote terminal device dynamic access method and apparatus WO2019144719A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810077566.2 2018-01-26
CN201810077566.2A CN110086839B (en) 2018-01-26 2018-01-26 Dynamic access method and device for remote equipment

Publications (1)

Publication Number Publication Date
WO2019144719A1 true WO2019144719A1 (en) 2019-08-01

Family

ID=67395821

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/120719 WO2019144719A1 (en) 2018-01-26 2018-12-12 Remote terminal device dynamic access method and apparatus

Country Status (2)

Country Link
CN (1) CN110086839B (en)
WO (1) WO2019144719A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021031092A1 (en) * 2019-08-19 2021-02-25 华为技术有限公司 Packet processing method and network device
CN114557045A (en) 2019-10-31 2022-05-27 华为技术有限公司 Communication method and related device
CN115567934A (en) * 2021-06-30 2023-01-03 华为技术有限公司 Authentication method and communication device
CN114745419B (en) * 2022-05-07 2024-02-23 深信服科技股份有限公司 Method, device, equipment and storage medium for acquiring terminal MAC address

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110847A (en) * 2007-08-27 2008-01-23 华为技术有限公司 Method, device and system for obtaining medium access control address
CN101364883A (en) * 2007-08-06 2009-02-11 华为技术有限公司 Multi-terminal session method, communication system and related apparatus
CN102098674A (en) * 2010-11-25 2011-06-15 中兴通讯股份有限公司 Detection method and device of cloning equipment
WO2016067078A1 (en) * 2014-10-30 2016-05-06 Telefonaktiebolaget Lm Ericsson (Publ) Integrated cellular system with wi-fi-fallback

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101364883A (en) * 2007-08-06 2009-02-11 华为技术有限公司 Multi-terminal session method, communication system and related apparatus
CN101110847A (en) * 2007-08-27 2008-01-23 华为技术有限公司 Method, device and system for obtaining medium access control address
CN102098674A (en) * 2010-11-25 2011-06-15 中兴通讯股份有限公司 Detection method and device of cloning equipment
WO2016067078A1 (en) * 2014-10-30 2016-05-06 Telefonaktiebolaget Lm Ericsson (Publ) Integrated cellular system with wi-fi-fallback

Also Published As

Publication number Publication date
CN110086839B (en) 2020-08-07
CN110086839A (en) 2019-08-02

Similar Documents

Publication Publication Date Title
US11963242B2 (en) Communication method and apparatus
US11812496B2 (en) User group session management method and apparatus
EP3005822B1 (en) Mac layer transport for wi-fi direct services application service platform without internet protocol
WO2019144719A1 (en) Remote terminal device dynamic access method and apparatus
US11533610B2 (en) Key generation method and related apparatus
WO2018205150A1 (en) Network slice selection policy updating method and apparatus
RU2440688C2 (en) User profile, policy and distribution of pmip keys in wireless communication network
US20200296142A1 (en) User Group Establishment Method and Apparatus
TWI380713B (en) Expedited handoff
WO2022012310A1 (en) Communication method and apparatus
CN112449315B (en) Network slice management method and related device
WO2019157909A1 (en) Communication method and communication apparatus
WO2020034965A1 (en) Message transmission method, device, and storage medium
US9596209B2 (en) Causing client device to request a new internet protocol address based on a link local address
WO2019192445A1 (en) Method and device for creation and joining of multicast group
US20230239686A1 (en) Secure communication method, apparatus, and system
JP2019508984A (en) System and method for relaying data via a communication network
EP3860176B1 (en) Method, apparatus, and system for obtaining capability information of terminal
US9634917B2 (en) Method and system for detecting use of wrong internet protocol address
CN110278095A (en) A kind of method for message transmission and device
JP2021503851A (en) Communication method and communication device
CN109981462B (en) Message processing method and device
WO2022067831A1 (en) Method and apparatus for establishing secure communication
WO2019141135A1 (en) Trusted service management method and apparatus capable of supporting wireless network switching
RU2783350C2 (en) Method for control of session of group of users and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18902489

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18902489

Country of ref document: EP

Kind code of ref document: A1