WO2022152238A1

WO2022152238A1 - Communication method and communication apparatus

Info

Publication number: WO2022152238A1
Application number: PCT/CN2022/071996
Authority: WO
Inventors: 谢春生; 韩文勇; 丁辉; 刁文波
Original assignee: 华为技术有限公司
Priority date: 2021-01-18
Filing date: 2022-01-14
Publication date: 2022-07-21
Also published as: CN114828165A

Abstract

Provided in the present application are a communication method and a communication apparatus, said method being applied in a terminal device. The method comprises: when a target service is initiated, selecting a target virtual network group from among at least one virtual network group according to service information of the target service, wherein the at least one virtual network group is configured by a network side for said target service, each virtual network group among the at least one virtual network group is used for managing a terminal device that accesses said virtual network group, and a terminal device managed by any virtual network group is able to form a virtual local area network; determining a target session of the target service in the target virtual network group, and performing data transmission by means of the target session. The communication method provided in the present application is used for improving the flexibility of a terminal device in selecting a session service and in using a session service to perform data communication.

Description

A communication method and communication device

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the priority of the Chinese patent application with the application number of 202110062216.0 and the application title of "a communication method and communication device" filed with the China Patent Office on January 18, 2021, the entire contents of which are incorporated into this application by reference .

technical field

The present application relates to the field of communication technologies, and in particular, to a communication method and a communication device.

Background technique

5th generation mobile networks (5G) local area network (LAN) can be used in a wide range of mobile network coverage. Regardless of whether users are in the same region, as long as they join the same 5G local area network, data exchange and communication based on the local area network can be realized.

At present, the 5G local area network service is defined in the 3GPP protocol, which can build a virtual mobile private network for users in a network system such as a mobile network to realize virtual private network communication. At the same time, the concept of virtual network (Virtual Network, VN) group (Group) is introduced into the agreement. The 5G local area network corresponding to the virtual network group can provide communication services for the terminal devices in the virtual network group. Under the 5G local area network corresponding to the virtual network group, the communication between two terminal devices that have signed up to the same virtual network group has the characteristics of local area network communication.

After the introduction of virtual network groups, 5G local area networks corresponding to different virtual network groups can be connected to different data networks, and terminal devices between different virtual network groups are isolated from each other. The data network (DN) corresponding to the virtual network group completes data exchange, and can directly complete data exchange with other terminal devices in the virtual network group through the user plane function (UPF) network element.

At present, the terminal device needs to determine the virtual network group to be accessed when initiating a service according to the identification information of the data network, and then use the session service in the virtual network group for data transmission. However, after the identification information of the data network is determined, the virtual network group that the terminal device can access is also uniquely determined, and the terminal device can only transmit data through the session service in the virtual network group, which greatly limits the terminal device. Flexibility to choose session services and use session services for data communication.

SUMMARY OF THE INVENTION

The present application provides a communication method and a communication device, which are used to improve the flexibility of a terminal device in selecting a session service and using the session service for data communication.

In a first aspect, an embodiment of the present application provides a communication method, which is applied to a terminal device. The method includes: when initiating a target service, selecting a target virtual network in at least one virtual network group according to service information of the target service group; wherein, the at least one virtual network group is configured by the network side for the target service, and each virtual network group in the at least one virtual network group is used to manage the terminal equipment accessing the virtual network group, any virtual network group The terminal equipment managed by the network group can form a virtual local area network; the target session of the target service in the target virtual network group is determined, and data transmission is performed through the target session.

In this method, when initiating a service, a terminal device can flexibly select a target virtual network group to access in at least one virtual network group configured for the terminal service on the network side according to service information, and use the virtual network group in the target virtual network group The session performs data communication, which improves the flexibility of the terminal device to access the virtual network group, thereby improving the flexibility and efficiency of the terminal device selecting and using the session service for data communication.

In a possible design, the selecting a target virtual network group from at least one virtual network group according to the service information of the target service includes: in at least one user routing policy, selecting a target virtual network group that matches the service information The target user routing policy, wherein the target user routing policy includes the service information and the group identifier of at least one available virtual network group corresponding to the service information; in the at least one virtual network group, select the target virtual network group contained in the at least one available virtual network group.

In this method, the user routing policy matched by the terminal device according to the service information for initiating the service includes the group identifier of at least one available virtual network group corresponding to the service information, and the terminal device can determine which ones are based on the group identifier information. A virtual network group can provide services for itself, and can flexibly select a virtual network group to access from among the virtual network groups available for services.

In a possible design, the determining the target session of the target service in the target virtual network group includes: in the established session, selecting the target that matches the routing policy of the target user or send a session creation request to the session management function network element, where the session creation request is used to request creation of the target session, wherein the session creation request carries the group identifier of the target virtual network group.

In this method, when the terminal device requests the session management function network element to create a new session, the virtual network group to be accessed can be specified by carrying the group identifier of the target virtual network group in the session creation request sent to the session management function network element. The network element of the session management function can quickly determine the virtual network group that the terminal device selects to access, and then establish a session in the virtual network group for the terminal device.

In a possible design, before selecting a target virtual network group in at least one virtual network group, the method further includes: in the process of registering the terminal device into the network, receiving an access and mobility management function network element or, in the process of updating the configuration of the terminal device, receiving the list of serviceable virtual network groups issued by the access and mobility management function network element; The virtual netgroup list contains the target virtual netgroup.

In this method, the terminal device can directly determine the virtual network group that can provide services for itself according to the serviceable virtual network group list issued by the access and mobility management function network element, that is, the virtual network group that the terminal device can access , the terminal device can flexibly select a virtual network group to be finally accessed from among the virtual network groups that it can access when initiating a service.

In a possible design, before selecting the target virtual network group in the at least one virtual network group, the method further includes: receiving the at least one user routing policy issued by the policy control function network element.

In this method, the terminal device obtains the user routing policy before selecting the target virtual network group, which ensures that the terminal device has the available user routing policy, and then selects the target virtual network group by matching the user routing policy.

In a possible design, the data transmission through the target session includes: through the target session, communicating with the target data network, other terminal devices in the target virtual network group, or other terminal devices in other virtual network groups The terminal device performs data transmission, and the other virtual network groups are virtual network groups other than the target virtual network group.

In a possible design, the group identifier includes at least one of the following: an external group identifier; an internal group identifier; a group identifier assigned by the network side; a group identifier assigned by the authentication-authorization-accounting AAA server.

In this method, the terminal device can use various types of group identifiers to identify and mark the virtual network group, and has high flexibility.

In a possible design, the configuration information further includes at least one of the following: data network name; single network slice selection auxiliary information; session type; application descriptor; secondary authentication/authorization information; ; address information; wherein, the data network name is used to indicate the data network that the virtual network group supports access to; the single network slice selection auxiliary information is used to indicate the network slice adopted by the virtual network group; the session The type is used to indicate the type of the session in the virtual network group; the application descriptor is used to indicate the information of the application to which the target service belongs; the secondary authentication/authorization information is used to perform secondary authentication/authorization; The default group indication information is used to indicate whether the virtual network group is a set default virtual network group; the serviceable area information is used to indicate the geographic area range that the virtual network group can serve; the address information is used to indicate the virtual network The group contains at least one address to be assigned to the end device.

In a second aspect, an embodiment of the present application provides a communication method, which is applied to a network element with a session management function. The method includes: determining a target virtual network group according to a session creation request from a terminal device, where the session creation request is: A request sent by the terminal device when initiating a target service, the target virtual network group is included in at least one virtual network group configured on the network side for the target service, and each virtual network group in the at least one virtual network group For managing the terminal devices accessing the virtual network group, any terminal device managed by any virtual network group can form a virtual local area network; establish a target session in the target virtual network group, and the target session is used for the terminal device data transfer.

In this method, the network side is configured with at least one virtual network group for the terminal service, which can support the terminal device to flexibly select the target virtual network group to access according to the service information for initiating the service, and the session management function network element on the network side is the The terminal device establishes the target session in the target virtual network group, which can realize the data transmission of the terminal device; meanwhile, it can adapt to the networking scenario in which one data network corresponds to multiple virtual network groups.

In a possible design, before determining the target virtual network group, the method further includes: receiving virtual network group configuration information from the unified data management function network element; the virtual network group configuration information includes at least one virtual network group Corresponding configuration information, the at least one virtual network group includes the target virtual network group, and the configuration information includes at least one of the following: default group indication information; serviceable area information; address information; wherein, the default group The indication information is used to indicate whether the virtual network group is a set default virtual network group; the serviceable area information is used to indicate the range of geographical areas that the virtual network group can serve; the address information is used to indicate that the virtual network group contains at least An address to be assigned to the end device.

In this method, after acquiring the configuration information of at least one virtual network group, the session management function network element can determine the relevant information of the target virtual network group according to the configuration information. For example, the session management function network element can determine the relevant information of the target virtual network group according to the configuration information. The instruction information determines a default virtual network group in at least one virtual network group, and then when the terminal device does not specify a virtual network group to access, the default virtual network group is used as a target virtual network group to provide services for the terminal device; session management function The network element can determine whether the virtual network group can provide services for terminal equipment in a certain location area according to the serviceable area information in the configuration information; the network element with the session management function can also provide access to the terminal equipment according to the address information in the configuration information. assign address.

In a possible design, the session creation request carries a group identifier of a virtual network group, and the determining a target virtual network group includes: determining a virtual network group corresponding to the group identifier as the target virtual network group.

In this method, when the terminal device requests the session management function network element to create a new session, the session creation request received by the session management function network element from the terminal device carries the group identifier of the target virtual network group, so the session management function network element does not need to By comparing or matching other relevant information, the virtual network group to be accessed by the terminal device can be quickly and directly determined, and then a session in the virtual network group can be established for the terminal device, and the target virtual network to be accessed by the terminal device can be specified. Group.

In a possible design, the determining the target virtual network group according to the session creation request from the terminal device includes: if the session creation request does not carry the group identifier of the virtual network group, configuring the target virtual network group according to the virtual network group information, and determine the set default virtual network group as the target virtual network group.

In this method, when the terminal device requests the session management function network element to create a new session, if the virtual network group to be accessed is not specified, the session management function network element selects the default virtual network group to provide session services for the terminal device, which can In the scenario of virtual network groups available to multiple terminal devices, the virtual network group that provides session services for terminal devices can also be quickly determined; at the same time, it can adapt to the networking scenario where one data network corresponds to multiple virtual network groups.

In a possible design, the method further includes: assigning an address to the terminal device according to the configuration information corresponding to the target virtual network group; or, sending the group identifier of the target virtual network group to the AAA server, so that the AAA server determines the target virtual network group according to the group identifier, and assigns an address to the terminal device according to the configuration information corresponding to the target virtual network group; wherein the configuration information Contains the address information.

In this method, the network side can support that each virtual network group contains its own address segment, so as to avoid the conflict of address information of multiple virtual network groups, and the session management function network element can, according to the address segment corresponding to the virtual network group, provide the The terminal equipment that enters the virtual network group allocates addresses, so it can adapt to address allocation in a networking scenario in which one data network corresponds to multiple virtual network groups.

In a possible design, the method further includes: delivering a data packet forwarding policy to the user plane functional network element, so that the user plane functional network element, according to the data packet forwarding policy, forwards the received The service data message is forwarded; wherein, the data message forwarding policy includes: judging whether there is a packet inspection rule matching the service data message in at least one packet inspection rule, and if so, according to the packet inspection rule Forward the service data message, otherwise, determine whether the destination address and the source address contained in the service data message belong to the same virtual network group; if it is determined that the destination address and the source address belong to the same virtual network group, do not forward all The service data message, if it is determined that the destination address and the source address do not belong to the same virtual network group, the service data message is forwarded according to the set packet inspection rule; wherein, the packet inspection rule is used to indicate that the service data The forwarding method used for the packet.

In this method, the session management function network element issues a data packet forwarding policy to the user plane function network element, so that the user plane function network element processes the received data packet based on the policy, wherein, according to the policy When the packet inspection rule matching the received service data packet is not matched, if it is determined that the destination address and source address contained in the service data packet belong to the same virtual network group, it is considered that an abnormality has occurred, and the user plane function network element does not work. Forwarding the service data message can prevent the loop problem between the UPF and the data network due to the repeated forwarding of messages.

In a possible design, the group identifier includes at least one of the following: an external group identifier; an internal group identifier; a group identifier assigned by the network side; and a group identifier assigned by the AAA server.

In this method, the network element of the session management function can use various types of group identifiers to identify and mark the virtual network group, and has high flexibility.

In a third aspect, an embodiment of the present application provides a communication method, which is applied to a policy control function network element. The method includes: receiving a virtual network group issued by an application function network element, a capability opening function network element, or a unified data warehouse network element. configuration information, wherein the virtual network group configuration information includes configuration information corresponding to at least one virtual network group, the at least one virtual network group is the target service configuration initiated by the network side for the terminal device, and the at least one virtual network group Each virtual network group is used to manage the terminal equipment accessing the virtual network group, and the terminal equipment managed by any virtual network group can form a virtual local area network; According to the virtual network group configuration information, at least one user routing policy is generated , and deliver the at least one user routing policy to the terminal device.

In this method, the network side is configured with at least one virtual network group for the terminal service, which can support the terminal device to flexibly select the target virtual network group to access according to the service information of the initiating service. The virtual network group configuration information of the at least one virtual network group generates a user routing policy for the terminal device, so that the terminal device can determine the target virtual network group to be accessed in the at least one virtual network group by matching the user routing policy ; At the same time, it can adapt to the networking scenario where one data network corresponds to multiple virtual network groups.

In a possible design, the user routing policy includes service information and a group identifier of at least one virtual network group corresponding to the service information, and the service information is service information of the target service.

In this method, the user routing policy issued by the policy control function network element to the terminal device includes service information and a group identifier of at least one virtual network group corresponding to the service information, and the terminal device can match the service information according to the service information. The user selects the target virtual network group according to the group identifier included in the routing policy, and can specify access to the target virtual network group to the network side according to the group identifier of the selected target virtual network group.

In a possible design, the configuration information includes at least the service information and serviceable area information of at least one virtual network group corresponding to the service information; the user routing policy also includes information related to the service information The serviceable area information of the corresponding at least one virtual network group; wherein the serviceable area information is used to indicate the range of the geographical area that the virtual network group can serve.

In this method, the configuration information of the virtual network group obtained by the network element of the policy control function includes the serviceable area information corresponding to the virtual network group, and the user routing policy delivered to the terminal device carries the serviceable area information corresponding to the virtual network group. The area information enables the terminal device to determine the virtual network group that can provide services for itself based on its own location and the serviceable area information of the virtual network group, and then further select the virtual network group to be accessed.

In this method, the network element of the policy control function can use various types of group identifiers to identify and mark the virtual network group, and has high flexibility.

In a fourth aspect, an embodiment of the present application provides a communication device, including a processing unit; the processing unit is configured to select a target virtual network in at least one virtual network group according to service information of the target service when initiating a target service group; wherein, the at least one virtual network group is configured by the network side for the target service, and each virtual network group in the at least one virtual network group is used to manage the terminal equipment accessing the virtual network group, any virtual network group The terminal equipment managed by the network group can form a virtual local area network; the processing unit is further configured to determine the target session of the target service in the target virtual network group, and perform data transmission through the target session.

In a possible design, when the processing unit selects the target virtual network group in at least one virtual network group according to the service information of the target service, the processing unit is specifically configured to: in at least one user routing selection policy, select the The target user routing policy matched by the service information, wherein the target user routing policy includes the service information and the group identifier of at least one available virtual network group corresponding to the service information; In a network group, the target virtual network group included in the at least one available virtual network group is selected.

In a possible design, when the processing unit determines the target session of the target service in the target virtual network group, the processing unit is specifically configured to: in the established session, select a routing strategy with the target user the matching target session; or, sending a session creation request to a session management function network element, where the session creation request is used to request creation of the target session, wherein the session creation request carries the group of the target virtual network group logo.

In a possible design, the communication apparatus further includes a transceiver unit, and before the processing unit selects a target virtual network group in at least one virtual network group, the transceiver unit is further configured to: register the terminal device to access the network In the process of receiving the serviceable virtual network group list issued by the access and mobility management function network element; or, in the process of updating the configuration of the terminal equipment, receiving the access and mobility management function network element. The sent serviceable virtual network group list; wherein, the serviceable virtual network group list includes the target virtual network group.

In a possible design, before the processing unit selects the target virtual network group in the at least one virtual network group, the transceiver unit is further configured to: receive the at least one user routing selection delivered by the policy control function network element Strategy.

In a possible design, the processing unit performs data transmission through the target session, including: communicating with the target data network, other terminal devices in the target virtual network group, or other virtual network groups through the target session The terminal equipment in the device performs data transmission, and the other virtual network groups are virtual network groups other than the target virtual network group.

In a fifth aspect, an embodiment of the present application provides a communication apparatus, including a processing unit; the processing unit is configured to determine a target virtual network group according to a session creation request from a terminal device, wherein the session creation request is for the terminal A request sent by a device when initiating a target service, the target virtual network group is included in at least one virtual network group configured on the network side for the target service, and each virtual network group in the at least one virtual network group is used to manage For the terminal devices accessing the virtual network group, any terminal device managed by the virtual network group can form a virtual local area network; the processing unit is further configured to establish a target session in the target virtual network group, and the target session is used for The terminal equipment performs data transmission.

In a possible design, the communication device further includes a transceiver unit, and before the processing unit determines the target virtual network group, the transceiver unit is further configured to: receive the virtual network group configuration from the unified data management function network element information; the virtual network group configuration information includes configuration information corresponding to at least one virtual network group, the at least one virtual network group includes the target virtual network group, and the configuration information includes at least one of the following: default group indication information ; serviceable area information; address information; wherein, the default group indication information is used to indicate whether the virtual network group is a set default virtual network group; the serviceable area information is used to indicate the geographical area that the virtual network group can serve range; the address information is used to indicate at least one address to be allocated to the terminal device contained in the virtual network group.

In a possible design, the session creation request carries the group identifier of the virtual network group, and when determining the target virtual network group, the processing unit is specifically configured to: determine that the virtual network group corresponding to the group identifier is the The target virtual network group.

In a possible design, when determining the target virtual network group according to the session creation request from the terminal device, the processing unit is specifically configured to: if the session creation request does not carry the group identifier of the virtual network group, according to the The configuration information of the virtual network group is determined, and the set default virtual network group is determined as the target virtual network group.

In a possible design, the processing unit cooperates with the transceiver unit, and is further configured to: assign an address to the terminal device according to the configuration information corresponding to the target virtual network group; The group identifier of the virtual network group is sent to the AAA server, so that the AAA server determines the target virtual network group according to the group identifier, and configures the terminal device according to the configuration information corresponding to the target virtual network group. Allocating an address; wherein, the configuration information includes the address information.

In a possible design, the transceiver unit is further configured to: deliver a data packet forwarding policy to the user plane functional network element, so that the user plane functional network element can forward the receiving The received service data message is forwarded; wherein, the data message forwarding strategy includes: judging whether there is a packet inspection rule matching the service data message in at least one packet inspection rule, and if so, according to the packet inspection rule. The detection rule forwards the service data message, otherwise, it is judged whether the destination address and the source address contained in the service data message belong to the same virtual network group; if it is determined that the destination address and the source address belong to the same virtual network group, no Forward the service data message, if it is determined that the destination address and the source address do not belong to the same virtual network group, forward the service data message according to the set packet inspection rule; Forwarding mode used for service data packets.

In a sixth aspect, an embodiment of the present application provides a communication device, including a transceiver unit and a processing unit;

The transceiver unit is configured to receive the virtual network group configuration information issued by the application function network element, the capability opening function network element or the unified data warehouse network element, wherein the virtual network group configuration information includes at least one virtual network group corresponding. Configuration information, the at least one virtual network group is the target service configuration initiated by the network side for the terminal device, and each virtual network group in the at least one virtual network group is used to manage the terminal equipment accessing the virtual network group, any one The terminal equipment managed by the virtual network group can form a virtual local area network; the processing unit cooperates with the transceiver unit to generate at least one user routing policy according to the virtual network group configuration information, and send the at least one user The routing policy is delivered to the terminal device.

In a possible design, the configuration information at least includes the service information and serviceable area information of at least one virtual network group corresponding to the service information; the user routing policy also includes the service information The serviceable area information of the corresponding at least one virtual network group; wherein the serviceable area information is used to indicate the range of the geographical area that the virtual network group can serve.

In a seventh aspect, an embodiment of the present application provides a communication device, including: at least one processor; and a memory and a communication interface communicatively connected to the at least one processor; wherein the communication interface is configured to receive data from the communication communication means other than the device and transmit to the processor or send signals from the processor to other communication means other than the communication device; the memory stores data that can be processed by the at least one The at least one processor executes the instructions stored in the memory to cause the communication apparatus to perform any one of the above aspects or any one of the methods of any one of the aspects.

In an eighth aspect, an embodiment of the present application provides a communication system, where the communication system includes a terminal device, a network element with a session management function, and a network element with a policy control function; wherein the terminal device is configured to execute the first aspect or the first any one of the methods in the aspect; the session management function network element is used to execute any one of the above second aspect or the second aspect method; the policy control function network element is used to execute the above third aspect or the third aspect any method in the aspect.

In a ninth aspect, the present application provides a computer-readable storage medium, where computer programs or instructions are stored in the computer-readable storage medium, and when the computer programs or instructions are run on a communication device, the communication device is made to execute each of the above any possible design method of the aspect.

In a tenth aspect, the present application provides a computer program product, the computer program product includes a computer program or instructions, when a communication device reads and executes the computer program product, the communication device is made to perform any one of the above aspects. method in the design.

In an eleventh aspect, the present application provides a chip, the chip includes a processor, and the processor is coupled to a memory for reading and executing a software program stored in the memory, so as to implement any one of the above aspects method in a possible design.

For the technical effects that can be achieved in any one of the fourth aspect to the eleventh aspect, reference may be made to the description of the beneficial effects in the first aspect to the third aspect, which will not be repeated here.

Description of drawings

Figure 1 is a schematic diagram of a 5G networking architecture;

Fig. 2 is a kind of schematic diagram of processing the data packet corresponding to the data message by a kind of UPF;

Fig. 3 is a kind of schematic diagram that UPF performs forwarding processing on data message;

Figure 4a is a schematic diagram of the user plane architecture of a 5G VN group where the data of the terminal equipment is locally exchanged in the PSA UPF;

Figure 4b is a schematic diagram of the user plane architecture of the data cross-PSA UPF exchange scenario of the terminal equipment in the 5G VN group;

FIG. 5 is a schematic diagram of the architecture of a communication system to which the communication method provided by the embodiment of the present application is applicable;

6 is a schematic diagram of a method for AF configuration management of a 5G VN group provided by an embodiment of the present application;

FIG. 7 is a schematic flowchart of a network side delivering a serviceable VN group list in a terminal device registration and network access process according to an embodiment of the present application;

8 is a schematic flowchart of a network side delivering a serviceable VN group list in a terminal configuration update process provided by an embodiment of the present application;

FIG. 9 is a schematic diagram of a communication method provided by an embodiment of the present application;

10 is a schematic diagram of a PDU session creation process provided by an embodiment of the present application;

Figure 11 is a schematic diagram of UPF forwarding data packets in a 5G LAN scenario;

FIG. 12 is a schematic diagram of a message forwarding strategy of a UPF provided by an embodiment of the present application;

FIG. 13 is a schematic diagram of a communication device according to an embodiment of the present application;

FIG. 14 is a schematic diagram of a communication apparatus provided by an embodiment of the present application.

Detailed ways

The embodiments of the present application will be described in detail below with reference to the accompanying drawings.

The method and the device are based on the same technical concept. Since the principles of the method and the device for solving problems are similar, the implementation of the device and the method can be referred to each other, and repeated descriptions will not be repeated.

Hereinafter, some terms in the present application will be explained so as to be understood by those skilled in the art.

1) Terminal equipment: The terminal equipment involved in the embodiments of this application may also be referred to as user equipment (user equipment, UE), mobile station (mobile station, MS), mobile terminal (mobile terminal, MT), etc. An entity on the user side for receiving or transmitting signals, used for sending uplink signals to network side equipment, or receiving downlink signals from network side equipment. Terminal devices include devices that provide voice and/or data connectivity to users.

For example, the terminal device may be a handheld device with wireless connectivity, or a processing device connected to a wireless modem. The terminal equipment may communicate with the core network via a radio access network (RAN), and exchange voice and/or data with the RAN. The terminal equipment may include user equipment, vehicle to X (V2X) terminal equipment, wireless terminal equipment, mobile terminal equipment, device-to-device (D2D) terminal equipment, machine-to-machine/ Machine-to-machine/machine-type communications (M2M/MTC) terminal equipment, Internet of things (IoT) terminal equipment, subscriber unit (subscriber unit), subscriber station (subscriber station), mobile station (mobile station), remote station (remote station), access point (access point, AP), remote terminal (remote terminal), access terminal (access terminal), user terminal (user terminal), user agent (user agent) , or user device, wearable device, in-vehicle device, etc.

As an example and not a limitation, in this embodiment of the present application, the terminal device may also be a wearable device. Wearable devices can also be called wearable smart devices or smart wearable devices, etc. It is a general term for the application of wearable technology to intelligently design daily wear and develop wearable devices, such as glasses, gloves, watches, clothing and shoes. Wait. A wearable device is a portable device that is worn directly on the body or integrated into the user's clothing or accessories. Wearable device is not only a hardware device, but also realizes powerful functions through software support, data interaction, and cloud interaction. In a broad sense, wearable smart devices include full-featured, large-scale, complete or partial functions without relying on smart phones, such as smart watches or smart glasses, and only focus on a certain type of application function, which needs to cooperate with other devices such as smart phones. Use, such as all kinds of smart bracelets, smart helmets, smart jewelry, etc. for physical sign monitoring.

The various terminal devices described above, if they are located on the vehicle (for example, placed in the vehicle or installed in the vehicle), can be considered as on-board terminal equipment. For example, the on-board terminal equipment is also called on-board unit (OBU). ).

2) Communication system: when the terminal equipment requests services, the 3rd generation partnership project (3GPP) access technology is used to connect the terminal equipment to the data network, and realize the connection between the terminal equipment and the data network. Data transmission between the two to achieve the corresponding business.

Among them, the communication system is divided into an access network (AN) and a core network (core network, CN). The access network is used to converge terminal equipment into the core network through 3GPP access technology. The core network is used to connect terminal devices to different data networks. In addition, according to the division of logical functions, the core network can be further divided into a control plane (signaling plane) and a user plane (data plane).

It should also be noted that the communication system to which the communication method provided in this application is applicable includes a fifth generation (5th generation, 5G) communication system (ie, a new radio (NR) communication system), a future new generation communication system, and the like.

For another example, in a 5G communication system, the access network may also be referred to as a 5G radio access network (NG-radio access network (RAN), or NG-RAN), and the core network may also be referred to as a 5G core network (5G Core, 5GC).

3) The network side equipment is a network element located in the communication system. The network-side device may be an access network device in a wireless access network, or a core network device in a core network. This application does not limit this.

4) Access network (access network, AN) equipment: an entity on the network side for transmitting and/or receiving signals. As a device for connecting a terminal device to a wireless network in a communication system, the access network device includes a device that accesses the communication system in a wired manner or wirelessly. Among them, a radio access network (radio access network, RAN) device that wirelessly accesses a communication system may also be called a base station, or a RAN node, or a RAN device in the NG-RAN. The RAN equipment may also coordinate attribute management of the air interface.

For example, the RAN device may be a new radio controller (NR controller), a gNode B (gNB) in a 5G system, a centralized unit (centralized unit), a new radio base station, or a The remote radio module can be a micro base station (also called a small cell), a relay, a distributed unit, a macro base station in various forms, or a transmission and reception point. (transmission reception point, TRP), transmission measurement function (transmission measurement function, TMF) or transmission point (transmission point, TP), or any other wireless access device, or a base station in next-generation communications, but the embodiments of the present application are not limited to this.

5), core network equipment: it is a network element located in the core network, which is used to realize the functions of the core network, for example, it is responsible for connecting the terminal equipment to different data according to the call request or service request sent by the terminal equipment through the access network. On the network, and responsible for billing, mobility management, session management and other services.

For ease of understanding, the following briefly introduces some network elements located in the core network based on the networking architecture of the 5G mobile communication system.

FIG. 1 is a schematic diagram of a 5G networking architecture. As shown in Figure 1, the 5G networking architecture can refer to the networking architecture defined in the 3GPP 23.501 protocol. The main functions of the functional network elements related to the architecture are introduced as follows:

Application function (AF) network element: also known as application controller (application controller), which is mainly used to convey the requirements of the application side to the network side, such as quality of service (QoS) requirements, user status event subscription Wait. The AF network element may be an application function entity of a third-party application, or may be an application service deployed by an operator, such as an IMS voice call service. The application function entity of the third-party application can perform authorization processing through the network exposure function (NEF) network element when interacting with the core network. For example, the application function entity of the third-party application directly sends a request message to the NEF network element. The NEF network element verifies whether the AF network element is allowed to send the request message. If the verification passes, it forwards the request message to the corresponding policy control function (PCF) network element or unified data management function (UDM) ) network element.

PCF network element: It is mainly used to implement policy control functions such as charging for sessions and service flow levels, QoS bandwidth guarantee and mobility management, and user equipment policy decision-making.

UDM network element: It is mainly used to implement data management functions such as managing subscription data and user access authorization.

Access and mobility management function (AMF) network element: It is mainly used to implement functions such as mobility management and access authentication/authorization for terminal equipment. In addition, the AMF network element is also responsible for transferring user policies between the terminal device and the PCF network element.

Session management function (SMF) network element: It is mainly used for packet data unit (PDU) session management for terminal equipment, execution of control policies issued by PCF, and user plane function (UPF). ) selection of network elements, assignment of IP addresses of terminal equipment when the PDU type is IP type, etc.

UPF network element: It is mainly used as the interface between terminal equipment and data network, and completes functions such as user plane data forwarding, session/flow-level accounting statistics, and bandwidth limitation.

Unified data repository (UDR) network element: It is mainly responsible for the access function of data such as subscription data, policy data, and application data. Elements perform interface interconnection to realize access or invocation of corresponding network elements.

Authentication server function (authentication server function, AUSF) network element (not shown in Figure 1): can be used to support the access service authentication defined by the 3GPP framework, and can also support the authentication of non-3GPP access networks.

Of course, the core network may also include other network elements other than the network elements described in the above examples, which will not be listed one by one here.

It should be noted that this application does not limit the name of the corresponding network element that implements each function, and it can also implement other functions or be integrated with other functional network elements, and can also be called other names.

In the 5G networking architecture shown in Figure 1, the main functions of some related communication interfaces between network elements and network elements and between network elements and devices are described as follows:

N1 interface: It is the signaling plane interface between the AMF network element and the terminal device. It has nothing to do with the access network. It is used to exchange signaling messages between the core network and the terminal device. It can be used for the terminal device to register into the network and to establish a PDU session. , in the process of configuring terminal device policies on the network side.

N2 interface: It is the interface between the AMF network element and the RAN device, and is used to transmit radio bearer control information from the core network to the RAN device.

N3 interface: It is the interface between the (R)AN equipment and the UPF network element, used to transfer the service data of the terminal equipment between the RAN equipment and the UPF network element.

N4 interface: It is the interface between the SMF network element and the UPF network element. It is used to transmit the information between the control plane and the user plane. It can be used for the control plane terminal equipment to complete the network access operation according to the contract information with the operator.

N6 interface: It is the interface between the UPF network element and the DN, and is used to transfer the service data of the terminal equipment between the UPF network element and the DN.

N7 interface: It is the interface between the PCF network element and the SMF network element, and is used to deliver information such as PDU session granularity and service data flow granularity control policy.

N8 interface: It is the interface between the AMF network element and the UDM network element. It is used by the AMF network element to obtain the subscription data and authentication data related to access and mobility management from the UDM network element, and the AMF network element to register the terminal with the UDM network element. Information about the current mobility management of the device, etc.

N10 interface: It is the interface between the SMF network element and the UDM network element. It is used by the SMF network element to obtain the session management related subscription data from the UDM network element, and the SMF network element to register the current session related information of the terminal device to the UDM network element.

N11 interface: It is the interface between the SMF network element and the AMF network element, which is used to transfer the PDU session tunnel information between the RAN device and the UPF network element, the control message sent to the terminal device, and the radio resource control information sent to the RAN device. Wait.

6), data network: a communication network used to provide data transmission services, specifically a public data network (PDN), such as the Internet (internet), internet protocol (internet protocol, IP) multimedia system (IP Multi-media subsystem, IMS) voice call service, etc., it can also be operator service, Internet service or third-party service, etc. The identification of the data network is the data network name (DNN). A specific service application (application, APP) in the terminal device may perform data communication with the DN by means of session transfer, where the session may be an IP, Ethernet, unstructured and other type of session.

7) User routing policy (UE route selection policy, URSP): URSP is used by the terminal device to determine whether the triggered application service can adopt the PDU session already established by the terminal device or newly establish a PDU session.

In the 5G communication system, the establishment of the PDU session is triggered by the terminal device based on the service initiated. Different services have different attributes to the PDU session, such as network slice (network slice), DNN, session and service continuity mode (session and service continuity mode, SSC mode). ) and so on have different requirements, so the terminal device may trigger the establishment of different PDU sessions based on different services. Therefore, URSP is introduced in 5G for the terminal device to determine whether the initiated service can use an existing PDU session for data transmission, or whether a new PDU session can be used to transmit the data of the service.

After the terminal device performs URSP matching according to the initiated service, it can obtain the corresponding PDU session parameters according to the matched URSP. If there is a PDU session that meets the parameter requirements, the PDU session is used for data transmission; if there is no PDU session that meets the parameter requirements. , you can create a new PDU session for data transmission.

Among them, the parameter information contained in URSP is shown in Table 1 below:

Table 1 URSP parameter information

For the above URSP parameter information, reference may be made to the description of URSP in Table 6.6.2.1-2 in the 3GPP 23.503 protocol.

URSP mainly includes two parts: traffic descriptor (traffic descriptor) and route selection descriptor (route selection descriptor).

Wherein, the service flow descriptor mainly includes parameters such as application ID (app ID), DNN, IP triplet (IP descriptor), domain descriptor (domain descriptor), connection capabilities (connection capabilities).

The parameter information contained in the routing descriptor is shown in Table 2 below:

Table 2 Routing Descriptor Parameter Information

For the parameter information contained in the above routing descriptor, reference may be made to the description of the routing descriptor in Table 6.6.2.1-3 in the 3GPP 23.503 communication protocol.

8) Packet detection rule (PDR): On the network side, in the process of managing PDU sessions for terminal devices, SMF exchanges information with UPF through the N4 interface, and controls UPF to create, modify, and delete corresponding PDU sessions. A terminal (UE) N4 session (N4 session) is used to control the processing of data packets by the UPF. Specifically, the SMF issues various data packet processing rules (such as PDR and corresponding forwarding action rules (FAR)) to the terminal N4 session in the UPF to complete the processing of data packets (or data packets by the UPF). Data packets), the UPF processes the received external service data packets according to the data packet processing rules issued by the SMF. The PDR is used to match data packets (data packets), and the FAR is used to indicate the packet forwarding mode.

It should be noted that, in this embodiment of the present application, the N4 session is also referred to as a packet forwarding control protocol (packet forwarding control protocol, PFCP) session.

The PDR is delivered to the UPF by the SMF during the PDU session management process, and the UPF performs the corresponding data packet matching according to the PDR delivered by the SMF, and thus obtains the corresponding FAR to complete packet forwarding. A PDR contains a packet detection information (PDI) parameter, and a PDI parameter contains one or several matching fields, which are used to match the data packets received by the UPF to identify the data packets and complete the data packets. The association of the text with the terminal N4 session.

Among them, the information contained in the PDR provided by SMF to UPF is mainly shown in Table 3 below:

Table 3 List of PDR parameters in the PFCP session establishment request

For the content shown in Table 3 above, refer to the PDR parameter information described in Table 7.5.2.2-1 in the 3GPP 29.244 communication protocol.

The information contained in the PDI in the PDR is mainly shown in Table 4 below:

Table 4 List of PDI parameters in the PFCP session establishment request

For the parameter content shown in Table 4 above, refer to the PDI parameter information described in Table 7.5.2.2-2 in the 3GPP 29.244 communication protocol.

Among them, PDI mainly includes the following information:

a. Datagram entry/source interface.

b. A series of parameters for matching ingress packets. For example: tunnel endpoint identity document (TEID)/full qualified TEID (F-TEID), network instance, IP address of terminal device, service data flow filter (SDF) ) filter (filter(s)), application ID (application ID) and other parameters.

After the UPF obtains the PDR from the SMF, when it receives a data packet, it matches the fields of the packet header of the data packet with the parameters defined by the PDI in the PDR, and finds the N4 session and N4 session to which the data packet belongs. The PDR rule with the highest priority matching relationship with the data packet completes the packet matching. After the UPF completes the PDR matching, the matched PDR rule contains the corresponding FAR indication, and the UPF will complete the forwarding of the data packet according to the corresponding FAR indication.

The information contained in the FAR is mainly shown in Table 5 below:

Table 5 List of FAR parameters in the PFCP session establishment request

For the parameter content shown in Table 5 above, refer to the FAR parameter information described in Table 7.5.2.2-3 in the 3GPP 29.244 communication protocol.

Among them, FAR mainly instructs UPF to process data packets through the following information:

a. Apply action parameter: This parameter is used to indicate whether UPF needs to forward, cache, copy, discard data packets, or buffer downlink data with or without notification to the control plane (such as SMF). message; or used to indicate whether UPF allows the terminal device to join the IP multicast group.

b. Forwarding, buffering, and copying parameters: when the application action parameter instructs the UPF to forward, cache, or copy the data packet, the UPF needs to use these parameters so that the data packet can be processed accordingly according to these parameters.

Exemplarily, FIG. 2 is a schematic diagram of processing a data packet corresponding to a data packet by the UPF. As shown in Figure 2, after the external data packet enters the UPF, the UPF matches the N4 session (N4 session/PFCP session) information according to the PDR matching conditions, and then matches the PDR with the highest priority in the N4 session, and then completes the data according to its corresponding FAR. Packet forwarding.

Exemplarily, FIG. 3 is a schematic diagram of the UPF performing forwarding processing on a data packet. As shown in Figure 3, UPF's forwarding of data packets mainly includes the following two processes:

1) The upstream data message from the terminal device reaches the N3 interface through the access network device, and the UPF matches the upstream data message with parameter information such as the data message source port and the tunnel identifier (wherein, the specific matching parameters are detailed as above. The PDR parameter information shown in Table 3) obtains the source terminal N4 session, and performs PDR matching on the source terminal N4 session according to the service data flow filter, determines the corresponding FAR, and forwards the data packet according to the forwarding rule indicated by the FAR .

Wherein, the processing performed by the UPF exemplarily shown in FIG. 3 on the uplink data packet from the terminal device is: forwarding the uplink data packet to the data network side through the N6 interface.

2) The downlink data message from the data network enters the UPF through the N6 interface, and the UPF obtains the destination terminal N4 session and PDR matched by the downlink data message by matching parameter information such as the data message source port, network instance, and destination IP address. rule, and determine the corresponding FAR, and forward the data packet according to the forwarding rule indicated by the FAR.

Wherein, the processing performed by the UPF exemplarily shown in FIG. 3 on the downlink data packet from the data network is: forwarding the downlink data packet to the terminal device through the N3 interface.

9) Virtual network group: The 5G LAN service is defined in the 3GPP 23.501 communication protocol, which can build a virtual mobile private network for users in the mobile network. The terminal device can exchange data with the data network by establishing a traditional PDU connection. 5G LAN On this basis, the concept of virtual network group (VN group) is introduced. Among them, a 5G VN group corresponds to a 5G LAN, and can include multiple terminal devices. The terminal devices belonging to the same 5G VN group access the mobile network and can communicate with the data network as well as with the 5G VN group. Communication with other terminal devices. Currently, multiple 5G VN groups can be supported in the 5G mobile network at the same time. Terminal devices under the same 5G VN group can communicate with each other through the same or different PDU session anchor (PSA) UPFs. Terminal devices between them are isolated from each other.

Figure 4a is a schematic diagram of the user plane architecture of a scenario where data of a terminal device in a 5G VN group is locally exchanged in a PSA UPF. As shown in Figure 4a, multiple terminal devices (such as UE1, UE2) under the same 5G VN group are registered in the same PSA UPF network element. In this scenario, the PSA UPF network element is divided into UE1 and UE2 to complete the data with the data network In addition to the exchange, since UE1 and UE2 belong to the same 5G VN group, the PSA UPF network element also acts as the local switch of the 5G VN group to complete the data exchange between UE1 and UE2.

Figure 4b is a schematic diagram of the user plane architecture of a scenario where terminal equipment in a 5G VN group exchanges data across PSA UPFs. As shown in Figure 4b, multiple terminal devices (such as UE1 and UE2) under the same 5G VN group are registered in different PSA UPF network elements. In this scenario, N19 interfaces are added between different PSA UPF network elements, which belong to When UE1 and UE2 of the same 5G VN group exchange data, their corresponding PSA UPF network elements will complete data transmission and interaction through the N19 interface channel respectively.

Among them, in Figure 4a or Figure 4b, the intermediate UPF (Intermediate UPF, I-UPF) network element between the (R)AN device and the PSA UPF network element is used as an uplink classifier (uplink classifier, UL-CL) Directs data flow from end devices to the data network, or acts as a branch point to support multi-homed PDU sessions.

The data network is usually identified by the data network name (DNN). After the VN group is introduced in 5G, the relevant protocol defines a 1:1 relationship between the DNN of the data network and the 5G VN group, that is, a DNN corresponds to a 5G VN group , that is, a data network corresponds to a 5G VN group, so the 5G LAN corresponding to the 5G VN group can only support access to the data network corresponding to the 5G VN group.

Among them, the networking relationship in which the DNN and 5G VN groups are 1:1 can refer to the relevant definitions in the current 3GPP 23.501 protocol.

5G VN groups can be created, configured and managed by the network side. Among them, the relevant information of the 5G VN group mainly includes the following contents:

A. Identification (identifier) of the VN group: The identification of the VN group includes an external group identification (External Group ID) and an internal group identification (Internal Group ID). The external group identifier is defined by the AF on the network side and used to uniquely identify a VN group; the internal group identifier is defined by the UDM on the network side and used to uniquely identify a VN group inside the network side. There is a mapping relationship between the external group identifier and the internal group identifier. AF generates an external group ID when creating a VN group, and UDM automatically generates the internal group ID of the VN group and completes the mapping with the external group ID.

B. VN group membership: the membership of a VN group includes a list of terminal equipment members belonging to the same VN group. Each member, that is, a terminal device, is uniquely identified by its identification information, wherein the identification information may be a generic public subscription identifier (GPSI), which is a unique user identification provided by the data network for the terminal device.

The parameters included in the VN group membership are shown in Table 6 below:

Table 6 VN group member management parameters

参数parameter	描述describe
GPSI列表GPSI list	VN组成员列表，其中，每个成员通过其GPSI标识A list of VN group members, where each member is identified by its GPSI
外部组标识External group ID	VN组的标识ID of the VN group

C. Configuration information of a VN group (also referred to as VN group data): The configuration information of a VN group includes several attribute fields, which are used to define parameters of various aspects of a VN group.

The parameters included in the configuration information of the VN group are shown in Table 7 below:

Table 7 5G VN group configuration information

It should be noted that, in this application, "and/or" describes the association relationship between associated objects, which means that there can be three kinds of relationships, for example, A and/or B, which can mean that A exists alone, A and B exist at the same time, There are three cases of B alone. The character "/" generally indicates that the associated objects are an "or" relationship. The plural referred to in this application refers to two or more. At least one refers to one or more than one, and at least one includes one or more. In the text description of this application, the character "/" generally indicates that the contextual objects are in an "or" relationship.

Furthermore, the terms "comprising" and "having", and any variations thereof, are intended to cover non-exclusive inclusion, eg, comprising a series of steps or modules. A method, system, product or device is not necessarily limited to those steps or modules expressly listed, but may include other steps or modules not expressly listed or inherent to the process, method, product or device.

A local area network is a computer communication network that connects various computers, external devices and databases within a local geographic range (such as schools, factories, etc.). The local area network can be connected with the remote local area network, database or processing center through the data communication network or special data circuit to form a large-scale information processing network system.

The local area network in 5G is called 5G LAN, which is a communication network that directly provides local area network services by using the wide coverage characteristics of the mobile network itself. 5G LAN can be used in a wider range of mobile network coverage, and user equipment that joins the same 5G LAN can realize local area network-based data exchange and communication. Utilizing the already wide coverage of the mobile network, the creation of 5G LAN services and their scaling, migration, and adjustment can be done automatically by the network side without manual intervention. In addition, 5G LAN can also be customized on demand, and different 5G LANs are securely isolated from each other.

The current 5G LAN network provides users with a simple and efficient 5G VN group management portal through NEF capability opening, which can support users to create, modify, delete and other management operations on 5G VN groups. Create, modify, delete and other management operations performed by the group. However, if the existing network deployment method in which one DNN corresponds to one 5G VN group is adopted, each time the user adds, deletes and modifies the 5G VN group, the 5G LAN network needs to add, delete and modify the 5G VN group while performing the corresponding operation. The DNN of the corresponding data network, and adding or deleting the DNN will involve the internal configuration of the 5G mobile network and the configuration of the interface data channel between the 5G network and the data network. In this way, each time the user operates the 5G VN group, it is necessary to manually perform corresponding operations on the DNN related to the 5G VN group, such as the mobile operator, which requires a large amount of manual intervention on the network side, which cannot meet the simple and fast requirements. Manage the needs of 5G VN groups, for example, users cannot add, delete, or modify 5G VN groups without the mobile operator being aware of them.

In addition, the terminal device can only perform data communication through the PDU session corresponding to the 5G VN group after accessing the 5G VN group. When a terminal device currently accesses a 5G VN group, it needs to determine which 5G VN group to access based on the identification information of the data network. However, in the above networking mode, the terminal device can only determine one 5G VN group that can be accessed according to the identification information of the data network. Therefore, after the identification information of the data network is determined, the 5G VN group that the terminal device can access is also unique. It is certain that the terminal device can only transmit data through the session in the 5G VN group, which greatly limits the flexibility of the terminal device to select the session service and use the session service for data communication.

In order to solve the above problem, an embodiment of the present application provides a communication method, which is used to improve the flexibility of a terminal device to select a session service and use the session service for data communication, thereby improving the flexibility and efficiency of the terminal device to perform data communication, and at the same time, Reduce the complexity of VN group management, and then meet the needs of users to manage VN groups simply and quickly.

The solutions provided by the embodiments of the present application will be specifically described below.

FIG. 5 is a schematic structural diagram of a communication system to which the communication method provided by the embodiment of the present application is applied. FIG. 5 exemplarily lists some network elements and devices related to the embodiments of the present application.

Among them, the communication architecture can be compatible with a variety of communication systems of different standards. FIG. 5 only takes the 5G communication system as an example for description.

It should be noted that this communication architecture does not limit the communication architecture used by the method provided in this application, and the architecture can also be any of the following communication systems: 5G communication system, future new generation communication system, and communication system based on the above Evolved communication systems.

In a word, the communication architecture described in the embodiments of the present application is for the purpose of illustrating the technical solutions of the embodiments of the present application more clearly, and does not constitute a limitation on the technical solutions provided by the embodiments of the present application. The development of the network and the evolution of the network architecture, the technical solutions provided by the embodiments of the present application are also applicable to similar technical problems and scenarios.

The communication architecture shown in FIG. 5 is composed of terminal equipment, access network (R)AN equipment, core network and data network.

The core network includes AMF network elements, SMF network elements, UPF network elements, PCF network elements, AF network elements, UDM network elements, network slice selection function (NSSF) network elements, authentication server function (authentication server function) , AUSF) network element, network slice specific authentication and authorization function network element (Network Slice Specific Authentication and Authorization Function, NSSAAF) network element and other network elements. The functions of each network element can refer to the above-mentioned introduction to the functions of the relevant network elements in the system architecture shown in FIG. The introduction of related interface functions in the architecture will not be repeated here.

In the above communication system, the access network equipment and the core network provide a data exchange service for the terminal equipment and the data network, and this service is called a PDU connection service. The terminal device obtains the PDU connection service by initiating a PDU session establishment request to the network side. The network side maintains PDU sessions for terminal devices to provide PDU connection services.

In this embodiment of the present application, the network side may be the core network, or one or more network elements in the core network, or other network systems capable of implementing the functions of the core network or implementing the functions of one or more network elements in the core network , equipment, etc. For example, the network side can be 5G LAN, mobile operator network, etc. On this basis, the network side can also include access network or access network equipment.

As shown in Figure 5, the communication path (shown by the thick solid line) between the terminal equipment, the access network equipment, the UPF network element and the data network is the service data exchange path between the terminal equipment and the data network, and the path is The data service path of the terminal device in the network is the data plane path. The communication paths (shown in dashed lines) between network elements such as terminal equipment, access network equipment, AMF network elements, SMF network elements, PCF network elements, UPF network elements, and UDM network elements are the signaling plane flow for establishing a PDU session.

In order to realize the exchange of service data between the terminal device and the data network, the terminal device needs to establish a PDU session based on the data network through the PDU connection service provided by the network side. The establishment of the PDU session includes two basic processes: the terminal device registers with the network side to access the network For the process and the process of the terminal device requesting the network side to establish a PDU session, please refer to the related introduction below. In addition, the above two processes belong to the signaling plane interaction process between the terminal device and the network side.

Wherein, the general registration process of terminal equipment can be simply described as: the terminal equipment sends a registration request to the AMF through the access network equipment, and the AMF obtains the subscription data from a specific UDM according to the user identity of the terminal equipment. In addition, the AMF can also initiate a user policy control establishment request (UE policy control_create) and an access management policy control establishment request (AM policy control_create) to the PCF, which are used to obtain the user policy and the access control policy, respectively. After a series of authentication and authorization operations, the network side finally confirms that the terminal device is allowed to access the network. At this time, the AMF responds to the registration request of the terminal device and delivers relevant policy information to the terminal device, and the terminal device completes the network registration and residency. The AMF on the network side maintains the registration and access information of the terminal equipment, and performs mobility management on the terminal equipment.

Communication between two network devices in a 5G communication system can be implemented through corresponding interfaces, as shown in FIG. 1 or FIG. 5 for details.

It should be noted that the English abbreviations such as N1 to N15, N22, N35, N36, N58, and N59 shown in FIG. 1 or FIG. 5 are used in the 5G network to support equipment and equipment, equipment and network elements, network elements and network elements. The communication interface or reference point for information transmission between network elements can refer to the definition in 5G-related communication standards.

It should be understood that the above network elements in a 5G communication system can be either network elements implemented on dedicated hardware, software instances running on dedicated hardware, or a virtualization platform (such as a cloud platform) An instance of a virtualization function. In addition, the embodiments of the present application do not limit the distribution form of each network element in the communication system. Optionally, each of the above network elements may be deployed in different physical devices, or multiple network elements may be integrated into the same physical device.

In addition, the embodiments of the present application do not limit the names of network elements in the communication system. For example, in communication systems of different standards, each network element may have other names; for example, when multiple network elements are integrated into the same physical device , the physical device can also have another name.

For ease of description, in the following embodiments of this application, the AMF network element is abbreviated as AMF, the SMF network element is abbreviated as SMF, the PCF network element is abbreviated as PCF, the UPF network element is abbreviated as UPF, the AF network element is abbreviated as AF, and the The UDM network element is abbreviated as UDM, and the NEF network element is abbreviated as NEF.

The solution provided by the present application will be described in detail below with reference to specific embodiments.

1. Network side: VN group configuration and management

The embodiments of the present application first provide a method for configuring and managing a VN group. In this method, the association relationship between the DNN of the data network and the VN group is a 1:N relationship, where N is an integer not less than 1, that is, the method adopts A networking mode in which one data network corresponds to one or more VN groups, wherein the local area network corresponding to each VN group in the multiple VN groups can be connected to the data network.

In this networking mode, for the same data network, multiple VN groups corresponding to the data network can access the data network through their corresponding local area networks. Based on this networking method, on the one hand, the terminal device has a larger selection space when selecting a VN group to access, thereby improving the flexibility of using the session service of the virtual network group for data communication. For example, when a terminal device communicates with a data network, it can flexibly select a VN group that is relatively more suitable for access from at least one VN group corresponding to the data network according to actual requirements such as service requirements. On the other hand, users can conveniently and quickly perform management operations such as additions, deletions, and modifications to the VN groups under the same data network, without causing modifications to the DNN of the data network, avoiding the intervention of manual management on the data network side, so it can achieve Convenient and efficient management of VN groups.

On the network side, the configuration and management of the VN group can be done by the network administrator or the operation administration and maintenance (OAM), or the NEF can open the service to the AF, and the AF can dynamically configure and manage it. Among them, in order to support AF to dynamically manage VN groups, NEF has opened a series of interfaces such as create, modify, delete and other functional interfaces, which are used by AF to manage VN groups, VN group members and VN group configuration information. Therefore, the network side supports The configuration management of the VN group is completed through the interaction between the AF and the NEF. The management of the VN group mainly includes creating, modifying, and deleting the VN group. During the specific implementation, the configuration management of the VN group can be realized by operating the information of the VN group.

In the embodiment of the present application, the AF can configure different VN groups for different services initiated by the terminal device. When initiating a service, the terminal can select a corresponding VN group for access according to service requirements, and the local area network corresponding to the VN group provides services.

In the embodiment of the present application, the related information of the VN group mainly includes three items of group identification of the VN group, membership of the VN group, and configuration information of the VN group. The group identifier of the VN group may be an external group identifier, an internal group identifier, a group identifier assigned by the network side, a group identifier assigned by an authentication-authorization-accounting AAA server, and the like. For the membership of the VN group, refer to the information shown in Table 6 above. The configuration information of the VN group at least includes data network information, slice information, PDU session type (PDU session type), application descriptor (application descriptor) and default group indication information, and can also include secondary authentication/authorization related information such as using 3A server (DN-AAA) can perform IP address allocation and other information; in addition, it can also include serviceable area information, address information, etc.

In the embodiment of the present application, the specific parameters included in the configuration information of the VN group are shown in Table 8 below:

Table 8 VN group configuration information

The data network information is the data network name (DNN) of the data network, and the slice information is single network slice selection assistance information (S-NSSAI). The data network name is used to indicate the data network that the VN group supports access to; the single network slice selection auxiliary information is used to indicate the network slice adopted by the VN group; the session type is used to indicate the type of the session in the VN group; The application descriptor is used to indicate the information of the application to which the service belongs; the secondary authentication/authorization information is used to perform secondary authentication/authorization.

The parameter information such as the default group indication information, serviceable area information, and address information is used to support the 1:N networking of the DNN and VN groups. The following parameter information will be described in detail:

1) Default group indication information

The default group indication information is used to indicate whether the VN group is a set default VN group, and the default group indication information may be indicated by a field of whether it is a default group (is default). This field defines whether the current VN group is the default VN group set under the current DNN. This field is required, that is, it is included in the configuration information of each VN.

When the terminal device establishes a session under the current VN group, if the terminal device does not specify the VN group to be accessed through the VN group identifier, the network side can determine the default VN group according to the default group field of each VN group, and set the default VN group for the VN group. The terminal device establishes a session in the default VN group.

In some embodiments of the present application, when the DNN of the same data network corresponds to multiple VN groups, the network side needs to select one VN group from the multiple VN groups and set it as the default VN group.

2) Serviceable area information

The serviceable area information is used to indicate the range of the geographical area that can be served by the virtual network group, and the serviceable area information may be indicated by a serviceable geographical area (available geographic area) field, which defines one or more serviceable areas of the current VN group. multiple geographic areas. This field is optional, that is, the configuration information of the VN group may or may not include this field.

In view of the existing 5G communication system, after the 5G VN group is configured on the network side, the default 5G VN group covers the entire network, but for some terminal equipment, its resident area may be limited to relatively fixed areas. , in this case, there is a certain waste of resources in the use of the VN group covering the entire network to provide services for the terminal equipment.

Therefore, in this embodiment of the present application, as an optional implementation, when AF creates a VN group, it can define the serviceable geographical area of the VN group, and add the serviceable area information in the configuration information of the VN group to adapt to the The VN group only needs to cover some areas, which improves the resource utilization of the VN group.

As an optional implementation manner, the above-mentioned serviceable area information may be converted into tracking area information within the mobile network operator by the NEF. The information of the geographic area can be marked as all (ALL), indicating that the corresponding VN group is available in the entire network of the mobile network operator. When the field is marked as empty, it can be considered that the default value is ALL.

3) Address information

The address information is used to indicate at least one address to be assigned to the terminal device contained in the virtual network group, and the address information can be indicated by the IP segment and mask (IP segment and mask) field, which contains the corresponding virtual network. The IP address segment of the group. This field is optional, that is, the configuration information of the VN group may or may not include this field.

As an optional implementation manner, when the AF configures the VN group so that the corresponding relationship between the DNN of the data network and the VN group is that one DNN corresponds to multiple VN groups, for the scenario where the session type is IP type, the multiple VN groups The configuration information of each VN group in the group includes its corresponding IP address segment. When SMF configures data packet forwarding rules for UPF, it needs to obtain the IP address segment information corresponding to the VN group, so as to configure UPF matching and forwarding rules for data packets based on the IP address segment information.

In some embodiments of the present application, the SMF can obtain the address information of the VN group in at least any of the following ways:

1) When the AF creates a VN group through the NEF, the SMF is notified of the address information of the VN group. The address information specifies the IP address segment information corresponding to the VN group through the IP network segment and mask field.

2) When creating a session corresponding to the VN group, the SMF obtains the address information corresponding to the VN group from the AAA server by interacting with the AAA server corresponding to the data network. The address information specifies the IP address segment information corresponding to the VN group through the IP network segment and mask field.

It should be noted that in 5G, the VN group configuration information may also be referred to as VN group data.

In order to realize the cooperative processing of AF and operator network, the operator network opens some network capabilities to AF through NEF, so as to support AF to control users more flexibly. The current NEF support and open capabilities include: allowing AF to subscribe to the network side through NEF for event information such as user location, terminal reachability events, connection status, roaming status, and the number of terminals in the area, and through NEF to the network via UDM/UDR/PCF The side configuration sends messages such as parameter configuration requests, application routing requests, and service authorization requests.

The following takes the 5G LAN scenario as an example to introduce the process of AF's VN group management through NEF's network capability opening.

FIG. 6 is a schematic diagram of a method for AF configuration management of a 5G VN group provided by an embodiment of the present application. As shown in Figure 6, the method flow includes:

S601: The AF calls the relevant capabilities opened by the NEF to manage the 5G VN group by sending a parameter setting-create/update/delete request message to the NEF.

The parameter setting-create/update/delete request message may be an Nnef_Parameter Provision_Create/Update/Delete Request message.

Among them, for the request from the user to create a 5G VN group, the AF carries a VN group identifier such as an external group identifier in the parameter setting-create request message sent to the NEF, and the external group identifier is used to uniquely identify a 5G VN group. For the update 5G VN group request, the AF carries the VN group identifier such as the external group identifier and the configuration information of the 5G VN group (as shown in Table 7 above) in the parameter setting-update request message sent to the NEF, or carries the 5G VN group Member management parameters (as shown in Table 6 above). The AF can also request the NEF to delete the corresponding 5G VN group by sending a parameter setting-deletion request message to the NEF.

S602: The NEF sends a parameter setting-create/update/delete request message to the UDM, requesting the UDM to perform corresponding operations on the subscription data corresponding to the VN group.

The parameter setting-create/update/delete request message may be a Nudm_Parameter Provision_Create/Update/Delete Request message.

Among them, after receiving the parameter setting-create/update/delete request message sent by the authorized AF, the NEF requests the UDM to create, update, store or delete the corresponding subscription data through the Nudm_Parameter Provision_Create/Update/Delete interface provided by the UDM. For the parameter setting-create/update/delete request message sent by the unauthorized AF, the NEF executes step S606 and informs the failure reason.

S603: The UDM initiates data query and update through the query interface provided by the UDR, so as to complete the relevant inspection and authorization of the corresponding request of the AF.

The query interface may be a Uudr_DM_Query interface.

Among them, for the request to create a 5G VN group, the UDM allocates an internal group identifier according to the request, which is used to uniquely identify the 5G VN group within the mobile network, and sends the internal group identifier to the UDR through the Nudr_DM_Create interface provided by the UDR. For 5G VN group update requests, such as 5G VN group member changes, 5G VN group data changes, etc., UDM calls the Nudr_DM_Update interface provided by UDR to complete the corresponding information changes according to the AF request.

S604: The UDM sends a parameter setting-create/update/delete response message to the NEF.

Among them, if there is an error in the process, the UDM returns the reason for the error.

S605: The NEF sends a parameter setting-create/update/delete response message to the AF.

The parameter setting-create/update/delete response message may be an Nnef_Parameter Provision_Create/Update/Delete Response message.

Wherein, in the above step S602, if the NEF determines that the AF is an unauthorized AF, it returns a parameter setting-create/update/delete response message to the AF to inform the AF that the request fails. If there is an error in the process, the reason for the error is returned.

In some embodiments of the present application, before performing the foregoing step S601, the process may further include the following steps:

S600: The NF subscribes the subscription information change notification to the UDM through a subscription message.

Meanwhile, after performing the above step S605, the process may further include the following steps:

S606: When the VN group information is changed, the UDM notifies the NF network element through a subscription notification message.

If the UDM checks and authorizes the corresponding request of the AF successfully, when the subscription data corresponding to the VN group changes, the UDM notifies the network element that has subscribed to the UDM for the subscription information change notification.

In FIG. 6 , the network element that subscribes the subscription information change notification to the UDM is taken as an example for illustration. In practice, the network element that subscribes the subscription information change notification to the UDM is not limited to the NF.

The step S606 may be triggered only when the step S603 is successfully executed.

For the specific implementation of the above process, reference may also be made to the 3GPP communication standard for the relevant process of AF and NEF interactive management of VN groups, which will not be repeated in this embodiment. In addition, the messages, signaling, etc. involved in the above process may also refer to the relevant definitions in the 3GPP communication standard.

In addition, in the 5G LAN scenario, after the AF interacts with the NEF to complete the VN group configuration, the NEF also provides the configured VN group identification, VN group membership information, and the VN group configuration information to the UDM for storage. At the same time, the UDM The received VN group configuration information may also be stored/updated in the UDR.

In the above-mentioned embodiment, the network side adopts a networking mode in which one data network corresponds to multiple VN groups, which can support users to conveniently and quickly perform management operations such as adding, deleting, and modifying VN groups under the same data network. The VN group to be accessed can be flexibly selected in the group. In addition, by adding serviceable area information to the VN group configuration parameter, the network side can selectively configure the serviceable area of the VN group, reduce the waste of some network resources, and improve the resource utilization of the VN group.

2. The network side delivers the list of serviceable VN groups to the terminal device

Based on the above embodiment, in a networking scenario where one data network corresponds to multiple VN groups, a user can subscribe to multiple VN groups at the same time, and each VN group subscribes to its own serviceable area, which may be the entire network Coverage area or part of the network coverage area.

In this embodiment of the present application, for a certain VN group, when the terminal device is within the serviceable area subscribed by the VN group, the terminal device can use the network provided by the VN group after accessing the VN group. Serve. Therefore, the terminal device can select the VN group to access according to the serviceable area information corresponding to the VN group.

As an optional implementation manner, the network side may carry the serviceable area information of the VN group in the URSP delivered to the terminal device. When the terminal equipment performs URSP matching, it can determine whether the corresponding VN group supports the terminal equipment access according to the serviceable area information of the VN group contained in the URSP.

Specifically, the URSP delivered by the PCF on the network side to the terminal device includes serviceable area information of at least one VN group corresponding to the service information therein. When a terminal device initiates a service, it first matches the service information of the initiating service with the URSP issued by the PCF. After matching the URSP, the terminal device can match its location with the service area of the VN group in the matched URSP. The information is compared, so as to determine the VN group that can provide services for itself, and further select the VN group for access.

Wherein, the PCF may acquire the configuration information of the virtual network group configured by the AF from the AF, the NEF or the UDR, where the configuration information of the virtual network group includes the configuration information of at least one VN group configured by the AF. The configuration information of the VN group includes the serviceable area information of the VN group.

As another optional implementation manner, the network side delivers a list of serviceable VN groups corresponding to the terminal device to the terminal device, where the list includes at least one VN group currently capable of providing services for the terminal device. The serviceable VN group list is used for the terminal device to perceive the serviceable VN group information in the registration area where it is currently located after registering in the network, and then complete the association between the service and the VN group according to the information.

The network side may deliver the serviceable VN group list corresponding to the terminal device to the terminal device in the process of registering the terminal device to the network side to access the network, or in the process of updating the configuration of the terminal device.

Specifically, according to the current location information of the terminal device, the AMF on the network side obtains the VN groups that can provide services for the terminal device by exchanging information with network elements such as UDM and PCF, and generates the corresponding serviceable VN group list. to the terminal device. The serviceable area subscribed by the VN group capable of providing services for the terminal equipment covers the current location of the terminal equipment. When a terminal device initiates a service, after matching the URSP used according to the service information of the service initiation, it can select the VN to be accessed by combining at least one VN group included in the matched URSP and the list of serviceable VN groups issued by the AMF. Group.

The AMF can deliver the list of serviceable VN groups to the terminal device in any of the following ways:

1) In the process of registering and accessing the network by the terminal device, a list of serviceable VN groups is delivered to the terminal device through a registration acceptance message.

2) In the process of updating the configuration of the terminal device, a list of serviceable VN groups is delivered to the terminal device through a terminal configuration update instruction.

It should be noted that, in this embodiment of the present application, in the scenario where the AMF delivers the list of serviceable VN groups to the terminal device, the URSP delivered by the PCF to the terminal device may not include the serviceable area information of the VN group. In a scenario where the URSP delivered by the PCF to the terminal device includes the serviceable area information of the VN group, the AMF may not deliver the serviceable VN group list to the terminal device.

The delivery of the list of serviceable VN groups will be described below with reference to the specific implementation process.

FIG. 7 is a schematic flowchart of a network side delivering a list of serviceable VN groups in the process of registering and accessing a terminal device according to an embodiment of the present application. As shown in Figure 7, the process includes:

S701: The terminal device sends a registration request message to the access network device.

S702: The access network equipment, AMF, PCF, SMF, AUSF and UDM cooperate to process the registration request of the terminal equipment.

S703: The AMF sends a registration acceptance message to the terminal device through the access network device, where the registration acceptance message carries a list of serviceable VN groups delivered to the terminal device.

After the terminal device completes the registration procedure (registration procedure), the AMF provides the terminal device with the list of VN groups that the terminal device can serve in the current registration area through a registration accept message (registration accept message).

S704: The terminal equipment, the access network equipment, the AMF, the PCF, the SMF, the AUSF, and the UDM jointly execute the remaining processing steps for completing the registration of the terminal equipment.

The specific implementation manner of the above steps may refer to the stipulations in the relevant 3GPP protocols, which will not be described in detail here.

FIG. 8 is a schematic flowchart of a network side delivering a list of serviceable VN groups in a terminal configuration update process according to an embodiment of the present application. As shown in Figure 8, the process includes:

S800: The AMF determines that the configuration of the terminal device is updated or the terminal device needs to be re-registered.

S801: The AMF sends a terminal configuration update indication to a terminal device through an access network device, where the terminal configuration update indication carries a list of serviceable VN groups delivered to the terminal device.

S802a: The terminal device notifies the AMF that the configuration update is completed.

S802b: The AMF sends an SDM notification service message to the UDM.

S802c: AMF updates access network equipment.

S802d: The terminal device notifies the lower layer service.

S803a: The terminal device initiates a registration process in the connection management-connected state.

Wherein, when this step is executed, steps S803b, S803c, and S804 described below may be skipped and not executed.

S803b: The AMF does not trigger the AN release process.

Wherein, for the release procedure, reference may be made to the relevant definition in Article 4.26 of the TS23.502 protocol in 3GPP.

When this step is executed, steps S803c and S804 described below can be skipped and not executed.

S803c: The AMF triggers the AN release procedure unless there is a PDU session associated with the emergency service.

S804: The terminal device initiates a registration process after entering the connection management-idle state.

The specific implementation of the above steps may refer to the stipulations in the relevant 3GPP protocols, which will not be described in detail here.

In the above process, the AMF delivers the list of serviceable VN groups to the terminal device in the terminal device registration process (as shown in FIG. 7 ) or the terminal device configuration update process (as shown in FIG. 8 ). The list of serviceable VN groups may include configuration information of one or more VN groups, such as the DNN corresponding to the VN group, information about the serviceable area of the VN group in the current terminal device registration area, and the like.

The serviceable area in the VN group configuration information is a set of tracking areas, and the set of tracking areas is a subset of the current terminal device registration area. Specifically, the serviceable area information of the VN group delivered by the AMF to the terminal device is the intersection of the subscription serviceable area of the VN group and the registered area of the terminal device. For a VN group with an empty intersection, it means that the VN group is unavailable when the terminal device is in the current registration area, and the AMF does not need to add such a VN group to the list of serviceable VN groups and deliver it to the terminal device.

The AMF can obtain the configuration information of the VN group in various ways, such as generating the dynamic policy through the PCF, and obtaining the subscription data through the UDM. When the configuration information of the VN group is changed, the AMF updates the configuration information of the VN group on the terminal device side through the terminal device configuration update or registration process.

For the serviceable area of a VN group, the status of the terminal equipment may be: entering the service area (IN), leaving the service area (OUT), and status unknown (Unknown). The behavior of the terminal device and the network side when the terminal device is in various states may be determined by the operator's policy.

In some embodiments of the present application, the terminal device can also obtain the configuration information of the VN group from the network side by specifying the identifier of the VN group, or obtain the configuration information corresponding to all the serviceable VN groups by instructing to obtain the configuration information of the VN group. List of service VN groups.

For the specific implementation of the process shown in FIG. 7, reference may be made to the process of registering and accessing a network of a terminal device in the 3GPP communication standard. For the specific implementation of the process shown in FIG. 8, reference may be made to the terminal device configuration update process in the 3GPP communication standard. In addition, the messages, signaling, etc. involved in the above processes may also refer to the relevant definitions in the 3GPP communication standards.

In the above embodiment, the network side configures and distributes the list of serviceable VN groups to inform the terminal device that when the terminal device is in the current registration area, among the multiple VN groups subscribed, the available VN groups and each serviceable VN group in the current registration area. The serviceable area corresponding to the VN group, when the serviceable area of the VN group changes, the network side notifies the terminal device of the updated serviceable VN group list through the terminal configuration update process. Therefore, the terminal device can flexibly select a VN group to be accessed from among at least one VN group that can be served according to actual requirements, thereby improving the flexibility of the terminal device for data communication.

3. The network side delivers the URSP to the terminal device

Based on the above embodiments, in the process of signaling interaction between the terminal device and the network side, the PCF on the network side can deliver relevant user policies to the terminal device to control the behavior of the terminal device. Two user policies are defined in the current 3GPP standard, namely access network discovery and selection policy (ANDDSP) and URSP. Among them, the ANDDSP can be provided by H-PCF (home PCF) and V-PCF (roaming PCF) at the same time, and is mainly used to instruct terminal equipment to select non-3GPP access network information, such as access network, access node and other information. URSP is only supported by H-PCF, and is mainly used for terminal equipment to decide how to select a routing strategy for the service data flow to be transmitted, such as whether the service flow supports offloading to non-3GPP access, or selects a specific DNN, S-NSSAI, session and Information such as Session and Service Continuity Mode (SSC) mode is used to transmit the service data stream.

It should be noted that the technical solutions provided in the embodiments of the present application are applied to the URSP scenario.

In this embodiment of the present application, for the parameter information included in the URSP, reference may be made to Table 1 above.

Specifically, the URSP is mainly composed of two parts: a service flow descriptor and a routing descriptor. The service flow descriptor is mainly used to describe the application attribute information corresponding to the service initiated by the terminal device, and the routing descriptor is mainly used for Used to describe data-carrying properties.

The service flow descriptor mainly includes parameters such as application ID (app ID), DNN, IP triplet (IP descriptor), domain descriptor (domain descriptor), connection capabilities (connection capabilities).

In this embodiment of the present application, the parameter information included in the routing descriptor is shown in Table 9 below:

Table 9 Routing Descriptor Parameter Information

Wherein, for the parameter information contained in the above routing descriptor, reference may be made to the description of the routing descriptor in Table 6.6.2.1-3 in the 3GPP 23.503 communication protocol.

In some embodiments of the present application, on the network side, the PCF may obtain the virtual network group configuration information configured by the AF from the AF, the NEF or the UDR, where the virtual network group configuration information includes configuration information of at least one VN group configured by the AF. The PCF can generate a corresponding URSP according to the acquired configuration information of the at least one VN group and deliver it to the terminal device, so that when the terminal device initiates a service, it can select or establish a session according to the URSP, thereby performing service data transmission through the session.

In the 5G LAN scenario, when the network side adopts a 1:N networking mode between the data network (DN) and the VN group, when the DNN information contained in the multiple URSPs configured by the PCF is the same, the group identification information of the VN group can be different. can also be the same.

In some embodiments of the present application, the at least one VN group is configured by the network side for a service initiated by a terminal device, and each virtual network group in the at least one virtual network group is used to manage terminals accessing the virtual network group Devices, terminal devices managed by any virtual network group can form a virtual local area network.

In some embodiments of the present application, the URSP delivered by the PCF to the terminal device contains at least service information and a group identifier of at least one VN group corresponding to the service information, and the service information is the service information of the service initiated by the terminal device. , the service information may specifically include the same information as the information included in the service flow descriptor in the URSP. The terminal device can further determine the virtual network group to be accessed by matching the service information for initiating the service with the URSP issued by the PCF, and according to the identifier of the VN group contained in the matched URSP.

As an optional implementation manner, among the multiple URSPs delivered by the PCF to the terminal device, some or all of the URSPs contain an identifier of at least one VN group corresponding to the service information.

In some embodiments of the present application, the configuration information of the at least one VN group configured by the AF obtained by the PCF network element includes serviceable area information of the at least one virtual network group corresponding to the service information. The service information is the service information of the service initiated by the terminal device, and the service information may specifically include the information included in the service flow descriptor shown in Table 9 above. The serviceable area information is the serviceable area information of the VN group as shown in Table 7 above.

In some embodiments of the present application, the configuration information may further include at least one of the following: data network name; single network slice selection auxiliary information; session type; application descriptor; secondary authentication/authorization information; information; address information. For details, refer to the corresponding information shown in Table 7 above.

In some embodiments of the present application, the URSP may further include serviceable area information of the at least one virtual network corresponding to the service information. Through the serviceable area information, the terminal device can determine whether the selected VN group is an accessible VN group. The serviceable area information is optional information.

During specific implementation, the PCF can choose whether to add the serviceable area information in the URSP delivered to the terminal device. After the terminal device matches the URSP used by the service, if it is determined that the matched URSP contains serviceable area information, the terminal device can determine whether the corresponding VN group supports its own access according to the serviceable area information, and further select access. If it is determined that the matched URSP does not contain serviceable area information, the terminal device can consider that the VN group corresponding to the URSP is available by default, and can further select the serviceable VN group list issued by the AMF. Enter the VN group.

In the above embodiment, the PCF network element obtains the configuration information of at least one VN group configured by the AF from other network elements on the network side, and can also obtain the identifier of each VN group and the serviceable area corresponding to the VN group at the same time, and carry it in the generated VN group. The URSP is delivered to the terminal device. When the terminal device initiates a service, it can flexibly select the VN group that provides services for the terminal device for access according to the service information. At the same time, it can adapt to the networking scenario where one data network corresponds to multiple VN groups. .

Fourth, terminal equipment: when initiating business, data communication is carried out through sessions

Based on the above embodiments, after the network side sends the information of at least one VN group that the terminal device can access within its registration area to the terminal device through the list of serviceable VN groups, the terminal device can initiate a specific service / During application, according to service requirements, select a VN group to access from the at least one VN group, so as to use the session in the VN group to perform service data transmission after accessing the VN group.

The following describes in detail a method for performing data communication through a session when a terminal device initiates a service.

FIG. 9 is a schematic diagram of a communication method provided by an embodiment of the present application. As shown in Figure 9, the method includes:

S901: When initiating a target service, a terminal device selects a target virtual network group from at least one virtual network group according to service information of the target service; wherein, the at least one virtual network group is configured by the network side for the target service , each virtual network group in the at least one virtual network group is used to manage terminal devices accessing the virtual network group, and the terminal devices managed by any virtual network group can form a virtual local area network.

In some embodiments of the present application, when the terminal device determines that a target service needs to be initiated, it first matches the URSP, and selects a target URSP that matches the service information of the target service in at least one URSP, wherein the target URSP includes all The service information and the group identifier of at least one available VN group corresponding to the service information. Then, in the at least one VN group, the target VN group included in the at least one available VN group is selected. After determining the target VN group, the terminal device selects the target session that matches the target URSP in the established session; or sends a session creation request to the SMF, requesting the SMF to create the target session, so as to use the target session Session for data communication. Wherein, the session creation request carries the group identifier of the target VN group.

In some embodiments of the present application, the above-mentioned at least one URSP may be delivered to the terminal device by the PCF before the terminal device initiates the target service. The above-mentioned at least one VN group may be part or all of the VN groups included in the serviceable VN group list delivered by the AMF to the terminal device, wherein the serviceable virtual network group list includes the target virtual network group.

Wherein, as described in the related content in the above embodiment, before the terminal device performs URSP matching to determine the target VN group, the terminal device receives the at least one URSP issued by the PCF.

Optionally, before performing URSP matching to determine the target VN group, the terminal device may also receive a list of serviceable VN groups delivered by the AMF. The list of serviceable VN groups obtained by the AMF may be obtained from the PCF, or obtained by the AMF in other ways.

Specifically, when the terminal device initiates the target service, firstly, according to the priority of the URSP rule, the service information of the target service is sequentially matched with the service flow descriptor of at least one URSP received before. If a specific URSP is matched (the URSP may also be a set default URSP, for example, the service flow descriptor is a URSP in the form of a match-all), then the URSP is determined as a target URSP, wherein the target URSP may contain group identifiers of one or more VN groups, and the VN groups corresponding to these group identifiers can provide services for the target service.

After determining the target URSP, the terminal device determines one VN group as the target VN group according to the at least one VN group and the group identifiers of one or more VN groups included in the target URSP. Specifically, when the at least one VN group is all the VN groups included in the serviceable VN group list issued by the PCF, the terminal device may select the priority among the multiple routing descriptors according to the priorities of the URSP. The VN group corresponding to the highest routing descriptor (RSD) and included in the serviceable VN group list is used as the target VN group; or any one of the same routing descriptor is included in the serviceable VN group The VN group in the group list is used as the target VN group.

After the terminal device determines the target VN group, it then judges whether there is an existing session in the established session that conforms to the definition of the routing descriptor in the target URSP. If there is information such as DNN, S-NSSAI, SSC mode and VN group identifier corresponding to the existing session consistent with the information in the service flow descriptor of the target URSP, the terminal device can choose to carry the service in the existing session, or initiate the For modification of an existing session, the modified session is used to carry services. If none of the established sessions can match the routing descriptor information of the target URSP, the terminal device initiates a session creation request for the target service to request the SMF to establish a corresponding target session for the target service.

In some embodiments of the present application, the session may be a session of an IP type, an Ethernet type, or the like. The group identifier may be any one of an external group identifier, an internal group identifier, a group identifier assigned by the network side, and a group identifier assigned by the authentication-authorization-accounting AAA server.

In the embodiments of the present application, the session carrying the data service is an IP type session (PDU session) as an example for description.

When a terminal device initiates a modification to an existing PDU session, it can initiate a PDU session modification request based on the existing PDU session. The request message can carry parameters including the current PDU session ID (PDU Session ID), N1 SM Container (PDU session ID), and N1 SM Container (PDU session ID). Modify the request (PDU session ID, packet filters, Operation, Requested QoS)); the PDU session ID is used to associate the AMF with the specific session context, and the N1 SM Container is transparently transmitted by the AMF. to SMF.

As an optional implementation manner, when the terminal device sends a session creation request to the SMF to request the SMF to create the target session, the session creation request carries the group identifier of the target VN group determined through the above URSP matching, and the SMF receives the After the session creation request carrying the group identifier is reached, the target VN group is determined according to the identifier, and a target session in the target VN group is established to carry the target service initiated by the terminal device.

The terminal device sends the session creation request to the AMF, and the AMF sends the request to the SMF. The session creation request sent by the terminal device to the AMF also carries the newly allocated PDU session identifier and the matched parameters such as DNN, S-NSSAI, and N1 SM Container (SSC mode, PDU session type) in the routing descriptor of the URSP. Among the above parameters, the newly allocated PDU session identifier is used to identify the PDU session corresponding to the session creation request, the DNN and S-NSSAI are used as the parameters for the AMF to select the SMF network element entity for the session creation request, and the N1 SM Container is transparently transmitted by the AMF. to the selected SMF.

S902: The terminal device determines a target session of the target service in the target virtual network group, and performs data transmission through the target session.

After the above-mentioned terminal device determines the target session for carrying the target service by adopting an existing session, modifying an existing session, or creating a new session, etc., it can communicate with other terminals in the target data network and the target virtual network group through the target session. The device or terminal devices in other virtual network groups perform data transmission, wherein the other virtual network groups are virtual network groups other than the target virtual network group.

In the above embodiment, when a terminal device initiates a service, it can flexibly select a target VN group to access in at least one VN group configured for the terminal service on the network side according to the service information, and perform data processing through the session in the target VN group. The communication improves the flexibility of the terminal equipment to access the local area network (corresponding to the VN group), and further improves the flexibility and efficiency of the terminal equipment for data communication.

The method for creating a PDU session is described below.

The general PDU session establishment process can be simply described as: the terminal device sends a session creation request to create a PDU session to the AMF through the access network device, the AMF selects the SMF to provide the session service for the terminal device, and saves the corresponding relationship between the selected SMF and the PDU session. The session creation request is sent to the SMF, and the SMF selects the corresponding UPF for the terminal device to establish a user plane transmission path, and assigns an IP address to it to complete the creation of the PDU session. In this process, the SMF will also initiate a policy control session establishment request to the PCF to establish a policy control session between the SMF and the PCF. During the policy control session establishment process, the SMF will save the policy control session and the PDU session. Correspondence .

In the implementation of this application, in the scenario where the DNN of one data network corresponds to multiple VN groups, a terminal device can subscribe to multiple VN groups at the same time. Therefore, when the terminal device initiates the establishment of a PDU session, it needs to add It is used to select the relevant parameters of the VN group to ensure that the terminal equipment can access the specified target VN group as expected.

As an optional implementation manner, the terminal device carries the group identifier of the VN group to be accessed in the PDU session creation request initiated to the SMF. Information to perform URSP matching to determine the target VN group. After receiving the PDU session creation request from the terminal device, the SMF determines that the VN group corresponding to the group ID carried in the request is the target VN group accessed by the terminal device, and the SMF establishes the session under the target VN group as the target session.

After configuring the VN group, the AF provides the information of the VN group to the UDM for storage. Therefore, the SMF can obtain the configuration information of the VN group from the UDM, and then create a PDU session under the VN group according to the configuration information of the VN group.

In some embodiments of the present application, before establishing a target session for a terminal device, the SMF first obtains virtual network group configuration information from the UDM, where the virtual network group configuration information includes configuration information corresponding to at least one VN group.

In some embodiments of the present application, the configuration information includes at least one of the following: default group indication information; serviceable area information; address information; wherein the default group indication information is used to indicate whether the VN group is a set default Virtual network group; the serviceable area information is used to indicate the range of geographical areas that the VN group can serve; the address information is used to indicate at least one address to be allocated to the terminal device contained in the VN group, and for details, refer to Table 7 above information shown.

After obtaining the configuration information of the VN group, the SMF can create a target session according to the configuration information of the VN group to carry the data service of the terminal device when receiving a session creation request from the terminal device, that is, a PDU session creation request. Wherein, when the PDU session creation request from the terminal device does not carry the identification of the VN group, the SMF determines the default VN group according to the default group indication information in the VN group configuration information, and establishes the default VN group. PDU session.

In some embodiments of the present application, the session creation request is a request sent by the terminal device when initiating a target service, and the target virtual network group is included in at least one virtual network group configured on the network side for the target service , each virtual network group in the at least one virtual network group is used to manage the terminal equipment accessing the virtual network group, and the terminal equipment managed by any virtual network group can form a virtual local area network; the at least one VN includes the The target virtual network group.

In some embodiments of the present application, after the SMF establishes a PDU session for the terminal device, it can allocate an address to the terminal device according to address information included in the configuration information of the target VN group accessed by the terminal device. Alternatively, the SMF can send the group ID of the target VN group to the AAA server, and after receiving the group ID, the AAA server can determine the corresponding target VN group according to the group ID, and then according to the configuration information corresponding to the target VN group, the terminal Device assigned address. The configuration information corresponding to the target VN group includes address information corresponding to the target VN group. The address may be an IP address.

FIG. 10 is a schematic diagram of a process of creating a PDU session according to an embodiment of the present application. As shown in Figure 10, the method includes:

S1001: The terminal device sends a PDU session creation request to the AMF.

The PDU session creation request may be a PDU Session Establishment Request message.

As an optional implementation manner, an optional parameter is added to the PDU session creation request: the identification information of the VN group, which is used to indicate the target VN group to be accessed by the terminal device.

S1002: The AMF performs SMF selection.

S1003: The AMF sends a PDU session creation request to the selected SMF.

The PDU session creation request may be a PDU session establishment SM context request message (Nsmf_PDU Session_Create SM Context Request) message.

As an optional implementation manner, a parameter is added to the SM context request message for establishing the PDU session: the identification information of the VN group, which is used to indicate the target VN group to be accessed by the terminal device.

After receiving the PDU session creation request sent by the AMF, the SMF obtains or updates the user subscription information according to the request, including the following steps S1004a and S1004b:

S1004a: If the PDU session creation request carries the VN group identifier, the SMF obtains the subscription data of the VN group corresponding to the identifier.

S1004b: If the PDU session creation request does not carry the VN group identifier, the SMF obtains the subscription data of the set default VN group.

Specifically, after the SMF receives the PDU session creation request sent by the AMF, if it determines that the data network to be accessed by the current terminal device is a 5G LAN network, the SMF determines that the PDU session creation request initiated by the terminal device carries the VN group identifier. information, the SMF obtains the relevant subscription data of the VN group specified by the terminal device through the UDM; if the SMF determines that the VN group identification information is not carried in the PDU session creation request, the SMF obtains the corresponding subscription through the default VN group corresponding to the DNN of the data network data, wherein, if the terminal device does not subscribe to the default VN group corresponding to the current DNN, the SMF determines that the establishment of the PDU session fails.

Among them, the SMF determines whether the data network to be accessed by the current terminal device belongs to the 5G LAN network according to the S-NSSAI and DNN information carried in the PDU session creation request, and according to the local configuration or subscription information.

S1005: The SMF sends a PDU session creation response to the AMF.

The PDU session creation response may be a PDU session establishment SM context response message (Nsmf_PDU Session_Create SM Context Request) response message.

S1006: PDU session authentication/authorization.

For the terminal equipment connected to the VN group, the SMF can perform secondary authentication through the DN-AAA server and assign the IP address of the terminal equipment. In the embodiment of the present application, the DNN and VN groups are 1:N networking. Therefore, multiple VN groups belong to the same data network, and multiple VN groups under one data network have their own non-conflicting IP address segments. When SMF interacts with the DN-AAA server, performs secondary authentication and assigns IP addresses to terminal devices, and adds the identification information of the VN group to which the terminal device is to access, then the DN-AAA server can access the VN group from the VN through the DN-AAA server according to the identification information of the VN group. Assign IP addresses to terminal devices in the address segment corresponding to the group. The identification information of the VN group may specifically be an external group identifier, an internal group identifier, a group identifier allocated to the VN group by the network side, a group identifier allocated to the VN group by the AAA server, or other formal parameters.

S1007: A PDU session is established.

For the specific implementation of the process shown in FIG. 10, reference may be made to the PDU session establishment process in the 3GPP communication standard. It will not be repeated here.

Through the above process, after the SMF successfully establishes a PDU session, that is, the target session, it notifies the terminal device. After the terminal device determines the PDU session, it can send service data packets through the PDU session during the process of processing the target service. Use the service data message to complete data transmission with the target data network, other terminal devices in the target virtual network group, or terminal devices in other virtual network groups, wherein the other virtual network groups are the ones other than the target virtual network group. A virtual netgroup other than a netgroup.

In the above embodiment, when the terminal device requests the SMF to create a new PDU session, the session creation request carries the group identifier of the target VN group to be accessed, and the SMF can determine the target to be accessed by the terminal device according to the group identifier. VN group, and then create a corresponding PDU session to carry the data service of the terminal device. At the same time, the above process is adapted to the networking scenario in which one data network corresponds to multiple VN groups, avoiding the problem that SMF cannot create correct PDU sessions in the scenario of multiple VN groups.

The process that the terminal device sends service data packets through the PDU session to complete data communication with other objects belongs to the data plane path of the terminal device in the network, that is, the data service path shown by the dotted line in FIG. 5 . Based on this path, the terminal device sends the service data packet in the process of processing the target service to the UPF on the network side. After receiving the service data packet from the terminal device, the UPF forwards the packet according to the packet forwarding policy indicated by the SMF. The service data message is forwarded, so that the service data message is forwarded to the data network or other terminal equipment, so as to realize data communication from the terminal equipment to the data network or other terminal equipment.

The specific implementation manner of the terminal device sending the service data message to the UPF and the UPF processing the received service data message may refer to the introduction in the fifth part below.

5. The network side processes the data packets

In 5G communication, after the terminal device completes the registration and access to the network, it can initiate a PDU session establishment request to obtain the PDU connection service on the network side. After the terminal device obtains the PDU connection service on the network side, it sends the service data packet to the UPF through the corresponding PDU session. The UPF will process the received service data packet according to certain policies, such as forwarding the service data packet to the data network. or other terminal equipment, to implement data communication from the terminal equipment to a data network or other terminal equipment.

The method for processing the received service data packet by the UPF is described in detail below.

In the current 5G LAN scenario, UPF further develops the method of matching and forwarding data packets twice as shown in Figure 11 based on the one-time matching and forwarding method for data packets as shown in Figure 3. Figure 11 is a schematic diagram of UPF forwarding data packets in a 5G LAN scenario.

Wherein, compared with the UPF packet forwarding mode shown in Figure 3, the main improvements of the UPF packet forwarding mode shown in Figure 11 include:

1) The (5G) VN internal (Internal) interface is added inside the UPF, the group-level N4 session (group-level N4 Session) is added on the basis of the terminal N4 session, and the N19 interface is added between different UPFs.

2) According to the different destination addresses of the service data packets (service data packets) received by the UPF, the service data packets can be locally interacted in the UPF and sent to the destination terminal equipment in the same UPF; or can be sent through the N6 interface to the data network side; or can be sent to other UPFs through the N19 interface, and then sent to the destination terminal device under the UPF through other UPFs.

Based on the above improvements, in the 5G LAN scenario where the VN group is introduced, the process of matching and forwarding data packets by UPF mainly includes the following two scenarios:

1) Corresponding to the scenario where multiple terminal devices belonging to the same (5G) VN group are all under the same PSA UPF.

In this scenario, UPF uses local switching to complete data exchange between terminal devices in the same VN group. The detailed process is as follows: after the UPF receives the data message sent by the source terminal device to the destination terminal device through the N3 port, after PDR matching (among them, the message-based encapsulation user protocol (GPRS tunneling protocol-user, GTP-U) The packet header is matched (the first round of PDR matching) to obtain the source terminal N4 session, and the corresponding FAR indicates that the packet is forwarded to the internal interface of the VN for the second round of PDR matching (matching is completed based on the destination IP address of the packet) to obtain the destination terminal N4 session, the corresponding FAR indicates that the packet is forwarded to the destination terminal device through the N3 interface.

2) Scenarios in which two terminal devices communicating with each other in the same VN group are not under the same PSA UPF.

In this scenario, the UPF needs to forward data packets through the N19 interface. Among them, the SMF creates a corresponding group-level N4 session for the VN group on the involved PSA UPF to enable the forwarding capability of the N19 interface and the forwarding capability of the N6 interface. After the UPF performs the first PDR match on the data packet and forwards it to the VN internal interface of the UPF, the VN internal interface performs PDR rule matching (based on the destination IP address of the packet or the default matching condition of match-all). After the rules and other rules are matched), it may match the group N4 session, and the corresponding FAR indicates that the data packet is sent to the data network side through the N6 interface, or the data packet is sent to the PSA UPF where the destination terminal device is located through the N19 interface. .

In the scenario where there are multiple VN groups in the 5G network, for data packets on the internal interface of the VN, the network instance in the matching and forwarding rule attribute fields in the N4 session is assigned as the unique identifier of the VN group (for example, the internal group identifier), which is used for Indicates that the data packet belongs to the specified VN group. For example, for the FAR whose destination interface is set as the VN internal interface, its network instance should also be set to the specified VN group; for the PDR whose source interface is set to the VN group, its network instance should also be set to the specified VN group. VN group.

The above matching and forwarding processing performed by the UPF on the service data packets is performed according to the packet forwarding policy issued by the SMF. The SMF is used to process the user plane path of the VN group, and the UPF is used to process the data plane path of the VN group. Therefore, the SMF will generate the PDR and FAR according to the PDU context information of the terminal devices in the VN group, and send them to the UPF, so that the UPF can The data communication of the terminal equipment can be controlled.

In some embodiments of the present application, based on the above embodiments, in a 5G LAN scenario where the PDU session type is IP type and one data network corresponds to multiple VN groups, the packet forwarding policy delivered by the SMF to the UPF includes: For the received service data message, determine whether there is a packet inspection rule PDR matching the service data message in at least one packet inspection rule, if so, forward the service data message according to the PDR, otherwise, determine Whether the destination address and source address contained in the service data packet belong to the same VN group; if it is determined that the destination address and the source address belong to the same VN group, the service data packet is not forwarded, and if the destination address and source address are determined to belong to the same VN group, the service data packet is not forwarded. If the source address does not belong to the same VN group, the service data message is forwarded according to the set PDR; wherein, the packet inspection rule is used to indicate the forwarding mode adopted for the service data message.

Specifically, the FAR corresponding to the PDR included in the PDR is used to indicate the forwarding mode adopted for the service data message, including whether to forward the service data message, and to which destination address the service data message is forwarded. The set PDR can be used as the default PDR with the lowest priority. For example, the matching rule of the set PDR can be a full matching rule, and the corresponding forwarding method can be forwarding the service data packet to the data network through the N6 interface, that is, all All the service data packets of the device can match the rule, and the service data packets matching the rule will be sent to the data network through the N6 interface.

FIG. 12 is a schematic diagram of a packet forwarding policy of a UPF according to an embodiment of the present application. The packet forwarding policy adopted by the UPF in the embodiment of the present application will be specifically introduced below with reference to FIG. 12 .

Referring to Figure 12, the specific flow matching and forwarding rules of the packet forwarding policy adopted by UPF include the following steps:

1) The data packet enters the N3 interface: match the source terminal N4 session and PDR rule according to the interface type and tunnel ID (F-TEID) of the ingress packet, and forward the data packet to the VN according to the FAR instruction corresponding to the matched PDR rule. Internal interface.

For example, the uplink service data packet sent by UE1 as shown in FIG. 12 is sent to the VN internal interface of the UPF to which UE1 belongs through the N4 session corresponding to UE1.

2) The data packet enters the N19 interface: According to the interface type of the ingress packet, the tunnel ID matches the group N4 session and the PDR rule, and according to the FAR instruction corresponding to the matched PDR rule, the packet is sent to the internal interface of the VN.

3) The data packet enters the N6 interface: According to the interface type of the ingress packet, the DNN corresponding to the data network, and the network segment to which the destination IP address of the data packet belongs, the group N4 session and the PDR rule are matched, and the FAR corresponding to the matched PDR rule is matched. Indicates that the packet is sent to the internal interface of the VN.

4) The data packet enters the VN internal interface: match the corresponding session and PDR rules according to the interface type (source interface), network instance information, destination IP address of the data packet and other parameters, including the following steps:

A. The destination IP address and the source IP address of the data packet belong to the same VN group, and the destination terminal device to which the destination IP address belongs and the source terminal device to which the source IP address belongs are under the same PSA UPF, then the destination terminal is matched. In the N4 session, according to the FAR indication corresponding to the matched PDR rule, the data packet is sent downlink from the N3 interface to the destination terminal device.

B. The destination IP address and the source IP address of the data packet belong to the same VN group, but the destination terminal device to which the destination IP address belongs and the source terminal device to which the source IP address belongs are not under the same PSA UPF, then the group N4 session is matched , according to the FAR indication corresponding to the matched PDR rule, send the data packet from the N19 interface to the destination PSA UPF where the destination terminal device is located.

C. If the PDR rule corresponding to the data packet cannot be matched in the above two steps A and B, then check whether the destination IP address of the data packet belongs to the network segment corresponding to the current VN group, that is, according to the network segment to which the VN belongs. The destination IP address is matched. If it matches the PDR rule, the data packet is discarded according to the FAR instruction corresponding to the PDR rule to prevent the data packet whose destination IP address belongs to the corresponding network segment of the current VN group from being matched to the following step D. The default PDR rules are forwarded to the N6 port to avoid loop problems between the UPF and the data network.

D. If the PDR rule corresponding to the data packet cannot be matched in the above three steps A, B, and C, then the destination IP address is matched to the default PDR rule of the group session in an all-match mode, and the FAR corresponding to the PDR rule Indicate, send the data packet from the N6 interface to the data network; or directly discard the packet if it is determined that the data network is not configured on the network side; or send the data packet from the N19 interface to the PSA UPF with a data network.

Wherein, the rules for matching according to the destination IP address described in the above steps A and B are the highest priority matching rules, and the rules for matching according to the network segment to which the destination IP addresses belong in the above step C are the middle priority matching rules , the matching rule is lower than the highest priority matching rule, the default matching rule described in the above step D is the lowest priority matching rule, and the matching rule is lower than the middle priority matching rule.

In the above packet forwarding policy, for the ingress packets of the N6 interface, the matching condition is that the destination IP address of the data packet is matched by the PDR rule according to the network segment to which it belongs. In this method, in the 5G LAN scenario, when the networking method in which one data network corresponds to multiple VN groups is adopted, by matching the network segment to which the destination IP address of the downlink data packet of the N6 interface belongs, the corresponding VN of the network segment can be obtained. The group session and forwarding rules corresponding to the group finally realize the effect of distinguishing different VN groups even when the destination IP addresses of multiple downlink data packets from the data network are under the same DNN.

In the above packet forwarding policy, for the uplink data packets from the source terminal device, the following situations exist:

1) If the destination IP address is the IP address of the destination terminal device in the same VN group as the source terminal device, the above matching and forwarding rules can be communicated locally through the PSA UPF, or through the N19 interface between different PSA UPFs. Complete the mutual communication between different terminal devices in the same VN group.

2) If the destination IP address is the IP address of the destination terminal device that is not in the same VN group as the source terminal device, the destination IP address may be the IP address of the terminal device in other VN groups corresponding to the data network, or the data network. The device IP address on the side, or the destination IP address is an invalid IP address. Then the UPF may not distinguish these scenarios, but directly send data packets from the N6 interface to the data network.

Among them, if the destination IP address of the data packet is the IP address of the device on the data network side, whether the source terminal device can communicate with the device on the data network side is determined by the configuration policy on the data network side; if the destination IP address is another device corresponding to the data network The IP addresses of the terminal devices in the VN group, whether the terminal devices between the two VN groups can communicate with each other is determined by the configuration policy on the data network side. If the data network side allows the terminal devices between the two VN groups to communicate with each other, Then the data network sends the data packet back to the UPF through the N6 interface, and then the UPF forwards it to the destination IP address, otherwise the data packet is discarded.

In the above packet forwarding policy, for a data packet entering the internal interface of the VN, if it matches the default group session rule (least effective level rule), the data packet will be sent from the N6 interface to the data network. To prevent a loop between the UPF and the data network (that is, the destination IP address of the service data packet is the IP address in the VN network segment to which the source IP address belongs, but after the data packet enters the VN internal interface, the UPF An exception occurs during matching, and a non-default rule is not successfully matched. The service data packet is sent to the data network side, but the data network side sends it back to the UPF again.) In the rule matching of the VN internal interface of the UPF, the first According to the matching rule of the network segment to which the destination IP address of the data packet belongs (the intermediate priority matching rule), if the rule is matched, that is, the destination IP address is the IP address under the network segment of the VN group, it is considered that an exception has occurred, and Discard the service data packet.

In the above embodiment, if the UPF determines that the destination IP address of the service data packet belongs to the network segment of the VN group for the uplink data flow initiated by the UE in the VN group, and cannot match the corresponding forwarding rule according to the destination IP address, Then, the service data packets are discarded, which can avoid the loop problem of the packets received by the N6 port.

It should be noted that the execution sequence of the steps described in the above embodiments of the present application is only an example of the execution flow, and does not constitute a limitation on the sequence of execution of the steps. There is no strict order of execution between the steps of timing dependencies.

The solutions provided by the embodiments of the present application have been introduced above from the perspectives of terminal equipment, network elements such as AF, SMF, PCF, and UPF in the core network, and interaction between the terminal equipment and network elements. It can be understood that, in order to realize the above-mentioned functions, the terminal device and the core network element may include corresponding hardware structures and/or software modules for performing each function. Those skilled in the art should easily realize that, in conjunction with the units and algorithm steps of the examples described in the embodiments disclosed herein, the embodiments of the present application can be implemented in hardware or a combination of hardware and computer software. Whether a function is performed by hardware or computer software driving hardware depends on the specific application and design constraints of the technical solution. Skilled artisans may implement the described functionality using different methods for each particular application, but such implementations should not be considered beyond the scope of this application.

In this embodiment of the present application, the terminal device and the core network device can be divided into functional units according to the foregoing method examples. For example, each functional unit can be divided corresponding to each function, or two or more functions can be integrated into one unit. The above-mentioned integrated units may be implemented in the form of hardware, or may be implemented in the form of software functional units.

Based on the above embodiments, the present application further provides a communication apparatus for implementing the functions of the terminal device or the SMF or the PCF provided by the embodiments of the present application. As shown in FIG. 13 , the communication apparatus 1300 may include a processing unit 1301 and a transceiver unit 1302 . The communication apparatus 1300 may be a terminal device or SMF or PCF in any of the foregoing embodiments, or the communication apparatus 1300 may be an apparatus applied to the terminal device or SMF or PCF in any of the foregoing embodiments.

As an implementation manner, the communication apparatus 1300 may further include a storage unit 1303 for storing program codes and data of the communication apparatus 1300 .

The processing unit 1301 may be a processor or a controller, for example, a general-purpose central processing unit (CPU), general-purpose processor, digital signal processing (DSP), application specific integrated circuit (application specific integrated circuit) circuits, ASIC), field programmable gate array (FPGA), or other programmable logic devices, transistor logic devices, hardware components, or any combination thereof. It may implement or execute the various exemplary logical blocks, modules and circuits described in connection with this disclosure. The processor may also be a combination that implements computing functions, such as a combination of one or more microprocessors, a combination of a DSP and a microprocessor, and the like.

The storage unit 1303 may be a memory. The transceiver unit 1302 is an interface circuit of the device for receiving signals from other devices. For example, when the device is implemented in the form of a chip, the transceiver unit 1302 is an interface circuit used by the chip to send signals to other chips or devices and/or an interface circuit used by the chip to receive signals from other chips or devices.

In an implementation manner, when the communication apparatus 1300 implements the function of the terminal device provided by the embodiment of the present application, the communication apparatus 1300 includes at least the processing unit 1301 .

The processing unit 1301 is configured to select a target virtual network group from at least one virtual network group according to the service information of the target service when initiating a target service; Target service configuration, each virtual network group in the at least one virtual network group is used to manage terminal devices accessing the virtual network group, and the terminal devices managed by any virtual network group can form a virtual local area network; the processing unit 1301 It is also used for determining a target session of the target service in the target virtual network group, and performing data transmission through the target session.

In a possible design, when selecting a target virtual network group in at least one virtual network group according to the service information of the target service, the processing unit 1301 is specifically configured to: in at least one user routing selection policy, select A target user routing policy matching the service information, wherein the target user routing policy includes the service information and a group identifier of at least one available virtual network group corresponding to the service information; in the at least one In a virtual network group, the target virtual network group included in the at least one available virtual network group is selected.

In a possible design, when the processing unit 1301 determines the target session of the target service in the target virtual network group, the processing unit 1301 is specifically configured to: in the established session, select a route with the target user the target session that matches the policy; or, send a session creation request to the session management function network element, where the session creation request is used to request the creation of the target session, wherein the session creation request carries the information of the target virtual network group Group ID.

In a possible design, the communication apparatus 1300 further includes the transceiver unit 1302, and before the processing unit 1301 selects a target virtual network group in at least one virtual network group, the transceiver unit 1302 is further configured to: In the process of registering the terminal device into the network, receiving the serviceable virtual network group list issued by the access and mobility management function network element; or, in the process of updating the configuration of the terminal device, receiving the access and mobility The serviceable virtual network group list issued by the network element of the performance management function; wherein, the serviceable virtual network group list includes the target virtual network group.

In a possible design, before the processing unit 1301 selects a target virtual network group in at least one virtual network group, the transceiver unit is further configured to: receive the at least one user route delivered by the policy control function network element Choose a strategy.

In an implementation manner, when the communication apparatus 1300 implements the function of the SMF provided by the embodiment of the present application, the communication apparatus 1300 includes at least the processing unit 1301 .

The processing unit 1301 is configured to determine a target virtual network group according to a session creation request from a terminal device, wherein the session creation request is a request sent by the terminal device when initiating a target service, and the target virtual network group includes: In at least one virtual network group configured on the network side for the target service, each virtual network group in the at least one virtual network group is used to manage terminal devices accessing the virtual network group, and any virtual network group managed by any virtual network group The terminal device can form a virtual local area network; the processing unit 1301 is further configured to establish a target session in the target virtual network group, and the target session is used for the terminal device to perform data transmission.

In a possible design, the communication device 1300 further includes the transceiver unit 1302, and before the processing unit 1301 determines the target virtual network group, the transceiver unit 1302 is further configured to: receive data from the unified data management function network The virtual network group configuration information of the element; the virtual network group configuration information includes configuration information corresponding to at least one virtual network group, the at least one virtual network group includes the target virtual network group, and the configuration information includes at least one of the following Item: default group indication information; serviceable area information; address information; wherein, the default group indication information is used to indicate whether the virtual network group is a set default virtual network group; the serviceable area information is used to indicate the virtual network The range of the geographical area that the group can serve; the address information is used to indicate at least one address to be allocated to the terminal device contained in the virtual network group.

In a possible design, the session creation request carries the group identifier of the virtual network group. When determining the target virtual network group, the processing unit 1301 is specifically configured to: determine that the virtual network group corresponding to the group identifier is the Describe the target virtual network group.

In a possible design, when determining the target virtual network group according to the session creation request from the terminal device, the processing unit 1301 is specifically configured to: if the session creation request does not carry the group identifier of the virtual network group, according to In the virtual network group configuration information, the set default virtual network group is determined as the target virtual network group.

In a possible design, the processing unit 1301 cooperates with the transceiver unit 1302, and is further configured to: assign an address to the terminal device according to the configuration information corresponding to the target virtual network group; The group identifier of the target virtual network group is sent to the AAA server, so that the AAA server determines the target virtual network group according to the group identifier, and according to the configuration information corresponding to the target virtual network group, for the The terminal equipment allocates an address; wherein, the configuration information includes the address information.

In a possible design, the transceiver unit 1302 is further configured to: deliver a data packet forwarding policy to the user plane functional network element, so that the user plane functional network element, according to the data packet forwarding policy, The received service data message is forwarded; wherein, the data message forwarding strategy includes: judging whether there is a packet inspection rule matching the service data message in at least one packet inspection rule, and if so, according to the The packet inspection rule forwards the service data message, otherwise, judge whether the destination address and the source address contained in the service data message belong to the same virtual network group; if it is determined that the destination address and the source address belong to the same virtual network group, then The service data packet is not forwarded, and if it is determined that the destination address and the source address do not belong to the same virtual network group, the service data packet is forwarded according to the set packet inspection rule; wherein the packet inspection rule is used to indicate Forwarding mode used for service data packets.

In an implementation manner, when the communication apparatus 1300 implements the functions of the PCF provided by the embodiments of the present application, the communication apparatus 1300 at least includes the processing unit 1301 and the transceiver unit 1302 .

The transceiver unit 1302 is configured to receive the virtual network group configuration information issued by the application function network element or the capability opening function network element or the unified data warehouse network element, wherein the virtual network group configuration information includes at least one virtual network group corresponding to the network element. configuration information, the at least one virtual network group is the target service configuration initiated by the network side for the terminal device, and each virtual network group in the at least one virtual network group is used to manage the terminal equipment accessing the virtual network group, any A terminal device managed by a virtual network group can form a virtual local area network; the processing unit 1301 cooperates with the transceiver unit 1302 to generate at least one user routing policy according to the virtual network group configuration information, and use the At least one user routing policy is delivered to the terminal device.

Based on the above embodiments, the present application further provides a communication device, as shown in FIG. 14 , the communication device may be an implementation of a hardware circuit of the communication device shown in FIG. 13 . The communication apparatus may be adapted to perform the functions of the terminal device or the SMF or the PCF in the above method embodiments. For convenience of explanation, FIG. 14 only shows the main components of the communication device.

As shown in FIG. 14 , the communication apparatus 1400 includes at least a processor 1401 and a memory 1402 . As an implementation manner, the communication apparatus 1400 may further include a communication interface 1403 .

The processor 1401 is configured to execute the instructions or programs stored in the memory 1402 . When the instructions or programs stored in the memory 1402 are executed, the processor 1401 is configured to perform the operations performed by the processing unit 1301 in the above embodiments, and the communication interface 1403 is configured to perform the operations performed by the transceiver unit 1302 in the above embodiments.

The memory 1402 is used to store program instructions and/or data. Memory 1402 and processor 1401 are coupled. The coupling in the embodiments of the present application is an indirect coupling or communication connection between devices, units or modules, which may be in electrical, mechanical or other forms, and is used for information exchange between devices, units or modules. The processor 1401 may cooperate with the memory 1402. Processor 1401 may execute program instructions stored in memory 1402 . At least one of the at least one memory may be included in the processor.

The communication interface 1403 is used to communicate with other communication devices through a transmission medium, so that the communication device 1400 can communicate with other communication devices. In this embodiment of the present application, the communication interface may be a transceiver, a circuit, a bus, a module, or other types of communication interfaces. In the embodiment of the present application, when the communication interface is a transceiver, the transceiver may include an independent receiver and an independent transmitter; the communication interface may also be a transceiver with integrated transceiver function, or an interface circuit.

As an implementation manner, the communication device 1400 may further include a communication line 1404 .

Wherein, the communication interface 1403, the processor 1401 and the memory 1402 can be connected to each other through a communication line 1404; the communication line 1404 can be a peripheral component interconnect (PCI for short) bus or an extended industry standard architecture (extended industry standard architecture). , referred to as EISA) bus and so on. The communication line 1404 can be divided into an address bus, a data bus, a control bus, and the like. For ease of presentation, only one thick line is shown in FIG. 14, but it does not mean that there is only one bus or one type of bus.

When the communication apparatus adopts the form shown in FIG. 14 , the processor 1401 in FIG. 14 can execute instructions by calling the computer stored in the memory 1402, so that the communication apparatus 1400 can execute the terminal device in any of the above method embodiments. Or the methods performed by SMF or PCF.

Specifically, the functions/implementation process of the sum processing unit 1301 and the transceiver unit 1302 shown in FIG. 13 can be realized by the processor 1401 in FIG. 14 calling the computer execution instructions stored in the memory 1402; The function/implementation process of the processing unit 1301 can be implemented by the processor 1401 in FIG. 14 calling the computer execution instructions stored in the memory 1402, and the function/implementation process of the transceiver unit 1302 shown in FIG. 13 can be implemented through the communication interface in FIG. 14 1403 to achieve.

In the implementation process, each step of the above-mentioned method can be completed by a hardware integrated logic circuit in a processor or an instruction in the form of software. The steps of the method disclosed in conjunction with the embodiments of the present application may be embodied as being executed by a hardware processor, or executed by a combination of hardware and software modules in the processor. The software modules may be located in random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers and other storage media mature in the art. The storage medium is located in the memory, and the processor reads the information in the memory, and completes the steps of the above method in combination with its hardware. To avoid repetition, detailed description is omitted here.

It should be noted that the processor in this embodiment of the present application may be an integrated circuit chip, which has a signal processing capability. In the implementation process, each step of the above method embodiments may be completed by a hardware integrated logic circuit in a processor or an instruction in the form of software. The above-mentioned processor may be a general-purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), or other programmable chips. Programming logic devices, discrete gate or transistor logic devices, discrete hardware components.

It can be understood that the memory in this embodiment of the present application may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory. The non-volatile memory may be read-only memory (ROM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically programmable Erase programmable read-only memory (electrically EPROM, EEPROM) or flash memory. It should be noted that the memory of the systems and methods described herein is intended to include, but not be limited to, these and any other suitable types of memory.

Based on the same inventive concept as the method embodiment, an embodiment of the present application further provides a communication system, where the communication system may include a terminal device, an SMF, and a PCF for executing the execution of the terminal device, the SMF, and the PCF in any of the foregoing embodiments. For the relevant features, refer to the above method embodiments, which will not be repeated here.

In a possible design, the communication system may further include some or all of the access network equipment, AMF, AF, NEF, and UPF, for respectively executing the corresponding access network equipment in any of the foregoing embodiments. , AMF, AF, NEF, UPF.

It should be noted that the communication system may also include other network elements or devices in any or any of the multi-core networks described in the foregoing embodiments of the present application, and are used to implement corresponding functions, which will not be described in detail here.

In the various embodiments of the present application, if there is no special description or logical conflict, the terms and/or descriptions between different embodiments are consistent and can be referred to each other, and the technical features in different embodiments are based on their inherent Logical relationships can be combined to form new embodiments.

As will be appreciated by those skilled in the art, the embodiments of the present application may be provided as a method, a system, or a computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, etc.) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the present application. It will be understood that each process and/or block in the flowchart illustrations and/or block diagrams, and combinations of processes and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to the processor of a general purpose computer, special purpose computer, embedded processor or other programmable data processing device to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing device produce Means for implementing the functions specified in a flow or flow of a flowchart and/or a block or blocks of a block diagram.

These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory result in an article of manufacture comprising instruction means, the instructions The apparatus implements the functions specified in the flow or flow of the flowcharts and/or the block or blocks of the block diagrams.

Obviously, those skilled in the art can make various changes and modifications to the present application without departing from the scope of the present application. Thus, if these modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is also intended to include these modifications and variations.

Claims

A communication method, applied to terminal equipment, is characterized in that, comprising:

When initiating a target service, a target virtual network group is selected from at least one virtual network group according to the service information of the target service; wherein, the at least one virtual network group is configured by the network side for the target service, and the at least one virtual network group is configured for the target service. Each virtual network group in a virtual network group is used to manage terminal devices accessing the virtual network group, and the terminal devices managed by any virtual network group can form a virtual local area network;

A target session of the target service in the target virtual network group is determined, and data transmission is performed through the target session.
The method according to claim 1, wherein the selecting a target virtual network group from at least one virtual network group according to the service information of the target service comprises:

In at least one user routing policy, a target user routing policy matching the service information is selected, wherein the target user routing policy includes the service information and at least one available virtual network corresponding to the service information the group ID of the group;

In the at least one virtual network group, the target virtual network group included in the at least one available virtual network group is selected.
The method according to claim 2, wherein the determining the target session of the target service in the target virtual network group comprises:

In an established session, select the target session that matches the target user routing policy; or

A session creation request is sent to the session management function network element, where the session creation request is used to request the creation of the target session, wherein the session creation request carries the group identifier of the target virtual network group.
The method according to any one of claims 1 to 3, wherein before selecting the target virtual network group in the at least one virtual network group, the method further comprises:

In the process of the terminal device registering to the network, receiving the serviceable virtual network group list issued by the access and mobility management function network element; or

In the process of updating the configuration of the terminal device, receiving the serviceable virtual network group list issued by the access and mobility management function network element;

Wherein, the serviceable virtual network group list includes the target virtual network group.
The method according to any one of claims 2 to 4, wherein before selecting the target virtual network group in the at least one virtual network group, the method further comprises:

The at least one user routing policy issued by the policy control function network element is received.
A communication method, applied to a session management function network element, is characterized in that, comprising:

Determine a target virtual network group according to a session creation request from a terminal device, where the session creation request is a request sent by the terminal device when initiating a target service, and the target virtual network group includes the target virtual network group on the network side for the target service. In at least one virtual network group of the service configuration, each virtual network group in the at least one virtual network group is used to manage terminal devices accessing the virtual network group, and the terminal devices managed by any virtual network group can form a virtual local area network ;

A target session in the target virtual network group is established, and the target session is used for data transmission by the terminal device.
The method according to claim 6, wherein before determining the target virtual network group, the method further comprises:

Receive virtual network group configuration information from a unified data management function network element; the virtual network group configuration information includes configuration information corresponding to at least one virtual network group, the at least one virtual network group includes the target virtual network group, and the The configuration information includes at least one of the following:

Default group indication information; serviceable area information; address information;

Wherein, the default group indication information is used to indicate whether the virtual network group is a set default virtual network group; the serviceable area information is used to indicate the range of geographical areas that the virtual network group can serve; the address information is used to indicate The virtual network group contains at least one address to be assigned to the terminal device.
The method according to claim 6 or 7, wherein the session creation request carries a group identifier of the virtual network group, and the determining of the target virtual network group comprises:

It is determined that the virtual network group corresponding to the group identifier is the target virtual network group.
The method according to claim 7 or 8, wherein the determining the target virtual network group according to the session creation request from the terminal device comprises:

If the session creation request does not carry the group identifier of the virtual network group, the set default virtual network group is determined as the target virtual network group according to the virtual network group configuration information.
The method according to any one of claims 7 to 9, wherein the method further comprises:

Allocate an address to the terminal device according to the configuration information corresponding to the target virtual network group; or

Send the group identifier of the target virtual network group to the AAA server, so that the AAA server determines the target virtual network group according to the group identifier, and according to the configuration information corresponding to the target virtual network group, is assigning addresses to the terminal equipment;

Wherein, the configuration information includes the address information.
The method according to any one of claims 6 to 10, wherein the method further comprises:

delivering a data message forwarding policy to the user plane functional network element, so that the user plane functional network element forwards the received service data message according to the data message forwarding policy;

Wherein, the data packet forwarding strategy includes:

Judging whether there is a packet detection rule matching the service data packet in at least one packet detection rule, and if so, forwarding the service data packet according to the packet detection rule, otherwise, judging that the service data packet contains Whether the destination address and source address belong to the same virtual network group;

If it is determined that the destination address and the source address belong to the same virtual network group, the service data packet is not forwarded. If it is determined that the destination address and the source address do not belong to the same virtual network group, the packet is forwarded according to the set packet detection rules. Describe the business data message;

Wherein, the packet detection rule is used to indicate the forwarding mode adopted for the service data message.
A communication method, applied to a policy control function network element, is characterized in that, comprising:

Receive virtual network group configuration information issued by an application function network element, a capability openness function network element, or a unified data warehouse network element, where the virtual network group configuration information includes configuration information corresponding to at least one virtual network group, and the at least one virtual network group A virtual network group is the target service configuration initiated by the network side for the terminal device, each virtual network group in the at least one virtual network group is used to manage the terminal equipment accessing the virtual network group, and the terminal equipment managed by any virtual network group The device can form a virtual local area network;

Generate at least one user routing policy according to the virtual network group configuration information, and deliver the at least one user routing policy to the terminal device.
The method according to claim 12, wherein the user routing policy includes service information and a group identifier of at least one virtual network group corresponding to the service information, and the service information is the service of the target service information.
The method according to claim 13, wherein the configuration information includes at least the service information and serviceable area information of at least one virtual network group corresponding to the service information;

The user routing policy further includes serviceable area information of at least one virtual network group corresponding to the service information;

Wherein, the serviceable area information is used to indicate the geographic area range that the virtual network group can serve.
A communication device, comprising a processing unit;

The processing unit is configured to select a target virtual network group from at least one virtual network group according to the service information of the target service when initiating a target service; wherein, the at least one virtual network group is a network side for the target Service configuration, each virtual network group in the at least one virtual network group is used to manage terminal devices accessing the virtual network group, and the terminal devices managed by any virtual network group can form a virtual local area network;

The processing unit is further configured to determine a target session of the target service in the target virtual network group, and perform data transmission through the target session.
The communication device according to claim 15, wherein when the processing unit selects a target virtual network group from at least one virtual network group according to the service information of the target service, the processing unit is specifically configured to:

In at least one user routing policy, a target user routing policy matching the service information is selected, wherein the target user routing policy includes the service information and at least one available virtual network corresponding to the service information the group ID of the group;

In the at least one virtual network group, the target virtual network group included in the at least one available virtual network group is selected.
The communication device according to claim 16, wherein when the processing unit determines the target session of the target service in the target virtual network group, the processing unit is specifically configured to:

In an established session, select the target session that matches the target user routing policy; or

A session creation request is sent to the session management function network element, where the session creation request is used to request the creation of the target session, wherein the session creation request carries the group identifier of the target virtual network group.
The communication device according to any one of claims 15 to 17, wherein the communication device further comprises a transceiver unit, and before the processing unit selects a target virtual network group in the at least one virtual network group, the transceiver unit further comprises Used for:

In the process of registering the terminal device into the network, receiving the serviceable virtual network group list issued by the access and mobility management function network element; or

In the process of updating the configuration of the terminal device, receiving a serviceable virtual network group list issued by the access and mobility management function network element;

Wherein, the serviceable virtual network group list includes the target virtual network group.
The communication device according to any one of claims 16 to 18, wherein before the processing unit selects a target virtual network group in at least one virtual network group, the transceiver unit is further configured to:

The at least one user routing policy issued by the policy control function network element is received.
A communication device, comprising a processing unit;

The processing unit is configured to determine a target virtual network group according to a session creation request from a terminal device, wherein the session creation request is a request sent by the terminal device when initiating a target service, and the target virtual network group is included in the In at least one virtual network group configured on the network side for the target service, each virtual network group in the at least one virtual network group is used to manage the terminal equipment accessing the virtual network group, and the terminals managed by any virtual network group The device can form a virtual local area network;

The processing unit is further configured to establish a target session in the target virtual network group, where the target session is used for data transmission by the terminal device.
The communication device according to claim 20, wherein the communication device further comprises a transceiver unit, and before the processing unit determines the target virtual network group, the transceiver unit is further configured to:

Receive virtual network group configuration information from a unified data management function network element; the virtual network group configuration information includes configuration information corresponding to at least one virtual network group, the at least one virtual network group includes the target virtual network group, and the The configuration information includes at least one of the following:

Default group indication information; serviceable area information; address information;

Wherein, the default group indication information is used to indicate whether the virtual network group is a set default virtual network group; the serviceable area information is used to indicate the range of geographical areas that the virtual network group can serve; the address information is used to indicate The virtual network group contains at least one address to be assigned to the terminal device.
The communication device according to claim 20 or 21, wherein the session creation request carries a group identifier of the virtual network group, and when the processing unit determines the target virtual network group, it is specifically used for:

It is determined that the virtual network group corresponding to the group identifier is the target virtual network group.
The communication device according to claim 21 or 22, wherein when the processing unit determines the target virtual network group according to the session creation request from the terminal device, it is specifically used for:

If the session creation request does not carry the group identifier of the virtual network group, the set default virtual network group is determined as the target virtual network group according to the virtual network group configuration information.
The communication device according to any one of claims 21 to 23, wherein the processing unit cooperates with the transceiver unit, and is further configured to:

Allocate an address to the terminal device according to the configuration information corresponding to the target virtual network group; or

Send the group identifier of the target virtual network group to the AAA server, so that the AAA server determines the target virtual network group according to the group identifier, and according to the configuration information corresponding to the target virtual network group, is assigning addresses to the terminal equipment;

Wherein, the configuration information includes the address information.
The communication device according to any one of claims 20 to 24, wherein the transceiver unit is further configured to:

delivering a data message forwarding policy to the user plane functional network element, so that the user plane functional network element forwards the received service data message according to the data message forwarding policy;

Wherein, the data packet forwarding strategy includes:

Judging whether there is a packet detection rule matching the service data packet in at least one packet detection rule, and if so, forwarding the service data packet according to the packet detection rule, otherwise, judging that the service data packet contains Whether the destination address and source address belong to the same virtual network group;

If it is determined that the destination address and the source address belong to the same virtual network group, the service data packet is not forwarded. If it is determined that the destination address and the source address do not belong to the same virtual network group, the packet is forwarded according to the set packet detection rules. Describe the business data message;

Wherein, the packet detection rule is used to indicate the forwarding mode adopted for the service data message.
A communication device, comprising a transceiver unit and a processing unit;

The transceiver unit is configured to receive the virtual network group configuration information issued by the application function network element, the capability opening function network element or the unified data warehouse network element, wherein the virtual network group configuration information includes at least one virtual network group corresponding. Configuration information, the at least one virtual network group is the target service configuration initiated by the network side for the terminal device, and each virtual network group in the at least one virtual network group is used to manage the terminal equipment accessing the virtual network group, any one The terminal devices managed by the virtual network group can form a virtual local area network;

The processing unit cooperates with the transceiver unit, and is configured to generate at least one user routing policy according to the virtual network group configuration information, and deliver the at least one user routing policy to the terminal device.
The communication device according to claim 26, wherein the user routing policy includes service information and a group identifier of at least one virtual network group corresponding to the service information, and the service information is the target service business information.
The communication device according to claim 27, wherein the configuration information includes at least the service information and serviceable area information of at least one virtual network group corresponding to the service information;

The user routing policy further includes serviceable area information of at least one virtual network group corresponding to the service information;

Wherein, the serviceable area information is used to indicate the geographic area range that the virtual network group can serve.
A communication device, comprising:

at least one processor; and a memory, a communication interface communicatively coupled to the at least one processor;

Wherein, the communication interface is used to receive signals from other communication devices other than the communication device and transmit to the processor or send signals from the processor to other communication devices other than the communication device ;

The memory stores instructions executable by the at least one processor, and by executing the instructions stored in the memory, the at least one processor causes the communication device to implement any one of claims 1 to 5 , or implement the method as claimed in any one of claims 6 to 11 , or implement the method as claimed in any one of claims 12 to 14 .
A computer-readable storage medium, characterized in that a computer-readable program is stored in the computer-readable storage medium, and when the computer-readable program is executed on a communication device, the communication device is made to execute the method as claimed in the claims. The method of any one of 1 to 5, or the execution of the method of any one of claims 6 to 11, or the execution of the method of any one of claims 12 to 14.
A computer program product, characterized in that, the computer program product comprises a computer program or instructions, when a communication device reads and executes the computer program product, the communication device is made to perform the method described in any one of claims 1 to 5. The method described in the above, or the method according to any one of claims 6 to 11 is performed, or the method according to any one of claims 12 to 14 is performed.