WO2019144719A1 - Procédé et appareil d'accès dynamique à un terminal distant - Google Patents

Procédé et appareil d'accès dynamique à un terminal distant Download PDF

Info

Publication number
WO2019144719A1
WO2019144719A1 PCT/CN2018/120719 CN2018120719W WO2019144719A1 WO 2019144719 A1 WO2019144719 A1 WO 2019144719A1 CN 2018120719 W CN2018120719 W CN 2018120719W WO 2019144719 A1 WO2019144719 A1 WO 2019144719A1
Authority
WO
WIPO (PCT)
Prior art keywords
mac address
session
identifier
remote device
terminal
Prior art date
Application number
PCT/CN2018/120719
Other languages
English (en)
Chinese (zh)
Inventor
姚琦
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2019144719A1 publication Critical patent/WO2019144719A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2854Wide area networks, e.g. public data networks
    • H04L12/2856Access arrangements, e.g. Internet access
    • H04L12/2869Operational details of access network equipments
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery

Definitions

  • the present application relates to the field of mobile communications technologies, and in particular, to a dynamic access method and apparatus for a remote device.
  • the terminal device may not have an internet protocol (IP) address, especially for traditional industrial devices, and Ethernet Layer 2 communication is often used.
  • IP internet protocol
  • these devices need to be connected to external networks for information exchange and communication to enable intelligent identification, location, tracking, monitoring and management of items.
  • household products are closely related to human food and entertainment. In recent years, smart homes have received more and more attention. Each type of household products may come from different manufacturers and adopt different standards. Communication between them may be incompatible.
  • a bridge mode terminal connects each remote device to implement hardware intelligent upgrade and interoperability between intelligent hardware. For each remote device behind the terminal, how to access and transmit data becomes the primary problem.
  • the access method of the remote device is generally given.
  • the MAC address of the remote device accessing the terminal is authorized to be assigned to each network element in the network, and subsequent network elements are based on these authorized
  • the MAC address implements forwarding or processing of data packets or signaling to the remote device.
  • the present application provides a dynamic access method and device for a remote device, which is used to dynamically access a new remote device on the terminal.
  • the present application provides a dynamic access method for a remote device, where the method includes: receiving, by a terminal, a data packet from a remote device, where the data packet includes a media access control of a remote device. a MAC address; if the terminal does not record the MAC address, the terminal sends a session modification request message to the session management network element, where the session modification request message includes the MAC address; the terminal receives an indication message from the session management network element, where the indication message is used Indicates that the session modification is successful; the terminal records the MAC address.
  • the terminal determines that the MAC address in the data packet is not recorded, it is determined that the remote device corresponding to the MAC address is a new remote device, that is, a remote device that is not connected to the terminal, and therefore, the terminal manages the session.
  • the network element sends a session modification request message for requesting to modify the session, and if the terminal receives the indication message sent by the session management network element to indicate that the session modification is successful, the terminal records the MAC address. Therefore, it is relatively flexible to connect the remote device that dynamically requests access to the terminal.
  • the terminal records the MAC address, including: the terminal adds the MAC address to the MAC address list, the MAC address list includes at least one MAC address, and one MAC address corresponds to one remote device, and one remote device Corresponds to at least one MAC address.
  • the terminal records the MAC address, including: the terminal records the correspondence between the identifier of the terminal and the MAC address.
  • the terminal records the MAC address, including: the terminal records the correspondence between the identifier of the remote device and the MAC address.
  • the present application provides a dynamic access method for a remote device, where the method includes: receiving, by a terminal, a data packet from a remote device, where the data packet includes a MAC address of the remote device; Sending the data packet; the terminal receives an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful; the terminal records the MAC address.
  • the terminal receives the data packet sent by the remote device, and sends the data packet to the user plane network element.
  • the user plane network element determines the MAC address in the unrecorded data packet
  • the session management network element is triggered to modify the session, if the session management network After the meta-modification session is successful, the terminal sends an indication message indicating that the session modification is successful.
  • the terminal After receiving the indication message sent by the session management network element, the terminal records the MAC address. Therefore, the remote device that dynamically requests the access is accessed to the terminal, which is relatively flexible.
  • the terminal records the MAC address, including: the terminal adds the MAC address to the MAC address list, the MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address.
  • the terminal records the MAC address, including: the terminal records the correspondence between the identifier of the terminal and the MAC address.
  • the present application provides a dynamic access method of a remote device, where the method includes: first, a session management network element receives a session modification request message from a terminal, where the session modification request message includes an identifier and a remote end of the session of the terminal.
  • the MAC address of the device; or, the session management network element receives the notification message from the user plane network element, where the notification message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session; then, the session management network
  • the element generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the user plane network element.
  • the session management network element when the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, the session management network element may determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message. Then, the session management network element generates a new forwarding rule according to the MAC address and the identifier of the session, and sends the new forwarding rule to the user plane network element. Therefore, the MAC address of the remote device that is dynamically applied for is sent to the corresponding network element, such as the user plane network element, so that the data packet sent by the remote device corresponding to the MAC address can be processed later.
  • the method is more flexible.
  • the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including: the session management network element generates a forwarding rule according to the identifier and the MAC address of the downlink tunnel corresponding to the identifier of the session, and the forwarding rule is generated.
  • the rule is the correspondence between the MAC address and the identifier of the downlink tunnel.
  • the above provides a specific implementation manner of generating a forwarding rule, which is relatively simple and easy to implement.
  • the method further includes: the session management network element records the correspondence between the identifier of the downlink tunnel corresponding to the identifier of the session and the MAC address.
  • the session management network element can manage the remote device corresponding to the MAC address according to the MAC address.
  • the method further includes: the session management network element sends the MAC address to the policy control network element.
  • the policy control network element can manage the remote device corresponding to the MAC address according to the MAC address.
  • the method further includes: the session management network element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device; and the session management network element receives the authentication response message from the authentication server.
  • the authentication response message is used to indicate that the authentication is successful.
  • the session management network element further requests the authentication server to perform authentication on the remote device corresponding to the MAC address. Only when the authentication succeeds, it is determined to access the remote device and record the MAC address, thereby facilitating communication security. .
  • the authentication request message includes a MAC address, where the MAC address is used to authenticate the remote device, or the session modification request message includes the identifier of the remote device or the notification message includes the identifier of the remote device,
  • the authentication request message includes a MAC address and an identifier of the remote device, and the identifier of the remote device is used to authenticate the remote device.
  • One method is to use the MAC address to authenticate the remote device, and the other is to use the identifier of the remote device to authenticate the remote device. You can select one according to the actual situation and compare flexible.
  • the present application provides a dynamic access method of a remote device, where the method includes: a session management network element receives a session modification request message from a terminal, where the session modification request message includes an identifier of a session of the terminal and a remote device.
  • the media access control MAC address; or the session management network element receives the notification message from the user plane network element, where the notification message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session; the session management network The element sends an indication message to the terminal, where the indication message is used to indicate that the session modification is successful.
  • the session management network element When the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, it may determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message, and further The session management network element sends an indication message to the terminal, which is used to indicate that the session modification is successful, so that the terminal can record the MAC address, thereby implementing the remote device that dynamically requests the access to the terminal, and thus the method is compared. flexible.
  • the present application provides a dynamic access method of a remote device, where the method includes: a session management network element receives a session modification request message from a terminal, where the session modification request message includes an identifier of a session of the terminal and a remote device.
  • the media access control MAC address; or the session management network element receives the notification message from the user plane network element, where the notification message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session; the session management network The element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device; the session management network element receives the authentication response message from the authentication server, and the authentication response message is used to indicate that the authentication is successful; the session management network element is based on the session.
  • the identifier of the downlink tunnel corresponding to the identifier and the MAC address are generated, and a forwarding rule is generated.
  • the session management network element When the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, it can determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message, and the session is The management network element requests the authentication server to authenticate the remote device corresponding to the MAC address. If the authentication succeeds, the session management network element generates a new forwarding rule according to the MAC address and the identifier of the session, and sends the new forwarding rule to the user plane network element. Therefore, the MAC address of the remote device that is dynamically applied for is sent to the corresponding network element, such as the user plane network element, so that the data packet sent or received by the remote device corresponding to the MAC address can be processed later. Therefore, it is more flexible.
  • the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including: the session management network element generates a forwarding rule and a forwarding rule according to the identifier and MAC address of the downlink tunnel corresponding to the identifier of the session. Correspondence between the MAC address and the identifier of the downlink tunnel.
  • the above provides a specific implementation manner of generating a forwarding rule, which is relatively simple and easy to implement.
  • the method further includes: the session management network element records the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
  • the session management network element can manage the remote device corresponding to the MAC address according to the MAC address.
  • the method further includes: the session management network element sends the MAC address to the policy control network element.
  • the policy control network element can manage the remote device corresponding to the MAC address according to the MAC address.
  • the authentication request message includes a MAC address, where the MAC address is used to authenticate the remote device, or the session modification request message includes the identifier of the remote device or the notification message includes the identifier of the remote device,
  • the authentication request message includes a MAC address and an identifier of the remote device, and the identifier of the remote device is used to authenticate the remote device.
  • One method is to use the MAC address to authenticate the remote device, and the other is to use the identifier of the remote device to authenticate the remote device. You can select one according to the actual situation.
  • the present application provides a dynamic access method of a remote device, where the method includes: a user plane network element receives a data packet from a terminal by using an uplink tunnel, where the data packet includes a media access control MAC address of the remote device.
  • the user plane network element determines the identifier of the session of the terminal according to the identifier of the uplink tunnel and the identifier of the identifier of the uplink tunnel and the session identifier of the terminal; if the user plane network element does not record the MAC address, the notification is sent to the session management network element.
  • the message, the notification message includes the identifier of the MAC address and the session, and the notification message is used to notify the modification session.
  • the user plane network element receives the forwarding rule from the session management network element, and the forwarding rule is the identifier and MAC address of the downlink tunnel corresponding to the identifier of the session. Correspondence.
  • the user plane network element determines that the MAC address associated with the identifier of the downlink tunnel corresponding to the identifier of the session does not record the MAC address in the data packet.
  • the user plane network element determines the identifier of the downlink tunnel corresponding to the identifier of the session according to the identifier of the session; determines the MAC address associated with the identifier of the downlink tunnel according to the identifier of the downlink tunnel, and then determines the MAC associated with the identifier of the downlink tunnel. Whether the MAC address carried in the data packet is included in the address, if included, indicating that the user plane network element records the MAC address in the data packet. If not included, it indicates that the user plane network element does not record the MAC address in the data packet.
  • the application provides a device, which may be a terminal or a chip.
  • the device has the functionality to implement the various embodiments of the first aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the first Aspect or dynamic access method of a remote device in any implementation method of the first aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the first aspect or the first aspect according to the instruction A dynamic access method of a remote device in the implementation method.
  • the application provides a device, which may be a terminal or a chip.
  • the device has the functionality to implement the various embodiments of the second aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing
  • the dynamic access method of the remote device in any of the implementation methods of the second aspect or the second aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the second aspect or the second aspect according to the instruction A dynamic access method of a remote device in an implementation method.
  • the application provides a device, which may be a session management network element or a chip.
  • the device has the functionality to implement the various embodiments of the third aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the present application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing
  • the dynamic access method of the remote device in any of the implementation methods of the third aspect or the third aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the third aspect or the third aspect according to the instruction A dynamic access method of a remote device in an implementation method.
  • the application provides a device, which may be a session management network element or a chip.
  • the device has the functionality to implement the various embodiments of the fourth aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the present application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing
  • the dynamic access method of the remote device in any of the implementation methods of the fourth aspect or the fourth aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the fourth aspect or the fourth aspect according to the instruction A dynamic access method of a remote device in an implementation method.
  • the application provides a device, which may be a session management network element or a chip.
  • the device has the functionality to implement the various embodiments of the fifth aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the present application provides an apparatus, including: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the foregoing
  • the dynamic access method of the remote device in any of the implementation methods of the fifth aspect or the fifth aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the fifth aspect or the fifth aspect according to the instruction A dynamic access method of a remote device in any implementation method.
  • the present application provides a device, which may be a user plane network element or a chip.
  • the device has the function of implementing the various embodiments of the sixth aspect described above. This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the application provides an apparatus, comprising: a processor and a memory; the memory is configured to store an instruction, when the apparatus is running, the processor executes the instruction stored in the memory, so that the apparatus performs the above
  • the dynamic access method of the remote device in any of the implementation methods of the sixth aspect or the sixth aspect.
  • the memory may be integrated in the processor or may be independent of the processor.
  • the present application provides an apparatus, the apparatus comprising a processor, the processor for coupling with a memory, and reading an instruction in the memory and performing the sixth aspect or the sixth aspect according to the instruction A dynamic access method of a remote device in any implementation method.
  • the present application further provides a system, where the system includes a session management network element, where the session management network element can be used to perform the foregoing third, fourth, fifth, and third aspects, and fourth The steps performed by the session management network element in any of the methods of the fifth aspect.
  • the system may further include a user plane network element, where the user plane network element may be used to perform the method in any of the sixth and sixth aspects, or the solution provided by the embodiment of the present invention. The steps performed by the user plane network element.
  • the system may further include other devices, such as terminals, and the like that interact with the session management network element and/or the user plane network element in the solution provided by the embodiment of the present invention.
  • the present application further provides a computer readable storage medium having stored therein a program or an instruction, when executed on a computer, causing the computer to perform the method described in the above aspects .
  • the present application also provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the methods described in the above aspects.
  • FIG. 1(a) is a schematic diagram of a possible network architecture provided by the present application.
  • FIG. 1(b) is a schematic diagram of still another possible network architecture provided by the present application.
  • FIG. 2 is a schematic diagram of a dynamic access method of a remote device according to the present application.
  • FIG. 3 is a schematic diagram of still another method for dynamically accessing a remote device according to the present application.
  • FIG. 4 is a schematic diagram of a device provided by the present application.
  • FIG. 5 is a schematic diagram of still another apparatus provided by the present application.
  • FIG. 6 is a schematic diagram of still another apparatus provided by the present application.
  • FIG. 7 is a schematic diagram of a terminal provided by the present application.
  • FIG. 8 is a schematic diagram of still another apparatus provided by the present application.
  • the network architecture and the service scenario described in the embodiments of the present application are for the purpose of more clearly illustrating the technical solutions of the embodiments of the present application, and do not constitute a limitation of the technical solutions provided by the embodiments of the present application.
  • the technical solutions provided by the embodiments of the present application are equally applicable to similar technical problems.
  • the network architecture includes a session management network element and a user plane network element.
  • the network architecture further includes a terminal.
  • the network architecture may also include a remote device.
  • the session management network element is mainly used for session management in a mobile network, such as session establishment, modification, and release. Specific functions include assigning an IP address to a user, and selecting a user plane function network element that provides a packet forwarding function.
  • the session management network element may be a session management function (SMF) network element.
  • SMF session management function
  • the session management network element may still be an SMF.
  • the network element, or other name, is not limited in this application.
  • the user plane network element is mainly responsible for processing user packets, such as forwarding and accounting.
  • the network slice selection network element may be a user plane function (UPF) network element.
  • UPF user plane function
  • the user plane network element may still be a UPF network element, or have other names. This application is not limited.
  • the terminal is a relay capable device, and may be, for example, a relay user equipment (relay user equipment, bridge user equipment, bridge UE).
  • relay user equipment relay user equipment, bridge user equipment, bridge UE.
  • the remote device can access the network through a terminal having a relay capability, for example, a remote user equipment (remote user equipment).
  • a terminal having a relay capability for example, a remote user equipment (remote user equipment).
  • the present application can implement dynamic access of a remote device based on the network architecture shown in FIG. 1(a).
  • the remote device is connected to the terminal and the core network.
  • the session management network element and the user plane network element in this application may have the following functions.
  • the session management network element receives the session modification request message from the terminal, where the session modification request message includes the identifier of the session of the terminal and the MAC address of the remote device; or the session management network element receives the notification message from the user plane network element, and the notification The message includes the identifier of the session of the terminal and the MAC address of the remote device, and the notification message is used to notify the modification session. Then, the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the user plane network element. .
  • the session management network element When the session management network element receives the session modification request message of the terminal or receives the notification message of the user plane network element, it can determine that the session information needs to be modified according to the MAC address carried in the session modification request message or the notification message, and the session is The management network element generates a new forwarding rule based on the MAC address and the identifier of the session, and sends the new forwarding rule to the user plane network element. Therefore, the MAC address of the remote device that is dynamically applied for is sent to the corresponding network element, such as the user plane network element, so that the data packet sent or received by the remote device corresponding to the MAC address can be processed later. Therefore, it is more flexible.
  • the session management network element generates a forwarding rule according to the MAC address and the identifier of the session, including: the session management network element generates a forwarding rule according to the identifier and the MAC address of the downlink tunnel corresponding to the identifier of the session, and the forwarding rule is generated.
  • the rule is the correspondence between the MAC address and the identifier of the downlink tunnel.
  • the method further includes: the session management network element records the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
  • the method further includes: the session management network element sends the MAC address to the policy control network element.
  • the method further includes: the session management network element sends an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device; and the session management network element receives the authentication response message from the authentication server.
  • the authentication response message is used to indicate that the authentication is successful.
  • the user plane network element is configured to receive the data packet from the terminal by using the uplink tunnel, where the data packet includes the media access control MAC address of the remote device; and the identifier of the uplink tunnel and the identifier of the uplink tunnel correspond to the identifier of the session of the terminal.
  • the relationship determines the identifier of the session of the terminal; if the user plane network element does not record the MAC address, sends a notification message to the session management network element, where the notification message includes the MAC address and the identifier of the session, and the notification message is used to notify the modification session;
  • the forwarding rule of the session management network element, the forwarding rule is the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
  • FIG. 1(b) is a schematic diagram of still another possible network architecture provided by the present application.
  • the network architecture is based on the network architecture shown in Figure 1 (a), adding some other network elements.
  • the SMF network element and the UPF network element are respectively a specific example of the session management network element and the user plane network element shown in FIG. 1(a).
  • four remote devices are exemplarily shown in FIG. 1(b), which are the remote device 1, the remote device 2, the remote device 3, and the remote device 4.
  • the remote device 1 and the remote device 3 are remote devices that are fixedly connected to the terminal, that is, accessed during the process of establishing a session, and the remote device 4 needs to be dynamically accessed, that is, A remote device that dynamically requests access after the terminal establishes a session.
  • This application mainly introduces a method for dynamically accessing the remote device 4.
  • the mobility management network element is mainly used for mobility management in a mobile network, such as user location update, user registration network, or user handover.
  • the mobility management network element may be an access and mobility management function (AMF) network element.
  • AMF access and mobility management function
  • future communications such as 6G, the mobility management network element may still be an AMF network element.
  • the mobility management network element is taken as an AMF network element as an example.
  • the policy controls the network element including the user subscription data management function, the policy control function, the charging policy control function, or the quality of service (QoS) control.
  • the policy control network element may be a policy control function (PCF) network element.
  • PCF policy control function
  • the policy control network element may still be a PCF network element, or have other names. Make a limit.
  • FIG. 1(b) illustrates a case where a policy control network element is a PCF network element.
  • a radio access network (RAN) device is a device that provides wireless communication functions for a terminal, including but not limited to: a next generation base station (bNB), a radio network controller (radio network controller). , RNC), base station controller (BSC), base transceiver station (BTS), home base station (for example, home evolved node B, or home node B, HNB), baseband unit (BBU) ), transmitting and receiving point (TRP), transmitting point (TP), mobile switching center, and the like.
  • the base station in this application may also be a device that provides wireless communication functions for terminals in other communication systems that may occur in the future.
  • An authentication server is a physical entity or logical unit with authentication capabilities.
  • an authentication server is used as a data network-authentication (authorization and accounting, DN-AAA) server as an example.
  • the DN-AAA server can be deployed in the network deployed by the operator or deployed independently in the external data network.
  • each of the foregoing network elements can be either a network component in a hardware device, a software function running on dedicated hardware, or a virtualization function instantiated on a platform (eg, a cloud platform).
  • the present application uses the session management network element as the SMF network element, the user plane network element as the UPF network element, and the policy control network element as the PCF network element as an example for description.
  • the SMF network element, the UPF network element, and the PCF network element are simply referred to as SMF, UPF, and PCF, respectively.
  • the SMF, the UPF, and the PCF described in any of the following embodiments may be replaced by a session management network element, a user plane network element, and a policy control network element, respectively.
  • FIG. 2 is a schematic diagram of a dynamic access method of a remote device provided by the present application. The method includes the following steps:
  • Step 201 The remote device sends a data packet to the terminal, and accordingly, the terminal receives the data packet from the remote device.
  • the packet includes the MAC address of the remote device.
  • the terminal after receiving the data packet, the terminal has two processing modes.
  • the first processing mode corresponds to the following step 202a
  • the second processing mode corresponds to the following step 202b. That is, one of the two processing methods of step 202a and step 202b can be selected.
  • step 202c may be further performed.
  • step 202a the present application will perform step 202a or perform steps 202b-202c.
  • Step 202a If the terminal determines that the MAC address in the data packet is not recorded, the terminal sends a session modification request message to the SMF, and accordingly, the SMF receives the session modification request message from the terminal.
  • the terminal may obtain the MAC address of the remote device from the data packet, and determine whether the MAC address is recorded.
  • the manner in which the terminal records the MAC address may be a record of the correspondence between the identifier of the terminal and the MAC address. Further, if there are multiple MAC addresses in the terminal, the terminal may also generate an associated MAC address list, and then record the correspondence between the MAC address list and the identifier of the terminal.
  • the method of recording the MAC address of the terminal will be described below in the form of a table. It should be noted that, in practical applications, it is not limited to recording the MAC address in the form of a table.
  • the identifier of the terminal is the terminal ID1, and the MAC address list recorded by the terminal currently includes MAC1, MAC2, and MAC3, where MAC1 is the MAC address of the remote device 1, and MAC2 is the MAC address of the remote device 2.
  • MAC3 is the MAC address of the remote device 3. That is, a MAC address corresponds to a remote device. In this case, the MAC address can also be used to uniquely identify a remote device.
  • a remote device may correspond to multiple MAC addresses.
  • MAC1 and MAC2 are the MAC addresses of the remote device 1
  • MAC3 is the MAC address of the remote device 2.
  • the MAC address cannot be used to uniquely identify a remote device.
  • other identifiers such as the identity of the remote device, can be used to uniquely identify a remote device.
  • the terminal can obtain the identifier of the remote device, and the method for obtaining the identifier of the remote device is not limited in this application.
  • the MAC address currently recorded by the terminal includes MAC1, MAC2, and MAC3, indicating that the remote device corresponding to MAC1, MAC2, and MAC3 has been connected to the terminal.
  • the identifiers of the sessions corresponding to MAC1, MAC2, and MAC3, respectively, may also be recorded.
  • the terminal After receiving the data packet sent by the remote device, the terminal needs to send the data packet to the UPF through the tunnel of the user plane through a certain session. Therefore, the mapping between the MAC address and the identifier of the session needs to be recorded. For example, referring to Table 1-1, since the session corresponding to MAC1 is session ID1, after the data packet sent by the remote device 1 arrives at the terminal, the terminal will send the data packet to the UPF through the session corresponding to the session ID1.
  • the identifier of the session may also be other information mapped to the session, such as the tunnel information corresponding to the session. It should be noted that if there is only one session in the terminal, the identifier of the corresponding session may not be recorded.
  • the identifier of the remote device corresponding to each MAC address may be recorded.
  • a column may be further added to the foregoing table 1-1 for recording the identifier of the remote device corresponding to the MAC address, for example, corresponding to MAC1.
  • ID of the remote device 1 MAC2 corresponds to the identifier of the remote device 2
  • MAC3 corresponds to the identifier of the remote device 3.
  • each session may correspond to one or more MAC addresses, and one MAC address corresponds to one remote device.
  • the manner in which the terminal is configured to bind the MAC address is not limited.
  • the MAC address may be bound to a suitable session according to factors such as the current load of the session and the number of MAC addresses currently associated with the session.
  • the remote device that sends the data packet to the terminal is the remote device 4, and the MAC address of the remote device 4 is MAC4, and the data packet sent by the remote device 4 includes the MAC4.
  • the terminal After receiving the data packet sent by the remote device 4, the terminal can obtain the MAC4 from the data packet, and determine whether the terminal records the MAC address 4.
  • the terminal can determine that the MAC4 in the unrecorded packet is not recorded, and thus the remote device 4 can be determined to be a new one.
  • the remote device that is, a new remote device requesting access to the terminal.
  • the terminal may bind a corresponding session to the remote device 4.
  • the session bound by the terminal to the remote device 4 is also the session corresponding to the session ID1 (the session may be referred to as session 1) ).
  • the terminal sends a session modification request message to the SMF, where the session modification request message includes the identifier of the session of the terminal and the MAC address of the remote device.
  • the session modification request message includes session ID1 and MAC4.
  • the session modification request message is used to request a modification session, that is, information for requesting to modify the session.
  • the information of the session includes information such as a MAC address corresponding to the session. It can be understood that the session modification request message will trigger the SMF to verify the remote device corresponding to the new MAC address, and determine whether to record the new MAC address.
  • step 202a may not be performed, but the following steps 202b to 202c are performed.
  • Step 202b The terminal sends a data packet to the UPF through the RAN device, and accordingly, the UPF receives the data packet from the terminal through the uplink tunnel.
  • the terminal After receiving the data packet sent by the remote device, the terminal sends the data packet to the UPF through the RAN device. It can also be understood that the terminal sends the data packet to the UPF through the tunnel of the user plane. Specifically, the terminal first sends a data packet to the RAN device, and then the RAN device sends the data packet to the UPF through an uplink tunnel.
  • the manner in which the RAN device selects the uplink tunnel may be that the corresponding uplink tunnel is selected according to the session bound by the terminal for the MAC address.
  • the SMF or the UPF allocates the uplink tunnel resource, including the IP address of the UPF and the identifier of the tunnel. For example, a tunnel endpoint identifier (TEID), and the allocated uplink tunnel resource is sent to the RAN device. Therefore, the correspondence between the identifier of the session and the uplink tunnel resource is recorded in the RAN device.
  • TEID tunnel endpoint identifier
  • the RAN device saves the mapping relationship between the air interface transmission channel (the transmission channel between the terminal and the RAN device) and the uplink tunnel resource, and therefore, the terminal moves to the RAN device.
  • the RAN device can determine the corresponding uplink tunnel according to the air interface transmission channel, and then send the data packet to the UPF through the determined uplink tunnel.
  • Step 202c If the UPF determines that the MAC address is not recorded, the UPF sends a notification message to the SMF, and accordingly, the SMF receives the notification message from the UPF.
  • the UPF After receiving the data packet through the uplink tunnel, the UPF obtains the MAC address in the data packet and determines whether the MAC address is recorded in the UPF.
  • the UPF can directly find out whether the MAC address is recorded from the MAC address list recorded by the UPF. For example, the UPF can traverse the recorded MAC address list and sequentially search for whether the MAC address is recorded.
  • the UPF may determine the identifier of the downlink tunnel corresponding to the identifier of the uplink tunnel according to the identifier of the uplink tunnel that sends the data packet, and then determine whether the data is included in the MAC address corresponding to the identifier of the downlink tunnel.
  • the resources of the downlink tunnel are allocated by the RAN device during the establishment of the session, and the resources of the downlink tunnel include the IP address of the RAN device and the identifier of the tunnel (for example, TEID).
  • the resources of the downlink tunnel allocated by the RAN device are sent to the SMF and the UPF.
  • a session corresponds to a tunnel, and the tunnel includes an uplink tunnel and a downlink tunnel
  • the uplink tunnel can be indicated by the identifier of the uplink tunnel, and the resources of the uplink tunnel include the IP address of the UPF and the identifier of the uplink tunnel
  • the downlink tunnel can be indicated by the identifier of the downlink tunnel, and the resources of the downlink tunnel include the IP address of the RAN device and the identifier of the downlink tunnel.
  • the terminal in the process of establishing session 1, the terminal associates MAC1, MAC2, and MAC3 with the session ID1.
  • the UPF records the downlink tunnel corresponding to the session. ID, the correspondence with the MAC address.
  • Table 2-1 the correspondence between the identifier of the downlink tunnel and the MAC address recorded in the UPF.
  • the method for determining whether to record the MAC4 in the data packet is as follows: the UPF determines the identifier of the uplink tunnel according to the identifier of the uplink tunnel in which the RAN device sends the data packet.
  • the downlink tunnel identifier is, for example, the downlink tunnel identifier 1.
  • the corresponding MAC addresses are determined: MAC1, MAC2, and MAC3. Since MAC4 is not included therein, the UPF determines that MAC4 is not recorded.
  • the UPF first determines a partial MAC address from all the MAC addresses recorded, and the partial MAC address may include a MAC address in the data packet, and then further determines whether the MAC address in the data packet is included in the partial MAC address.
  • the UPF determines that the MAC address in the data packet is not recorded, the UPF sends a notification message to the SMF, where the notification message includes the identifier of the session and the MAC address.
  • the notification message is used to notify the modification of the session. It can also be understood that the notification message is used to notify the information of the modification session, or it can be understood that the notification message can be used to trigger the SMF to verify the remote device corresponding to the MAC address.
  • step 202a it can be understood that the SMF is triggered by the control plane to verify the remote device corresponding to the MAC address. If the above steps 202b-202c are used, it can be understood that the SMF is triggered by the user plane to verify the remote device corresponding to the MAC address.
  • the SMF After receiving the session modification request message sent by the terminal or the notification message sent by the UPF, the SMF verifies the remote device corresponding to the MAC address by using the authentication server. That is, the following steps 203 to 204 are performed.
  • the SMF may not perform verification on the remote device corresponding to the MAC address, that is, the SMF may default to the remote end.
  • the device is legal.
  • the following steps 203 to 204 are not required to be performed.
  • the SMF may also determine whether the MAC address is recorded locally. If the SMF locally records the MAC address, the SMF determines that the MAC address is not a new MAC address, and the process ends. If the SMF does not record the MAC address locally, the SMF determines that the MAC address is a new MAC address, and the SMF continues the subsequent process, for example, steps 203-209 are performed, or steps 205-209 are performed.
  • Step 203 The SMF sends an authentication request message to the authentication server. Accordingly, the authentication server receives the authentication request message from the SMF.
  • the authentication request message is used to request authentication of the remote device.
  • a remote device can be identified by using a MAC address.
  • the authentication request message may include a MAC address, and the authentication server may verify the remote device corresponding to the MAC address by using the MAC address. For example, an authentication information (such as a verification code, etc.) may be sent to the remote device. When the authentication server receives the correct authentication information replied by the remote device, the verification succeeds. Otherwise, the authentication fails.
  • the authentication request message may carry the MAC address and the identifier of the remote device, where the identifier of the remote device is used for the remote device.
  • the device is certified.
  • the authentication server can authenticate the remote device by using the identifier of the remote device. For example, an authentication information (such as a verification code, etc.) may be sent to the remote device. When the authentication server receives the correct authentication information replied by the remote device, the verification succeeds. Otherwise, the authentication fails.
  • the identifier of the remote device may be carried in the session modification request message and sent to the SMF, or carried in the notification message and sent to the SMF.
  • Step 204 The authentication server sends an authentication response message to the SMF, and accordingly, the SMF receives the authentication response message from the authentication server.
  • the authentication response message is sent to the SMF, and the authentication response message is used to indicate that the authentication is successful.
  • the authentication response message further carries a MAC address, where the MAC address is the MAC address carried in the authentication request message in the foregoing step 203.
  • Steps 203 - 204 are optional.
  • the SMF may also perform step 205 after receiving the 202c notification message. If the above steps 203 to 204 are performed, the authentication of the terminal device by the authentication server is successful. If the above steps 203-204 are not performed, it can be considered that the SMF defaults that the remote device is trusted.
  • Step 205 The SMF sends an indication message to the terminal, and accordingly, the terminal receives the indication message from the SMF.
  • the indication message is used to indicate that the session modification was successful.
  • step 206 the terminal records the MAC address.
  • the manner in which the terminal records the MAC address is: the terminal adds the MAC address to the associated MAC address list, and the associated MAC address list includes at least one MAC address, one MAC address corresponds to one remote device, and one remote device corresponds to at least one MAC address. .
  • the terminal records the correspondence between the identifier of the terminal and the MAC address.
  • a new MAC address can be added to Table 1-1 as shown in Table 1-1.
  • the new MAC address is MAC4
  • the session bound by the MAC4 is also the session ID1
  • the MAC4 is added to the table 1-1, and Table 1-2 is obtained.
  • Terminal identification MAC address Session identifier Terminal ID1 MAC1 Session ID1 Terminal ID1 MAC2 Session ID1
  • the terminal determines that the remote device corresponding to the MAC address is a new remote device, that is, is not accessed.
  • the remote device of the terminal the terminal sends a session modification request message to the session management network element, and is used to request to modify the session.
  • the session management network element modifies the session according to the MAC address.
  • Related information and inform the terminal to record the MAC address. Therefore, the remote device that dynamically requests the access is accessed to the terminal, which is relatively flexible.
  • the terminal sends the data packet to the user plane network element by using the foregoing step 201, step 202b, step 202c, step 205, and step 206.
  • the user plane network element determines the MAC address in the unrecorded data packet
  • the user plane The network element triggers the session management network element to modify the related information of the session according to the MAC address, and notifies the terminal to record the MAC address. Therefore, the remote device that dynamically requests the access is accessed to the terminal, which is relatively flexible.
  • Step 207 The SMF records the correspondence between the MAC address and the identifier of the session.
  • the SMF records the correspondence between the MAC address and the identifier of the session, where the SMF records the correspondence between the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session.
  • the way the SMF records the MAC address can be the same as the way the UPF records the MAC address.
  • Table 2-1 the information in Table 2-1 above is also recorded in the SMF. If the packet terminal MAC address in each of the above steps is MAC4, the SMF records the MAC4 and obtains Table 2-2.
  • Step 208 The SMF generates a forwarding rule according to the MAC address and the identifier of the session, and sends the forwarding rule to the UPF. Accordingly, the UPF receives the forwarding rule from the SMF.
  • the forwarding rule may be a correspondence between an identifier of a downlink tunnel and a MAC address corresponding to the identifier of the session. Therefore, if the MAC address of the data packet terminal in the above steps is MAC4, the forwarding rule sent by the SMF to the UPF is (MAC4, downlink tunnel identifier 1). After receiving the forwarding rule, the UPF stores the forwarding rule.
  • the UPF may update the above table 2-1 according to the forwarding rule to obtain the foregoing Table 2-2.
  • step 209 the SMF sends the MAC address to the PCF.
  • the correspondence between the MAC address and the SMF information (such as identification information or address information, etc.) can be recorded on the PCF.
  • step 205 there is no strict execution order between steps 205 and 209 in the above method.
  • step 207 the order between step 205, step 207, step 208, and step 209 may be arbitrary, and for step 206, it may be performed after step 205.
  • FIG. 3 is a schematic diagram of another dynamic access method of a remote device provided by the present application.
  • the MAC address of the remote device 1 is MAC1
  • the MAC address of the remote device 2 is MAC2
  • the MAC address of the remote device 3 is MAC3
  • the MAC address of the remote device 4 is MAC4.
  • the remote device 1, the remote device 2, and the remote device 3 are accessed during the process of establishing a session, and the remote device 4 is dynamically requested to access.
  • the MAC address and MAC of the remote device 1, the remote device 2, and the remote device 3 are pre-configured (for example, may be manually configured) on the DN-AAA (DN-AAA is a specific example of the authentication server).
  • the identifier of the terminal corresponding to the address is: (identity of the terminal, MAC1, MAC2, MAC3).
  • the method comprises three parts, wherein the first part is an access process of the remote device 1, the remote device 2 and the remote device 3, including the following steps 1 - 4; the second part is the dynamic connection of the remote device 4 The process includes the following steps 5 - 10d; the third part is the normal processing flow of the uplink and downlink data packets, including the following steps 11 - 15.
  • Step 1 The terminal sends a session establishment request message to the AMF, and accordingly, the AMF receives the session establishment request message from the terminal.
  • the session establishment request message carries the identifier of the terminal, the identifier of the session (such as the identifier of a protocol data unit (PDU) session), the network slice, the data network name (DNN), the Ethernet session type, and the like. .
  • PDU protocol data unit
  • DNN data network name
  • Ethernet session type and the like.
  • the identifier of the session is used to indicate the session established by the terminal.
  • the network slice and DNN are used by the AMF to select the appropriate SMF.
  • the Ethernet session type is used to indicate that the established session is an Ethernet session.
  • step 2 the AMF forwards the session establishment request message to the selected SMF.
  • the AMF selects a suitable SMF according to the DNN and the network slice, and then forwards the session establishment request message to the SMF.
  • step 3a the SMF decides to send a session authentication/authorization request message to the DN-AAA according to the local policy (such as receiving the DNN session request or the Ethernet type session).
  • the session authentication/authorization request message includes an identifier of the terminal.
  • step 3b the DN-AAA sends a session authentication/authorization reply message to the SMF.
  • the session authentication/authorization reply message carries a MAC address corresponding to the identifier of the terminal pre-configured on the DN-AAA.
  • the session authentication/authorization reply message includes MAC1, MAC2, and MAC3.
  • Step 4 The SMF establishes an uplink and downlink tunnel corresponding to the session, and stores a correspondence between the MAC address and the identifier of the session on the UPF.
  • the operations that need to be performed mainly include:
  • the SMF initiates an N4 session establishment request to the UPF.
  • the SMF or the UPF allocates UPF uplink tunnel resources (including the IP addresses of the TEID and the UPF), and notifies the RAN device of the uplink tunnel resources.
  • the RAN device allocates downlink tunnel resources (including the TEID and the IP address of the RAN device), and notifies the UPF of the downlink tunnel resource. This establishes the upstream and downstream tunnels of the session.
  • the UPF records the correspondence between the MAC address and the identity of the session.
  • the SMF sends the forwarding rule, that is, the correspondence between the MAC address and the downlink tunnel identifier to the UPF.
  • the MAC address here is the MAC address that the DN-AAA sends to the SMF through step 3b.
  • the SMF notifies the UPF of the MAC address, and the UPF generates a forwarding rule, that is, a correspondence between the MAC address and the downlink tunnel identifier.
  • the MAC address here is the MAC address that the DN-AAA sends to the SMF through step 3b.
  • the contents of the UPF record are as shown in Table 2-1 above.
  • the correspondence between the MAC address and the downlink tunnel identifier may also be recorded in the SMF. If the correspondence between the MAC address of the SMF record and the downlink tunnel identifier is expressed in the form of a table, the content of the SMF record is also as shown in Table 2-1 above.
  • it also includes:
  • the SMF notifies the PCF of the MAC address, and the PCF records the correspondence between the MAC address and the SMF.
  • the PCF records the correspondence between the MAC address and the SMF so that the subsequent PCF can find the corresponding session according to the MAC address.
  • the message sent by the application function (AF) network element to the PCF may not carry the identifier of the terminal, but carries the information such as the MAC address, the DNN, and the network slice, and the PCF may find the corresponding SMF according to the MAC address.
  • the MAC address is sent to the corresponding SMF, and the SMF finds the identifier of the corresponding session according to the MAC address, and sends the identifier of the session to the PCF, so that the PCF can obtain the identifier of the session by using the above method.
  • step 5 - step 10d if there is a new remote device, such as the remote device 4, which needs to dynamically access the terminal, it can be implemented by the following step 5 - step 10d.
  • Step 5 The terminal receives the data packet sent by the remote device 4.
  • the data packet includes the MAC address of the remote device 4, that is, MAC4.
  • step 6a and step 7 - step 10d are performed, wherein step 6a is information for triggering the SMF to modify the session by the control plane; or, step 6b - step 6c and step 7 - step 10d are performed, wherein step 6b - step 6c is The SMF is used to modify the session information through the user plane.
  • step 6a the terminal sends a session modification request message to the SMF, and accordingly, the SMF receives the session modification request message.
  • the terminal determines that MAC4 is not recorded, thereby determining that a new remote device is attempting to access. Then, the terminal sends a session modification request message to the SMF, where the session modification request message carries a MAC address (the MAC address of the remote device 4 is MAC4) and the identifier of the session. For example, the identifier of the session that the terminal associates with the remote device is session ID1.
  • the session modification request message further includes an identifier of the remote device 4.
  • step 6b the terminal sends the data packet to the UPF, and correspondingly, the UPF receives the data packet sent by the terminal.
  • the data packet includes the MAC address of the remote device 4, that is, MAC4.
  • step 6c the UPF determines that the MAC4 is not recorded, and then sends a notification message to the SMF, and accordingly, the SMF receives the notification message from the UPF.
  • the notification message includes the identity of the MAC4 and the session (ie, session ID1). For example, the UPF determines that MAC4 is not recorded by looking up the above table 2-1 of the record.
  • the UPF records the correspondence between the uplink tunnel identifier and the identifier of the session in the session establishment process of Step 1 to Step 4. Therefore, the UPF may determine, according to the identifier of the uplink tunnel of the received data packet, the identifier of the session corresponding to the identifier of the uplink tunnel. For example, taking the record form of the table as an example, the correspondence between the uplink tunnel identifier and the identifier of the session as shown in Table 3-1 is recorded on the UPF.
  • the UPF may record the correspondence between the uplink tunnel identifier and the N4 session identifier in the session establishment process of Step 1 to Step 4, and record the identifier between the N4 session identifier and the session. Correspondence. Therefore, the UPF may determine the N4 session identifier corresponding to the identifier of the uplink tunnel according to the identifier of the uplink tunnel that receives the data packet, and then determine the identifier of the session corresponding to the N4 session identifier according to the N4 session identifier.
  • the correspondence between the uplink tunnel identifier and the N4 session identifier as shown in Table 3-2 is recorded on the UPF, and the N4 session identifier as shown in Table 3-3 is recorded. Correspondence with the identity of the session.
  • N4 refers to the interface between the UPF and the SMF
  • the N4 session refers to the identifier of the session used by the communication between the UPF and the SMF.
  • a blacklist can also be maintained in the UPF, and the blacklist is used to record the forbidden MAC address.
  • the UPF receives a packet including the MAC address in the blacklist, it directly discards the packet without notifying the SMF.
  • step 7 the SMF decides to initiate a session secondary authentication authorization.
  • the SMF may determine whether to initiate the session secondary authentication authorization according to the following manner: the SMF determines whether to record the MAC address (ie, MAC4), and if the MAC address is recorded, the SMF decides not to initiate the session secondary authentication and authorization, and proceeds to step 10d; If the MAC address is not recorded, it is decided to initiate a session secondary authentication authorization.
  • the SMF determines whether to record the MAC address (ie, MAC4), and if the MAC address is recorded, the SMF decides not to initiate the session secondary authentication and authorization, and proceeds to step 10d; If the MAC address is not recorded, it is decided to initiate a session secondary authentication authorization.
  • the step 7 is an optional step. If the step 7 is not performed, the SMF needs to initiate a session secondary authentication and authorization by default.
  • step 8a the SMF sends a session authentication/authorization request message to the DN-AAA, and accordingly, the DN-AAA receives the session authentication/authorization request message from the SMF.
  • the session authentication/authorization request message includes a MAC 4, which is used to identify the remote device 4.
  • the session authentication/authorization request message includes the identifiers of the MAC 4 and the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4.
  • the session authentication/authorization request message includes an identifier of the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4.
  • the DN-AAA authenticates the remote device 4.
  • the DN-AAA authenticates the remote device 4.
  • the session authentication/authorization request message includes the identifiers of the MAC4 and the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4, the DN-AAA is based on the identifier of the remote device 4.
  • the remote device 4 performs verification.
  • the session authentication/authorization request message includes MAC4, and the MAC4 is used to identify the remote device 4, the DN-AAA authenticates the remote device 4 based on the MAC4.
  • the session authentication/authorization request message includes the identifiers of the MAC4 and the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4, and the DN-AAA is based on the identifier of the remote device 4 to the remote device 4. authenticating.
  • the session authentication/authorization request message includes the identifier of the remote device 4, and the identifier of the remote device 4 is used to identify the remote device 4, and the DN-AAA authenticates the remote device 4 based on the identifier of the remote device 4. .
  • step 8b the DN-AAA sends a session authentication/authorization reply message to the SMF, and accordingly, the SMF receives the session authentication/authorization reply message from the DN-AAA.
  • the session authentication/authorization reply message indicates that the authentication is successful.
  • the MAC4 may be carried in the session authentication/authorization reply message, and when the SMF receives the session authentication/authorization reply message, determining When MAC4 is included, the authentication is determined to be successful.
  • the session authentication/authorization reply message may carry the indication information, where the indication information is used to indicate that the authentication succeeds, when the SMF receives Go to the session authentication/authorization reply message and determine the authentication success according to the indication information.
  • the session authentication/authorization request message and the session authentication/authorization reply message are respectively a specific example of the authentication request message and the authentication response message in the embodiment shown in FIG. 2 .
  • steps 8a to 8c are optional steps.
  • step 8a to step 8c the SMF authenticates the remote device 4 by default.
  • step 9a the SMF sends a session management policy request message to the PCF, and accordingly, the PCF receives the session management policy request message from the SMF.
  • MAC4 is included in the session management policy request message.
  • step 9b the PCF sends a session management policy reply message to the SMF, and accordingly, the SMF receives the session management policy reply message from the PCF.
  • the PCF may generate a new policy according to the MAC4 and carry it in the session management policy reply message and send it to the SMF.
  • This step 9b is an optional step.
  • step 10a the SMF records the correspondence between the MAC address and the identity of the session.
  • the SMF records the correspondence between the identifier of the downlink tunnel (ie, the downlink tunnel identifier 1) and the MAC address (ie, MAC4) corresponding to the identifier of the session.
  • the SMF also sends a session modification request message to the UPF, and accordingly, the UPF receives the session modification request message from the SMF.
  • the session modification request message includes a forwarding rule, where the forwarding rule is a correspondence between the MAC4 and the downlink tunnel identifier 1.
  • the SMF determines the downlink tunnel identifier 1 corresponding to the session ID1 according to the session ID1, and then generates the correspondence between the MAC4 and the downlink tunnel identifier 1, and carries it in the session modification request message and sends it to the UPF.
  • the SMF sends a failure indication to the UPF, and the UPF adds the MAC4 to the blacklist according to the failure indication. Subsequently, when the UPF receives the data packet of the MAC4, it directly discards the data packet.
  • step 10b the UPF sends a session modification reply message to the SMF, and accordingly, the SMF receives the session modification reply message from the UPF.
  • This step 10b is an optional step.
  • step 10c the SMF sends an indication message to the terminal, and accordingly, the terminal receives the indication message from the SMF.
  • the indication message is used to indicate that the session modification is successful.
  • the indication message includes MAC4.
  • the indication message of the step 10c may be a session modification reply message in a specific implementation.
  • step 10d the terminal records the information of the remote device 4.
  • the information of the remote device 4 recorded by the terminal includes, for example, MAC4, the identifier of the remote device 4, and the like.
  • Step 11 The remote device 4 sends an uplink data packet to the UPF through the terminal.
  • the uplink packet includes MAC4.
  • Step 12 After receiving the uplink data packet, the UPF detects whether the source MAC address is authorized.
  • the source MAC address is the MAC address of the remote device 4 in the uplink data packet, that is, MAC4.
  • the UPF determines whether the source MAC address is authorized by determining whether the source MAC address is recorded. If it is logged, it is determined to be authorized, and if it is not recorded, it is determined to be unauthorized.
  • the uplink data packet is discarded. If it is determined that it is authorized, the uplink data packet is sent to a data network (DN).
  • DN data network
  • the UPF determines that the MAC4 is authorized, and therefore sends the upstream packet to the DN.
  • step 13 the DN sends a downlink data packet to the UPF.
  • the downlink data packet includes a destination MAC address, for example, the destination MAC address is the MAC address of the remote device 4, that is, MAC4.
  • Step 14 After receiving the downlink data packet, the UPF detects whether the destination MAC address is authorized.
  • the method for detecting whether the destination MAC address is authorized by the UPF is the same as the method for determining whether the source MAC address is authorized by the UPF.
  • Step 15 If the UPF determines that the destination MAC address is authorized, the downlink data packet is sent to the corresponding remote device through the downlink tunnel.
  • a method for accessing a new remote device which can realize that a new remote device will be dynamically accessed to the terminal, and thus is more flexible.
  • each of the foregoing network elements includes a hardware structure and/or a software module corresponding to each function.
  • the present invention can be implemented in a combination of hardware or hardware and computer software in combination with the elements and algorithm steps of the various examples described in the embodiments disclosed herein. Whether a function is implemented in hardware or computer software to drive hardware depends on the specific application and design constraints of the solution. A person skilled in the art can use different methods for implementing the described functions for each particular application, but such implementation should not be considered to be beyond the scope of the present invention.
  • FIG. 4 a schematic diagram of a device provided by the present application, which may be a user plane network element, a session management network element or a chip, may perform the method of any of the foregoing embodiments.
  • the apparatus 400 includes at least one processor 401, a communication line 402, a memory 403, and at least one communication interface 404.
  • the processor 401 can be a general central processing unit (CPU), a microprocessor, an application specific integrated circuit (ASIC), or one or more integrated systems for controlling the execution of the program of the present application. Circuit.
  • CPU central processing unit
  • ASIC application specific integrated circuit
  • Communication line 402 can include a path for communicating information between the components described above.
  • Communication interface 404 using any type of transceiver, for communicating with other devices or communication networks, such as Ethernet, radio access network (RAN), wireless local area networks (WLAN), etc. .
  • RAN radio access network
  • WLAN wireless local area networks
  • the memory 403 may be a read-only memory (ROM) or other type of static storage device that can store static information and instructions, a random access memory (RAM) or other type that can store information and instructions.
  • the dynamic storage device may also be an electrically EEPROM programmable programmable read-only memory (EEPROM), a compact disc read-only memory (CD-ROM) or other optical disk storage.
  • EEPROM electrically EEPROM programmable programmable read-only memory
  • CD-ROM compact disc read-only memory
  • Optical disc storage including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.
  • magnetic disk storage media or other magnetic storage devices or capable of carrying or storing desired program code in the form of instructions or data structures and capable of Any other medium accessed by a computer, but is not limited thereto.
  • the memory may be stand-alone and connected to the processor via communication line 402. The memory can also be integrated with the processor.
  • the memory 403 is used to store computer execution instructions for executing the solution of the present application, and is controlled by the processor 401 for execution.
  • the processor 401 is configured to execute a computer-executed instruction stored in the memory 403, so as to implement a method for transmitting a multicast message provided by the following embodiments of the present application.
  • the computer-executed instructions in the embodiment of the present application may also be referred to as an application code, which is not specifically limited in this embodiment of the present application.
  • the processor 401 may include one or more CPUs, such as CPU0 and CPU1 in FIG.
  • apparatus 400 can include multiple processors, such as processor 401 and processor 408 in FIG. Each of these processors can be a single-CPU processor or a multi-core processor.
  • processors herein may refer to one or more devices, circuits, and/or processing cores for processing data, such as computer program instructions.
  • the chip shown in FIG. 4 is a chip, for example, a chip of a user plane network element or a chip of a session management network element
  • the chip includes a processor 401 (which may further include a processor 408), a communication line 402, and a memory.
  • 403 and communication interface 404 can be an input interface, a pin or a circuit, or the like.
  • Memory 403 can be a register, a cache, or the like.
  • Processor 401 and processor 408 may be a general purpose CPU, microprocessor, ASIC, or one or more integrated circuits for controlling the execution of the dynamic access method of the remote device of any of the above embodiments.
  • the present application may divide a functional module into a device according to the above method example.
  • each functional module may be divided according to each function, or two or more functions may be integrated into one processing module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • FIG. 5 shows a schematic diagram of a device, which may be the session management network element involved in the foregoing embodiment, or in the session management network element.
  • the device 500 includes a receiving unit 501, a transmitting unit 502, and a processing unit 503.
  • the receiving unit 501 is configured to receive a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or, the receiving unit 501 And receiving a notification message from the user plane network element, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
  • the processing unit 503 is configured to generate a forwarding rule according to the MAC address and the identifier of the session;
  • the sending unit 502 is configured to send the forwarding rule to the user plane network element.
  • the processing unit 503 is specifically configured to: generate the forwarding rule according to the identifier of the downlink tunnel and the MAC address corresponding to the identifier of the session, where the forwarding rule is the MAC Correspondence between the address and the identifier of the downlink tunnel.
  • the processing unit 503 is further configured to record a correspondence between the identifier of the downlink tunnel corresponding to the identifier of the session and the MAC address.
  • the sending unit 502 is further configured to send the MAC address to a policy control network element.
  • the sending unit 502 is further configured to send an authentication request message to the authentication server, where the authentication request message is used to request authentication of the remote device, and the receiving unit 501 is further used. Receiving an authentication response message from the authentication server, the authentication response message is used to indicate that the authentication is successful.
  • the authentication request message includes the MAC address, where the MAC address is used to authenticate the remote device, or if the session modification request message includes the remote device.
  • the identifier or the notification message includes an identifier of the remote device, where the authentication request message includes the MAC address and an identifier of the remote device, and the identifier of the remote device is used for the remote device Certify.
  • the receiving unit 501 is configured to receive a session modification request message from the terminal, where the session modification request message includes an identifier of the session of the terminal and a media access control MAC address of the remote device; or, the receiving unit 501 And receiving a notification message from the user plane network element, where the notification message includes an identifier of the session of the terminal and a MAC address of the remote device, where the notification message is used to notify the modification session;
  • the sending unit 502 is configured to send an indication message to the terminal, where the indication message is used to indicate that the session modification is successful.
  • the device may be used to implement the steps performed by the session management network element in the method of the embodiment of the present application.
  • the session management network element may be used to implement the steps performed by the session management network element in the method of the embodiment of the present application.
  • the function/implementation process of the receiving unit 501, the processing unit 503, and the transmitting unit 502 in FIG. 5 can be implemented by the processor 501 in FIG. 5 calling a computer executing instruction stored in the memory 503.
  • the function/implementation process of the processing unit 503 in FIG. 5 can be implemented by the processor 501 in FIG. 5 calling the computer execution instruction stored in the memory 503, and the function/implementation of the receiving unit 501 and the transmitting unit 502 in FIG.
  • the process can be implemented by communication interface 504 in FIG.
  • the function/implementation process of the receiving unit 501 and the transmitting unit 502 can also be implemented by a pin or a circuit or the like.
  • the memory 503 may be a memory unit within the chip, such as a register, a cache, or the like.
  • the memory 503 may be a storage unit located outside the chip in the session management network element, which is not specifically limited in this embodiment of the present application.
  • the present application may divide a functional module into a device according to the above method example.
  • each functional module may be divided according to each function, or two or more functions may be integrated into one processing module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • FIG. 6 shows a schematic diagram of a device, which may be the user plane network element involved in the foregoing embodiment, or in the user plane network element.
  • the device 600 includes a receiving unit 601, a transmitting unit 602, and a processing unit 603.
  • the receiving unit 601 is configured to receive, by using an uplink tunnel, a data packet from a terminal, where the data packet includes a media access control MAC address of the remote device;
  • the processing unit 603 is configured to determine an identifier of the session of the terminal according to the identifier of the uplink tunnel and the identifier of the uplink tunnel and the identifier of the session of the terminal;
  • the sending unit 602 is configured to: if the MAC address is not recorded, send a notification message to the session management network element, where the notification message includes the MAC address and an identifier of the session, where the notification message is used to notify the modification.
  • the receiving unit 601 is further configured to receive a forwarding rule from the session management network element, where the forwarding rule is a correspondence between an identifier of a downlink tunnel corresponding to the identifier of the session and the MAC address.
  • the processing unit 602 is further configured to determine that the MAC address is not recorded in the MAC address associated with the identifier of the downlink tunnel corresponding to the identifier of the session.
  • the device may be used to implement the steps performed by the user plane network element in the method of the embodiment of the present application.
  • the device may be used to implement the steps performed by the user plane network element in the method of the embodiment of the present application.
  • the function/implementation process of the receiving unit 601, the processing unit 603, and the transmitting unit 602 in FIG. 6 can be implemented by the processor 601 in FIG. 6 calling a computer executing instruction stored in the memory 603.
  • the function/implementation process of the processing unit 603 in FIG. 6 can be implemented by the processor 601 in FIG. 6 calling the computer execution instruction stored in the memory 603, and the function/implementation of the receiving unit 601 and the transmitting unit 602 in FIG.
  • the process can be implemented by the communication interface 604 of FIG.
  • the function/implementation process of the receiving unit 601 and the transmitting unit 602 may also be implemented by a pin or a circuit or the like.
  • the memory 603 may be a memory unit within the chip, such as a register, a cache, or the like.
  • the memory 603 may be a storage unit located outside the chip in the user plane network element, which is not specifically limited in this embodiment of the present application.
  • FIG. 7 shows a simplified schematic diagram of one possible design structure of a terminal involved in an embodiment of the present invention.
  • the terminal 700 includes a transmitter 701, a receiver 702, and a processor 703.
  • the processor 703 may also be a controller, and is represented as "controller/processor 703" in FIG.
  • the terminal 700 may further include a modem processor 705, where the modem processor 705 may include an encoder 706, a modulator 707, a decoder 708, and a demodulator 709.
  • the transmitter 701 conditions (eg, analog conversion, filtering, amplifying, upconverting, etc.) output samples and generates an uplink signal that is transmitted via an antenna to the RAN device described in the above embodiments. .
  • the antenna receives the downlink signal transmitted by the RAN device in the above embodiment.
  • Receiver 702 conditions (eg, filters, amplifies, downconverts, digitizes, etc.) the signals received from the antenna and provides input samples.
  • encoder 706 receives the traffic data and signaling messages to be transmitted on the uplink and processes (e.g., formats, codes, and interleaves) the traffic data and signaling messages.
  • Modulator 707 further processes (e.g., symbol maps and modulates) the encoded traffic data and signaling messages and provides output samples.
  • Demodulator 709 processes (e.g., demodulates) the input samples and provides symbol estimates.
  • the decoder 708 processes (e.g., deinterleaves and decodes) the symbol estimates and provides decoded data and signaling messages that are sent to the terminal 700.
  • Encoder 706, modulator 707, demodulator 709, and decoder 708 may be implemented by a composite modem processor 705. These units are processed according to the radio access technology employed by the radio access network. It should be noted that when the terminal 700 does not include the modem processor 705, the above functions of the modem processor 705 can also be completed by the processor 703.
  • the processor 703 controls and manages the actions of the terminal 700 for performing the processing performed by the terminal 700 in the embodiment of the present invention.
  • the processor 703 is further configured to perform the processes related to the terminal in the method shown in FIG. 2 to FIG. 3 and/or other processes of the technical solutions described in the present application.
  • the terminal 700 may further include a memory 704 for storing program codes and data for the terminal 700.
  • the present application may divide a functional module into a device according to the above method example.
  • each functional module may be divided according to each function, or two or more functions may be integrated into one processing module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • the division of modules in the present application is schematic, and is only a logical function division, and may be further divided in actual implementation.
  • FIG. 8 shows a schematic diagram of a device, which may be the terminal involved in the above embodiment, or a chip in the terminal, and the device 800 includes The receiving unit 801, the transmitting unit 802, and the processing unit 803.
  • the receiving unit 801 is configured to receive a data packet from a remote device, where the data packet includes a media access control MAC address of the remote device;
  • the sending unit 802 is configured to: if the device does not record the MAC address, send a session modification request message to the session management network element, where the session modification request message includes the MAC address;
  • the receiving unit 801 is further configured to receive an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful;
  • the processing unit 803 is configured to record the MAC address.
  • the processing unit 803 is specifically configured to: add the MAC address to a MAC address list, where the MAC address list includes at least one MAC address, and one MAC address corresponds to one remote device, one far The end device corresponds to at least one MAC address.
  • the processing unit 803 is specifically configured to: record a correspondence between an identifier of the terminal and the MAC address.
  • the receiving unit 801 is configured to receive a data packet from a remote device, where the data packet includes a media access control MAC address of the remote device;
  • the sending unit 802 is configured to send the data packet to a user plane network element
  • the receiving unit 801 is further configured to receive an indication message from the session management network element, where the indication message is used to indicate that the session modification is successful.
  • the processing unit 803 is configured to record the MAC address.
  • the processing unit 803 is specifically configured to: add the MAC address to a MAC address list, where the MAC address list includes at least one MAC address, and one MAC address corresponds to one remote device, one far The end device corresponds to at least one MAC address.
  • the processing unit 803 is specifically configured to: record a correspondence between an identifier of the terminal and the MAC address.
  • the device may be used to implement the steps performed by the terminal in the method of the embodiment of the present invention.
  • the device may be used to implement the steps performed by the terminal in the method of the embodiment of the present invention.
  • the function/implementation process of the receiving unit 801, the processing unit 803, and the transmitting unit 802 in FIG. 8 can be implemented by the processor 801 in FIG. 8 calling a computer execution instruction stored in the memory 803.
  • the function/implementation process of the processing unit 803 in FIG. 8 can be implemented by the processor 801 in FIG. 8 calling the computer execution instruction stored in the memory 803, and the function/implementation of the receiving unit 801 and the transmitting unit 802 in FIG.
  • the process can be implemented by the communication interface 804 in FIG.
  • the function/implementation process of the receiving unit 801 and the transmitting unit 802 may also be implemented by a pin or a circuit or the like.
  • the memory 803 may be a memory unit within the chip, such as a register, a cache, or the like.
  • the memory 803 may be a storage unit located outside the chip in the terminal, which is not specifically limited in this embodiment of the present application.
  • the above embodiments it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof.
  • software it may be implemented in whole or in part in the form of a computer program product.
  • the computer program product includes one or more computer instructions.
  • the computer program instructions When the computer program instructions are loaded and executed on a computer, the processes or functions described in accordance with embodiments of the present invention are generated in whole or in part.
  • the computer can be a general purpose computer, a special purpose computer, a computer network, or other programmable device.
  • the computer instructions can be stored in a computer readable storage medium or transferred from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions can be from a website site, computer, server or data center Transfer to another website site, computer, server, or data center by wire (eg, coaxial cable, fiber optic, digital subscriber line (DSL), or wireless (eg, infrared, wireless, microwave, etc.).
  • the computer readable storage medium can be any available media that can be accessed by a computer or a data storage device such as a server, data center, or the like that includes one or more available media.
  • the usable medium may be a magnetic medium (eg, a floppy disk, a hard disk, a magnetic tape), an optical medium (eg, a DVD), or a semiconductor medium (such as a Solid State Disk (SSD)) or the like.
  • a magnetic medium eg, a floppy disk, a hard disk, a magnetic tape
  • an optical medium eg, a DVD
  • a semiconductor medium such as a Solid State Disk (SSD)
  • a general purpose processor may be a microprocessor.
  • the general purpose processor may be any conventional processor, controller, microcontroller, or state machine.
  • the processor may also be implemented by a combination of computing devices, such as a digital signal processor and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a digital signal processor core, or any other similar configuration. achieve.
  • the steps of the method or algorithm described in the embodiments of the present application may be directly embedded in hardware, a software unit executed by a processor, or a combination of the two.
  • the software unit can be stored in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, removable disk, CD-ROM, or any other form of storage medium in the art.
  • the storage medium can be coupled to the processor such that the processor can read information from the storage medium and can write information to the storage medium.
  • the storage medium can also be integrated into the processor.
  • the processor and the storage medium may be disposed in the ASIC, and the ASIC may be disposed in the terminal device. Alternatively, the processor and the storage medium may also be disposed in different components in the terminal device.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)

Abstract

La présente invention concerne un procédé et un appareil d'accès dynamique à un terminal distant. Le procédé comprend les étapes suivantes : lorsqu'un terminal détermine qu'une adresse MAC dans un paquet de données n'est pas enregistrée, c'est-à-dire, lorsqu'il détermine qu'un terminal distant correspondant à l'adresse MAC est un nouveau terminal distant, c'est-à-dire, un terminal distant qui n'a pas accédé au terminal, le terminal envoie un message de demande de modification de session à un élément réseau de gestion de session et, si le terminal reçoit un message d'indication envoyé par l'élément réseau de gestion de session pour indiquer que la modification de session est réussie, le terminal enregistre l'adresse MAC. Un terminal distant qui applique de manière dynamique l'accès accède ainsi au terminal, qui est plus flexible.
PCT/CN2018/120719 2018-01-26 2018-12-12 Procédé et appareil d'accès dynamique à un terminal distant WO2019144719A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810077566.2A CN110086839B (zh) 2018-01-26 2018-01-26 一种远端设备的动态接入方法及装置
CN201810077566.2 2018-01-26

Publications (1)

Publication Number Publication Date
WO2019144719A1 true WO2019144719A1 (fr) 2019-08-01

Family

ID=67395821

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/120719 WO2019144719A1 (fr) 2018-01-26 2018-12-12 Procédé et appareil d'accès dynamique à un terminal distant

Country Status (2)

Country Link
CN (1) CN110086839B (fr)
WO (1) WO2019144719A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021031092A1 (fr) * 2019-08-19 2021-02-25 华为技术有限公司 Procédé de traitement de paquet et dispositif de réseau
CN114557045A (zh) * 2019-10-31 2022-05-27 华为技术有限公司 通信方法及相关装置
CN115567934A (zh) * 2021-06-30 2023-01-03 华为技术有限公司 一种认证方法及通信装置
CN114745419B (zh) * 2022-05-07 2024-02-23 深信服科技股份有限公司 获取终端mac地址的方法、装置、设备及存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110847A (zh) * 2007-08-27 2008-01-23 华为技术有限公司 一种获取介质访问控制地址的方法、系统及装置
CN101364883A (zh) * 2007-08-06 2009-02-11 华为技术有限公司 一种多终端会话方法及通讯系统以及相关设备
CN102098674A (zh) * 2010-11-25 2011-06-15 中兴通讯股份有限公司 一种克隆设备的检测方法和装置
WO2016067078A1 (fr) * 2014-10-30 2016-05-06 Telefonaktiebolaget Lm Ericsson (Publ) Système cellulaire intégré avec reprise de wi-fi

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101364883A (zh) * 2007-08-06 2009-02-11 华为技术有限公司 一种多终端会话方法及通讯系统以及相关设备
CN101110847A (zh) * 2007-08-27 2008-01-23 华为技术有限公司 一种获取介质访问控制地址的方法、系统及装置
CN102098674A (zh) * 2010-11-25 2011-06-15 中兴通讯股份有限公司 一种克隆设备的检测方法和装置
WO2016067078A1 (fr) * 2014-10-30 2016-05-06 Telefonaktiebolaget Lm Ericsson (Publ) Système cellulaire intégré avec reprise de wi-fi

Also Published As

Publication number Publication date
CN110086839B (zh) 2020-08-07
CN110086839A (zh) 2019-08-02

Similar Documents

Publication Publication Date Title
US11963242B2 (en) Communication method and apparatus
US11812496B2 (en) User group session management method and apparatus
US11533610B2 (en) Key generation method and related apparatus
EP3005822B1 (fr) Transport à couche mac pour plateforme de services d'application de services directs à wi-fi sans protocole internet
WO2019144719A1 (fr) Procédé et appareil d'accès dynamique à un terminal distant
WO2018205150A1 (fr) Procédé et appareil de mise à jour de politique de sélection de tronçon de réseau
WO2019105470A1 (fr) Procédé et dispositif de création de groupe d'utilisateurs
RU2440688C2 (ru) Профиль пользователя, политика и распределение ключей pmip в сети беспроводной связи
CN112449315B (zh) 一种网络切片的管理方法及相关装置
TWI380713B (en) Expedited handoff
WO2019157909A1 (fr) Procédé et appareil de communication
US20230239686A1 (en) Secure communication method, apparatus, and system
WO2020034965A1 (fr) Procédé de transmission de messages, dispositif et support de stockage
EP3860176B1 (fr) Procédé, appareil, et système d'obtention d'informations de capacité de terminal
WO2019192445A1 (fr) Procédé et dispositif de création et de jonction d'un groupe de multidiffusion
US9596209B2 (en) Causing client device to request a new internet protocol address based on a link local address
JP2019508984A (ja) 通信ネットワークを介してデータを中継するシステム及び方法
US9634917B2 (en) Method and system for detecting use of wrong internet protocol address
WO2022012310A1 (fr) Procédé et appareil de communication
JP2021503851A (ja) 通信方法及び通信装置
CN109981462B (zh) 一种报文处理方法及装置
CN103973570B (zh) 一种报文传输的方法、ap及系统
WO2019141135A1 (fr) Procédé et appareil de gestion de service de confiance aptes à prendre en charge une commutation de réseau sans fil
RU2783350C2 (ru) Способ управления сеансом группы пользователей и устройство
WO2022104740A1 (fr) Procédé et appareil de mise à jour d'informations d'abonnement à un réseau non public

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18902489

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18902489

Country of ref document: EP

Kind code of ref document: A1