WO2023213309A1 - Ursp rule verification method and apparatus, and network side device - Google Patents

Ursp rule verification method and apparatus, and network side device Download PDF

Info

Publication number
WO2023213309A1
WO2023213309A1 PCT/CN2023/092335 CN2023092335W WO2023213309A1 WO 2023213309 A1 WO2023213309 A1 WO 2023213309A1 CN 2023092335 W CN2023092335 W CN 2023092335W WO 2023213309 A1 WO2023213309 A1 WO 2023213309A1
Authority
WO
WIPO (PCT)
Prior art keywords
side device
network side
terminal
pdu session
request
Prior art date
Application number
PCT/CN2023/092335
Other languages
French (fr)
Chinese (zh)
Inventor
吕华章
柯小婉
王文
张奕忠
Original Assignee
维沃移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 维沃移动通信有限公司 filed Critical 维沃移动通信有限公司
Publication of WO2023213309A1 publication Critical patent/WO2023213309A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/11Allocation or use of connection identifiers

Definitions

  • This application belongs to the field of wireless communication technology, and specifically relates to a verification method, device and network-side equipment for URSP rules.
  • the application when an application on the terminal has traffic to be sent, the application can provide the traffic characteristics of the application traffic to be sent, and the terminal (OS Operating System, OS) or modem chip) obtains the traffic characteristics provided by the application, such as the destination Internet Protocol (Internet Protocol, IP) address of the application traffic to be sent, the fully qualified domain name (Fully Qualified Domain Name, FQDN), etc.
  • the terminal will match the traffic characteristics with the Traffic Descriptor (TD) parameters in the User Equipment Routing Option Policy (UE Route Selection Policy, URSP) rule in the terminal. After matching a certain traffic descriptor, the terminal Then select a route selection descriptor (Route Selection Descriptor, RSD) under the traffic descriptor.
  • TD Traffic Descriptor
  • UE Route Selection Policy User Equipment Routing Option Policy
  • RSD Route Selection Descriptor
  • the routing descriptor defines the session parameters of the Protocol Data Unit (PDU) session used to carry the application traffic to be transmitted when the application traffic characteristics match a certain traffic descriptor. If the current terminal equipment (User Equipment, UE) already has a PDU session, and the session parameters of the PDU session are consistent with an RSD under the traffic descriptor selected by the terminal for application traffic, then the data to be transmitted for the application can be Route to an established Protocol Data Unit (PDU) session. Or, if the terminal selects a certain RSD under the traffic descriptor for the application traffic to be transmitted, and there is no such PDU session in the current terminal, the terminal can trigger the establishment of a new PDU session. The session parameters are consistent with the PDU session parameters in the selected RSD, and the PDU session is used to carry the application data stream to be transmitted.
  • PDU Protocol Data Unit
  • URSP rules are only the behavior of the terminal device.
  • the network side device cannot know whether the terminal device has applied the URSP rules configured by the network side device for the terminal device to match application traffic to a specific PDU. session, and the URSP rules specifically used by the end device to match the application traffic.
  • Embodiments of the present application provide a method, device and network-side device for verifying URSP rules, which can solve the problem that the network-side device cannot know whether the terminal device applies configured URSP rules and the URSP rules used by the terminal device for specific applications.
  • a method for verifying URSP rules including: a first network side device obtains target request information sent by a second network side device, wherein the target request information includes: a first method used by a terminal for a target application.
  • the first network side device obtains the first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein, The second URSP rule is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal; the first network side device verifies the first parameter of the first PDU session and Whether the second parameter described by the routing descriptor RSD in the first URSP rule is consistent, a second verification result is obtained.
  • a method for verifying URSP rules including: a second network side device receiving reporting information sent by a terminal, wherein the reporting information includes: a first URSP rule used by the terminal for a target application and a bearer The first PDU session identifier of the target application, the first PDU session identifier is used to indicate the first PDU session; the second network side device obtains the first parameter of the first PDU session; the second network The side device sends target request information to the first network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses the URSP rule correctly, and the target request information includes the first network side device.
  • URSP rule and the first parameter of the first PDU session including: a second network side device receiving reporting information sent by a terminal, wherein the reporting information includes: a first URSP rule used by the terminal for a target application and a bearer The first PDU session identifier of the target application, the first PDU session identifier is used to indicate the first PDU session; the second network
  • a method for verifying URSP rules including: a third network side device receiving target request information sent by a second network side device, wherein the target request information indicates that the first network side device has a request for the terminal Verify whether the URSP rules are used correctly.
  • the target request information includes the first URSP rule and the first parameter of the first PDU session; the third network side device sends the target request information to the third network side device.
  • a network side device receiving target request information sent by a second network side device, wherein the target request information indicates that the first network side device has a request for the terminal Verify whether the URSP rules are used correctly.
  • the target request information includes the first URSP rule and the first parameter of the first PDU session; the third network side device sends the target request information to the third network side device.
  • a device for verifying URSP rules including: a first acquisition module configured to acquire target request information sent by the second network side device, wherein the target request information includes: the terminal used for the target application.
  • a first verification module configured to obtain the first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein , the second URSP rule is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal;
  • a second verification module used to verify the first step of the first PDU session Whether the parameter is consistent with the second parameter described by the routing descriptor RSD in the first URSP rule, a second verification result is obtained.
  • a device for verifying URSP rules including: a second transceiver module for receiving reporting information sent by a terminal, wherein the reporting information includes: a first URSP rule used by the terminal for a target application. and a first PDU session identifier that carries the target application, the first PDU session identifier is used to indicate the first PDU session; a second acquisition module is used to acquire the first parameter of the first PDU session; the third The second transceiver module is also configured to send target request information to the first network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses the URSP rules correctly, and the target request information The first URSP rule and the first parameter of the first PDU session are included.
  • a device for verifying URSP rules including: a receiving module configured to receive target request information sent by a second network side device, wherein the target request information indicates that the first network side device has a request for the terminal yes Verify whether the URSP rules are used correctly, and the target request information includes the first URSP rule and the first parameter of the first PDU session; a sending module for sending the target request information to the first network side equipment.
  • a network side device in a seventh aspect, includes a processor and a memory.
  • the memory stores programs or instructions that can be run on the processor.
  • the program or instructions are executed by the processor.
  • a network side device including a processor and a communication interface, wherein the processor is used to implement the steps of the method described in the first to third aspects, and the communication interface is used to communicate with an external devices communicate.
  • a ninth aspect provides a verification system for URSP rules, including: a first network side device and a second network side device.
  • the first network side device can be used to perform the steps of the method described in the first aspect.
  • the second network side device may be used to perform the steps of the method described in the second aspect.
  • a readable storage medium is provided.
  • Programs or instructions are stored on the readable storage medium.
  • the steps of the method described in the first aspect are implemented, or the steps of the method are implemented as described in the first aspect.
  • a chip in an eleventh aspect, includes a processor and a communication interface.
  • the communication interface is coupled to the processor.
  • the processor is used to run programs or instructions to implement the method described in the first aspect. The steps of the method, or the steps of implementing the method as described in the second aspect, or the steps of implementing the method as described in the third aspect.
  • a computer program/program product is provided, the computer program/program product is stored in a storage medium, and the computer program/program product is executed by at least one processor to implement as described in the first aspect
  • the first network side device obtains the first URSP rule used by the terminal for the target application and the first parameter of the first PDU session carrying the target application from the second network side device, and verifies the first Whether a URSP rule is consistent with at least one URSP rule corresponding to the target application sent by the first network side device to the terminal, and verifying that the first parameter of the first PDU session is consistent with the first URSP rule Whether the second parameter described by the routing descriptor RSD in is consistent, so that the first network side device can learn whether the terminal applies the URSP rule configured by the network side device for the terminal device to match application traffic to a specific PDU session, terminal Match the URSP rules specifically used by the application traffic and whether the corresponding PDU session includes the data packets of the application traffic, so that the network side device can control the terminal.
  • Figure 1 shows a block diagram of a wireless communication system to which embodiments of the present application are applicable
  • Figure 2 shows a schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application
  • Figure 3 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application
  • Figure 4 shows a schematic flowchart of a method for obtaining an identity of a first network side device provided by an embodiment of the present application
  • Figure 5 shows another schematic flowchart of a method for obtaining an identity of a first network side device provided by an embodiment of the present application
  • Figure 6 shows another schematic flowchart of a method for obtaining the identity of a first network side device provided by an embodiment of the present application
  • Figure 7 shows another schematic flowchart of a method for obtaining an identity of a first network side device provided by an embodiment of the present application
  • Figure 8 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application.
  • Figure 9 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application.
  • Figure 10 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application.
  • Figure 11 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application.
  • Figure 12 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application.
  • Figure 13 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application.
  • Figure 14 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application.
  • Figure 15 shows a schematic structural diagram of a verification device for URSP rules provided by an embodiment of the present application
  • Figure 16 shows another structural schematic diagram of a verification device for URSP rules provided by an embodiment of the present application.
  • Figure 17 shows another structural schematic diagram of a verification device for URSP rules provided by an embodiment of the present application.
  • Figure 18 shows a schematic structural diagram of a communication device provided by an embodiment of the present application.
  • Figure 19 shows a schematic hardware structure diagram of a network-side device provided by an embodiment of the present application.
  • first, second, etc. in the description and claims of this application are used to distinguish similar objects and are not used to describe a specific order or sequence. It is to be understood that the terms so used are interchangeable under appropriate circumstances so that the embodiments of the present application can be practiced in sequences other than those illustrated or described herein, and that "first" and “second” are distinguished objects It is usually one type, and the number of objects is not limited.
  • the first object can be one or multiple.
  • “and/or” in the description and claims indicates at least one of the connected objects, and the character “/" generally indicates that the related objects are in an "or” relationship.
  • LTE Long Term Evolution
  • LTE-Advanced, LTE-A Long Term Evolution
  • LTE-A Long Term Evolution
  • CDMA Code Division Multiple Access
  • TDMA Time Division Multiple Access
  • FDMA Frequency Division Multiple Access
  • OFDMA Orthogonal Frequency Division Multiple Access
  • SC-FDMA Single-carrier Frequency Division Multiple Access
  • NR New Radio
  • FIG. 1 shows a block diagram of a wireless communication system to which embodiments of the present application are applicable.
  • the wireless communication system includes a terminal 11 and network side device 12.
  • the terminal 11 may be a mobile phone, a tablet computer (Tablet Personal Computer), a laptop computer (Laptop Computer), or a notebook computer, a personal digital assistant (Personal Digital Assistant, PDA), a palmtop computer, a netbook, or a super mobile personal computer.
  • Tablet Personal Computer Tablet Personal Computer
  • laptop computer laptop computer
  • PDA Personal Digital Assistant
  • PDA Personal Digital Assistant
  • UMPC ultra-mobile personal computer
  • UMPC mobile Internet device
  • MID mobile Internet device
  • AR augmented reality
  • VR virtual reality
  • robots wearable devices
  • VUE vehicle user equipment
  • VUE pedestrian terminal
  • Vehicle user equipment VUE
  • smart home home equipment with wireless communication functions, such as refrigerators, TVs, washing machines or furniture, etc.
  • game consoles personal computers (personal computer, PC), teller machine or self-service machine and other terminal-side devices.
  • Wearable devices include: smart watches, smart bracelets, smart headphones, smart glasses, smart jewelry (smart bracelets, smart bracelets, smart rings, smart necklaces, smart anklets) bracelets, smart anklets, etc.), smart wristbands, smart clothing, etc.
  • the network side device 12 may include an access network device and/or a core network device, where the access network device 12 may also be called a radio access network device, a radio access network (Radio Access Network, RAN), or a radio access network. function or radio access network unit.
  • the access network device 12 may include a base station, a Wireless Local Area Network (Wireless Local Area Network, WLAN) access point or a Wireless Fidelity (Wireless Fidelity, WiFi) node, etc.
  • the base station may be called a Node B, an Evolved Node B (Evolved NodeB, eNB), access point, Base Transceiver Station (BTS), radio base station, radio transceiver, Basic Service Set (BSS), Extended Service Set (ESS), Home B Node, home evolved B node, transmitting receiving point (Transmitting Receiving Point, TRP) or some other suitable term in the field.
  • BTS Base Transceiver Station
  • BSS Basic Service Set
  • ESS Extended Service Set
  • Home B Node home evolved B node
  • TRP Transmitting Receiving Point
  • the base station is not limited to specific technical terms. It needs to be explained that , in the embodiment of this application, only the base station in the NR system is taken as an example for introduction, and the specific type of the base station is not limited.
  • Core network equipment may include but is not limited to at least one of the following: core network nodes, core network functions, mobility management entities (Mobility Management Entity, MME), access mobility management functions (Access and Mobility Management Function, AMF), session management functions (Session Management Function, SMF), User Plane Function (UPF), Policy Control Function (PCF), Policy and Charging Rules Function (PCRF), Edge Application Service Discovery function (Edge Application Server Discovery Function, EASDF), Unified Data Management (UDM), Unified Data Repository (UDR), Home Subscriber Server (HSS), centralized network configuration ( Centralized network configuration (CNC), Network Repository Function (NRF), Network Exposure Function (NEF), Local NEF (Local NEF, or L-NEF), Binding Support Function (Binding Support Function, BSF), application function (Application Function, AF), etc.
  • MME mobility management entities
  • AMF Access and Mobility Management Function
  • SMF Session Management Function
  • UPF User Plane Function
  • PCF Policy Control Function
  • URSP rules are a policy defined by 3GPP and sent to the UE.
  • the UE can match application (Application, APP) traffic to a specific PDU session based on these URSP rules.
  • Application Application, APP
  • the APP can send APP traffic characteristics to the UE.
  • traffic characteristics can include the destination IP address, fully qualified domain name (Fully Qualified Domain) Name, FQDN), etc.
  • the UE matches the URSP rules in the UE one by one according to the traffic characteristics of the APP.
  • the specified traffic description/characteristics can be as shown in Table 1.
  • IP description such as a destination IP triplet
  • the next step is to choose which PDU session (session) to use to send the APP's traffic (traffic).
  • each RSD represents a set of attributes of a PDU session.
  • the terminal can use the PDU session in RSD1 to specifically establish a PDU session; or use this feature to select a PDU session that the terminal has already established.
  • the selected PDU session, its session characteristics or session parameters, For, S-NSSAI S-NSSAI-a, non-3GPP access is used (that is, the access type of the PDU session is non-3GPP access).
  • the RSD of the traffic descriptor matched by the UE includes:
  • the network side device does not know whether the UE has executed URSP rules and if so, which RSD has been executed.
  • embodiments of the present application provide a verification solution for URSP rules so that network-side devices can obtain this information.
  • the network side is allowed to obtain the traffic of an application by the terminal, which RSD under which traffic descriptor is used, and after using the URSP rule, whether a new PDU session is created or the application traffic is matched to an existing session.
  • Figure 2 shows a schematic flowchart of the verification method of URSP rules in the embodiment of the present application.
  • the method 200 can be executed by the first network side device.
  • the method may be executed by software or hardware installed on the first network side device.
  • the first network side device may be an access and mobility management policy control network element.
  • the first network side device may be an access and mobility management policy control function (Access and Mobility Management Policy Control). Function, AM-PCF).
  • the method may include the following steps.
  • the first network side device obtains the target request information sent by the second network side device, where the target request information includes: the first URSP rule used by the terminal for the target application and the first protocol data unit carrying the target application.
  • the first parameter of the PDU session includes: the first URSP rule used by the terminal for the target application and the first protocol data unit carrying the target application.
  • the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly.
  • the second network side device may be a session management network element, for example, a session management function (Session Management Function, SMF).
  • the target request information can be sent through at least one of the following signaling: Npcf_EventExposure_Subscribe, Npcf_UEPolicyControl_Update request.
  • the NAS message includes at least one of the following: PDU session establishment request (PDU session establishment request), DPU session modification request (PDU session modification request).
  • the NAS message may also include: PDU session SM context generation request (Nsmf_PDUSession_CreateSMContext Request) or PDU session SM context update request (Nsmf_PDUSession_UpdateSMContext Request).
  • the second network side device After receiving the session NAS message from the terminal, the second network side device can obtain the first parameter of the first PDU session corresponding to the first PDU session identifier according to the first PDU session identifier carried in the NAS message, and then add the first PDU session identifier to the first PDU session identifier.
  • the first parameter of a PDU session and the first URSP rule used by the target application reported by the terminal are sent to the first network side device.
  • the first PDU session identifier is used to indicate the PDU session to which the application traffic is finally matched.
  • the PDU session may be a newly created session or an existing session in the terminal.
  • the information reported by the terminal to the second network side device may also include indication information, which is used to indicate whether to create a new PDU session after using the URSP rule or to match an existing PDU session on the terminal.
  • the indication information indicates that after using the first URSP rule, a new PDU session is created to carry the application traffic.
  • the target request information can be transmitted directly between the first network side device and the second network side device. Therefore, in a possible implementation, S210 may include: the first network side device receives the request from the first network side device. The target request information of the second network side device.
  • the target request information may also be transmitted between the first network side device and the second network side device through a third network side device and/or a fourth network side device. Therefore, in another possible implementation, S210 may include: the first network side device receiving the target request information forwarded by the second network side device through the third network side device and/or the fourth network side device.
  • the third network side device may be an access and mobility management network element, such as AMF, or a session management policy control network element, such as SM-PCF.
  • the fourth network side device may be a session management policy control network element. , or access and mobility management network elements.
  • SMF sends the target request information to AM-PCF through AMF; or SMF sends the target request information to AM-PCF through SM-PCF; or SMF sends the target request information to AMF, and AMF then sends the target request information to AM-PCF.
  • the information is sent to SM-PCF, SM-PCF then sends the target request information to AM-PCF; or, SMF sends the target request information to SM-PCF, SM-PCF then sends the target request information to AMF, and AMF then sends the target request information to AM-PCF.
  • Request information is sent to AM-PCF.
  • the SMF can be sent through Namf_Communication_N1N2MessageTransfer or Nsmf_EventExposure_Notify, sends the target request information to the AMF; then the AMF sends the target request information to the first network side device, such as AM-PCF, through Npcf_UEPolicyControl_Update request, Npcf_UEPolicyControl_UpdateNotify Subscribe or Npcf_EventExposure_Subscribe.
  • the SMF can be sent through at least one of the following signaling:
  • the target request information is sent to the fourth network side device: Npcf_SMPolicyControl_Update or Npcf_SMPolicyControl_create; then, the SM-PCF sends the target request information to the AM-PCF through at least one of the following signaling: Npcf_Policy Authorization_Create, Npcf_Policy Authorization_Update.
  • the sending the target request information also refers to sending the parameters included in the target request information, such as the first URSP rule, etc., to the first network side device, such as the AM-PCF.
  • the first network-side device obtains a first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein the second URSP rule is sent by the first network-side device to the At least one URSP rule of the terminal corresponding to the target application.
  • the first verification result is used to indicate whether the first URSP rule and the second URSP rule are consistent.
  • the first verification result may include: the first URSP rule is consistent with the second URSP rule, that is, the first verification is passed; or the first URSP rule is inconsistent with the second URSP rule, that is, the first verification fails.
  • the terminal executes URSP rules for the traffic of the target application, and then the terminal sends the used URSP rules to the SMF.
  • SMF forwards the URSP rule to AM-PCF, and AM-PCF performs the first verification to verify whether the rule reported by the terminal is consistent with the rule sent by AM-PCF to the UE, that is, it verifies whether the URSP rule reported by the terminal is sent by AM-PCF.
  • SSC Session and Service Continuity
  • Mode Selection SSC Mode 3;
  • DNN Data Network Name
  • Access Type preference 3GPP access.
  • SSC Mode Selection SSC Mode 3;
  • Access Type preference 3GPP access.
  • the first network side device determines that the usage rule reported by the terminal (i.e., the first URSP rule) is the same as the rule actually sent by the first network side device from the UE (i.e., the second URSP rule).
  • the verification passes and the rule reported by the UE is correct.
  • the verification here refers to verifying whether the URSP rules reported by the terminal, including traffic descriptors and RSDs, are consistent with the traffic descriptors or RSDs in the URSP rules sent to the terminal by the first network-side device. If they are consistent, it is determined that the terminal strictly uses one of the URSP rules issued by AM-PCF, rather than the terminal itself randomly using a URSP rule that has not been issued by the network at all.
  • the first network side device verifies whether the first parameter of the first PDU session is consistent with the second parameter described by the RSD in the first URSP rule, and obtains a second verification result.
  • the second verification result indicates whether the first parameter of the first PDU session is consistent with the second parameter described by the RSD in the first URSP rule.
  • the second verification result may include: the first parameter of the first PDU session and the second parameter described by the RSD in the first URSP rule, that is, the item-by-item parameters of the first parameter and the second parameter.
  • One-to-one correspondence and consistency that is, the second verification is passed; or, any one of the first parameters of the first PDU session and the second parameters described by the RSD in the first URSP rule is inconsistent, that is, the second verification fail.
  • the first network side device may initiate the second verification, that is, verify the first PDU. Whether the first parameter of the session is consistent with the second parameter described by the RSD in the first URSP rule.
  • the first parameter of the first PDU session included in the target request information may include at least one of the following: PDU session type, access type of PDU session, SSC mode, network slice identifier, and DNN.
  • the second parameter of the RSD description in the first URSP rule may include at least one of the following: PDU session type, PDU session access type, SSC mode, network slice identifier, and DNN.
  • whether the first parameter is consistent with the second parameter refers to whether the parameter value of each parameter in the first parameter is consistent with the parameter value of the corresponding parameter in the second parameter.
  • the first parameter and the second parameter respectively include: PDU session type, PDU session access type, SSC mode, and DNN
  • whether the first parameter and the second parameter are consistent refers to the PDU in the first parameter.
  • the session type is the same as the PDU session type in the second parameter
  • the PDU session access type in the first parameter is the same as the PDU session access type in the second parameter
  • the SSC mode in the first parameter is the same as the SSC in the second parameter
  • the pattern is the same
  • the DNN in the first parameter is the same as the DNN in the second parameter. If any of them are different, the first parameter and the second parameter are inconsistent.
  • the purpose of performing the second verification is to ensure that if the terminal really uses the first URSP rule correctly, the The PDU session parameters of the first PDU session carrying application traffic, such as SSC mode, DNN, etc., must correspond to the parameters of the PDU session indicated in the RSD in the first URSP rule, such as SSC mode, DNN, etc., one by one and same.
  • the purpose of the second verification in S214 is to ensure that if the terminal really uses the first URSP rule correctly, the parameters of the PDU session of the first PDU session carrying application traffic, such as SSC mode, DNN, etc., must The parameters of the PDU session indicated in the RSD in the first URSP rule, such as SSC mode, DNN, etc., correspond to each other one by one and are the same.
  • the first network side device obtains the second verification result, so as to know whether the first parameter of the first PDU session carrying the target application is consistent with the second parameter described by the RSD in the first URSP rule.
  • the first URSP rule reported by the terminal is:
  • Access Type preference 3GPP access.
  • the second network side device obtains the first PDU session that actually carries the traffic of the target application (ie APP1) through inspection.
  • the first parameter of the first PDU session is:
  • Access Type preference 3GPP access.
  • the network slice in the second parameter is S-NSSAI-b
  • the network slice in the first parameter is S-NSSAI-b.
  • the two are inconsistent. Therefore, the terminal does not use the URSP rule correctly.
  • the terminal reports the URSP rules it uses, the traffic of the APP does not actually use the PDU session bearer corresponding to each PDU session parameter of this RSD. This means that the second verification failed and the terminal did not use URSP rules correctly.
  • the first network side device may return the first verification result and/or the second verification result to the second network side device.
  • AM-PCF can use at least one of the following signaling to send the first verification result and/or the second verification result to SMF: Npcf_EventExposure_Notify, Npcf_UEPolicyControl Update response.
  • the AM-PCF may send the first verification result and/or the second verification result to the AMF using at least one of the following signaling: Npcf_UEPolicyControl_Update response; Npcf_UEPolicyControl_UpdateNotify notify. Then, AMF uses at least one of the following signalings to SMF the first verification result and/or the second verification result: Nsmf_PDUSession_UpdateSMContext request, Nsmf_EventExposure_Subscribe.
  • the AM-PCF may send the first verification result and/or the second verification result to the SM-PCF using at least one of the following signaling: Npcf_Policy Authorization_Createrequest/response, Npcf_Policy Authorization_Up date request/response.
  • SM-PCF then uses at least one of the following signaling to send the first verification result and/or the second verification result to SMF: Npcf_SMPolicyControl_Updaterequest/response, Npcf_SMPolicyControl_creater request/response.
  • the first network side device obtains from the second network side device the first URSP rule used by the terminal for the target application and the first parameter of the first PDU session carrying the target application, Verify whether the first URSP rule is consistent with at least one URSP rule corresponding to the target application sent by the first network side device to the terminal, and verify that the first parameter of the first PDU session is consistent with the Whether the second parameter described by the routing descriptor RSD in the first URSP rule is consistent, so that the first network side device can learn whether the terminal has applied the URSP rule configured by the network side device for the terminal device to match application traffic to a specific
  • the PDU session the terminal matches the URSP rules specifically used by the application traffic, and whether the corresponding PDU session includes the data packets of the application traffic, so that the network side device can control the terminal.
  • the method may also include the following: step:
  • Step 1 The first network side device sends a URSP rule to the terminal;
  • Step 2 The first network side device sends first indication information to the third network side device, wherein the first indication information indicates that the third network side device receives a PDU session establishment request from the terminal or After the PDU session modification request is made, the identifier of the first network side device is sent to the second network side device.
  • the third network side device may send the identity of the first network side device to the second network side device through the following signaling: Npcf_UEPolicyControl Create Request, or Npcf_UEPolicyControl Update Request.
  • the identification of the first network side device includes but is not limited to the identifier of the first network side device and/or the IP address of the first network side device.
  • the first network side device when sending the URSP rule to the terminal, instructs the third network side device to change the first network side device to the terminal upon receiving a PDU session establishment request or a PDU session modification request.
  • the identity of the network side device is sent to the second network side device or the fourth network side device, so that when the terminal establishes a PDU session or modifies the PDU session, the second network side device can learn the identity of the first network side device, thereby connecting the terminal
  • the first URSP rule used by the target application reported through the session NAS message, and the first parameter of the first PDU session carrying the target application obtained by the second network side device are sent to the first network side device.
  • the first network side device may send the URSP rule to the terminal when the terminal registers with the network, and send the first indication information to the third network side device.
  • the first network side device before the first network side device sends the first indication information to the third network side device, the first network side device receives the information sent by the third network side device.
  • a first request message the first request message is used to request to create or update a URSP rule for the terminal
  • the first request message carries The capability information of the terminal indicates that the terminal supports reporting the usage information of the URSP rules of the terminal. That is to say, the first network side device only sends the first indication information to the third network side device after learning that the terminal supports the use of the URSP rule that reports the terminal.
  • the terminal may carry the capability information of the terminal in the registration message, indicating that the terminal supports reporting the usage information of URSP rules.
  • the method may further include: the first network side device obtaining a third verification result sent by the second network side device, wherein the third verification result indicates the first PDU Whether the session includes data packets of the target application.
  • the third verification result may include at least one of the following: the first PDU session includes the data packet of the target application, and the third verification is passed; the first PDU session does not include the data packet of the target application. , then the third verification fails.
  • the network side does check that the session parameters of the first PDU session are consistent with the session parameters indicated by the RSD in the first URSP rule.
  • the terminal does not actually use this first PDU session to transmit application traffic, but uses other PDU sessions. Therefore, through the above possible implementation manner, the first network side device can determine whether the first PDU session actually carries the transmission of the application traffic.
  • the second network side device may initiate the third verification when sending the target request information or before or after sending the target request information, that is, verifying whether the first PDU session includes the data packet of the target application, For example, the second network side device may generate a packet detection rule according to the first URSP rule reported by the terminal, apply the packet detection rule to the first PDU session indicated by the first PDU session identifier, and obtain the third verification As a result, the packet detection rule is used to verify whether the first PDU session includes the data packet of the target application, and then the third verification result is sent to the first network side device.
  • the first network side device may determine if the second verification result is the same as the first parameter in the first PDU session and the first URSP rule. If the second parameters described by the RSD are consistent, request information is sent to the second network side device to request the third verification result, so as to obtain the third verification result from the second network side device.
  • the request information may include the first URSP rule and/or the first PDU session identifier.
  • the second network side device generates a packet detection rule (Packet Detection Rule, PDR) according to the first URSP rule, and applies the packet detection rule to the first PDU session corresponding to the first PDU session identifier to perform packet detection.
  • PDR Packet Detection Rule
  • the second network side device may not actively perform the third verification, but may perform the third verification after receiving a request from the first network side device. Therefore, in this possible implementation, the first network side device may send request information to the second network side device, requesting the second network side device to perform the third verification, that is, requesting the second network side device to verify the third verification. Whether a data packet of the target application is included in a PDU session, and then, a third verification result returned by the second network side device is received. That is to say, the second network side device first waits for the first network side device to complete the second verification. If the verification shows that the terminal passes the second verification and the URSP rules are used correctly, the second network side device starts from the first verification. The network side device receives the relevant request information and performs the third verification.
  • the first network side device may initiate the third verification when the first parameter of the first PDU session is consistent with the second parameter described by the RSD in the first URSP rule, That is, the second network side device is requested to perform the third verification, and at least one of the first parameters of the first PDU session is inconsistent with the second parameter described by the RSD in the first URSP rule. , then the verification of URSP rules ends.
  • the method may further include: in any of the following situations, the first network side device sends second indication information, wherein the second indication information is used to indicate that the terminal does not correctly Use URSP rules:
  • the first verification result indicates that the first URSP rule is inconsistent with the second URSP rule; that is, in the case that the first URSP rule is inconsistent with the second URSP rule, the first The network side device determines that the terminal does not use URSP rules correctly.
  • the second verification result indicates that the first parameter is inconsistent with the second parameter; that is, when at least one parameter in the first parameter is inconsistent with the second parameter,
  • the first network side device determines that the terminal does not use URSP rules correctly.
  • the third verification result indicates that the data packet of the target application is not included in the first PDU session. That is to say, when the transmission data packet corresponding to the first PDU session does not include the data packet of the target application, the first network side device determines that the terminal does not use the URSP rule correctly.
  • One possible way of sending the second indication information is: the first network side device sends it directly to the second network side device; or the first network side device sends it through the third network side device or the fourth network side device. to the second network side device.
  • AM-PCF can use at least one of the following signaling to send the second indication information to SMF: Npcf_EventExposure_Notify, Npcf_UEPolicyControl Update response.
  • the AM-PCF may use at least one of the following signaling to send the second indication information to the AMF: Npcf_UEPolicyControl_Update response; Npcf_UEPolicyControl_UpdateNotify notify. Then, the AMF uses at least one of the following signalings to SMF the second indication information: Nsmf_PDUSession_UpdateSMContext request, Nsmf_EventExposure_Subscribe.
  • AM-PCF may use at least one of the following signaling to send the second indication information to SM-PCF: Npcf_Policy Authorization_Create request/response, Npcf_Policy Authorization_Update request/response.
  • the SM-PCF then uses at least one of the following signaling to send the second indication information to the SMF: Npcf_SMPolicyControl_Updaterequest/response, Npcf_SMPolicyControl_createrequest/response.
  • the second network side device may perform corresponding operations, for example, reject the session establishment request or modification request corresponding to the first PDU session identifier, or release the session establishment request or modification request corresponding to the first PDU session identifier.
  • rejecting the session establishment request or modification request means rejecting the PDU session establishment request or modification request of the terminal that reports the first URSP rule.
  • the terminal misuses URSP rules, the PDU session carrying this application will be released, or, before releasing this PDU session, the network side root According to the PDU session parameters indicated by the RSD in the first URSP rule, the establishment of a new PDU session is triggered, the application traffic is migrated to be carried on the new PDU session, and then the original session is released.
  • the method may further include: in any of the following situations, the first network side device updates the URSP rule of the terminal:
  • the first verification result indicates that the first URSP rule is inconsistent with the second URSP rule
  • the third verification result indicates that the transmission data packet corresponding to the first PDU session does not include the data packet of the target application.
  • the first network side device determines that the terminal does not use URSP rules correctly, and may update the URSP rules of the terminal, for example, re-execute the URSP policy of the terminal and deliver it to the terminal.
  • This situation means that if the terminal does not use the rules correctly, it may be caused by unreasonable rule design, so the first network side device needs to update the URSP rules of the terminal.
  • FIG. 3 shows another schematic flowchart of the verification method of URSP rules in the embodiment of the present application.
  • the method 300 can be executed by the second network side device.
  • the method may be executed by software or hardware installed on the second network side device.
  • the second network side device may be a session management network element.
  • the second network side device may be a session management function (Session Management Function, SMF).
  • SMF Session Management Function
  • the second network side device receives the reporting information sent by the terminal, where the reporting information includes: the first URSP rule used by the terminal for the target application and the first PDU session identifier carrying the target application.
  • a PDU session identifier is used to indicate the first PDU session.
  • the terminal may send the reported information through an uplink NAS message.
  • the terminal uses URSP rules to match the traffic of the target application to a PDU session, or uses the RSD in the matched URSP rules to establish a new PDU session.
  • the terminal reports the matched URSP rules (including RSD and/or TD) and indicates the PDU session identifier of the PDU session.
  • S312 The second network side device obtains the first parameter of the first PDU session.
  • the first parameter includes at least one of the following: PDU session type, PDU session access type, SSC mode, network slice identifier, and DNN.
  • the second network side device can directly find the session parameters of the PDU session corresponding to the first PDU session identifier, that is, the first parameters.
  • the second network side device sends target request information to the first network side device, where the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly.
  • the request information includes the first URSP rule and the first parameter of the first PDU session.
  • the target request information is used to request the first network side device to verify whether the first URSP rule used by the terminal is consistent with at least one second URSP rule sent by the first terminal side device to the terminal and to verify that the Whether the first parameter of the first PDU session is consistent with the second parameter described by the RSD in the first URSP rule, so that the first network side device can learn the usage of the terminal's URSP rule to control the terminal.
  • the first URSP rule executed by the terminal sent by the second network side device may be the first URSP rule used by the terminal for traffic of a certain application (such as a certain application provider A).
  • the first URSP rule sent by the second network side device may be the traffic descriptor (Traffic descriptor) and the used RSD of the first URSP rule.
  • the first URSP rule can be included in a container and sent to the first network side.
  • the container carries the Traffic descriptor and RSD executed by the terminal, or the container carries the priority and RSD of the traffic descriptor (Traffic descriptor). priority.
  • Another piece of information in the target request information is the first parameter of the first PDU session carrying the target application.
  • the terminal can report the PDU session ID to which the traffic matches, and then the second network side device can also send the attribute parameters of the first PDU session corresponding to the PDU session ID to The first network side device.
  • This attribute parameter includes but is not limited to at least one of the following: SSC mode, Access type, DNN, S-NSSAI, PDU session type.
  • the second network side device may not know the first network side device that sends the URSP rule for the terminal. Therefore, in a possible implementation, before S310, the method may further include: The second network side device obtains the identity of the first network side device.
  • the identification of the first network side device includes but is not limited to one of the following: an identifier of the first network side device or an IP address of the first network side device.
  • the second network side device obtains the identity of the first network side device, including but not limited to any one of the following methods one to four.
  • Method 1 The second network side device receives a second request message sent by the third network side device, wherein the second request message is used to request to establish or update the context of the first PDU session, and the second The request message carries a target identifier, and the target identifier is used to indicate the first network side device that provides services for the terminal.
  • the first network side device may instruct the third network side device to send the first network side device to the second network side device when receiving a PDU session establishment request or a PDU session modification request sent by the terminal. If the third network side device receives the PDU session establishment request or the PDU session modification request from the terminal, the third network side device sends the second request information to the second network side device.
  • the first network side device for example, AM-PCF
  • the first network side device uses Namf_Communication_N1N2MessageTransfer signaling to send the URSP rule to the terminal, and the above signaling is sent to the third network side device (for example, , AMF) (the first network side device sends the URSP rule to the UE through the third network side device).
  • the third network side device for example, , AMF
  • this signaling may also indicate that when the third network side device subsequently receives the PDU session establishment request or modification request sent by the terminal (indicated by the UE identifier SUPI), the third network side device will The identification of a network side device (for example, AM-PCFID) is sent to the second network side device (for example, SMF).
  • the third network side device sends the identification of the first network side device to the second network through the following signaling: Side device: Nsmf_PDUSession_CreateSMContext Request or Nsmf_PDUSession_UpdateSMContext Request.
  • Figure 4 shows the method for obtaining the identity of the first network side device in the embodiment of the present application.
  • a schematic flow chart is shown in Figure 4.
  • the method 400 mainly includes the following steps.
  • S401 The terminal sends a registration request (Registration Request) to the radio access network (RAN). Wherein, the terminal may report in the registration request that the terminal supports reporting of the use of URSP rules within the terminal (URSP enforcement).
  • URSP enforcement the use of URSP rules within the terminal
  • the terminal can support reporting through NAS messages or DCAF reporting.
  • S402 The RAN forwards the registration request of the terminal to the AMF.
  • the RAN can add some terminal location information and then forward the registration request, which does not affect the terminal capability indication. Therefore, it can also be regarded as that the UE directly sends the registration request to the AMF.
  • AMF selects AM-PCF.
  • AMF triggers the UE's policy association establishment process (policy association establishment), or triggers the UE's policy association modification (policy association Modification) process.
  • the AMF sends signaling: Npcf_UEPolicyControl Create Request, or Npcf_UEPolicyControl Update Request, and the signaling may carry terminal capability information.
  • the capability information of the terminal refers to the URSP rules that the terminal supports reporting for use.
  • AM-PCF After receiving the signaling, AM-PCF sends a response (response) to AMF.
  • AM-PCF decides to send the terminal policy (UE policy) to the UE.
  • the AM-PCF finds that the terminal supports reporting of URSP rule execution, and the AM-PCF sends the UE policy to the UE and also instructs the AMF: when receiving the terminal's PDU session establishment request or PDU session When making a modification request, send the AM-PCF ID to SMF.
  • the SMF is used to manage the PDU session of the terminal.
  • the AM-PCF can instruct the AMF through the signaling Namf_Communication_N1N2MessageTransfer.
  • the signaling can include an indication to instruct the AMF that when the terminal (which can be identified by SUPI) sends a PDU session establishment request or a PDU session modification request, the AMF
  • the AM-PCF ID of the UE needs to be forwarded to the SMF and/or SM-PCF.
  • S407 The UE receives the UE policy sent by AM-PCF.
  • S408 The terminal establishes a PDU session and sends a PDU session establishment request (PDU session establishment request) or a PDU session modification request (PDU session modification request) to the AMF.
  • PDU session establishment request PDU session establishment request
  • PDU session modification request PDU session modification request
  • AMF triggers context establishment in SMF and sends a request to establish or update the context of the PDU session to SMF.
  • the request can carry the AM-PCF ID.
  • AMF can send signaling: Nsmf_PDUSession_CreateSMContext Request, or Nsmf_PDUSession_UpdateSMContext Request, which carries the AM-PCF ID.
  • the reason why AMF carries AM-PCF ID to SMF is to verify or monitor the execution of URSP rules, because the verification or monitoring of specific URSP rule execution needs to be completed in AM-PCF, and SMF does not After the terminal receives the URSP rules actually reported by the UE, it still needs to send them to AM-PCF for verification, and this At this time, if AMF directly provides the AM-PCF ID for the terminal service, the process of SMF searching for AM-PCF can be omitted.
  • S410 SMF sends AM-PCFID to SM-PCF through the session management management association establishment (SM policy Association establishment) or session management management association modification (SM policy Association modification) process.
  • SMF can send signaling carrying AM-PCF ID to SM-PCF: Npcf_SMPolicyControl_Create or Npcf_SMPolicyControl_Update.
  • the SMF may subsequently communicate with the AM-PCF through the SM-PCF, after obtaining the AM-PCF ID, the SMF can execute S410 and send the AM-PCF ID to the AM-PCF.
  • Method 2 The second network side device sends a third request message to the third network side device, wherein the third request message carries the identifier of the terminal, and the third request is used to obtain the Context information of the terminal; the second network side device receives the context information of the terminal returned by the third network side device, and obtains the identity of the first network side device from the context information of the terminal.
  • the first network side device (for example, AM-PCF) exists as a configuration of each terminal (per UE).
  • the storage location of the identity of the first network side device is mainly saved in the third network side device (for example, AMF).
  • the third network side device for example, AMF.
  • the context information of the terminal may be requested from the third network side device to obtain the identity of the first network side device.
  • Figure 5 shows the method for obtaining the identity of the first network side device in the embodiment of the present application. Another schematic flow chart is shown in Figure 5.
  • the method 500 mainly includes the following steps.
  • S501 SMF sends a request to AMF, requesting to obtain the UE context (UE context) from AMF.
  • the signaling sent by SMF may be: Namf_Communication_UEContextTransfer Request, or other signaling, and the signaling may carry the identity of the terminal, for example, UE SUPI.
  • S502 AMF sends UE context to SMF.
  • the signaling sent by the AMF may be Namf_Communication_UEContextTransfer response, or other signaling, and the signaling carries the UE context.
  • the UE context mainly stores information related to the terminal's access to the network and information related to the terminal's PDU session.
  • S503 SMF obtains the AM-PCF ID from the obtained UE context.
  • the UE context contains a lot of content, from which SMF can find the AM-PCF ID of the service terminal.
  • Method 3 The second network side device sends a fourth request message to the third network side device, wherein the fourth request message is used to request to obtain the information of the first network side device that sends the URSP rule to the terminal.
  • the identification, the fourth request message carries the identification of the terminal; the second network side device receives the identification of the first network side device returned by the third network side device.
  • the first network side device (for example, AM-PCF) exists as a configuration of each terminal (per UE), and the storage location of the identity of the first network side device is mainly saved in the third network side device (for example, AMF) In the UE context (UE context). Therefore, the second network side device can directly request the third network side device for the tag of the first network side device. knowledge. Therefore, in this possible implementation, the second network side device obtains the identity of the first network side device by sending a fourth request message to the third network side device.
  • the third network side device for example, AMF
  • the second network side device obtains the identity of the first network side device by sending a fourth request message to the third network side device.
  • Figure 6 shows the method for obtaining the identity of the first network side device in the embodiment of the present application. Another schematic flow chart is shown in Figure 6.
  • the method 600 mainly includes the following steps.
  • S601 SMF sends a request to AMF to obtain the AM-PCF ID from AMF.
  • the signaling sent by SMF can be: Namf_Communication_N1MessageNotify Subscribe, or Namf_Communication_N1N2MessageSubscribe, or other signaling.
  • the signaling may carry the identification of the terminal (for example, UE SUPI), and indicate that the subscribed information is the AM-PCF ID.
  • AMF sends AM-PCF ID.
  • the signaling sent by the AMF can be at least one of the following: Namf_Communication_N1MessageNotify Notify, Namf_Communication_N1N2MessageTransfer, Namf_Communication_N1N2MessageNotify, or other signaling, which carries the AM-PCF ID corresponding to the terminal's identity.
  • Method 4 The second network side device sends a fifth request message to the fifth network side device, where the fifth request message is used to obtain the identity of the first network side device that sends the URSP rule to the terminal, so The fifth request message carries the identifier of the terminal; and the identifier of the first network-side device returned by the fifth network-side device is obtained. Because the fifth network side device stores the subscription information of each terminal, and the AM-PCF ID is a type of subscription information.
  • the identity of the first network-side device corresponding to the terminal can be stored in the fifth network-side device (for example, Unified Data Management (UDM)) as the terminal's subscription information. Therefore, in a possible implementation, the third The second network side device may obtain the identity of the first network side device by sending a fifth request message to the fifth network side device.
  • UDM Unified Data Management
  • Figure 7 shows the method for obtaining the identity of the first network side device in the embodiment of the present application. Another schematic flow chart is shown in Figure 7.
  • the method 700 mainly includes the following steps.
  • AMF or AM-PCF is registered to UDM and becomes contract information, and UDM saves this information.
  • AMF or AM-PCF can send signaling: Nudm_UECM_Registration or Nudm_UECM_Update, which carries: UE SUPI and AM-PCF ID.
  • AM-PCF ID can be saved in UDM.
  • AM-PCF ID can be saved as access and mobility subscription information (Access and Mobility Subscription data). This subscription information must be obtained through SUPI.
  • SMF needs to obtain the AM-PCF ID serving the UE from UDM and send a subscription request to UDM.
  • SMF can send signaling: Nudm_SDM_Get or Nudm_SDM_Subscribe, which carries: the requested subscription data type is Access and Mobility Subscription data, and the data key is SUPI.
  • UDM returns a response, which is the response to the subscription request sent by SMF, indicating that the subscription has been received.
  • UDM sends AM-PCF ID to SMF through notify signaling.
  • UDM can send signaling: Nudm_SDM_Get Response, or Nudm_SDM_Notification, which carries AM-PCF ID.
  • the method may also include the following steps:
  • Step 1 The second network side device obtains the first URSP rule sent by the first network side device.
  • the first network side device may, if the second verification result indicates that the first parameter of the first PDU session is consistent with the second parameter of the RSD description of the first URSP rule, then the first network side device may A network side device may send request information to a second network side device, where the request information includes the first URSP rule, requesting the second network side device to verify whether the first PDU session includes data of the target application. Bag.
  • Step 2 The second network side device generates a packet detection rule according to the first URSP rule, applies the packet detection rule to the first PDU session indicated by the first PDU session identifier, and obtains a third verification result. , wherein the packet detection rule is used to verify whether the first PDU session includes the data packet of the target application.
  • the second network side device can generate a packet detection rule based on the traffic descriptor, such as the IP descriptor, in the first URSP rule sent by the first network side device (eg, AM-PCF).
  • the second network side device converts this traffic descriptor according to the traffic descriptor in the first URSP rule sent by the first network side device (for example, AM-PCF), for example, domain name descriptor FQDN, DNN, etc.
  • FQDN, DNN, APP descriptors, connection capabilities, etc. are converted into IP descriptors, and then the packet detection rules are generated.
  • the packet detection rule only has IP five-tuple
  • the other descriptors such as APP descriptor, domain name descriptor, DNN, connection capabilities, etc.
  • PDR Packet Detection Rules
  • SMF can have the ability to convert the APP descriptor, domain name descriptor, DNN, connection capability and other descriptors into IP quintuple, or IP descriptor, the converted IP descriptor can then be used directly for PDR generation.
  • 5G core network for example, AMF, AM-PCF, SM-PCF, etc.
  • 5GC 5G core network
  • Step 3 The second network side device sends the third verification result to the first network side device.
  • the method may also include the following steps:
  • Step 1 The second network side device obtains second indication information sent by the first network side device, where the second indication information is used to indicate that the terminal does not use URSP rules correctly;
  • Step 2 The second network side device rejects the session establishment request or session modification request corresponding to the first PDU session identifier, or the second network side device releases the PDU session corresponding to the first PDU session identifier.
  • rejecting the session establishment request or modification request means rejecting the PDU session establishment request or modification request of the terminal that reports the first URSP rule.
  • the terminal misuses the URSP rule the PDU session carrying the application will be released, or, before releasing the PDU session, the network side triggers the establishment of a new one based on the PDU session parameters indicated by the RSD in the first URSP rule.
  • PDU session migrate the application traffic to be carried on the new PDU session, and then release the original session.
  • the terminal's improper use of URSP rules includes one of the following:
  • the first URSP rule is inconsistent with the second URSP rule.
  • the second URSP rule is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal; for example, The first network side device may obtain the first verification result through the above S210 and S212, and if the first verification result indicates that the first URSP rule is inconsistent with the second URSP rule, send the second network side device the second verification result. Instructions.
  • At least one parameter among the first parameters is inconsistent with the second parameter.
  • the first network side device may verify that at least one of the first parameters of the first PDU session obtained from the second network side device is inconsistent with the second parameter described by the RSD in the first URSP rule, and report the request to the first network side device.
  • the second network side device sends the second indication information.
  • the first network side device receives the second verification result sent by the second network side device, and when the second verification result indicates that at least one of the first parameters is inconsistent with the second parameter, the first network side device sends a request to the second network side device.
  • the side device sends the second indication information.
  • the first PDU session does not include the data packet of the target application.
  • the first network side device receives the third verification result sent by the second network side device, and when the third verification result indicates that the first PDU session does not include the data packet of the target application, the first network side device sends the data packet to the second network side device.
  • the side device sends the second indication information.
  • the second network side device rejects the session establishment request or session modification request corresponding to the first PDU session identifier, or the second network side device Release the first PDU session corresponding to the first PDU session identifier. For example, if the first PDU session corresponding to the first PDU session identifier is not established, after receiving the second indication information, reject the session establishment request to establish the first PDU session. Alternatively, when the first PDU session corresponding to the first PDU session identifier has been established, after receiving the second indication information, release the first PDU session corresponding to the first PDU session identifier. This prevents the terminal from transmitting data streams using PDU sessions that do not comply with the URSP rule instructions.
  • Rejecting the session establishment request or session modification request refers to rejecting the PDU session establishment request or modification request of the terminal that reports the first URSP rule. Or, because the terminal misuses the URSP rule, the PDU session carrying the application will be released, or, before releasing the PDU session, the network side triggers the establishment of a new session based on the PDU session parameters indicated by the RSD in the first URSP rule. PDU session, migrate the application traffic to be carried on the new PDU session, and then release the original session.
  • the second network side device receives the first instruction and the terminal does not use the URSP rules correctly, the second network side device performs at least one of the following:
  • Send PDU session establishment reject PDU session establishment reject to the terminal (can be forwarded to the terminal via AMF);
  • the second network device triggers the PDU session release process and releases the first PDU session corresponding to the first PDU session identifier
  • the second network device triggers the PDU session modification command PDU session modification command to the terminal (can (can be forwarded to the terminal via AMF); then, the terminal triggers a PDU session establishment request to the second network device (the session establishment request can be forwarded via AMF).
  • the second network device requests the terminal to modify the session. After accepting the request, the terminal establishes a new PDU session, and then transfers the services carried in the first PDU session to Switch to the newly created PDU session. Finally, the terminal or the second network device releases the first PDU session.
  • information can be transmitted directly between the first network side device and the second network side device.
  • the second network side device can first obtain the identity of the first network side device, and then directly communicate with the first network side device. side equipment for information transmission.
  • the information transmission between the first network side device and the second network side device can also be carried out through the third network side device.
  • the first network side device and the second network side device control network elements through session management policies ( For example, the Session Management Policy Control Function (SM-PCF) transmits information.
  • SM-PCF Session Management Policy Control Function
  • SM-PCF Session Management Policy Control Function
  • SM-PCF can use the SMF in Figure 4 to Figure 7 above to obtain AM-PCF.
  • the AM-PCF ID is obtained in the form of PCF ID.
  • the first network side device and the second network side device communicate through the access and mobility management network element (for example, Access and Mobility Management Function). Management Function (AMF) for information transmission.
  • AMF Access and Mobility Management Function
  • FIG 8 shows another schematic flowchart of the verification method of URSP rules provided by the embodiment of the present application.
  • the method 800 can be executed by the above-mentioned third network side device.
  • the method 800 can be executed by the device installed on the third network side.
  • the third network side device may be a session management policy control network element, such as SM-PCF, or the third network side device may be an access and mobility management network element, such as AMF.
  • the method may include the following steps.
  • the third network side device receives the target request information sent by the second network side device.
  • the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly.
  • the target request information includes The first URSP rule and the first parameter of the first PDU session.
  • the target request information is the same as the target request information in method 200 and method 300. Specifically, the descriptions in method 200 and method 300 can be parameterized.
  • the second network side device may send the target request information in the manner described in method 300.
  • the relevant description in method 300 may be parameterized.
  • the third network side device sends the target request information to the first network side device.
  • the method may also include:
  • Step 1 The third network side device receives the first indication information sent by the first network side device, wherein the first indication information indicates that the third network side device receives the PDU sent by the terminal. After the session establishment request or the PDU session modification request, the identifier of the first network side device is sent to the second network side device.
  • the first network side device may send the first indication information in the manner described in the above embodiment. For details, please refer to the description in the above embodiment, which will not be described again here.
  • Step 2 The third network side device receives a PDU session establishment request or a PDU session modification request sent by the terminal, where the PDU session establishment request message or PDU session modification request is used to request establishment or modification. Change the first PDU session.
  • Step 3 The third network side device sends a second request message to the second network side device, where the second request message is used to request to establish or update the context of the first PDU session, and the third network side device
  • the second request message carries a target identifier, and the target identifier is used to indicate the first network side device that provides services for the terminal.
  • the third network side device (for example, AMF) can receive the first indication information sent by the first network side device when the first network side device sends the URSP rule to the terminal.
  • the first indication information The information instructs the third network side device to send the identification of the first network side device to the second network side device when receiving the PDU session establishment request or PDU session modification request sent by the terminal, and then
  • the third network side device may send a second request message to the second network side device after receiving the PDU session establishment request or PDU session modification request sent by the terminal, wherein the second request message is used to request establishment or PDU session modification request.
  • the context of the first PDU session is updated, and the identifier of the first network side device that provides services for the terminal is sent to the second network side device.
  • the AMF can provide the AM-PCF ID to the SMF according to the method shown in Figure 4.
  • the method may also include the following steps:
  • Step 1 The third network side device receives a third request message sent by the second network side device, wherein the third request message carries the identifier of the terminal, and the third request is used to obtain Context information of the terminal;
  • Step 2 The third network side device sends the context information of the terminal to the second network side device, where the context information includes the identification of the first network side device.
  • the AMF can provide the AM-PCF ID to the SMF according to the method shown in Figure 5.
  • the method may also include the following steps:
  • Step 1 The third network side device receives a fourth request message sent by the second network side device, wherein the fourth request message is used to request to obtain the first network side device that sends URSP rules to the terminal.
  • the identification of the terminal is carried in the fourth request message;
  • Step 2 The third network side device sends the identity of the first network side device corresponding to the identity of the terminal to the second network side device.
  • the AMF can provide the AM-PCF ID to the SMF according to the method shown in Figure 6.
  • the third network side device may also transmit the first URSP rule, the second instruction information, the third verification result, etc. transmitted between the first network side device and the second network side device.
  • the first network side device may send the request information through signaling interacted with the third network side device.
  • the interactive signaling between AM-PCF and AMF includes: AM-PCF through Namf_Communication
  • N1MessageNotify_Subscribe send the request information; or, AM-PCF sends the request information Npcf_UEPolicyControl_Update response or Npcf_UEPolicyControl_UpdateNotify notify through at least one of the following; it can also be other signaling defined between AM-PCF and AMF.
  • the first network side device as AM-PCF and the second network side device as SMF as an example, the following describes the verification method of URSP rules provided by the embodiment of the present application.
  • Figure 9 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application.
  • the method 900 mainly includes the following steps:
  • S901 SMF sends request information to AM-PCF.
  • the request information sent by SMF to AM-PCF includes:
  • the terminal uses URSP rules for traffic of a certain application (such as application provider A). For example, Traffic descriptor, and the RSD used.
  • This information can be included in a container, which carries the UE SUPI, the Traffic descriptor and RSD executed by the terminal; another method is that the container carries the priority of the Traffic descriptor and the priority of the RSD.
  • the terminal executes a URSP rule for the traffic of APP1:
  • the corresponding attribute parameters of the PDU session ID When the terminal matches application traffic to a PDU session, the terminal can report the PDU session ID to which the traffic matches, and then SMF can also send the corresponding attribute parameters of the PDU session ID to AM-PCF.
  • the corresponding attribute parameters of the PDU session ID include but are not limited to at least one of the following: SSCmode, Access type, DNN, S-NSSAI, PDU session type.
  • AM-PCF can perform the following steps:
  • Step 1 According to the URSP rules reported by the UE, such as TD priority and RSD priority, restore RSD. parameters, and then compare them with the RSD reported by the terminal itself. If they are not the same, it is considered that the terminal does not use the URSP rules correctly. If they are the same, go to step 2;
  • Step 2 AM-PCF obtains the parameters described by the RSD in the URSP rules reported by the terminal, and compares the parameters with the parameters of the PDU session carrying the APP traffic reported by the SMF. If the parameters are the same, the terminal is considered to have used them correctly; if If they are not exactly the same, it is considered that the terminal does not use URSP rules correctly.
  • AM-PCF can obtain the URSP rules actually sent to the UE as follows:
  • the terminal itself reports a URSP rule used as follows:
  • AM-PCF finds that the usage rules reported by the terminal are the same as the rules actually sent by AM-PCF to the UE. Then the first step of verification is passed and the rules reported by the UE are correct.
  • AM-PCF needs to compare the RSD parameters in the rules actually sent to the UE with the parameters of the PDU session carrying the traffic fed back by SMF.
  • the parameters of the session are:
  • SM-PCF determined that the slices used by the two are different, therefore, it was determined that the terminal did not use the URSP rules correctly.
  • the results can include:
  • (1)ACK Indicates that the terminal has correctly used URSP rules. Then, AM-PCF can also instruct SMF to perform the third verification, that is, the packet inspection process.
  • the ACK here may indicate that both the first verification and the second verification are passed, or may indicate that any one verification, such as the first verification or the second verification is passed.
  • SMF or SM-PCF can perform corresponding operations. For example, SMF rejects the session establishment request corresponding to the PDU session ID; or SMF releases the session establishment request corresponding to the PDU session ID. PDU session; or, SMF first establishes a new PDU session, then migrates the APP traffic to the new PDU session, and then releases the PDU session corresponding to the old PDU session ID.
  • Figure 10 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application. As shown in Figure 10, the method 1000 mainly includes the following steps:
  • SMF sends request information to AMF, and the request information requests AM-PCF to perform verification of URSP rules.
  • the request information is the same as the request information in S1001 of method 1000. For details, please refer to the relevant description of method 1000.
  • the AMF finds the corresponding AM-PCF according to the terminal identifier, and forwards the request information to the AM-PCF.
  • AM-PCF verifies whether the terminal uses URSP rules correctly.
  • This step is the same as S902 in method 900.
  • S902 This step is the same as S902 in method 900.
  • AM-PCF sends the result of URSP rule execution verification to AMF.
  • the result of the verification of the URSP rule is the same as the result of the verification of the URSP rule in method 900.
  • AMF sends the result of URSP rule execution verification to SMF.
  • SMF After SMF receives the results of URSP rule execution verification, it can perform corresponding operations.
  • Figure 11 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application. As shown in Figure 11, the method 1100 mainly includes the following steps:
  • SMF sends request information to SM-PCF, and the request information requests AM-PCF to perform verification of URSP rules.
  • the request information is the same as the request information in S901 of method 900.
  • the request information is the same as the request information in S901 of method 900.
  • SM-PCF forwards the request information to AM-PCF.
  • SM-PCF can obtain the AM-PCF ID using the same method as SMF in Figures 4 to 7.
  • AM-PCF verifies whether the terminal uses URSP rules correctly.
  • This step is the same as S902 in method 900.
  • S902 This step is the same as S902 in method 900.
  • AM-PCF sends the result of URSP rule execution verification to SM-PCF.
  • the result of the verification performed by this URSP rule is the same as the result of the verification performed by the URSP rule in method 900. Specifically, Please refer to the relevant description in method 900.
  • SM-PCF sends the result of URSP rule execution verification to SMF.
  • SMF After SMF receives the results of URSP rule execution verification, it can perform corresponding operations.
  • Figure 12 shows another schematic flow chart of the URSP rule verification method provided by the embodiment of the present application. As shown in Figure 12, the method 1200 mainly includes the following steps:
  • S1201 SMF sends request information to SM-PCF, and the request information requests AM-PCF to perform verification of URSP rules.
  • the request information is the same as the request information in S901 of method 900.
  • the request information is the same as the request information in S901 of method 900.
  • S1202 SM-PCF forwards the request information to AMF.
  • AMF forwards the request information to AM-PCF.
  • AM-PCF verifies whether the terminal uses URSP rules correctly.
  • This step is the same as S902 in method 900.
  • S902 This step is the same as S902 in method 900.
  • AM-PCF sends the result of URSP rule execution verification to AMF.
  • the result of the verification of the URSP rule is the same as the result of the verification of the URSP rule in method 900.
  • AMF sends the result of URSP rule execution verification to SM-PCF.
  • SM-PCF sends the result of URSP rule execution verification to SMF.
  • SMF After SMF receives the results of URSP rule execution verification, it can perform corresponding operations.
  • Figure 13 shows another schematic flow chart of the URSP rule verification method provided by the embodiment of the present application. As shown in Figure 13, the method 1300 mainly includes the following steps:
  • the terminal uses URSP rules to match the APP process to a PDU session, or uses the RSD in the matched URSP rules to establish a new PDU session.
  • the terminal sends the used URSP rules, RSD, and PDU session identifiers to the AMF through the uplink NAS message.
  • AMF sends the URSP rule, RSD, and PDU session identifier to SMF through the uplink NAS message.
  • the SMF obtains the AM-PCF corresponding to the terminal.
  • SMF can obtain the AM-PCF ID corresponding to the terminal through the methods shown in Figure 4 to Figure 7.
  • the SMF sends request information to the AM-PCF.
  • the request information includes the URSP rules executed by the terminal reported by the terminal and the PDU session parameters of the APP flow reported by the terminal.
  • AM-PCF performs the first verification and the second verification. If the verification fails, S1306 is executed. If the verification is successful, the third verification is triggered and S1306 is executed.
  • AM-PCF sends the verification result to SMF, indicating that the verification failed and the terminal did not use the URSP rules correctly, so the intermediate process is skipped and S1314 is executed directly.
  • AM-PCF sends the URSP rules that need to be monitored to SMF.
  • the URSP rules are used to generate packet detection. Rules can also include the terminal's SUPI and PDU session ID. This step can be performed on the premise that the first and second verifications pass.
  • SMF converts TD into required packet inspection rules (for example, converts FQDN, application descriptor, etc. into destination IP triples for packet inspection).
  • the packet inspection rules are performed in the PDU session corresponding to the PDU session identifier. detection.
  • the SMF determines the UPF corresponding to the PDU session identifier serving the terminal.
  • SMF sends the packet detection rules to UPF.
  • SMF can also instruct UPF to perform packet inspection within a specified time.
  • UPF applies the packet detection rules to perform packet detection. If the traffic packet of the APP is detected in the PDU session, it is determined that the PDU session includes the traffic packet of the APP, and the verification passes; if the traffic packet of the APP is detected in the PDU session, If the traffic packet of the APP is not detected in the session, the verification fails. At this time, UPF can perform packet detection within the specified time indicated by SMF.
  • UPF sends a detection report to SMF and feeds back the detection results. That is, whether the target data packet is detected within the specified time.
  • the detection results include: detected or not detected.
  • AM-PCF obtains the verification result of the terminal's URSP rules. If the verification result indicates that the terminal does not use the URSP rules correctly, S1315 is executed.
  • AM-PCF adjusts the URSP rules in the terminal according to the URSP rules reported by the terminal.
  • AM-PCF indicates SMF: the terminal does not use URSP rules correctly.
  • S1317 The SMF rejects the establishment request of the PDU session or releases the PDU session or modifies the parameters of the PDU session.
  • Figure 14 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application. As shown in Figure 14, the method 1400 mainly includes the following steps:
  • the terminal uses URSP rules to match the APP process to a PDU session, or uses the RSD in the matched URSP rules to establish a new PDU session.
  • S1402 The terminal sends the used URSP rules and RSD and PDU session identifiers to the AMF through the uplink NAS message.
  • AMF sends the URSP rule, RSD, and PDU session identifier to SMF through the uplink NAS message.
  • SMF obtains the AM-PCF corresponding to the terminal.
  • SMF can obtain the AM-PCF ID corresponding to the terminal through the methods shown in Figure 4 to Figure 7.
  • the SMF sends request information to the SM-PCF.
  • the request information includes the URSP rules executed by the terminal reported by the terminal and the PDU session parameters of the APP flow reported by the terminal.
  • S1406 SM-PCF forwards the request information to AM-PCF to send the request information.
  • AM-PCF performs the first verification and the second verification. If the verification fails, S1408 is executed. If the verification is successful, the third verification is triggered and S1409 is executed.
  • AM-PCF sends the verification result to SM-PCF, indicating that the verification failed and the terminal did not use URSP rules correctly.
  • SM-PCF sends the verification result to SMF, indicating that the verification failed and the terminal did not use URSP rules correctly, and execute S1419.
  • AM-PCF sends URSP rules that need to be monitored to SM-PCF.
  • the URSP rules are used to generate packet detection rules and can also include the terminal's SUPI and PDU session ID.
  • the SM-PCF sends the URSP rules that need to be monitored to the SMF.
  • the URSP rules are used to generate packet detection rules and may also include the terminal's SUPI and PDU session ID.
  • SMF converts TD into necessary packet detection rules (for example, converts FQDN, application descriptor, etc. into destination IP triples for packet detection).
  • the packet detection rules are detected in the PDU session corresponding to the PDU session identifier. .
  • the SMF determines the UPF corresponding to the PDU session identifier serving the terminal.
  • SMF sends the packet detection rules to UPF.
  • SMF can also instruct UPF to perform packet inspection within a specified time.
  • UPF applies the packet detection rules to perform packet detection. If the traffic packet of the APP is detected in the PDU session, it is determined that the PDU session includes the traffic packet of the APP, and the verification passes; if the traffic packet of the APP is detected in the PDU session, If the traffic packet of the APP is not detected in the session, the verification fails. At this time, UPF can perform packet detection within the specified time indicated by SMF.
  • UPF sends a detection report to SMF and feeds back the detection results. That is, whether the target data packet is detected within the specified time.
  • the detection results include: detected or not detected.
  • SM-PCF sends the packet detection result to AM-PCF.
  • AM-PCF obtains the verification result of the terminal's URSP rules. If the verification result indicates that the terminal does not use the URSP rules correctly, S1415 is executed.
  • S1420 AM-PCF adjusts the URSP rules in the terminal according to the URSP rules reported by the terminal.
  • AM-PCF sends indication information to SM-PCF.
  • the indication information indicates that the terminal does not use URSP rules correctly.
  • S1422 SM-PCF forwards the above instruction information to SMF.
  • the SMF rejects the establishment request of the PDU session or releases the PDU session or modifies the parameters of the PDU session.
  • SMF and AM-PCF can also communicate through AMF.
  • the specific process is similar to the above-mentioned method 1300 and method 1400, and will not be described again here.
  • SMF and AM-PCF can also communicate through AMF and SM-PCF.
  • the specific process is similar to the above-mentioned method 1300 and method 1400, and will not be described again here.
  • the execution subject may be a verification device of URSP rules.
  • the verification device of the URSP rule executes the verification method of the URSP rule as an example to illustrate the implementation of the present application.
  • the embodiment provides a verification device for URSP rules.
  • Figure 15 shows a schematic structural diagram of a verification device for URSP rules provided by an embodiment of the present application.
  • the device 1500 mainly includes: a first acquisition module 1501, a first verification module 1502 and a second verification module 1503 .
  • the first acquisition module 1501 is used to acquire the target request information sent by the second network side device, where the target request information includes: the first URSP rule used by the terminal for the target application and the first URSP rule that carries the The first parameter of the first PDU session of the target application; the first verification module 1502 is used to obtain the first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein the second URSP rule It is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal; the second verification module 1503 is used to verify the first parameter of the first PDU session and the first Whether the second parameter described by the routing descriptor RSD in the URSP rule is consistent, the second verification result is obtained.
  • the target request information includes: the first URSP rule used by the terminal for the target application and the first URSP rule that carries the The first parameter of the first PDU session of the target application
  • the first verification module 1502 is used to obtain the first verification result by verifying whether
  • the first parameter includes at least one of the following: PDU session type, access type of PDU session, session and service continuity SSC mode, network slice identifier, data network name DNN; and/ Or, the second parameter includes at least one of the following: PDU session type, PDU session access type, SSC mode, network slice identifier, and DNN.
  • the first obtaining module 1501 obtains the target request information sent by the second network side device, including one of the following:
  • the device may further include: a first transceiver module 1504, configured to send URSP rules to the terminal; and send first indication information to the third network side device, where , the first instruction information instructs the third network side device to send the first network side device to the second network side device after receiving a PDU session establishment request or a PDU session modification request from the terminal. logo.
  • the first transceiver module 1504 is also configured to receive a first request message sent by the third network side device, where the first request message is used to request to create or update a URSP rule for the terminal.
  • the first request message carries capability information of the terminal, and the capability information indicates that the terminal supports reporting the usage information of the URSP rule of the terminal.
  • the second verification module 1503 verifies whether the first parameter of the first PDU session is consistent with the second parameter described by the routing descriptor RSD in the first URSP rule, including:
  • the first network side device verifies that the first parameter of the first PDU session is consistent with the first URSP rule. Whether the second parameter described by RSD in the rule is consistent.
  • the first obtaining module 1501 is also configured to obtain a third verification result sent by the second network side device, wherein the third verification result indicates that the first PDU session Whether to include the data packet of the target application.
  • the first acquisition module 1501 is also configured to send the first network side device second indication information in any of the following situations, where the second indication information is used to indicate The endpoint in question is not using URSP rules correctly:
  • the first verification result indicates that the first URSP rule is inconsistent with the second URSP rule
  • the second verification result indicates that the first parameter is inconsistent with the second parameter
  • the third verification result indicates that the data packet of the target application is not included in the first PDU session.
  • the device may also include: an update module 1505, configured to update the URSP rules of the terminal in any of the following situations:
  • the first verification result indicates that the first URSP rule is inconsistent with the second URSP rule
  • the second verification result indicates that at least one of the first parameters is inconsistent with the second parameter
  • the third verification result indicates that the data packet of the target application is not included in the first PDU session.
  • Figure 16 shows another schematic structural diagram of a URSP rule verification device provided by an embodiment of the present application.
  • the device 1600 mainly includes: a second transceiver module 1601 and a second acquisition module 1602.
  • the second transceiver module 1601 is used to receive reporting information sent by the terminal, where the reporting information includes: the first URSP rule used by the terminal for the target application and the third URSP rule carrying the target application.
  • a PDU session identifier, the first PDU session identifier is used to indicate the first PDU session;
  • the second acquisition module 1602 is used to acquire the first parameters of the first PDU session;
  • the second transceiver module 1601 is also used For sending target request information to the first network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly, and the target request information includes the first URSP rules and the first parameter of the first PDU session.
  • the second obtaining module 1602 is also configured to obtain the identity of the first network side device.
  • the second acquisition module acquires 1602 the identity of the first network side device, including one of the following:
  • Receive a second request message sent by a third network side device wherein the second request message is used to request the establishment or update of the context of the first PDU session, the second request message carries a target identifier, and the The target identifier is used to indicate the first network side device that provides services for the terminal;
  • the context information of the terminal returned by the third network side device is used to obtain the identity of the first network side device from the context information of the terminal;
  • Send a fourth request message to the third network side device wherein the fourth request message is used to request to obtain the identity of the first network side device that sends the URSP rule to the terminal, and the fourth request message carries having the identification of the terminal; receiving the identification of the first network side device returned by the third network side device;
  • Send a fifth request message to the fifth network side device wherein the fifth request message is used to obtain the identity of the first network side device that sends the URSP rule to the terminal, and the fifth request message carries the The identification of the terminal; Obtain the identification of the first network side device returned by the fifth network side device.
  • the device may also include:
  • the third verification module 1603 is used to obtain the first URSP rule sent by the first network side device, generate a packet detection rule according to the first URSP rule, and apply the packet detection rule to the first
  • the first PDU session indicated by the PDU session identifier obtains a third verification result, wherein the packet detection rule is used to verify whether the first PDU session includes the data packet of the target application.
  • the second acquisition module 1602 is also configured to acquire second indication information sent by the first network side device, wherein the second indication information is used to indicate that the terminal does not use the URSP rules correctly. ;Reject the session establishment request corresponding to the first PDU session identifier, or, the second network side device releases the PDU session corresponding to the first PDU session identifier.
  • the incorrect use of URSP rules by the terminal includes at least one of the following:
  • the second URSP rule is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal;
  • At least one of the first parameters is inconsistent with at least one of the second parameters
  • the first PDU session does not include the data packet of the target application.
  • Figure 17 shows another schematic structural diagram of a URSP rule verification device provided by an embodiment of the present application.
  • the device 1700 mainly includes: a receiving module 1701 and a sending module 1702.
  • the receiving module 1701 is used to receive target request information sent by the second network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly,
  • the target request information includes the first URSP rule and the first parameter of the first PDU session;
  • the sending module 1702 is configured to send the target request information to the first network side device.
  • the receiving module 1701 is further configured to receive first indication information sent by the first network side device, wherein the first indication information indicates that the third network side device receives After the terminal sends a PDU session establishment request or a PDU session modification request, send the identification of the first network side device to the second network side device; receive the PDU session establishment request or PDU session modification request sent by the terminal, Wherein, the PDU session establishment request message or PDU session modification request is used to request the establishment or modification of the first PDU session; the sending module 1702 is also used to send a second request to the second network side device. message, wherein the second request message is used to request the establishment or update of the context of the first PDU session, the second request message carries a target identifier, and the target identifier is used to indicate providing services to the terminal. the first network side device.
  • the receiving module 1701 is also configured to receive a third request message sent by the second network side device, where the third request message carries the identification of the terminal, so The third request is used to obtain the context information of the terminal; the sending module 1702 is also used to send the context information of the terminal to the second network side device, wherein the context information includes the third An identification of the network side device.
  • the receiving module 1701 is also configured to receive a fourth request message sent by the second network side device, wherein the fourth request message is used to request to obtain the URSP sent to the terminal.
  • Rule No. An identifier of a network-side device, and the fourth request message carries the identifier of the terminal;
  • the sending module 1702 is also configured to send the identifier of the first network-side device corresponding to the identifier of the terminal. to the second network side device.
  • the verification device of the URSP rules in the embodiment of the present application may be an electronic device, such as an electronic device with an operating system, or may be a component in the electronic device, such as an integrated circuit or chip.
  • the URSP rule verification device provided by the embodiment of the present application can implement each process implemented by the method embodiments of Figures 2 to 14, and achieve the same technical effect. To avoid duplication, the details will not be described here.
  • this embodiment of the present application also provides a communication device 1800, including a processor 1801 and a memory 1802.
  • the memory 1802 stores programs or instructions that can be run on the processor 1801, for example.
  • the communication device 1800 is a network-side device
  • the program or instruction is executed by the processor 1801
  • each step of the above-mentioned URSP rule verification method embodiment is implemented, and the same technical effect can be achieved. To avoid duplication, it will not be described again here. .
  • An embodiment of the present application also provides a network-side device, including a processor and a communication interface.
  • the processor is used to implement each step of the above URSP rule verification method embodiment, and the communication interface is used to communicate with an external device.
  • This network-side device embodiment corresponds to the above-mentioned network-side device method embodiment.
  • Each implementation process and implementation manner of the above-mentioned method embodiment can be applied to this network-side device embodiment, and can achieve the same technical effect.
  • the embodiment of the present application also provides a network side device.
  • the network side device 1900 includes: a processor 1901, a network interface 1902, and a memory 1903.
  • the network interface 1902 is, for example, a common public radio interface (CPRI).
  • CPRI common public radio interface
  • the network side device 1900 in this embodiment of the present invention also includes: instructions or programs stored in the memory 1903 and executable on the processor 1901.
  • the processor 1901 calls the instructions or programs in the memory 1903 to execute Figures 15 to 17
  • the execution methods of each module are shown and achieve the same technical effect. To avoid repetition, they will not be described in detail here.
  • Embodiments of the present application also provide a readable storage medium.
  • Programs or instructions are stored on the readable storage medium.
  • the program or instructions are executed by a processor, each process of the above-mentioned URSP rule verification method embodiment is implemented, and can To achieve the same technical effect, to avoid repetition, we will not repeat them here.
  • the processor is the processor in the terminal described in the above embodiment.
  • the readable storage medium includes computer readable storage media, such as computer read-only memory ROM, random access memory RAM, magnetic disk or optical disk, etc.
  • An embodiment of the present application further provides a chip.
  • the chip includes a processor and a communication interface.
  • the communication interface is coupled to the processor.
  • the processor is used to run programs or instructions to implement the verification method of the above URSP rules.
  • Each process in the example can achieve the same technical effect. To avoid repetition, we will not repeat it here.
  • the chips mentioned in the embodiments of this application may also be called system-on-chip, system-on-a-chip, system-on-chip or system-on-chip, etc.
  • Embodiments of the present application further provide a computer program/program product.
  • the computer program/program product is stored in a storage medium.
  • the computer program/program product is executed by at least one processor to implement the above verification method of URSP rules.
  • Each process of the embodiment can achieve the same technical effect, so to avoid repetition, it will not be described again here.
  • the embodiment of the present application also provides a verification system for URSP rules, including: a first network side device and a second network side device.
  • Network side device the first network side device can be used to perform the steps performed by the first network side device in the verification method of the URSP rule as described above, and the second network side device can be used to perform the steps of the URSP rule as described above. Steps performed by the second network side device in the verification method.
  • the URSP rule verification system may further include a third network side device, and the third network side device may be configured to perform the steps performed by the third network side device in the URSP rule verification method as described above.
  • the methods of the above embodiments can be implemented by means of software plus the necessary general hardware platform. Of course, it can also be implemented by hardware, but in many cases the former is better. implementation.
  • the technical solution of the present application can be embodied in the form of a computer software product that is essentially or contributes to the existing technology.
  • the computer software product is stored in a storage medium (such as ROM/RAM, disk , CD), including several instructions to cause a terminal (which can be a mobile phone, computer, server, air conditioner, or network device, etc.) to execute the methods described in various embodiments of this application.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present application relates to the field of wireless communications, and discloses a URSP rule verification method and apparatus, and a network side device. The URSP rule verification method in embodiments of the present application comprises: a first network side device obtains target request information sent by a second network side device, wherein the target request information comprises: a first URSP rule used by a terminal for a target application and a first parameter of a first PDU session carrying the target application; the first network side device obtains a first verification result by verifying whether the first URSP rule is consistent with a second URSP rule; and the first network side device verifies whether the first parameter of the first PDU session is consistent with a second parameter described by a route selection descriptor (RSD) in the first URSP rule, so as to obtain a second verification result.

Description

URSP规则的验证方法、装置及网络侧设备Verification method, device and network side equipment of URSP rules
交叉引用cross reference
本发明要求在2022年05月06日提交中国专利局、申请号为202210487743.0、发明名称为“URSP规则的验证方法、装置及网络侧设备”的中国专利申请的优先权,该申请的全部内容通过引用结合在本发明中。This invention requires the priority of a Chinese patent application submitted to the China Patent Office on May 6, 2022, with the application number 202210487743.0 and the invention name "URSP rule verification method, device and network side equipment". The entire content of the application is approved This reference is incorporated herein by reference.
技术领域Technical field
本申请属于无线通信技术领域,具体涉及一种URSP规则的验证方法、装置及网络侧设备。This application belongs to the field of wireless communication technology, and specifically relates to a verification method, device and network-side equipment for URSP rules.
背景技术Background technique
在第三代合作计划(3rd Generation Partnership Project,3GPP)协议中,当终端上的应用有流量要发送的时候,应用可以提供待发送的应用流量的流量特征,终端(OS操作系统(Operating System,OS)或modem芯片)获取应用提供的流量特征,例如,待发送的应用流量的目的互联网协议(Internet Protocol,IP)地址、全限定域名(Fully Qualified Domain Name,FQDN)等。终端会将该流量特征与终端中的用户设备路由选项策略(UE Route Selection Policy,URSP)规则中的流量描述符(Traffic Descriptor,TD)参数进行匹配,匹配到某个流量描述符以后,然后终端再选择该流量描述符下的某个路由选择描述符(Route Selection Descriptor,RSD)。该路由选择描述符中定义了,当应用流量特性同某流量描述符匹配以后,用于承载待传输的应用流量的协议数据单元(Protocol Data Unit,PDU)会话的会话参数。如果当前终端设备(User Equipment,UE)已经有一个PDU会话,且该PDU会话的会话参数同终端为应用流量所选择的流量描述符下的某个RSD一致,那么可以将该应用的待传输数据路由至已建立的协议数据单元(Protocol Data Unit,PDU)会话。或者,如果终端为待传输的应用流量选择了该流量描述符下的某个RSD以后,而当前终端内不存在这样的PDU会话,那么终端可以触发新PDU会话的建立,所建立的PDU会话的会话参数,同选择的RSD内的PDU会话参数一致,并使用该PDU会话承载所述待传输的应用数据流。In the 3rd Generation Partnership Project (3GPP) protocol, when an application on the terminal has traffic to be sent, the application can provide the traffic characteristics of the application traffic to be sent, and the terminal (OS Operating System, OS) or modem chip) obtains the traffic characteristics provided by the application, such as the destination Internet Protocol (Internet Protocol, IP) address of the application traffic to be sent, the fully qualified domain name (Fully Qualified Domain Name, FQDN), etc. The terminal will match the traffic characteristics with the Traffic Descriptor (TD) parameters in the User Equipment Routing Option Policy (UE Route Selection Policy, URSP) rule in the terminal. After matching a certain traffic descriptor, the terminal Then select a route selection descriptor (Route Selection Descriptor, RSD) under the traffic descriptor. The routing descriptor defines the session parameters of the Protocol Data Unit (PDU) session used to carry the application traffic to be transmitted when the application traffic characteristics match a certain traffic descriptor. If the current terminal equipment (User Equipment, UE) already has a PDU session, and the session parameters of the PDU session are consistent with an RSD under the traffic descriptor selected by the terminal for application traffic, then the data to be transmitted for the application can be Route to an established Protocol Data Unit (PDU) session. Or, if the terminal selects a certain RSD under the traffic descriptor for the application traffic to be transmitted, and there is no such PDU session in the current terminal, the terminal can trigger the establishment of a new PDU session. The session parameters are consistent with the PDU session parameters in the selected RSD, and the PDU session is used to carry the application data stream to be transmitted.
然而,在相关技术中,URSP规则只是终端设备的行为,对于某个应用,网络侧设备并不能获知终端设备是否应用了网络侧设备为该终端设备配置的URSP规则去匹配应用流量到特定的PDU会话,以及终端设备匹配该应用流量具体使用的URSP规则。However, in related technologies, URSP rules are only the behavior of the terminal device. For a certain application, the network side device cannot know whether the terminal device has applied the URSP rules configured by the network side device for the terminal device to match application traffic to a specific PDU. session, and the URSP rules specifically used by the end device to match the application traffic.
发明内容Contents of the invention
本申请实施例提供一种URSP规则的验证方法、装置及网络侧设备,能够解决网络侧设备无法获知终端设备是否应用配置的URSP规则以及终端设备针对具体应用使用的URSP规则的问题。 Embodiments of the present application provide a method, device and network-side device for verifying URSP rules, which can solve the problem that the network-side device cannot know whether the terminal device applies configured URSP rules and the URSP rules used by the terminal device for specific applications.
第一方面,提供了一种URSP规则的验证方法,包括:第一网络侧设备获取第二网络侧设备发送的目标请求信息,其中,所述目标请求信息包括:终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话的第一参数;所述第一网络侧设备通过验证所述第一URSP规则与第二URSP规则是否一致,得到第一验证结果,其中,所述第二URSP规则为所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则;所述第一网络侧设备验证所述第一PDU会话的第一参数与所述第一URSP规则中的路由选择描述符RSD描述的第二参数是否一致,得到第二验证结果。In a first aspect, a method for verifying URSP rules is provided, including: a first network side device obtains target request information sent by a second network side device, wherein the target request information includes: a first method used by a terminal for a target application. URSP rules and the first parameter of the first PDU session carrying the target application; the first network side device obtains the first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein, The second URSP rule is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal; the first network side device verifies the first parameter of the first PDU session and Whether the second parameter described by the routing descriptor RSD in the first URSP rule is consistent, a second verification result is obtained.
第二方面,提供了一种URSP规则的验证方法,包括:第二网络侧设备接收终端发送的上报信息,其中,所述上报信息包括:所述终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话标识,所述第一PDU会话标识用于指示第一PDU会话;所述第二网络侧设备获取所述第一PDU会话的第一参数;所述第二网络侧设备向第一网络侧设备发送目标请求信息,其中,所述目标请求信息指示所述第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数。In a second aspect, a method for verifying URSP rules is provided, including: a second network side device receiving reporting information sent by a terminal, wherein the reporting information includes: a first URSP rule used by the terminal for a target application and a bearer The first PDU session identifier of the target application, the first PDU session identifier is used to indicate the first PDU session; the second network side device obtains the first parameter of the first PDU session; the second network The side device sends target request information to the first network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses the URSP rule correctly, and the target request information includes the first network side device. URSP rule and the first parameter of the first PDU session.
第三方面,提供了一种URSP规则的验证方法,包括:第三网络侧设备接收第二网络侧设备发送的目标请求信息,其中,所述目标请求信息指示第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数;所述第三网络侧设备将所述目标请求信息发送给所述第一网络侧设备。In a third aspect, a method for verifying URSP rules is provided, including: a third network side device receiving target request information sent by a second network side device, wherein the target request information indicates that the first network side device has a request for the terminal Verify whether the URSP rules are used correctly. The target request information includes the first URSP rule and the first parameter of the first PDU session; the third network side device sends the target request information to the third network side device. A network side device.
第四方面,提供了一种URSP规则的验证装置,包括:第一获取模块,用于获取第二网络侧设备发送的目标请求信息,其中,所述目标请求信息包括:终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话的第一参数;第一验证模块,用于通过验证所述第一URSP规则与第二URSP规则是否一致,得到第一验证结果,其中,所述第二URSP规则为所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则;第二验证模块,用于验证所述第一PDU会话的第一参数与所述第一URSP规则中的路由选择描述符RSD描述的第二参数是否一致,得到第二验证结果。In a fourth aspect, a device for verifying URSP rules is provided, including: a first acquisition module configured to acquire target request information sent by the second network side device, wherein the target request information includes: the terminal used for the target application. The first URSP rule and the first parameter of the first PDU session carrying the target application; a first verification module configured to obtain the first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein , the second URSP rule is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal; a second verification module, used to verify the first step of the first PDU session Whether the parameter is consistent with the second parameter described by the routing descriptor RSD in the first URSP rule, a second verification result is obtained.
第五方面,提供了一种URSP规则的验证装置,包括:第二收发模块,用于接收终端发送的上报信息,其中,所述上报信息包括:所述终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话标识,所述第一PDU会话标识用于指示第一PDU会话;第二获取模块,用于获取所述第一PDU会话的第一参数;所述第二收发模块,还用于向第一网络侧设备发送目标请求信息,其中,所述目标请求信息指示所述第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数。In a fifth aspect, a device for verifying URSP rules is provided, including: a second transceiver module for receiving reporting information sent by a terminal, wherein the reporting information includes: a first URSP rule used by the terminal for a target application. and a first PDU session identifier that carries the target application, the first PDU session identifier is used to indicate the first PDU session; a second acquisition module is used to acquire the first parameter of the first PDU session; the third The second transceiver module is also configured to send target request information to the first network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses the URSP rules correctly, and the target request information The first URSP rule and the first parameter of the first PDU session are included.
第六方面,提供了一种URSP规则的验证装置,包括:接收模块,用于接收第二网络侧设备发送的目标请求信息,其中,所述目标请求信息指示第一网络侧设备对所述终端是 否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数;发送模块,用于将所述目标请求信息发送给所述第一网络侧设备。In a sixth aspect, a device for verifying URSP rules is provided, including: a receiving module configured to receive target request information sent by a second network side device, wherein the target request information indicates that the first network side device has a request for the terminal yes Verify whether the URSP rules are used correctly, and the target request information includes the first URSP rule and the first parameter of the first PDU session; a sending module for sending the target request information to the first network side equipment.
第七方面,提供了一种网络侧设备,该网络侧设备包括处理器和存储器,所述存储器存储可在所述处理器上运行的程序或指令,所述程序或指令被所述处理器执行时实现如第一方面至第三方面所述的方法的步骤。In a seventh aspect, a network side device is provided. The network side device includes a processor and a memory. The memory stores programs or instructions that can be run on the processor. The program or instructions are executed by the processor. When implementing the steps of the method described in the first to third aspects.
第八方面,提供了一种网络侧设备,包括处理器及通信接口,其中,所述处理器用于实现如第一方面至第三方面所述的方法的步骤,所述通信接口用于与外部设备进行通信。In an eighth aspect, a network side device is provided, including a processor and a communication interface, wherein the processor is used to implement the steps of the method described in the first to third aspects, and the communication interface is used to communicate with an external devices communicate.
第九方面,提供了一种URSP规则的验证系统,包括:第一网络侧设备和第二网络侧设备,所述第一网络侧设备可用于执行如第一方面所述的方法的步骤,所述第二网络侧设备可用于执行如第二方面所述的方法的步骤。A ninth aspect provides a verification system for URSP rules, including: a first network side device and a second network side device. The first network side device can be used to perform the steps of the method described in the first aspect. The second network side device may be used to perform the steps of the method described in the second aspect.
第十方面,提供了一种可读存储介质,所述可读存储介质上存储程序或指令,所述程序或指令被处理器执行时实现如第一方面所述的方法的步骤,或者实现如第二方面所述的方法的步骤,或者实现如第三方面所述的方法的步骤。In a tenth aspect, a readable storage medium is provided. Programs or instructions are stored on the readable storage medium. When the programs or instructions are executed by a processor, the steps of the method described in the first aspect are implemented, or the steps of the method are implemented as described in the first aspect. The steps of the method described in the second aspect, or the steps of implementing the method described in the third aspect.
第十一方面,提供了一种芯片,所述芯片包括处理器和通信接口,所述通信接口和所述处理器耦合,所述处理器用于运行程序或指令,实现如第一方面所述的方法的步骤,或者实现如第二方面所述的方法的步骤,或者实现如第三方面所述的方法的步骤。In an eleventh aspect, a chip is provided. The chip includes a processor and a communication interface. The communication interface is coupled to the processor. The processor is used to run programs or instructions to implement the method described in the first aspect. The steps of the method, or the steps of implementing the method as described in the second aspect, or the steps of implementing the method as described in the third aspect.
第十二方面,提供了一种计算机程序/程序产品,所述计算机程序/程序产品被存储在存储介质中,所述计算机程序/程序产品被至少一个处理器执行以实现如第一方面所述的方法的步骤,或者实现如第二方面所述的方法的步骤,或者实现如第三方面所述的方法的步骤。In a twelfth aspect, a computer program/program product is provided, the computer program/program product is stored in a storage medium, and the computer program/program product is executed by at least one processor to implement as described in the first aspect The steps of the method, or the steps of the method described in the second aspect, or the steps of the method described in the third aspect.
在本申请实施例中,第一网络侧设备从第二网络侧设备获取到终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话的第一参数,验证所述第一URSP规则是否与所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则一致,并验证所述第一PDU会话的第一参数与所述第一URSP规则中的路由选择描述符RSD描述的第二参数是否一致,从而使得第一网络侧设备可以获知终端是否应用了网络侧设备为该终端设备配置的URSP规则去匹配应用流量到特定的PDU会话、终端匹配该应用流量具体使用的URSP规则以及对应的PDU会话中是否包括该应用流量的数据包,便于网络侧设备对终端进行控制。In this embodiment of the present application, the first network side device obtains the first URSP rule used by the terminal for the target application and the first parameter of the first PDU session carrying the target application from the second network side device, and verifies the first Whether a URSP rule is consistent with at least one URSP rule corresponding to the target application sent by the first network side device to the terminal, and verifying that the first parameter of the first PDU session is consistent with the first URSP rule Whether the second parameter described by the routing descriptor RSD in is consistent, so that the first network side device can learn whether the terminal applies the URSP rule configured by the network side device for the terminal device to match application traffic to a specific PDU session, terminal Match the URSP rules specifically used by the application traffic and whether the corresponding PDU session includes the data packets of the application traffic, so that the network side device can control the terminal.
附图说明Description of the drawings
图1示出本申请实施例可应用的一种无线通信系统的框图;Figure 1 shows a block diagram of a wireless communication system to which embodiments of the present application are applicable;
图2示出本申请实施例提供的URSP规则的验证方法的一种流程示意图;Figure 2 shows a schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application;
图3示出本申请实施例提供的URSP规则的验证方法的另一种流程示意图;Figure 3 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application;
图4示出本申请实施例提供的第一网络侧设备的标识的获取方法的一种流程示意图;Figure 4 shows a schematic flowchart of a method for obtaining an identity of a first network side device provided by an embodiment of the present application;
图5示出本申请实施例提供的第一网络侧设备的标识的获取方法的另一种流程示意图;Figure 5 shows another schematic flowchart of a method for obtaining an identity of a first network side device provided by an embodiment of the present application;
图6示出本申请实施例提供的第一网络侧设备的标识的获取方法的又一种流程示意图; Figure 6 shows another schematic flowchart of a method for obtaining the identity of a first network side device provided by an embodiment of the present application;
图7示出本申请实施例提供的第一网络侧设备的标识的获取方法的又一种流程示意图;Figure 7 shows another schematic flowchart of a method for obtaining an identity of a first network side device provided by an embodiment of the present application;
图8示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图;Figure 8 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application;
图9示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图;Figure 9 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application;
图10示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图;Figure 10 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application;
图11示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图;Figure 11 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application;
图12示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图;Figure 12 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application;
图13示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图;Figure 13 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application;
图14示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图;Figure 14 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application;
图15示出本申请实施例提供的URSP规则的验证装置的一种结构示意图;Figure 15 shows a schematic structural diagram of a verification device for URSP rules provided by an embodiment of the present application;
图16示出本申请实施例提供的URSP规则的验证装置的另一种结构示意图;Figure 16 shows another structural schematic diagram of a verification device for URSP rules provided by an embodiment of the present application;
图17示出本申请实施例提供的URSP规则的验证装置的又一种结构示意图;Figure 17 shows another structural schematic diagram of a verification device for URSP rules provided by an embodiment of the present application;
图18示出本申请实施例提供的一种通信设备的结构示意图;Figure 18 shows a schematic structural diagram of a communication device provided by an embodiment of the present application;
图19示出本申请实施例提供的一种网络侧设备的硬件结构示意图。Figure 19 shows a schematic hardware structure diagram of a network-side device provided by an embodiment of the present application.
具体实施方式Detailed ways
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application will be clearly described below with reference to the accompanying drawings in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, but not all of the embodiments. Based on the embodiments in this application, all other embodiments obtained by those of ordinary skill in the art fall within the scope of protection of this application.
本申请的说明书和权利要求书中的术语“第一”、“第二”等是用于区别类似的对象,而不用于描述特定的顺序或先后次序。应该理解这样使用的术语在适当情况下可以互换,以便本申请的实施例能够以除了在这里图示或描述的那些以外的顺序实施,且“第一”、“第二”所区别的对象通常为一类,并不限定对象的个数,例如第一对象可以是一个,也可以是多个。此外,说明书以及权利要求中“和/或”表示所连接对象的至少其中之一,字符“/”一般表示前后关联对象是一种“或”的关系。The terms "first", "second", etc. in the description and claims of this application are used to distinguish similar objects and are not used to describe a specific order or sequence. It is to be understood that the terms so used are interchangeable under appropriate circumstances so that the embodiments of the present application can be practiced in sequences other than those illustrated or described herein, and that "first" and "second" are distinguished objects It is usually one type, and the number of objects is not limited. For example, the first object can be one or multiple. In addition, "and/or" in the description and claims indicates at least one of the connected objects, and the character "/" generally indicates that the related objects are in an "or" relationship.
值得指出的是,本申请实施例所描述的技术不限于长期演进型(Long Term Evolution,LTE)/LTE的演进(LTE-Advanced,LTE-A)系统,还可用于其他无线通信系统,诸如码分多址(Code Division Multiple Access,CDMA)、时分多址(Time Division Multiple Access,TDMA)、频分多址(Frequency Division Multiple Access,FDMA)、正交频分多址(Orthogonal Frequency Division Multiple Access,OFDMA)、单载波频分多址(Single-carrier Frequency Division Multiple Access,SC-FDMA)和其他系统。本申请实施例中的术语“系统”和“网络”常被可互换地使用,所描述的技术既可用于以上提及的系统和无线电技术,也可用于其他系统和无线电技术。以下描述出于示例目的描述了新空口(New Radio,NR)系统,并且在以下大部分描述中使用NR术语,但是这些技术也可应用于NR系统应用以外的应用,如第6代(6th Generation,6G)通信系统。It is worth pointing out that the technology described in the embodiments of this application is not limited to Long Term Evolution (LTE)/LTE Evolution (LTE-Advanced, LTE-A) systems, and can also be used in other wireless communication systems, such as code Code Division Multiple Access (CDMA), Time Division Multiple Access (TDMA), Frequency Division Multiple Access (FDMA), Orthogonal Frequency Division Multiple Access, OFDMA), Single-carrier Frequency Division Multiple Access (SC-FDMA) and other systems. The terms "system" and "network" in the embodiments of this application are often used interchangeably, and the described technology can be used not only for the above-mentioned systems and radio technologies, but also for other systems and radio technologies. The following description describes a New Radio (NR) system for example purposes, and NR terminology is used in much of the following description, but these techniques can also be applied to applications other than NR system applications, such as 6th generation Generation, 6G) communication system.
图1示出本申请实施例可应用的一种无线通信系统的框图。无线通信系统包括终端11 和网络侧设备12。其中,终端11可以是手机、平板电脑(Tablet Personal Computer)、膝上型电脑(Laptop Computer)或称为笔记本电脑、个人数字助理(Personal Digital Assistant,PDA)、掌上电脑、上网本、超级移动个人计算机(ultra-mobile personal computer,UMPC)、移动上网装置(Mobile Internet Device,MID)、增强现实(augmented reality,AR)/虚拟现实(virtual reality,VR)设备、机器人、可穿戴式设备(Wearable Device)、车载设备(Vehicle User Equipment,VUE)、行人终端(Vehicle User Equipment,VUE)、智能家居(具有无线通信功能的家居设备,如冰箱、电视、洗衣机或者家具等)、游戏机、个人计算机(personal computer,PC)、柜员机或者自助机等终端侧设备,可穿戴式设备包括:智能手表、智能手环、智能耳机、智能眼镜、智能首饰(智能手镯、智能手链、智能戒指、智能项链、智能脚镯、智能脚链等)、智能腕带、智能服装等。需要说明的是,在本申请实施例并不限定终端11的具体类型。网络侧设备12可以包括接入网设备和/或核心网设备,其中,接入网设备12也可以称为无线接入网设备、无线接入网(Radio Access Network,RAN)、无线接入网功能或无线接入网单元。接入网设备12可以包括基站、无线局域网(Wireless Local Area Network,WLAN)接入点或无线保真(Wireless Fidelity,WiFi)节点等,基站可被称为节点B、演进节点B(Evolved NodeB,eNB)、接入点、基收发机站(Base Transceiver Station,BTS)、无线电基站、无线电收发机、基本服务集(Basic Service Set,BSS)、扩展服务集(Extended Service Set,ESS)、家用B节点、家用演进型B节点、发送接收点(Transmitting Receiving Point,TRP)或所述领域中其他某个合适的术语,只要达到相同的技术效果,所述基站不限于特定技术词汇,需要说明的是,在本申请实施例中仅以NR系统中的基站为例进行介绍,并不限定基站的具体类型。核心网设备可以包含但不限于如下至少一项:核心网节点、核心网功能、移动管理实体(Mobility Management Entity,MME)、接入移动管理功能(Access and Mobility Management Function,AMF)、会话管理功能(Session Management Function,SMF)、用户平面功能(User Plane Function,UPF)、策略控制功能(Policy Control Function,PCF)、策略与计费规则功能单元(Policy and Charging Rules Function,PCRF)、边缘应用服务发现功能(Edge Application Server Discovery Function,EASDF)、统一数据管理(Unified Data Management,UDM),统一数据仓储(Unified Data Repository,UDR)、归属用户服务器(Home Subscriber Server,HSS)、集中式网络配置(Centralized network configuration,CNC)、网络存储功能(Network Repository Function,NRF),网络开放功能(Network Exposure Function,NEF)、本地NEF(Local NEF,或L-NEF)、绑定支持功能(Binding Support Function,BSF)、应用功能(Application Function,AF)等。需要说明的是,在本申请实施例中仅以NR系统中的核心网设备为例进行介绍,并不限定核心网设备的具体类型。Figure 1 shows a block diagram of a wireless communication system to which embodiments of the present application are applicable. The wireless communication system includes a terminal 11 and network side device 12. The terminal 11 may be a mobile phone, a tablet computer (Tablet Personal Computer), a laptop computer (Laptop Computer), or a notebook computer, a personal digital assistant (Personal Digital Assistant, PDA), a palmtop computer, a netbook, or a super mobile personal computer. (ultra-mobile personal computer, UMPC), mobile Internet device (Mobile Internet Device, MID), augmented reality (AR)/virtual reality (VR) equipment, robots, wearable devices (Wearable Device) , vehicle user equipment (VUE), pedestrian terminal (Vehicle user equipment, VUE), smart home (home equipment with wireless communication functions, such as refrigerators, TVs, washing machines or furniture, etc.), game consoles, personal computers (personal computer, PC), teller machine or self-service machine and other terminal-side devices. Wearable devices include: smart watches, smart bracelets, smart headphones, smart glasses, smart jewelry (smart bracelets, smart bracelets, smart rings, smart necklaces, smart anklets) bracelets, smart anklets, etc.), smart wristbands, smart clothing, etc. It should be noted that the embodiment of the present application does not limit the specific type of the terminal 11. The network side device 12 may include an access network device and/or a core network device, where the access network device 12 may also be called a radio access network device, a radio access network (Radio Access Network, RAN), or a radio access network. function or radio access network unit. The access network device 12 may include a base station, a Wireless Local Area Network (Wireless Local Area Network, WLAN) access point or a Wireless Fidelity (Wireless Fidelity, WiFi) node, etc. The base station may be called a Node B, an Evolved Node B (Evolved NodeB, eNB), access point, Base Transceiver Station (BTS), radio base station, radio transceiver, Basic Service Set (BSS), Extended Service Set (ESS), Home B Node, home evolved B node, transmitting receiving point (Transmitting Receiving Point, TRP) or some other suitable term in the field. As long as the same technical effect is achieved, the base station is not limited to specific technical terms. It needs to be explained that , in the embodiment of this application, only the base station in the NR system is taken as an example for introduction, and the specific type of the base station is not limited. Core network equipment may include but is not limited to at least one of the following: core network nodes, core network functions, mobility management entities (Mobility Management Entity, MME), access mobility management functions (Access and Mobility Management Function, AMF), session management functions (Session Management Function, SMF), User Plane Function (UPF), Policy Control Function (PCF), Policy and Charging Rules Function (PCRF), Edge Application Service Discovery function (Edge Application Server Discovery Function, EASDF), Unified Data Management (UDM), Unified Data Repository (UDR), Home Subscriber Server (HSS), centralized network configuration ( Centralized network configuration (CNC), Network Repository Function (NRF), Network Exposure Function (NEF), Local NEF (Local NEF, or L-NEF), Binding Support Function (Binding Support Function, BSF), application function (Application Function, AF), etc. It should be noted that in the embodiment of this application, only the core network equipment in the NR system is used as an example for introduction, and the specific type of the core network equipment is not limited.
URSP规则(rules)是3GPP定义的一种给UE发送的策略,UE根据这个URSP规则可以匹配应用(Application,APP)的流量到特定的PDU session。URSP rules are a policy defined by 3GPP and sent to the UE. The UE can match application (Application, APP) traffic to a specific PDU session based on these URSP rules.
比如,当UE上的应用(APP)有流量需要发送到服务器端的时候,APP可以发送APP流量特征给UE,这些流量特征可以包括目的IP地址、全限定域名(Fully Qualified Domain  Name,FQDN)等。然后UE根据APP的流量特征,去逐个匹配UE内的URSP规则,在URSP rules里,所规定的流量描述/特征可以如表1所示。For example, when an application (APP) on the UE has traffic that needs to be sent to the server, the APP can send APP traffic characteristics to the UE. These traffic characteristics can include the destination IP address, fully qualified domain name (Fully Qualified Domain) Name, FQDN), etc. Then the UE matches the URSP rules in the UE one by one according to the traffic characteristics of the APP. In the URSP rules, the specified traffic description/characteristics can be as shown in Table 1.
表1.
Table 1.
比如说,第二项APP可以发送一个IP描述,比如,目的IP三元组,表明该APP的这个流量是需要发给目的IP=10.1.1.1,端口号=80的一个流量。然后,如果UE URSP rules里恰好有这个流量描述符(Traffic descriptor),则说明APP的这个流量可以匹配到某一个URS Prules。For example, the second APP can send an IP description, such as a destination IP triplet, indicating that the traffic of the APP needs to be sent to destination IP = 10.1.1.1, port number = 80. Then, if there happens to be this traffic descriptor in the UE URSP rules, it means that the traffic of the APP can match a certain URS Prules.
在有URS Prules匹配APP的流量以后,下一步则需要选择使用哪个PDU会话(session)发送APP的流量(traffic)。After there are URS Prules matching the APP's traffic, the next step is to choose which PDU session (session) to use to send the APP's traffic (traffic).
一般来说,某个Traffic descriptor下,有至少一个RSD,每个RSD代表了一个PDU session的一组属性。比如说,当APP traffic匹配到目的IP=10.1.1.1,端口号=80的这一组traffic descriptor,然后这一组traffic descriptor下有如下几个RSD:Generally speaking, there is at least one RSD under a certain Traffic descriptor, and each RSD represents a set of attributes of a PDU session. For example, when APP traffic matches a group of traffic descriptors with destination IP = 10.1.1.1 and port number = 80, then there are the following RSDs under this group of traffic descriptors:
■RSD优先级(precedence)=1■RSD priority (precedence)=1
◆S-NSSAI-a◆S-NSSAI-a
◆Non-3GPP接入(Access)◆Non-3GPP access (Access)
■RSD precedence=2■RSD precedence=2
◆S-NSSAI-a◆S-NSSAI-a
◆3GPP Access◆3GPP Access
◆DNN=互联网(Internet)◆DNN=Internet
◆SSC mode=3◆SSC mode=3
比如,RSD1对应的PDU会话的特性或会话的参数为:S-NSSAI=S-NSSAI-a,使用non-3GPP接入。终端可以使用这个RSD1里的PDU会话特定建立PDU会话;或者使用这个特性,去选择终端已经建立的PDU会话。被选择的PDU会话,其会话特性或会话参数, 为,S-NSSAI=S-NSSAI-a,使用non-3GPP接入(即PDU会话的接入类型为非3GPP接入)。For example, the PDU session characteristics or session parameters corresponding to RSD1 are: S-NSSAI=S-NSSAI-a, using non-3GPP access. The terminal can use the PDU session in RSD1 to specifically establish a PDU session; or use this feature to select a PDU session that the terminal has already established. The selected PDU session, its session characteristics or session parameters, For, S-NSSAI=S-NSSAI-a, non-3GPP access is used (that is, the access type of the PDU session is non-3GPP access).
然而,在网络侧设备给UE发送URSP rules以后,对于APP的traffic,UE是否使用了URSP rules去匹配APP流量到特定的PDU会话,以及使用了哪个URSP规则进行流量匹配,对于网络侧设备来说都是未知的。比如,针对某个应用的流量,UE匹配到的流量描述符的RSD包括:However, after the network side device sends URSP rules to the UE, for the APP traffic, whether the UE uses URSP rules to match the APP traffic to a specific PDU session, and which URSP rule is used for traffic matching, for the network side device It's all unknown. For example, for the traffic of a certain application, the RSD of the traffic descriptor matched by the UE includes:
■RSD precedence=1■RSD precedence=1
◆S-NSSAI-a◆S-NSSAI-a
◆Non-3GPP Access◆Non-3GPP Access
■RSD precedence=2■RSD precedence=2
◆S-NSSAI-a◆S-NSSAI-a
◆3GPP Access◆3GPP Access
◆DNN=Internet◆DNN=Internet
◆SSC mode=3◆SSC mode=3
而网络侧设备并不知道UE是否执行了URSP rules以及如果执行了,执行了哪个RSD。针对该问题,本申请实施例提供了URSP规则的验证方案,使得网络侧设备可以获知这些信息。让网络侧能够获得,所述终端对某个应用的流量,使用了哪个流量描述符下的哪个RSD,以及使用所述URSP规则以后,是新建了PDU会话还是将应用流量匹配到了已有会话。The network side device does not know whether the UE has executed URSP rules and if so, which RSD has been executed. To address this problem, embodiments of the present application provide a verification solution for URSP rules so that network-side devices can obtain this information. The network side is allowed to obtain the traffic of an application by the terminal, which RSD under which traffic descriptor is used, and after using the URSP rule, whether a new PDU session is created or the application traffic is matched to an existing session.
下面结合附图,通过一些实施例及其应用场景对本申请实施例提供的URSP规则的验证方案进行详细地说明。The verification scheme of URSP rules provided by the embodiments of the present application will be described in detail below with reference to the accompanying drawings through some embodiments and their application scenarios.
图2示出本申请实施例中的URSP规则的验证方法的一种流程示意图,该方法200可以由第一网络侧设备执行。换言之,所述方法可以由安装在第一网络侧设备上的软件或硬件来执行。在本申请实施例中,第一网络侧设备可以为接入及移动性管理策略控制网元,例如,第一网络侧设备可以为接入及移动性管理策略控制功能(Access and Mobility Management Policy Control Function,AM-PCF)。如图2所示,该方法可以包括以下步骤。Figure 2 shows a schematic flowchart of the verification method of URSP rules in the embodiment of the present application. The method 200 can be executed by the first network side device. In other words, the method may be executed by software or hardware installed on the first network side device. In this embodiment of the present application, the first network side device may be an access and mobility management policy control network element. For example, the first network side device may be an access and mobility management policy control function (Access and Mobility Management Policy Control). Function, AM-PCF). As shown in Figure 2, the method may include the following steps.
S210,第一网络侧设备获取第二网络侧设备发送的目标请求信息,其中,所述目标请求信息包括:终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一协议数据单元PDU会话的第一参数。S210. The first network side device obtains the target request information sent by the second network side device, where the target request information includes: the first URSP rule used by the terminal for the target application and the first protocol data unit carrying the target application. The first parameter of the PDU session.
其中,所述目标请求信息指示所述第一网络侧设备对所述终端是否正确使用URSP规则进行验证。在本申请实施例中,其中,第二网络侧设备可以为会话管理网元,例如,会话管理功能(Session Management Function,SMF)。Wherein, the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly. In this embodiment of the present application, the second network side device may be a session management network element, for example, a session management function (Session Management Function, SMF).
所述目标请求信息,可以通过以下至少一项信令发送:Npcf_EventExposure_Subscribe,Npcf_UEPolicyControl_Update request。The target request information can be sent through at least one of the following signaling: Npcf_EventExposure_Subscribe, Npcf_UEPolicyControl_Update request.
比如,终端为某个应用流量使用了URSP规则以后,可以通过会话非接入层(Non-Access Stratum,NAS)消息上报具体使用的URSP规则的细节至第二网络侧设备,比如,上报终 端使用了某个Traffic descriptor(FQDN=ABC.com),或使用了某个RSD(S-NSSAI=S-NSSAI-a,使用non-3GPP接入);也可以直接指示所述使用的规则优先级或RSD的优先级,因为对于一个终端,一个规则优先级只对应一个流量描述符,一个流量描述符下面的RSD的优先级只对应一个RSD。比如说,终端上报第一URSP规则如下:rule precedence=1,RSD precedence=2,这就说明终端使用了优先级为1的规则和该流量描述符下RSD优先级为2的RSD。所述NAS消息包括以下至少一项:PDU会话建立请求(PDU session establishment request)、DPU会话修改请求(PDU session modification request)。或者,所述NAS消息还可以包括:PDU会话SM上下文生成请求(Nsmf_PDUSession_CreateSMContext Request)或PDU会话SM上下文更新请求(Nsmf_PDUSession_UpdateSMContext Request)。For example, after the terminal uses a URSP rule for a certain application traffic, it can report the details of the specific URSP rule to the second network side device through a session non-access stratum (NAS) message. For example, report the final The end uses a certain Traffic descriptor (FQDN=ABC.com), or uses a certain RSD (S-NSSAI=S-NSSAI-a, using non-3GPP access); it can also directly indicate that the rules used take precedence. level or RSD priority, because for a terminal, a rule priority only corresponds to one traffic descriptor, and the priority of the RSD under a traffic descriptor only corresponds to one RSD. For example, the terminal reports the first URSP rule as follows: rule precedence=1, RSD precedence=2, which means that the terminal uses a rule with a priority of 1 and an RSD with an RSD priority of 2 under the traffic descriptor. The NAS message includes at least one of the following: PDU session establishment request (PDU session establishment request), DPU session modification request (PDU session modification request). Alternatively, the NAS message may also include: PDU session SM context generation request (Nsmf_PDUSession_CreateSMContext Request) or PDU session SM context update request (Nsmf_PDUSession_UpdateSMContext Request).
第二网络侧设备在接收到终端的会话NAS消息后,可以根据NAS消息中携带的第一PDU会话标识,获取所述第一PDU会话标识对应的第一PDU会话的第一参数,然后将第一PDU会话的第一参数和终端上报的目标应用使用的第一URSP规则发送给第一网络侧设备。After receiving the session NAS message from the terminal, the second network side device can obtain the first parameter of the first PDU session corresponding to the first PDU session identifier according to the first PDU session identifier carried in the NAS message, and then add the first PDU session identifier to the first PDU session identifier. The first parameter of a PDU session and the first URSP rule used by the target application reported by the terminal are sent to the first network side device.
其中,第一PDU会话标识用于指示所述应用流量最终匹配到的PDU会话,该PDU会话可以是新建的会话,也可以是终端里已有的会话。此处,终端上报给第二网络侧设备的上报信息中也可以包括一个指示信息,该指示信息用于指示使用URSP规则以后是新建PDU会话还是匹配到终端上已有的PDU会话。比如说,该指示信息指示使用第一URSP规则以后,新建了一个PDU会话承载该应用流量。The first PDU session identifier is used to indicate the PDU session to which the application traffic is finally matched. The PDU session may be a newly created session or an existing session in the terminal. Here, the information reported by the terminal to the second network side device may also include indication information, which is used to indicate whether to create a new PDU session after using the URSP rule or to match an existing PDU session on the terminal. For example, the indication information indicates that after using the first URSP rule, a new PDU session is created to carry the application traffic.
在本申请实施例中,第一网络侧设备与第二网络侧设备之间可以直接进行目标请求信息传输,因此,在一个可能的实现方式中,S210可以包括:第一网络侧设备接收来自所述第二网络侧设备的所述目标请求信息。In this embodiment of the present application, the target request information can be transmitted directly between the first network side device and the second network side device. Therefore, in a possible implementation, S210 may include: the first network side device receives the request from the first network side device. The target request information of the second network side device.
或者,第一网络侧设备与第二网络侧设备之间也可以通过第三网络侧设备和/或第四网络侧设备传输所述目标请求信息。因此,在另一个可能的实现方式中,S210可以包括:第一网络侧设备接收所述第二网络侧设备通过第三网络侧设备和/或第四网络侧设备转发的所述目标请求信息。Alternatively, the target request information may also be transmitted between the first network side device and the second network side device through a third network side device and/or a fourth network side device. Therefore, in another possible implementation, S210 may include: the first network side device receiving the target request information forwarded by the second network side device through the third network side device and/or the fourth network side device.
其中,第三网络侧设备可以为接入和移动性管理网元,例如,AMF,或者,会话管理策略控制网元,例如,SM-PCF.第四网络侧设备可以为会话管理策略控制网元,或接入和移动性管理网元。例如,SMF通过AMF向AM-PCF发送所述目标请求信息;或者,SMF通过SM-PCF向AM-PCF发送所述目标请求信息;或者,SMF将目标请求信息发送至AMF,AMF再将目标请求信息发送至SM-PCF,SM-PCF再将目标请求信息发送至AM-PCF;或者,SMF将目标请求信息发送至SM-PCF,SM-PCF再将目标请求信息发送至AMF,AMF再将目标请求信息发送至AM-PCF。The third network side device may be an access and mobility management network element, such as AMF, or a session management policy control network element, such as SM-PCF. The fourth network side device may be a session management policy control network element. , or access and mobility management network elements. For example, SMF sends the target request information to AM-PCF through AMF; or SMF sends the target request information to AM-PCF through SM-PCF; or SMF sends the target request information to AMF, and AMF then sends the target request information to AM-PCF. The information is sent to SM-PCF, SM-PCF then sends the target request information to AM-PCF; or, SMF sends the target request information to SM-PCF, SM-PCF then sends the target request information to AMF, and AMF then sends the target request information to AM-PCF. Request information is sent to AM-PCF.
比如说,如果第三网络侧设备为AMF,第二网络侧设备为SMF,第一网络侧设备为AM-PCF的情况下,所述SMF可以通过Namf_Communication_N1N2MessageTransfer或者 Nsmf_EventExposure_Notify,将所述目标请求信息发送至AMF;然后所述AMF再通过Npcf_UEPolicyControl_Update request,Npcf_UEPolicyControl_UpdateNotify Subscribe或Npcf_EventExposure_Subscribe将所述目标请求信息再发送至第一网络侧设备,比如AM-PCF。For example, if the third network side device is AMF, the second network side device is SMF, and the first network side device is AM-PCF, the SMF can be sent through Namf_Communication_N1N2MessageTransfer or Nsmf_EventExposure_Notify, sends the target request information to the AMF; then the AMF sends the target request information to the first network side device, such as AM-PCF, through Npcf_UEPolicyControl_Update request, Npcf_UEPolicyControl_UpdateNotify Subscribe or Npcf_EventExposure_Subscribe.
再比如说,如果第四网络侧设备为SM-PCF,第二网络侧设备为SMF,第一网络侧设备为AM-PCF的情况下,则所述SMF可以通过以下至少一项信令,发送目标请求信息至第四网络侧设备:Npcf_SMPolicyControl_Update或者Npcf_SMPolicyControl_create;然后,所述SM-PCF再通过以下至少一项信令,将所述目标请求信息发送至AM-PCF:Npcf_Policy Authorization_Create,Npcf_Policy Authorization_Update。For another example, if the fourth network side device is SM-PCF, the second network side device is SMF, and the first network side device is AM-PCF, then the SMF can be sent through at least one of the following signaling: The target request information is sent to the fourth network side device: Npcf_SMPolicyControl_Update or Npcf_SMPolicyControl_create; then, the SM-PCF sends the target request information to the AM-PCF through at least one of the following signaling: Npcf_Policy Authorization_Create, Npcf_Policy Authorization_Update.
其中,所述发送目标请求信息,也指的是将目标请求信息中包含的参数,比如第一URSP规则等,发送至第一网络侧设备,比如AM-PCF。The sending the target request information also refers to sending the parameters included in the target request information, such as the first URSP rule, etc., to the first network side device, such as the AM-PCF.
S212,所述第一网络侧设备通过验证所述第一URSP规则与第二URSP规则是否一致,得到第一验证结果,其中,所述第二URSP规则为所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则。S212: The first network-side device obtains a first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein the second URSP rule is sent by the first network-side device to the At least one URSP rule of the terminal corresponding to the target application.
其中,所述第一验证结果用于指示所述第一URSP规则与第二URSP规则是否一致。例如,所述第一验证结果可以包括:第一URSP规则与第二URSP规则一致,即第一验证通过;或,第一URSP规则与第二URSP规则不一致,即第一验证失败。The first verification result is used to indicate whether the first URSP rule and the second URSP rule are consistent. For example, the first verification result may include: the first URSP rule is consistent with the second URSP rule, that is, the first verification is passed; or the first URSP rule is inconsistent with the second URSP rule, that is, the first verification fails.
例如,终端为目标应用的流量执行URSP规则,然后终端将所使用的URSP规则发给SMF。SMF将该URSP规则转发给AM-PCF,AM-PCF执行第一验证,验证终端上报的这个规则和AM-PCF发给UE的规则是否一致,即验证终端上报的URSP规则是否为AM-PCF发送给UE的URSP规则中的一个。For example, the terminal executes URSP rules for the traffic of the target application, and then the terminal sends the used URSP rules to the SMF. SMF forwards the URSP rule to AM-PCF, and AM-PCF performs the first verification to verify whether the rule reported by the terminal is consistent with the rule sent by AM-PCF to the UE, that is, it verifies whether the URSP rule reported by the terminal is sent by AM-PCF. One of the URSP rules for the UE.
比如,终端自己上报使用的URSP规则:Rule Precedence=1和RSD Precedence=1。第一网络侧设备可以根据终端上报的信息,恢复或者在AM-PCF中查询该优先级对应的URSP规则,或者AM-PCF检查发送给UE的第二URSP规则。比如说,根据终端上报的Rule Precedence=1和RSD Precedence=1,AM-PCF经检查,发现给这个UE发送的URSP规则如下:For example, the URSP rules reported by the terminal itself: Rule Precedence=1 and RSD Precedence=1. The first network side device may restore or query the AM-PCF for the URSP rule corresponding to the priority based on the information reported by the terminal, or the AM-PCF may check the second URSP rule sent to the UE. For example, based on the Rule Precedence=1 and RSD Precedence=1 reported by the terminal, AM-PCF checked and found that the URSP rules sent to the UE were as follows:
Rule Precedence=1;Rule Precedence=1;
流量描述符(Traffic Descriptor):应用描述符(Application descriptor)=App1;Traffic Descriptor: Application descriptor = App1;
RSD Precedence=1;RSD Precedence=1;
网络切片标识符(Network Slice Selection):S-NSSAI-a;Network Slice Selection: S-NSSAI-a;
会话和服务连续性(Session and Service Continuity,SSC)模式(Mode Selection):SSC Mode 3;Session and Service Continuity (SSC) Mode (Mode Selection): SSC Mode 3;
数据网络名称(Data Network Name,DNN)选择(Selection):internet;Data Network Name (DNN) Selection: internet;
接入类型优先(Access Type preference):3GPP接入(access)。Access Type preference: 3GPP access.
而终端上报了一个使用的第一URSP规则为: The terminal reported the first URSP rule used:
Rule Precedence=1;Rule Precedence=1;
Traffic Descriptor:Application descriptor=App1;Traffic Descriptor:Application descriptor=App1;
Route Selection Descriptor Precedence=1;Route Selection Descriptor Precedence=1;
Network Slice Selection:S-NSSAI-a;Network Slice Selection: S-NSSAI-a;
SSC Mode Selection:SSC Mode 3;SSC Mode Selection: SSC Mode 3;
DNN Selection:internet;DNN Selection: internet;
Access Type preference:3GPP access。Access Type preference: 3GPP access.
则第一网络侧设备确定终端上报的使用规则(即第一URSP规则)和实际第一网络侧设备发送UE发的规则(即第二URSP规则)一样,验证通过,UE上报的规则正确。这里的验证是指:验证终端所上报的使用的URSP规则,包括流量描述符和RSD,与第一网络侧设备发给终端的URSP规则里的流量描述符或RSD是否一致。如果一致,则确定终端严格使用了AM-PCF下发的任何URSP规则之一,而不是终端自己随意使用了一个网络根本没有下发过的URSP规则。Then the first network side device determines that the usage rule reported by the terminal (i.e., the first URSP rule) is the same as the rule actually sent by the first network side device from the UE (i.e., the second URSP rule). The verification passes and the rule reported by the UE is correct. The verification here refers to verifying whether the URSP rules reported by the terminal, including traffic descriptors and RSDs, are consistent with the traffic descriptors or RSDs in the URSP rules sent to the terminal by the first network-side device. If they are consistent, it is determined that the terminal strictly uses one of the URSP rules issued by AM-PCF, rather than the terminal itself randomly using a URSP rule that has not been issued by the network at all.
S214,所述第一网络侧设备验证所述第一PDU会话的第一参数与所述第一URSP规则中的RSD描述的第二参数是否一致,得到第二验证结果。S214: The first network side device verifies whether the first parameter of the first PDU session is consistent with the second parameter described by the RSD in the first URSP rule, and obtains a second verification result.
其中,所述第二验证结果指示所述第一PDU会话的第一参数与所述第一URSP规则中的RSD描述的第二参数是否一致。例如,所述第二验证结果可以包括:所述第一PDU会话的第一参数与所述第一URSP规则中的RSD描述的第二参数,即第一参数与第二参数的逐项参数一一对应且一致,即第二验证通过;或者,所述第一PDU会话的第一参数与所述第一URSP规则中的RSD描述的第二参数中,任意一项不一致,即第二验证失败。The second verification result indicates whether the first parameter of the first PDU session is consistent with the second parameter described by the RSD in the first URSP rule. For example, the second verification result may include: the first parameter of the first PDU session and the second parameter described by the RSD in the first URSP rule, that is, the item-by-item parameters of the first parameter and the second parameter. One-to-one correspondence and consistency, that is, the second verification is passed; or, any one of the first parameters of the first PDU session and the second parameters described by the RSD in the first URSP rule is inconsistent, that is, the second verification fail.
例如,第一网络侧设备可以在所述第一验证结果指示所述第一URSP规则与所述第二URSP规则中至少一个规则一致的情况下,启动第二验证,即验证所述第一PDU会话的第一参数与所述第一URSP规则中的RSD描述的第二参数是否一致。For example, when the first verification result indicates that the first URSP rule is consistent with at least one of the second URSP rules, the first network side device may initiate the second verification, that is, verify the first PDU. Whether the first parameter of the session is consistent with the second parameter described by the RSD in the first URSP rule.
可选地,目标请求信息中包括的第一PDU会话的第一参数可以包括以下至少一项:PDU会话类型、PDU会话的接入类型、SSC模式、网络切片标识符、DNN。Optionally, the first parameter of the first PDU session included in the target request information may include at least one of the following: PDU session type, access type of PDU session, SSC mode, network slice identifier, and DNN.
可选地,所述第一URSP规则中的RSD描述的第二参数可以包括以下至少一项:PDU会话类型、PDU会话的接入类型、SSC模式、网络切片标识符、DNN。Optionally, the second parameter of the RSD description in the first URSP rule may include at least one of the following: PDU session type, PDU session access type, SSC mode, network slice identifier, and DNN.
在本申请实施例中,所述第一参数与所述第二参数是否一致是指所述第一参数中的各个参数的参数值是否分别与所述第二参数中对应的参数的参数值一致。例如,在第一参数和第二参数分别包括:PDU会话类型、PDU会话的接入类型、SSC模式以及DNN的情况下,则第一参数与第二参数是否一致是指第一参数中的PDU会话类型与第二参数中的PDU会话类型相同,第一参数中的PDU会话接入类型与第二参数中的PDU会话接入类型相同,第一参数中的SSC模式与第二参数中的SSC模式相同,第一参数中的DNN与第二参数中的DNN相同。如果其中任一项不同,则第一参数与第二参数不一致。In this embodiment of the present application, whether the first parameter is consistent with the second parameter refers to whether the parameter value of each parameter in the first parameter is consistent with the parameter value of the corresponding parameter in the second parameter. . For example, when the first parameter and the second parameter respectively include: PDU session type, PDU session access type, SSC mode, and DNN, then whether the first parameter and the second parameter are consistent refers to the PDU in the first parameter. The session type is the same as the PDU session type in the second parameter, the PDU session access type in the first parameter is the same as the PDU session access type in the second parameter, the SSC mode in the first parameter is the same as the SSC in the second parameter The pattern is the same, the DNN in the first parameter is the same as the DNN in the second parameter. If any of them are different, the first parameter and the second parameter are inconsistent.
进行第二验证的目的是使得所述终端如果真的正确的使用了第一URSP规则,则所述 承载应用流量的第一PDU会话的PDU会话的参数,比如SSC模式,DNN等,必须与第一URSP规则里的RSD里指示的PDU会话的参数,比如SSC模式,DNN等,逐个一一对应且相同。The purpose of performing the second verification is to ensure that if the terminal really uses the first URSP rule correctly, the The PDU session parameters of the first PDU session carrying application traffic, such as SSC mode, DNN, etc., must correspond to the parameters of the PDU session indicated in the RSD in the first URSP rule, such as SSC mode, DNN, etc., one by one and same.
在S214进行第二验证的目的是使得所述终端如果真的正确的使用了第一URSP规则,则所述承载应用流量的第一PDU会话的PDU会话的参数,比如SSC模式,DNN等,必须与第一URSP规则里的RSD里指示的PDU会话的参数,比如SSC模式,DNN等,逐个一一对应且相同。The purpose of the second verification in S214 is to ensure that if the terminal really uses the first URSP rule correctly, the parameters of the PDU session of the first PDU session carrying application traffic, such as SSC mode, DNN, etc., must The parameters of the PDU session indicated in the RSD in the first URSP rule, such as SSC mode, DNN, etc., correspond to each other one by one and are the same.
在S214中,第一网络侧设备获取第二验证结果,从而可以获知承载目标应用的第一PDU会话的第一参数与第一URSP规则中的RSD描述的第二参数是否一致。In S214, the first network side device obtains the second verification result, so as to know whether the first parameter of the first PDU session carrying the target application is consistent with the second parameter described by the RSD in the first URSP rule.
例如,终端上报的使用的第一URSP规则为:For example, the first URSP rule reported by the terminal is:
Rule Precedence=1;Rule Precedence=1;
Traffic Descriptor:Application descriptor=App1;Traffic Descriptor:Application descriptor=App1;
Route Selection Descriptor Precedence=1;Route Selection Descriptor Precedence=1;
Network Slice Selection:S-NSSAI-a;Network Slice Selection:S-NSSAI-a;
SSC Mode Selection:SSC Mode 3;SSC Mode Selection:SSC Mode 3;
DNN Selection:internet;DNN Selection:internet;
Access Type preference:3GPP access。Access Type preference: 3GPP access.
而第二网络侧设备经过检查获取实际承载目标应用(即APP1)流量的第一PDU会话,该第一PDU会话的第一参数为:The second network side device obtains the first PDU session that actually carries the traffic of the target application (ie APP1) through inspection. The first parameter of the first PDU session is:
Network Slice Selection:S-NSSAI-b;Network Slice Selection:S-NSSAI-b;
SSC Mode Selection:SSC Mode 3;SSC Mode Selection:SSC Mode 3;
DNN Selection:internet;DNN Selection:internet;
Access Type preference:3GPP access。Access Type preference: 3GPP access.
由此可见,第二参数中的网络切片为S-NSSAI-b,而第一参数中的网络切片为S-NSSAI-b,两者不一致,因此,终端并没有正确使用URSP规则。也就是说,终端虽然上报了自己用的URSP规则,但是其实所述APP的流量并没有真正的使用这个RSD的各项PDU会话参数所对应的PDU会话承载。这就说明,第二验证没有通过,所述终端没有正确使用URSP规则。It can be seen that the network slice in the second parameter is S-NSSAI-b, and the network slice in the first parameter is S-NSSAI-b. The two are inconsistent. Therefore, the terminal does not use the URSP rule correctly. In other words, although the terminal reports the URSP rules it uses, the traffic of the APP does not actually use the PDU session bearer corresponding to each PDU session parameter of this RSD. This means that the second verification failed and the terminal did not use URSP rules correctly.
在一个可能的实现方式中,第一网络侧设备可以所述第一验证结果和/或第二验证结果返回给第二网络侧设备。以第一网络侧设备为AM-PCF,第二网络侧设备为SMF为例,AM-PCF可使用以下至少一项信令将第一验证结果和/或第二验证结果发送给SMF:Npcf_EventExposure_Notify、Npcf_UEPolicyControl Update response。In a possible implementation, the first network side device may return the first verification result and/or the second verification result to the second network side device. Taking the first network side device as AM-PCF and the second network side device as SMF as an example, AM-PCF can use at least one of the following signaling to send the first verification result and/or the second verification result to SMF: Npcf_EventExposure_Notify, Npcf_UEPolicyControl Update response.
或者,AM-PCF可以使用以下至少一项信令将第一验证结果和/或第二验证结果发送给AMF:Npcf_UEPolicyControl_Update response;Npcf_UEPolicyControl_UpdateNotify notify。然后,AMF再使用以下至少一项信令将第一验证结果和/或第二验证结果SMF: Nsmf_PDUSession_UpdateSMContext request,Nsmf_EventExposure_Subscribe。Alternatively, the AM-PCF may send the first verification result and/or the second verification result to the AMF using at least one of the following signaling: Npcf_UEPolicyControl_Update response; Npcf_UEPolicyControl_UpdateNotify notify. Then, AMF uses at least one of the following signalings to SMF the first verification result and/or the second verification result: Nsmf_PDUSession_UpdateSMContext request, Nsmf_EventExposure_Subscribe.
或者,AM-PCF可以使用以下至少一项信令将第一验证结果和/或第二验证结果发送给SM-PCF:Npcf_Policy Authorization_Createrequest/response、Npcf_Policy Authorization_Up date request/response。SM-PCF再使用以下至少一项信令将第一验证结果和/或第二验证结果发送至SMF:Npcf_SMPolicyControl_Updaterequest/response、Npcf_SMPolicyControl_creater equest/response。Alternatively, the AM-PCF may send the first verification result and/or the second verification result to the SM-PCF using at least one of the following signaling: Npcf_Policy Authorization_Createrequest/response, Npcf_Policy Authorization_Up date request/response. SM-PCF then uses at least one of the following signaling to send the first verification result and/or the second verification result to SMF: Npcf_SMPolicyControl_Updaterequest/response, Npcf_SMPolicyControl_creater request/response.
通过本申请实施例提供的上述技术方案,第一网络侧设备从第二网络侧设备获取到终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话的第一参数,验证所述第一URSP规则是否与所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则一致,并验证所述第一PDU会话的第一参数与所述第一URSP规则中的路由选择描述符RSD描述的第二参数是否一致,从而使得第一网络侧设备可以获知终端是否应用了网络侧设备为该终端设备配置的URSP规则去匹配应用流量到特定的PDU会话、终端匹配该应用流量具体使用的URSP规则以及对应的PDU会话中是否包括该应用流量的数据包,便于网络侧设备对终端进行控制。Through the above technical solutions provided by the embodiments of this application, the first network side device obtains from the second network side device the first URSP rule used by the terminal for the target application and the first parameter of the first PDU session carrying the target application, Verify whether the first URSP rule is consistent with at least one URSP rule corresponding to the target application sent by the first network side device to the terminal, and verify that the first parameter of the first PDU session is consistent with the Whether the second parameter described by the routing descriptor RSD in the first URSP rule is consistent, so that the first network side device can learn whether the terminal has applied the URSP rule configured by the network side device for the terminal device to match application traffic to a specific The PDU session, the terminal matches the URSP rules specifically used by the application traffic, and whether the corresponding PDU session includes the data packets of the application traffic, so that the network side device can control the terminal.
在一个可能的实现方式中,为了使得第二网络侧设备可以获知第一网络侧设备的标识,从而可以向第一网络侧设备发送所述目标请求信息,在S210之前,该方法还可以包括以下步骤:In a possible implementation, in order for the second network side device to learn the identity of the first network side device and thereby send the target request information to the first network side device, before S210, the method may also include the following: step:
步骤1,所述第一网络侧设备向所述终端发送URSP规则;Step 1: The first network side device sends a URSP rule to the terminal;
步骤2,所述第一网络侧设备向第三网络侧设备发送第一指示信息,其中,所述第一指示信息指示所述第三网络侧设备在接收到所述终端的PDU会话建立请求或PDU会话修改请求之后,向所述第二网络侧设备发送所述第一网络侧设备的标识。比如,第三网络侧设备可以通过如下信令将所述第一网络侧设备的标识发送所述第二网络侧设备:Npcf_UEPolicyControl Create Request,或者Npcf_UEPolicyControl Update Request。Step 2: The first network side device sends first indication information to the third network side device, wherein the first indication information indicates that the third network side device receives a PDU session establishment request from the terminal or After the PDU session modification request is made, the identifier of the first network side device is sent to the second network side device. For example, the third network side device may send the identity of the first network side device to the second network side device through the following signaling: Npcf_UEPolicyControl Create Request, or Npcf_UEPolicyControl Update Request.
其中,所述第一网络侧设备的标识包括但不限于第一网络侧设备的标识符和/或第一网络侧设备的IP地址。Wherein, the identification of the first network side device includes but is not limited to the identifier of the first network side device and/or the IP address of the first network side device.
在上述可能的实现方式中,第一网络侧设备在向终端发送URSP规则时,指示第三网络侧设备在接收到终端的PDU会话建立请求或PDU会话修改请求的情况下,将所述第一网络侧设备的标识发送给第二网络侧设备或第四网络侧设备,从而使得在终端建立PDU会话或修改PDU会话时,第二网络侧设备可以获知第一网络侧设备的标识,从而将终端通过会话NAS消息上报的目标应用使用的第一URSP规则,以及第二网络侧设备获取的承载目标应用的第一PDU会话的第一参数发送给第一网络侧设备。例如,第一网络侧设备可以在终端注册到网络时,向终端发送URSP规则,并向第三网络侧设备发送所述第一指示信息。In the above possible implementation manner, when sending the URSP rule to the terminal, the first network side device instructs the third network side device to change the first network side device to the terminal upon receiving a PDU session establishment request or a PDU session modification request. The identity of the network side device is sent to the second network side device or the fourth network side device, so that when the terminal establishes a PDU session or modifies the PDU session, the second network side device can learn the identity of the first network side device, thereby connecting the terminal The first URSP rule used by the target application reported through the session NAS message, and the first parameter of the first PDU session carrying the target application obtained by the second network side device are sent to the first network side device. For example, the first network side device may send the URSP rule to the terminal when the terminal registers with the network, and send the first indication information to the third network side device.
可选地,在上述可能的实现方式中,在所述第一网络侧设备向第三网络侧设备发送第一指示信息之前,所述第一网络侧设备接收所述第三网络侧设备发送的第一请求消息,所述第一请求消息用于请求为所述终端创建或更新URSP规则,所述第一请求消息中携带有 所述终端的能力信息,所述能力信息指示所述终端支持上报所述终端的URSP规则的使用信息。也就是说,第一网络侧设备在获知终端支持上报终端的URSP规则的使用的情况下,才向第三网络侧设备发送所述第一指示信息。例如,终端可以在注册消息中携带终端的所述能力信息,指示终端支持上报URSP规则的使用信息。Optionally, in the above possible implementation manner, before the first network side device sends the first indication information to the third network side device, the first network side device receives the information sent by the third network side device. A first request message, the first request message is used to request to create or update a URSP rule for the terminal, the first request message carries The capability information of the terminal indicates that the terminal supports reporting the usage information of the URSP rules of the terminal. That is to say, the first network side device only sends the first indication information to the third network side device after learning that the terminal supports the use of the URSP rule that reports the terminal. For example, the terminal may carry the capability information of the terminal in the registration message, indicating that the terminal supports reporting the usage information of URSP rules.
在一个可能的实现方式中,该方法还可以包括:所述第一网络侧设备获取所述第二网络侧设备发送的第三验证结果,其中,所述第三验证结果指示所述第一PDU会话中是否包括所述目标应用的数据包。In a possible implementation, the method may further include: the first network side device obtaining a third verification result sent by the second network side device, wherein the third verification result indicates the first PDU Whether the session includes data packets of the target application.
例如,所述第三验证结果可以包括以下至少一项:第一PDU会话中包括所述目标应用的数据包,所述第三验证通过;第一PDU会话中不包括所述目标应用的数据包,则所述第三验证失败。For example, the third verification result may include at least one of the following: the first PDU session includes the data packet of the target application, and the third verification is passed; the first PDU session does not include the data packet of the target application. , then the third verification fails.
在具体应用中的一种可能的情况是,终端虽然声明使用了第一URSP规则,网络侧也确实检查所述第一PDU会话的会话参数跟第一URSP规则里的RSD指示的会话参数一致,但是可能终端并没有真正使用这个第一PDU会话进行传输应用流量,而是使用了其他PDU会话。因此,通过上述可能的实现方式,第一网络侧设备可以确定所述第一PDU会话是否真正的承载了所述应用流量的传输。One possible situation in a specific application is that although the terminal declares to use the first URSP rule, the network side does check that the session parameters of the first PDU session are consistent with the session parameters indicated by the RSD in the first URSP rule. However, it is possible that the terminal does not actually use this first PDU session to transmit application traffic, but uses other PDU sessions. Therefore, through the above possible implementation manner, the first network side device can determine whether the first PDU session actually carries the transmission of the application traffic.
例如,第二网络侧设备可以在发送所述目标请求信息时或在发送目标请求信息之前或之后,启动第三验证,即验证所述第一PDU会话中是否包括所述目标应用的数据包,例如,第二网络侧设备可以根据终端上报的所述第一URSP规则,生成包检测规则,将所述包检测规则应用于所述第一PDU会话标识指示的第一PDU会话,获取第三验证结果,其中,所述包检测规则用于验证所述第一PDU会话中是否包括所述目标应用的数据包,然后将所述第三验证结果发送给第一网络侧设备。For example, the second network side device may initiate the third verification when sending the target request information or before or after sending the target request information, that is, verifying whether the first PDU session includes the data packet of the target application, For example, the second network side device may generate a packet detection rule according to the first URSP rule reported by the terminal, apply the packet detection rule to the first PDU session indicated by the first PDU session identifier, and obtain the third verification As a result, the packet detection rule is used to verify whether the first PDU session includes the data packet of the target application, and then the third verification result is sent to the first network side device.
在一个可能的实现方式中,第一网络侧设备可以在执行S214得到第二验证结果之后,如果第二验证结果为所述第一PDU会话的第一参数中与所述第一URSP规则中的RSD描述的第二参数一致的情况下,向第二网络侧设备发送请求信息,请求获取所述第三验证结果,从而从第二网络侧设备获取所述第三验证结果。其中,所述请求信息中可以包括第一URSP规则和/或第一PDU会话标识。第二网络侧设备根据所述第一URSP规则生成包检测规则(Packet Detection Rule,PDR),并将包检测规则应用于第一PDU会话标识对应的第一PDU会话中,进行包检测。In a possible implementation, after performing S214 to obtain the second verification result, the first network side device may determine if the second verification result is the same as the first parameter in the first PDU session and the first URSP rule. If the second parameters described by the RSD are consistent, request information is sent to the second network side device to request the third verification result, so as to obtain the third verification result from the second network side device. The request information may include the first URSP rule and/or the first PDU session identifier. The second network side device generates a packet detection rule (Packet Detection Rule, PDR) according to the first URSP rule, and applies the packet detection rule to the first PDU session corresponding to the first PDU session identifier to perform packet detection.
在另一个可能的实现方式中,第二网络侧设备也可以不主动进行第三验证,而是在接收第一网络侧设备的请求的情况下,再执行第三验证。因此,在该可能的实现方式中,第一网络侧设备可以向第二网络侧设备发送请求信息,请求所述第二网络侧设备执行第三验证,即请求第二网络侧设备验证所述第一PDU会话中是否包括所述目标应用的数据包,然后,接收第二网络侧设备返回的第三验证结果。也就是说,所述第二网络侧设备先等待第一网络侧设备完成第二验证,如果所述验证表明终端第二验证通过,正确使用URSP规则的情况下,第二网络侧设备从第一网络侧设备接收相关请求信息,执行第三验证。 In another possible implementation, the second network side device may not actively perform the third verification, but may perform the third verification after receiving a request from the first network side device. Therefore, in this possible implementation, the first network side device may send request information to the second network side device, requesting the second network side device to perform the third verification, that is, requesting the second network side device to verify the third verification. Whether a data packet of the target application is included in a PDU session, and then, a third verification result returned by the second network side device is received. That is to say, the second network side device first waits for the first network side device to complete the second verification. If the verification shows that the terminal passes the second verification and the URSP rules are used correctly, the second network side device starts from the first verification. The network side device receives the relevant request information and performs the third verification.
在上述可能的实现方式中,第一网络侧设备可以在所述第一PDU会话的第一参数与所述第一URSP规则中的RSD描述的第二参数一致的情况下,启动第三验证,即请求所述第二网络侧设备执行第三验证,而在所述第一PDU会话的第一参数中的至少一项与所述第一URSP规则中的RSD描述的第二参数不一致的情况下,则结束URSP规则的验证。In the above possible implementation, the first network side device may initiate the third verification when the first parameter of the first PDU session is consistent with the second parameter described by the RSD in the first URSP rule, That is, the second network side device is requested to perform the third verification, and at least one of the first parameters of the first PDU session is inconsistent with the second parameter described by the RSD in the first URSP rule. , then the verification of URSP rules ends.
在一个可能的实现方式中,该方法还可以包括:在以下任一情况下,所述第一网络侧设备发送第二指示信息,其中,所述第二指示信息用于指示所述终端未正确使用URSP规则:In a possible implementation, the method may further include: in any of the following situations, the first network side device sends second indication information, wherein the second indication information is used to indicate that the terminal does not correctly Use URSP rules:
(1)所述第一验证结果指示所述第一URSP规则与所述第二URSP规则不一致;也就是说,在所述第一URSP规则与所述第二URSP规则不一致的情况下,第一网络侧设备确定所述终端未正确使用URSP规则。(1) The first verification result indicates that the first URSP rule is inconsistent with the second URSP rule; that is, in the case that the first URSP rule is inconsistent with the second URSP rule, the first The network side device determines that the terminal does not use URSP rules correctly.
(2)所述第二验证结果指示所述第一参数与所述第二参数不一致;也就是说,在所述第一参数中的至少一项参数与所述第二参数不一致的情况下,第一网络侧设备确定所述终端未正确使用URSP规则。(2) The second verification result indicates that the first parameter is inconsistent with the second parameter; that is, when at least one parameter in the first parameter is inconsistent with the second parameter, The first network side device determines that the terminal does not use URSP rules correctly.
(3)所述第三验证结果指示所述第一PDU会话中未包括所述目标应用的数据包。也就是说,在所述第一PDU会话对应的传输数据包中未包括所述目标应用的数据包的情况下,第一网络侧设备确定所述终端未正确使用URSP规则。(3) The third verification result indicates that the data packet of the target application is not included in the first PDU session. That is to say, when the transmission data packet corresponding to the first PDU session does not include the data packet of the target application, the first network side device determines that the terminal does not use the URSP rule correctly.
所述第二指示信息的一种可能的发送方式为:第一网络侧设备直接发送给第二网络侧设备;或者所述第一网络侧设备通过第三网络侧设备或第四网络侧设备发送给第二网络侧设备。One possible way of sending the second indication information is: the first network side device sends it directly to the second network side device; or the first network side device sends it through the third network side device or the fourth network side device. to the second network side device.
例如,以第一网络侧设备为AM-PCF,第二网络侧设备为SMF为例,AM-PCF可使用以下至少一项信令将第二指示信息发送给SMF:Npcf_EventExposure_Notify、Npcf_UEPolicyControl Update response。For example, assuming that the first network side device is AM-PCF and the second network side device is SMF, AM-PCF can use at least one of the following signaling to send the second indication information to SMF: Npcf_EventExposure_Notify, Npcf_UEPolicyControl Update response.
或者,AM-PCF可以使用以下至少一项信令将第二指示信息发送给AMF:Npcf_UEPolicyControl_Update response;Npcf_UEPolicyControl_UpdateNotify notify。然后,AMF再使用以下至少一项信令将第二指示信息SMF:Nsmf_PDUSession_UpdateSMContext request,Nsmf_EventExposure_Subscribe。Alternatively, the AM-PCF may use at least one of the following signaling to send the second indication information to the AMF: Npcf_UEPolicyControl_Update response; Npcf_UEPolicyControl_UpdateNotify notify. Then, the AMF uses at least one of the following signalings to SMF the second indication information: Nsmf_PDUSession_UpdateSMContext request, Nsmf_EventExposure_Subscribe.
或者,AM-PCF可以使用以下至少一项信令将第二指示信息发送给SM-PCF:Npcf_Pol icy Authorization_Create request/response、Npcf_Policy Authorization_Update request/respon se。SM-PCF再使用以下至少一项信令将第二指示信息发送至SMF:Npcf_SMPolicyControl_Updaterequest/response、Npcf_SMPolicyControl_createrequest/response。Alternatively, AM-PCF may use at least one of the following signaling to send the second indication information to SM-PCF: Npcf_Policy Authorization_Create request/response, Npcf_Policy Authorization_Update request/response. The SM-PCF then uses at least one of the following signaling to send the second indication information to the SMF: Npcf_SMPolicyControl_Updaterequest/response, Npcf_SMPolicyControl_createrequest/response.
第二网络侧设备在接收到上述第二指示信息之后,可以执行相应的操作,例如,拒绝与所述第一PDU会话标识对应的会话建立请求或修改请求,或者,释放与所述第一PDU会话标识对应的第一PDU会话。其中,拒绝所述会话建立请求或修改请求,是指拒绝上报第一URSP规则的终端的PDU会话建立请求或修改请求。或者,由于终端误用了URSP规则,则承载这个应用的PDU会话将被释放,或者,在释放这个PDU会话之前,网络侧根 据第一URSP规则里的RSD指示的PDU会话参数,触发建立新的PDU会话,迁移所述应用流量在新的PDU会话上承载,然后再释放原有会话。After receiving the above-mentioned second indication information, the second network side device may perform corresponding operations, for example, reject the session establishment request or modification request corresponding to the first PDU session identifier, or release the session establishment request or modification request corresponding to the first PDU session identifier. The first PDU session corresponding to the session ID. Wherein, rejecting the session establishment request or modification request means rejecting the PDU session establishment request or modification request of the terminal that reports the first URSP rule. Or, because the terminal misuses URSP rules, the PDU session carrying this application will be released, or, before releasing this PDU session, the network side root According to the PDU session parameters indicated by the RSD in the first URSP rule, the establishment of a new PDU session is triggered, the application traffic is migrated to be carried on the new PDU session, and then the original session is released.
在一个可能的实现方式中,该方法还可以包括:在以下任一情况下,所述第一网络侧设备更新所述终端的URSP规则:In a possible implementation, the method may further include: in any of the following situations, the first network side device updates the URSP rule of the terminal:
(1)所述第一验证结果指示所述第一URSP规则与所述第二URSP规则不一致;(1) The first verification result indicates that the first URSP rule is inconsistent with the second URSP rule;
(2)所述第二验证结果指示所述第一参数中的至少一项参数与所述第二参数不一致;(2) The second verification result indicates that at least one of the first parameters is inconsistent with the second parameter;
(3)所述第三验证结果指示所述第一PDU会话对应的传输数据包中未包括所述目标应用的数据包。(3) The third verification result indicates that the transmission data packet corresponding to the first PDU session does not include the data packet of the target application.
在上述任一情况下,第一网络侧设备确定终端未正确使用URSP规则,可以更新所述终端的URSP规则,例如,重新执行终端的URSP策略并下发给终端。这种情况是说,如果终端没有正确使用规则,可能是规则设计不合理导致的,因此需要第一网络侧设备更新终端的所述URSP规则。In any of the above situations, the first network side device determines that the terminal does not use URSP rules correctly, and may update the URSP rules of the terminal, for example, re-execute the URSP policy of the terminal and deliver it to the terminal. This situation means that if the terminal does not use the rules correctly, it may be caused by unreasonable rule design, so the first network side device needs to update the URSP rules of the terminal.
图3示出本申请实施例中的URSP规则的验证方法的另一种流程示意图,该方法300可以由第二网络侧设备执行。换言之,所述方法可以由安装在第二网络侧设备上的软件或硬件来执行。在本申请实施例中,第二网络侧设备可以为会话管理网元,例如,第二网络侧设备可以为会话管理功能(Session Management Function,SMF)。如图3所示,该方法可以包括以下步骤。Figure 3 shows another schematic flowchart of the verification method of URSP rules in the embodiment of the present application. The method 300 can be executed by the second network side device. In other words, the method may be executed by software or hardware installed on the second network side device. In this embodiment of the present application, the second network side device may be a session management network element. For example, the second network side device may be a session management function (Session Management Function, SMF). As shown in Figure 3, the method may include the following steps.
S310,第二网络侧设备接收终端发送的上报信息,其中,所述上报信息包括:所述终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话标识,所述第一PDU会话标识用于指示第一PDU会话。S310. The second network side device receives the reporting information sent by the terminal, where the reporting information includes: the first URSP rule used by the terminal for the target application and the first PDU session identifier carrying the target application. A PDU session identifier is used to indicate the first PDU session.
例如,终端可以通过上行NAS消息发送所述上报信息。例如,终端使用URSP规则,匹配目标应用的流量到PDU会话,或使用匹配到的URSP规则中的RSD建立新的PDU会话,终端上报匹配到的URSP规则(包括RSD和/或TD)以及指示该PDU会话的PDU会话标识。For example, the terminal may send the reported information through an uplink NAS message. For example, the terminal uses URSP rules to match the traffic of the target application to a PDU session, or uses the RSD in the matched URSP rules to establish a new PDU session. The terminal reports the matched URSP rules (including RSD and/or TD) and indicates the PDU session identifier of the PDU session.
S312,所述第二网络侧设备获取所述第一PDU会话的第一参数。S312: The second network side device obtains the first parameter of the first PDU session.
可选地,所述第一参数包括以下至少一项:PDU会话类型、PDU会话的接入类型、SSC模式、网络切片标识符、DNN。第二网络侧设备直接根据第一PDU会话标识可以找到该标识对应的PDU会话的会话参数,也就是第一参数。Optionally, the first parameter includes at least one of the following: PDU session type, PDU session access type, SSC mode, network slice identifier, and DNN. The second network side device can directly find the session parameters of the PDU session corresponding to the first PDU session identifier, that is, the first parameters.
S314,所述第二网络侧设备向第一网络侧设备发送目标请求信息,其中,所述目标请求信息指示所述第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数。S314: The second network side device sends target request information to the first network side device, where the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly. The request information includes the first URSP rule and the first parameter of the first PDU session.
其中,第二网络侧设备发送所述目标请求信息的方式可以参见上述方法200中的描述,在此不再赘述。For the manner in which the second network side device sends the target request information, please refer to the description in the above method 200, which will not be described again here.
在本申请实施例中,目标请求信息用于请求第一网络侧设备验证终端使用的第一URSP规则与第一终端侧设备发送给所述终端的至少一个第二URSP规则是否一致以及验证所述 第一PDU会话的第一参数与所述第一URSP规则中的RSD描述的第二参数是否一致,从而使得第一网络侧设备可以获知终端的URSP规则的使用情况,以对终端进行控制。In this embodiment of the present application, the target request information is used to request the first network side device to verify whether the first URSP rule used by the terminal is consistent with at least one second URSP rule sent by the first terminal side device to the terminal and to verify that the Whether the first parameter of the first PDU session is consistent with the second parameter described by the RSD in the first URSP rule, so that the first network side device can learn the usage of the terminal's URSP rule to control the terminal.
在本申请实施例中,第二网络侧设备发送的终端执行的第一URSP规则,可以是终端为某个应用的流量(比如某应用提供商A)使用的第一URSP规则。第二网络侧设备发送的第一URSP规则可以是该第一URSP规则的流量描述符(Traffic descriptor)以及使用的RSD。第一URSP规则可以包含在一个容器container里发送给第一网络侧,所述container中携带终端执行的Traffic descriptor和RSD,或者,所述container中携带流量描述符(Traffic descriptor)的优先级和RSD的优先级。In this embodiment of the present application, the first URSP rule executed by the terminal sent by the second network side device may be the first URSP rule used by the terminal for traffic of a certain application (such as a certain application provider A). The first URSP rule sent by the second network side device may be the traffic descriptor (Traffic descriptor) and the used RSD of the first URSP rule. The first URSP rule can be included in a container and sent to the first network side. The container carries the Traffic descriptor and RSD executed by the terminal, or the container carries the priority and RSD of the traffic descriptor (Traffic descriptor). priority.
目标请求信息中的另一个信息为承载目标应用的第一PDU会话的第一参数。终端在执行目标应用流量匹配到PDU会话的时候,终端可以上报该流量匹配至的PDU session ID,然后第二网络侧设备可以将该PDU会话ID的对应的第一PDU会话的属性参数也发给第一网络侧设备。该属性参数包括但不限于以下至少之一:SSC mode、Access type、DNN、S-NSSAI、PDU session type。Another piece of information in the target request information is the first parameter of the first PDU session carrying the target application. When the terminal matches the target application traffic to a PDU session, the terminal can report the PDU session ID to which the traffic matches, and then the second network side device can also send the attribute parameters of the first PDU session corresponding to the PDU session ID to The first network side device. This attribute parameter includes but is not limited to at least one of the following: SSC mode, Access type, DNN, S-NSSAI, PDU session type.
在一个可能的实现方式中,第二网络侧设备可能不知晓为终端发送URSP规则的第一网络侧设备,因此,在一个可能的实现方式中,在S310之前,该方法还可以包括:所述第二网络侧设备获取所述第一网络侧设备的标识。其中,所述第一网络侧设备的标识包括但不限于以下之一:第一网络侧设备的标识符或第一网络侧设备的IP地址。In a possible implementation, the second network side device may not know the first network side device that sends the URSP rule for the terminal. Therefore, in a possible implementation, before S310, the method may further include: The second network side device obtains the identity of the first network side device. Wherein, the identification of the first network side device includes but is not limited to one of the following: an identifier of the first network side device or an IP address of the first network side device.
在本申请实施例中,所述第二网络侧设备获取所述第一网络侧设备的标识包括但不限于以下方式一至方式四中任一种方式。In this embodiment of the present application, the second network side device obtains the identity of the first network side device, including but not limited to any one of the following methods one to four.
方式一、所述第二网络侧设备接收第三网络侧设备发送的第二请求消息,其中,所述第二请求消息用于请求建立或更新所述第一PDU会话的上下文,所述第二请求消息中携带有目标标识,所述目标标识用于指示为所述终端提供服务的所述第一网络侧设备。Method 1: The second network side device receives a second request message sent by the third network side device, wherein the second request message is used to request to establish or update the context of the first PDU session, and the second The request message carries a target identifier, and the target identifier is used to indicate the first network side device that provides services for the terminal.
例如,第一网络侧设备可以在向终端发送URSP规则时,指示第三网络侧设备在接收到终端发送的PDU会话建立请求或PDU会话修改请求时,向第二网络侧设备发送第一网络侧设备的标识,则第三网络侧设备在接收到终端的PDU会话建立请求或PDU会话修改请求时,向第二网络侧设备发送所述第二请求信息。For example, when sending the URSP rule to the terminal, the first network side device may instruct the third network side device to send the first network side device to the second network side device when receiving a PDU session establishment request or a PDU session modification request sent by the terminal. If the third network side device receives the PDU session establishment request or the PDU session modification request from the terminal, the third network side device sends the second request information to the second network side device.
比如说,所述第一网络侧设备(例如,AM-PCF)在给终端发送URSP规则的时候,例如,使用Namf_Communication_N1N2MessageTransfer信令向终端发送URSP规则,上述信令发到第三网络侧设备(例如,AMF)(第一网络侧设备经过第三网络侧设备向UE发送URSP规则)。然后,这条信令中还可以指示当第三网络侧设备后续接收到这个终端(以UE标识SUPI指示该终端)发送来的PDU会话建立请求或者修改请求的时候,第三网络侧设备将第一网络侧设备的标识(例如,AM-PCFID)发给第二网络侧设备(例如,SMF),例如,第三网络侧设备通过以下信令将第一网络侧设备的标识发送给第二网络侧设备:Nsmf_PDUSession_CreateSMContext Request或Nsmf_PDUSession_UpdateSMContext Request。 For example, when the first network side device (for example, AM-PCF) sends the URSP rule to the terminal, for example, it uses Namf_Communication_N1N2MessageTransfer signaling to send the URSP rule to the terminal, and the above signaling is sent to the third network side device (for example, , AMF) (the first network side device sends the URSP rule to the UE through the third network side device). Then, this signaling may also indicate that when the third network side device subsequently receives the PDU session establishment request or modification request sent by the terminal (indicated by the UE identifier SUPI), the third network side device will The identification of a network side device (for example, AM-PCFID) is sent to the second network side device (for example, SMF). For example, the third network side device sends the identification of the first network side device to the second network through the following signaling: Side device: Nsmf_PDUSession_CreateSMContext Request or Nsmf_PDUSession_UpdateSMContext Request.
以第一网络侧设备为AM-PCF、第二网络侧设备为SMF、第三网络侧设备为AMF为例,图4示出了本申请实施例中第一网络侧设备的标识的获取方法的一种流程示意图,如图4所示,该方法400主要包括以下步骤。Taking the first network side device as AM-PCF, the second network side device as SMF, and the third network side device as AMF as an example, Figure 4 shows the method for obtaining the identity of the first network side device in the embodiment of the present application. A schematic flow chart is shown in Figure 4. The method 400 mainly includes the following steps.
S401:终端发送注册请求(Registration Request)到无线接入网(RAN)。其中,所述终端可以在注册请求中上报所述终端支持上报终端内部URSP规则使用的情况(URSP enforcement)。S401: The terminal sends a registration request (Registration Request) to the radio access network (RAN). Wherein, the terminal may report in the registration request that the terminal supports reporting of the use of URSP rules within the terminal (URSP enforcement).
其中,终端可以支持通过NAS消息上报,也可以支持通过DCAF上报。Among them, the terminal can support reporting through NAS messages or DCAF reporting.
S402:RAN转发该终端的注册请求到AMF。S402: The RAN forwards the registration request of the terminal to the AMF.
其中,RAN可以增加了一些终端位置信息等后转发该注册请求,对于终端能力指示并不影响,因此,也可以视为UE直接将注册请求发送给AMF。Among them, the RAN can add some terminal location information and then forward the registration request, which does not affect the terminal capability indication. Therefore, it can also be regarded as that the UE directly sends the registration request to the AMF.
S403:AMF选择AM-PCF。S403: AMF selects AM-PCF.
S404:AMF触发UE的策略关联建立(policy association establishment)过程,或者触UE的策略关联修改(policy association Modification)过程。S404: AMF triggers the UE's policy association establishment process (policy association establishment), or triggers the UE's policy association modification (policy association Modification) process.
例如,AMF发送信令:Npcf_UEPolicyControl Create Request,或者,Npcf_UEPolicyControl Update Request,所述信令中可以携带终端的能力信息。其中,所述终端的能力信息是指该终端支持上报使用的URSP规则。For example, the AMF sends signaling: Npcf_UEPolicyControl Create Request, or Npcf_UEPolicyControl Update Request, and the signaling may carry terminal capability information. The capability information of the terminal refers to the URSP rules that the terminal supports reporting for use.
S405:当AM-PCF收到信令以后,向AMF发送响应(response)。S405: After receiving the signaling, AM-PCF sends a response (response) to AMF.
S406:AM-PCF决定给UE发送终端策略(UE policy)。同时,AM-PCF发现所述终端支持对URSP规则执行情况的上报,则所述AM-PCF给UE下发UE policy的同时,还指示AMF:当接收到该终端的PDU会话建立请求或PDU会话修改请求的时候,将AM-PCF的ID,发给SMF。其中,所述SMF用于管理该终端的PDU会话。S406: AM-PCF decides to send the terminal policy (UE policy) to the UE. At the same time, the AM-PCF finds that the terminal supports reporting of URSP rule execution, and the AM-PCF sends the UE policy to the UE and also instructs the AMF: when receiving the terminal's PDU session establishment request or PDU session When making a modification request, send the AM-PCF ID to SMF. Wherein, the SMF is used to manage the PDU session of the terminal.
其中,AM-PCF可以通过信令Namf_Communication_N1N2MessageTransfer指示AMF,该信令中可以包括一个指示,指示所述AMF当所述终端(可以通过SUPI标识)发送PDU会话建立请求或PDU会话修改请求的时候,AMF需要转发该UE的AM-PCF ID给SMF和/或SM-PCF。Among them, the AM-PCF can instruct the AMF through the signaling Namf_Communication_N1N2MessageTransfer. The signaling can include an indication to instruct the AMF that when the terminal (which can be identified by SUPI) sends a PDU session establishment request or a PDU session modification request, the AMF The AM-PCF ID of the UE needs to be forwarded to the SMF and/or SM-PCF.
S407:UE收到AM-PCF发送的UE policy。S407: The UE receives the UE policy sent by AM-PCF.
S408:终端建立PDU会话,发送PDU会话建立请求(PDU session establishment request)或者PDU会话修改请求(PDU session modification request)到AMF。S408: The terminal establishes a PDU session and sends a PDU session establishment request (PDU session establishment request) or a PDU session modification request (PDU session modification request) to the AMF.
S409:AMF触发在SMF建立上下文,向SMF发送建立或更新PDU会话的上下文的请求,该请求中可以携带AM-PCF ID。S409: AMF triggers context establishment in SMF and sends a request to establish or update the context of the PDU session to SMF. The request can carry the AM-PCF ID.
例如,AMF可以发送信令:Nsmf_PDUSession_CreateSMContext Request,或者,Nsmf_PDUSession_UpdateSMContext Request,该信令中携带AM-PCF ID。For example, AMF can send signaling: Nsmf_PDUSession_CreateSMContext Request, or Nsmf_PDUSession_UpdateSMContext Request, which carries the AM-PCF ID.
在本申请实施例中,AMF之所以携带AM-PCF ID给SMF,其目的是为了URSP规则执行的验证或者监控,因为具体URSP规则执行的验证或者监控是需要在AM-PCF完成,而SMF从终端收到了UE实际上报的URSP规则后,还需要发给AM-PCF进行验证,而此 时,如果AMF直接提供了给该终端服务的AM-PCF ID,则可以省去SMF查找AM-PCF的过程。In the embodiment of this application, the reason why AMF carries AM-PCF ID to SMF is to verify or monitor the execution of URSP rules, because the verification or monitoring of specific URSP rule execution needs to be completed in AM-PCF, and SMF does not After the terminal receives the URSP rules actually reported by the UE, it still needs to send them to AM-PCF for verification, and this At this time, if AMF directly provides the AM-PCF ID for the terminal service, the process of SMF searching for AM-PCF can be omitted.
S410:SMF通过会话管理管理关联建立(SM policy Association establishment)或会话管理管理关联修改(SM policy Association modification)过程,将AM-PCFID发给SM-PCF。例如,SMF可以向SM-PCF发送携带AM-PCF ID的信令:Npcf_SMPolicyControl_Create或Npcf_SMPolicyControl_Update。S410: SMF sends AM-PCFID to SM-PCF through the session management management association establishment (SM policy Association establishment) or session management management association modification (SM policy Association modification) process. For example, SMF can send signaling carrying AM-PCF ID to SM-PCF: Npcf_SMPolicyControl_Create or Npcf_SMPolicyControl_Update.
由于SMF在后续可能通过SM-PCF与AM-PCF进行通信,因此,SMF在获取到AM-PCF ID之后,可以执行S410,将AM-PCF ID发送给AM-PCF。Since the SMF may subsequently communicate with the AM-PCF through the SM-PCF, after obtaining the AM-PCF ID, the SMF can execute S410 and send the AM-PCF ID to the AM-PCF.
方式二、所述第二网络侧设备向所述第三网络侧设备发送第三请求消息,其中,所述第三请求消息中携带有所述终端的标识,所述第三请求用于获取所述终端的上下文信息;所述第二网络侧设备接收所述第三网络侧设备返回的所述终端的上下文信息,从所述终端的上下文信息中获取所述第一网络侧设备的标识。Method 2: The second network side device sends a third request message to the third network side device, wherein the third request message carries the identifier of the terminal, and the third request is used to obtain the Context information of the terminal; the second network side device receives the context information of the terminal returned by the third network side device, and obtains the identity of the first network side device from the context information of the terminal.
第一网络侧设备(例如,AM-PCF)是作为每个终端(per UE)的配置存在的,第一网络侧设备的标识的保存位置主要是在第三网络侧设备(例如,AMF)保存的UE context(UE上下文)里。因此,可以向第三网络侧设备请求终端的上下文信息获取第一网络侧设备的标识。The first network side device (for example, AM-PCF) exists as a configuration of each terminal (per UE). The storage location of the identity of the first network side device is mainly saved in the third network side device (for example, AMF). In the UE context (UE context). Therefore, the context information of the terminal may be requested from the third network side device to obtain the identity of the first network side device.
以第一网络侧设备为AM-PCF、第二网络侧设备为SMF、第三网络侧设备为AMF为例,图5示出了本申请实施例中第一网络侧设备的标识的获取方法的另一种流程示意图,如图5所示,该方法500主要包括以下步骤。Taking the first network side device as AM-PCF, the second network side device as SMF, and the third network side device as AMF as an example, Figure 5 shows the method for obtaining the identity of the first network side device in the embodiment of the present application. Another schematic flow chart is shown in Figure 5. The method 500 mainly includes the following steps.
S501:SMF向AMF发送请求,请求从AMF得到UE上下文(UE context)。S501: SMF sends a request to AMF, requesting to obtain the UE context (UE context) from AMF.
其中,SMF发送的信令可以是:Namf_Communication_UEContextTransfer Request,或者其他信令,该所述信令中可以携带终端的标识,例如,UE SUPI。The signaling sent by SMF may be: Namf_Communication_UEContextTransfer Request, or other signaling, and the signaling may carry the identity of the terminal, for example, UE SUPI.
S502:AMF向SMF发送UE context。S502: AMF sends UE context to SMF.
其中,AMF发送的信令可以是Namf_Communication_UEContextTransfer response,或者其他信令,所述信令携带中携带UE上下文。其中,UE上下文主要保存了终端接入网络的相关信息和终端的PDU会话的相关信息。The signaling sent by the AMF may be Namf_Communication_UEContextTransfer response, or other signaling, and the signaling carries the UE context. Among them, the UE context mainly stores information related to the terminal's access to the network and information related to the terminal's PDU session.
S503:SMF从得到的UE context里,获取到AM-PCF ID。UE context里包含的内容较多,SMF可以从中查找到所述服务终端的AM-PCF的ID。S503: SMF obtains the AM-PCF ID from the obtained UE context. The UE context contains a lot of content, from which SMF can find the AM-PCF ID of the service terminal.
方式三、所述第二网络侧设备向所述第三网络侧设备发送第四请求消息,其中,所述第四请求消息用于请求获取向所述终端发送URSP规则的第一网络侧设备的标识,所述第四请求消息中携带有所述终端的标识;所述第二网络侧设备接收所述第三网络侧设备返回的所述第一网络侧设备的标识。Method 3: The second network side device sends a fourth request message to the third network side device, wherein the fourth request message is used to request to obtain the information of the first network side device that sends the URSP rule to the terminal. The identification, the fourth request message carries the identification of the terminal; the second network side device receives the identification of the first network side device returned by the third network side device.
第一网络侧设备(例如,AM-PCF)是作为每个终端(per UE)的配置存在的,第一网络侧设备的标识的保存位置主要是在第三网络侧设备(例如,AMF)保存的UE context(UE上下文)里。因此,第二网络侧设备可以直接向第三网络侧设备请求第一网络侧设备的标 识。因此,在该可能的实现方式中,第二网络侧设备通过向第三网络侧设备发送第四请求消息,获取所述第一网络侧设备的标识。The first network side device (for example, AM-PCF) exists as a configuration of each terminal (per UE), and the storage location of the identity of the first network side device is mainly saved in the third network side device (for example, AMF) In the UE context (UE context). Therefore, the second network side device can directly request the third network side device for the tag of the first network side device. knowledge. Therefore, in this possible implementation, the second network side device obtains the identity of the first network side device by sending a fourth request message to the third network side device.
以第一网络侧设备为AM-PCF、第二网络侧设备为SMF、第三网络侧设备为AMF为例,图6示出了本申请实施例中第一网络侧设备的标识的获取方法的又一种流程示意图,如图6所示,该方法600主要包括以下步骤。Taking the first network side device as AM-PCF, the second network side device as SMF, and the third network side device as AMF as an example, Figure 6 shows the method for obtaining the identity of the first network side device in the embodiment of the present application. Another schematic flow chart is shown in Figure 6. The method 600 mainly includes the following steps.
S601:SMF向AMF发送请求,请求从AMF得到AM-PCF ID。S601: SMF sends a request to AMF to obtain the AM-PCF ID from AMF.
SMF发送的信令可以是:Namf_Communication_N1MessageNotify Subscribe,或者Namf_Communication_N1N2MessageSubscribe,或者其他信令。所述信令可以携带终端的标识(例如,UE SUPI),以及指示所订阅的信息为AM-PCF ID。The signaling sent by SMF can be: Namf_Communication_N1MessageNotify Subscribe, or Namf_Communication_N1N2MessageSubscribe, or other signaling. The signaling may carry the identification of the terminal (for example, UE SUPI), and indicate that the subscribed information is the AM-PCF ID.
S602:AMF发送AM-PCF ID。S602: AMF sends AM-PCF ID.
其中,AMF发送的信令可以是以下至少一项:Namf_Communication_N1MessageNotify Notify、Namf_Communication_N1N2MessageTransfer、Namf_Communication_N1N2Messag eNotify,或者其他信令,该信令中携带与终端的标识对应的AM-PCF ID。Among them, the signaling sent by the AMF can be at least one of the following: Namf_Communication_N1MessageNotify Notify, Namf_Communication_N1N2MessageTransfer, Namf_Communication_N1N2MessageNotify, or other signaling, which carries the AM-PCF ID corresponding to the terminal's identity.
方式四、所述第二网络侧设备向第五网络侧设备发送第五请求消息,其中,所述第五请求消息用于获得向所述终端发送URSP规则的第一网络侧设备的标识,所述第五请求消息中携带有所述终端的标识;获取第五网络侧设备返回的所述第一网络侧设备的标识。因为所述第五网络侧设备中保存了每个终端的签约信息,而所述AM-PCF ID是签约信息的一种。Method 4: The second network side device sends a fifth request message to the fifth network side device, where the fifth request message is used to obtain the identity of the first network side device that sends the URSP rule to the terminal, so The fifth request message carries the identifier of the terminal; and the identifier of the first network-side device returned by the fifth network-side device is obtained. Because the fifth network side device stores the subscription information of each terminal, and the AM-PCF ID is a type of subscription information.
终端对应的第一网络侧设备的标识可以作为终端的签约信息保存在第五网络侧设备(例如,统一数据管理(Unified Data Management,UDM))中,因此,在一个可能的实现方式中,第二网络侧设备可以通过向第五网络侧设备发送第五请求消息,获取第一网络侧设备的标识。The identity of the first network-side device corresponding to the terminal can be stored in the fifth network-side device (for example, Unified Data Management (UDM)) as the terminal's subscription information. Therefore, in a possible implementation, the third The second network side device may obtain the identity of the first network side device by sending a fifth request message to the fifth network side device.
以第一网络侧设备为AM-PCF、第二网络侧设备为SMF、第五网络侧设备为UDM为例,图7示出了本申请实施例中第一网络侧设备的标识的获取方法的又一种流程示意图,如图7所示,该方法700主要包括以下步骤。Taking the first network side device as AM-PCF, the second network side device as SMF, and the fifth network side device as UDM as an example, Figure 7 shows the method for obtaining the identity of the first network side device in the embodiment of the present application. Another schematic flow chart is shown in Figure 7. The method 700 mainly includes the following steps.
S701:AMF或AM-PCF注册至UDM,成为签约信息,UDM保存该信息。S701: AMF or AM-PCF is registered to UDM and becomes contract information, and UDM saves this information.
例如,AMF或AM-PCF可以发送信令:Nudm_UECM_Registration或Nudm_UECM_Update,该信令携带有包含:UE SUPI和AM-PCF ID。For example, AMF or AM-PCF can send signaling: Nudm_UECM_Registration or Nudm_UECM_Update, which carries: UE SUPI and AM-PCF ID.
其中,在UDM中可以保存AM-PCF ID,比如,将AM-PCF ID保存为接入及移动性签约信息(Access and Mobility Subscription data),该签约信息必须通过SUPI才能够获得。Among them, AM-PCF ID can be saved in UDM. For example, AM-PCF ID can be saved as access and mobility subscription information (Access and Mobility Subscription data). This subscription information must be obtained through SUPI.
S702:UDM返回响应,指示接收到注册请求。S702: UDM returns a response indicating that a registration request has been received.
S703:SMF需要从UDM得到服务该UE的AM-PCF ID,向UDM发送订阅请求。S703: SMF needs to obtain the AM-PCF ID serving the UE from UDM and send a subscription request to UDM.
例如,SMF可以发送信令:Nudm_SDM_Get或者Nudm_SDM_Subscribe,该信令里中携带有:请求签约数据类型为Access and Mobility Subscription data,data key为SUPI。For example, SMF can send signaling: Nudm_SDM_Get or Nudm_SDM_Subscribe, which carries: the requested subscription data type is Access and Mobility Subscription data, and the data key is SUPI.
S704:UDM返回response,该响应为SMF发送的订阅请求的响应,指示收到订阅。 S704: UDM returns a response, which is the response to the subscription request sent by SMF, indicating that the subscription has been received.
S705:UDM通过notify信令,发送AM-PCF ID给SMF。S705: UDM sends AM-PCF ID to SMF through notify signaling.
例如,UDM可以发送信令:Nudm_SDM_Get Response,或者Nudm_SDM_Notification,该信令里携带AM-PCF ID。For example, UDM can send signaling: Nudm_SDM_Get Response, or Nudm_SDM_Notification, which carries AM-PCF ID.
在一个可能的实现方式中,在S312之后,该方法还可以包括以下步骤:In a possible implementation, after S312, the method may also include the following steps:
步骤1,所述第二网络侧设备获取所述第一网络侧设备发送的所述第一URSP规则。Step 1: The second network side device obtains the first URSP rule sent by the first network side device.
例如,第一网络侧设备可以在获取所述第二验证结果之后,如果所述第二验证结果指示第一PDU会话的第一参数与第一URSP规则的RSD描述的第二参数一致,则第一网络侧设备可以向第二网络侧设备发送请求信息,该请求信息包括所述第一URSP规则,请求所述第二网络侧设备验证所述第一PDU会话中是否包括所述目标应用的数据包。For example, after obtaining the second verification result, the first network side device may, if the second verification result indicates that the first parameter of the first PDU session is consistent with the second parameter of the RSD description of the first URSP rule, then the first network side device may A network side device may send request information to a second network side device, where the request information includes the first URSP rule, requesting the second network side device to verify whether the first PDU session includes data of the target application. Bag.
步骤2,所述第二网络侧设备根据所述第一URSP规则,生成包检测规则,将所述包检测规则应用于所述第一PDU会话标识指示的第一PDU会话,获取第三验证结果,其中,所述包检测规则用于验证所述第一PDU会话中是否包括所述目标应用的数据包。Step 2: The second network side device generates a packet detection rule according to the first URSP rule, applies the packet detection rule to the first PDU session indicated by the first PDU session identifier, and obtains a third verification result. , wherein the packet detection rule is used to verify whether the first PDU session includes the data packet of the target application.
例如,第二网络侧设备(例如,SMF)可以根据第一网络侧设备(例如,AM-PCF)发送的第一URSP规则里的流量描述符,比如IP描述符等,生成包检测规则。或者,第二网络侧设备(例如,SMF)根据第一网络侧设备(例如,AM-PCF)发送的第一URSP规则里的流量描述符,比如说,域名描述符FQDN,DNN等,将这个FQDN、DNN、APP描述符、连接能力等,转换成IP描述符,然后生成所述包检测规则。由于所述包检测规则只有IP五元组,而第一URSP规则里,除了IP描述符可以直接用于生成包检测规则以外,其余的描述符,比如APP描述符、域名描述符、DNN、连接能力等,都无法直接生成包检测规则(PDR),但是SMF可以具备这样的能力,将所述APP描述符、域名描述符、DNN、连接能力等描述符,转换成IP五元组,或者IP描述符,然后,可以将转换后的IP描述符直接用于PDR的生成。另一种方式是5G核心网(5GC)(比如,AMF,AM-PCF,SM-PCF等)具备这样的转换能力,将将所述APP描述符、域名描述符、DNN、连接能力等描述符,转换成IP五元组,或者IP描述符。For example, the second network side device (eg, SMF) can generate a packet detection rule based on the traffic descriptor, such as the IP descriptor, in the first URSP rule sent by the first network side device (eg, AM-PCF). Or, the second network side device (for example, SMF) converts this traffic descriptor according to the traffic descriptor in the first URSP rule sent by the first network side device (for example, AM-PCF), for example, domain name descriptor FQDN, DNN, etc. FQDN, DNN, APP descriptors, connection capabilities, etc. are converted into IP descriptors, and then the packet detection rules are generated. Since the packet detection rule only has IP five-tuple, and in the first URSP rule, in addition to the IP descriptor can be directly used to generate packet detection rules, the other descriptors, such as APP descriptor, domain name descriptor, DNN, connection capabilities, etc., cannot directly generate Packet Detection Rules (PDR), but SMF can have the ability to convert the APP descriptor, domain name descriptor, DNN, connection capability and other descriptors into IP quintuple, or IP descriptor, the converted IP descriptor can then be used directly for PDR generation. Another way is that the 5G core network (5GC) (for example, AMF, AM-PCF, SM-PCF, etc.) has such conversion capabilities and will convert the APP descriptor, domain name descriptor, DNN, connection capability and other descriptors , converted into IP quintuple, or IP descriptor.
步骤3,所述第二网络侧设备向所述第一网络侧设备发送所述第三验证结果。Step 3: The second network side device sends the third verification result to the first network side device.
在一个可能的实现方式中,该方法还可以包括以下步骤:In a possible implementation, the method may also include the following steps:
步骤1,所述第二网络侧设备获取所述第一网络侧设备发送的第二指示信息,其中,所述第二指示信息用于指示所述终端未正确使用URSP规则;Step 1: The second network side device obtains second indication information sent by the first network side device, where the second indication information is used to indicate that the terminal does not use URSP rules correctly;
步骤2,所述第二网络侧设备拒绝所述第一PDU会话标识对应的会话建立请求或会话修改请求,或者,所述第二网络侧设备释放所述第一PDU会话标识对应的PDU会话。Step 2: The second network side device rejects the session establishment request or session modification request corresponding to the first PDU session identifier, or the second network side device releases the PDU session corresponding to the first PDU session identifier.
其中,拒绝所述会话建立请求或修改请求是指拒绝上报第一URSP规则的终端的PDU会话建立请求或修改请求。或者,由于终端误用了URSP规则,则承载这个应用的PDU会话将被释放,或者,在释放这个PDU会话之前,网络侧根据第一URSP规则里的RSD指示的PDU会话参数,触发建立新的PDU会话,迁移所述应用流量在新的PDU会话上承载,然后再释放原有会话。 Wherein, rejecting the session establishment request or modification request means rejecting the PDU session establishment request or modification request of the terminal that reports the first URSP rule. Or, because the terminal misuses the URSP rule, the PDU session carrying the application will be released, or, before releasing the PDU session, the network side triggers the establishment of a new one based on the PDU session parameters indicated by the RSD in the first URSP rule. PDU session, migrate the application traffic to be carried on the new PDU session, and then release the original session.
其中,所述终端未正确使用URSP规则包括以下之一:Among them, the terminal's improper use of URSP rules includes one of the following:
(1)所述第一URSP规则与第二URSP规则不一致,所述第二URSP规则为所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则;例如,第一网络侧设备可以通过上述S210和S212获取第一验证结果,在第一验证结果指示所述第一URSP规则与第二URSP规则不一致的情况下,向第二网络侧设备发送所述第二指示信息。(1) The first URSP rule is inconsistent with the second URSP rule. The second URSP rule is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal; for example, The first network side device may obtain the first verification result through the above S210 and S212, and if the first verification result indicates that the first URSP rule is inconsistent with the second URSP rule, send the second network side device the second verification result. Instructions.
(2)所述第一参数中至少一项参数与所述第二参数不一致。例如,第一网络侧设备可以验证从第二网络侧设备获取的第一PDU会话的第一参数中的至少一项参数与第一URSP规则中的RSD描述的第二参数不一致的情况下,向所述第二网络侧设备发送所述第二指示信息。或者,第一网络侧设备接收第二网络侧设备发送的第二验证结果,在第二验证结果指示所述第一参数中的至少一项参数与第二参数不一致的情况下,向第二网络侧设备发送所述第二指示信息。(2) At least one parameter among the first parameters is inconsistent with the second parameter. For example, the first network side device may verify that at least one of the first parameters of the first PDU session obtained from the second network side device is inconsistent with the second parameter described by the RSD in the first URSP rule, and report the request to the first network side device. The second network side device sends the second indication information. Alternatively, the first network side device receives the second verification result sent by the second network side device, and when the second verification result indicates that at least one of the first parameters is inconsistent with the second parameter, the first network side device sends a request to the second network side device. The side device sends the second indication information.
(3)所述第一PDU会话中未包括所述目标应用的数据包。例如,第一网络侧设备接收第二网络侧设备发送的第三验证结果,在第三验证结果指示所述第一PDU会话中未包括所述目标应用的数据包的情况下,向第二网络侧设备发送所述第二指示信息。(3) The first PDU session does not include the data packet of the target application. For example, the first network side device receives the third verification result sent by the second network side device, and when the third verification result indicates that the first PDU session does not include the data packet of the target application, the first network side device sends the data packet to the second network side device. The side device sends the second indication information.
在上述可能的实现方式中,第二网络侧设备在接收到上述第二指示信息之后,拒绝所述第一PDU会话标识对应的会话建立请求或会话修改请求,或者,所述第二网络侧设备释放所述第一PDU会话标识对应的第一PDU会话。例如,在未建立第一PDU会话标识对应的第一PDU会话的情况下,在接收到所述第二指示信息之后,拒绝请求建立所述第一PDU会话的会话建立请求。或者,在已建立第一PDU会话标识对应的第一PDU会话的情况下,在接收到所述第二指示信息之后,释放所述第一PDU会话标识对应的第一PDU会话。从而可以避免终端使用不遵守URSP规则指示的PDU会话传输数据流。其中,拒绝会话建立请求或会话修改请求,是指拒绝上报第一URSP规则的终端的PDU会话建立请求或修改请求。或者,由于终端误用了URSP规则,那么,承载这个应用的PDU会话将被释放,或者,在释放这个PDU会话之前,网络侧根据第一URSP规则里的RSD指示的PDU会话参数,触发建立新的PDU会话,迁移所述应用流量在新的PDU会话上承载,然后再释放原有会话。In the above possible implementation manner, after receiving the above second indication information, the second network side device rejects the session establishment request or session modification request corresponding to the first PDU session identifier, or the second network side device Release the first PDU session corresponding to the first PDU session identifier. For example, if the first PDU session corresponding to the first PDU session identifier is not established, after receiving the second indication information, reject the session establishment request to establish the first PDU session. Alternatively, when the first PDU session corresponding to the first PDU session identifier has been established, after receiving the second indication information, release the first PDU session corresponding to the first PDU session identifier. This prevents the terminal from transmitting data streams using PDU sessions that do not comply with the URSP rule instructions. Rejecting the session establishment request or session modification request refers to rejecting the PDU session establishment request or modification request of the terminal that reports the first URSP rule. Or, because the terminal misuses the URSP rule, the PDU session carrying the application will be released, or, before releasing the PDU session, the network side triggers the establishment of a new session based on the PDU session parameters indicated by the RSD in the first URSP rule. PDU session, migrate the application traffic to be carried on the new PDU session, and then release the original session.
比如说,当第二网络侧设备(SMF)收到第一指示以后,所述终端未正确使用URSP规则,则第二网络侧设备执行以下至少一项:For example, when the second network side device (SMF) receives the first instruction and the terminal does not use the URSP rules correctly, the second network side device performs at least one of the following:
1.发送PDU会话建立拒绝PDU session establishment reject到终端(可以经AMF转发至终端);1. Send PDU session establishment reject PDU session establishment reject to the terminal (can be forwarded to the terminal via AMF);
2.发送PDU会话修改拒绝PDU session modification reject到终端(可以经AMF转发至终端);2. Send PDU session modification reject to the terminal (can be forwarded to the terminal via AMF);
3.第二网络设备触发PDU会话释放PDU session release过程,释放所述第一PDU会话标识对应的第一PDU会话;3. The second network device triggers the PDU session release process and releases the first PDU session corresponding to the first PDU session identifier;
4.第二网络设备触发PDU会话修改指令PDU session modification command到终端(可 以经AMF转发至终端);然后,所述终端触发一个PDU会话建立请求PDU session establishment request到第二网络设备(所述会话建立请求可以经AMF转发)。在本申请实施例中,由于第一URSP规则未被正确使用,第二网络设备请求终端修改会话,终端接受请求后,建立新的PDU会话,然后将所述第一PDU会话中承载的业务,切换至新建的PDU会话上。最后,终端或第二网络设备再释放第一PDU会话。4. The second network device triggers the PDU session modification command PDU session modification command to the terminal (can (can be forwarded to the terminal via AMF); then, the terminal triggers a PDU session establishment request to the second network device (the session establishment request can be forwarded via AMF). In the embodiment of this application, because the first URSP rule is not used correctly, the second network device requests the terminal to modify the session. After accepting the request, the terminal establishes a new PDU session, and then transfers the services carried in the first PDU session to Switch to the newly created PDU session. Finally, the terminal or the second network device releases the first PDU session.
在本申请实施例中,第一网络侧设备与第二网络侧设备之间可以直接进行信息传输,例如,第二网络侧设备可以先获知第一网络侧设备的标识,然后直接与第一网络侧设备进行信息传输。或者,第一网络侧设备与第二网络侧设备之间也可以通过第三网络侧设备进行信息传输,例如,第一网络侧设备与第二网络侧设备之间通过会话管理策略控制网元(例如,会话管理策略控制功能(Session Management Policy Control Function,SM-PCF)进行信息传输,在通过SM-PCF进行信息传输的情况下,SM-PCF可以采用上述图4至图7中SMF获取AM-PCF ID的方式获取AM-PCF ID。或者,所述第一网络侧设备与所述第二网络侧设备之间通过接入和移动管理网元(例如,接入和移动管理功能(Access and Mobility Management Function,AMF)进行信息传输。In this embodiment of the present application, information can be transmitted directly between the first network side device and the second network side device. For example, the second network side device can first obtain the identity of the first network side device, and then directly communicate with the first network side device. side equipment for information transmission. Alternatively, the information transmission between the first network side device and the second network side device can also be carried out through the third network side device. For example, the first network side device and the second network side device control network elements through session management policies ( For example, the Session Management Policy Control Function (SM-PCF) transmits information. In the case of information transmission through SM-PCF, SM-PCF can use the SMF in Figure 4 to Figure 7 above to obtain AM-PCF. The AM-PCF ID is obtained in the form of PCF ID. Alternatively, the first network side device and the second network side device communicate through the access and mobility management network element (for example, Access and Mobility Management Function). Management Function (AMF) for information transmission.
图8示出本申请实施例提供的URSP规则的验证方法的又一流程示意图,该方法800可以由上述第三网络侧设备执行,换而言之,该方法800可以由安装在第三网络侧设备上的软件或硬件来执行。在本申请实施例中,第三网络侧设备可以为会话管理策略控制网元,例如,SM-PCF,或者,第三网络侧设备可以为接入和移动管理网元,例如,AMF。如图8所示,该方法可以包括以下步骤。Figure 8 shows another schematic flowchart of the verification method of URSP rules provided by the embodiment of the present application. The method 800 can be executed by the above-mentioned third network side device. In other words, the method 800 can be executed by the device installed on the third network side. Software or hardware on the device to execute. In this embodiment of the present application, the third network side device may be a session management policy control network element, such as SM-PCF, or the third network side device may be an access and mobility management network element, such as AMF. As shown in Figure 8, the method may include the following steps.
S810,第三网络侧设备接收第二网络侧设备发送的目标请求信息,其中,所述目标请求信息指示第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数。S810. The third network side device receives the target request information sent by the second network side device. The target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly. The target request information includes The first URSP rule and the first parameter of the first PDU session.
其中,该目标请求信息与方法200和方法300中的目标请求信息相同,具体可以参数方法200和方法300中的描述。The target request information is the same as the target request information in method 200 and method 300. Specifically, the descriptions in method 200 and method 300 can be parameterized.
第二网络侧设备可以按照方法300中所描述的方式发送所述目标请求信息,具体可以参数方法300中的相关描述。The second network side device may send the target request information in the manner described in method 300. Specifically, the relevant description in method 300 may be parameterized.
S812,所述第三网络侧设备将所述目标请求信息发送给所述第一网络侧设备。S812: The third network side device sends the target request information to the first network side device.
在一个可能的实现方式中,在S810之前,该方法还可以包括:In a possible implementation, before S810, the method may also include:
步骤1,所述第三网络侧设备接收所述第一网络侧设备发送的第一指示信息,其中,所述第一指示信息指示所述第三网络侧设备在接收到所述终端发送的PDU会话建立请求或PDU会话修改请求之后,向所述第二网络侧设备发送所述第一网络侧设备的标识。Step 1: The third network side device receives the first indication information sent by the first network side device, wherein the first indication information indicates that the third network side device receives the PDU sent by the terminal. After the session establishment request or the PDU session modification request, the identifier of the first network side device is sent to the second network side device.
其中,第一网络侧设备可以采用上述实施例所描述的方式发送第一指示信息,具体可以参见上述实施例中的描述,在此不再赘述。The first network side device may send the first indication information in the manner described in the above embodiment. For details, please refer to the description in the above embodiment, which will not be described again here.
步骤2,所述第三网络侧设备接收所述终端发送的PDU会话建立请求或PDU会话修改请求,其中,所述PDU会话建立请求消息或PDU会话修改请求,用于请求建立或请求修 改所述第一PDU会话。Step 2: The third network side device receives a PDU session establishment request or a PDU session modification request sent by the terminal, where the PDU session establishment request message or PDU session modification request is used to request establishment or modification. Change the first PDU session.
步骤3,所述第三网络侧设备向所述第二网络侧设备发送第二请求消息,其中,所述第二请求消息用于请求建立或更新所述第一PDU会话的上下文,所述第二请求消息中携带有目标标识,所述目标标识用于指示为所述终端提供服务的所述第一网络侧设备。Step 3: The third network side device sends a second request message to the second network side device, where the second request message is used to request to establish or update the context of the first PDU session, and the third network side device The second request message carries a target identifier, and the target identifier is used to indicate the first network side device that provides services for the terminal.
通过上述可能的实现方式中,第三网络侧设备(例如,AMF)可以在第一网络侧设备向终端发送URSP规则时,接收第一网络侧设备发送的第一指示信息,所述第一指示信息指示所述第三网络侧设备在接收到所述终端发送的PDU会话建立请求或PDU会话修改请求的情况下,将所述第一网络侧设备的标识发送所述第二网络侧设备,然后第三网络侧设备可以在接收到终端发送的PDU会话建立请求或PDU会话修改请求后,向所述第二网络侧设备发送第二请求消息,其中,所述第二请求消息用于请求建立或更新所述第一PDU会话的上下文,将为终端提供服务的第一网络侧设备的标识发送给第二网络侧设备。例如,在第三网络侧设备为AMF的情况下,AMF可以按照图4所示的方法,向SMF提供AM-PCF ID。Through the above possible implementation manner, the third network side device (for example, AMF) can receive the first indication information sent by the first network side device when the first network side device sends the URSP rule to the terminal. The first indication information The information instructs the third network side device to send the identification of the first network side device to the second network side device when receiving the PDU session establishment request or PDU session modification request sent by the terminal, and then The third network side device may send a second request message to the second network side device after receiving the PDU session establishment request or PDU session modification request sent by the terminal, wherein the second request message is used to request establishment or PDU session modification request. The context of the first PDU session is updated, and the identifier of the first network side device that provides services for the terminal is sent to the second network side device. For example, when the third network side device is an AMF, the AMF can provide the AM-PCF ID to the SMF according to the method shown in Figure 4.
在一个可能的实现方式中,在S810之前,该方法还可以包括以下步骤:In a possible implementation, before S810, the method may also include the following steps:
步骤1,所述第三网络侧设备接收所述第二网络侧设备发送的第三请求消息,其中,所述第三请求消息中携带有所述终端的标识,所述第三请求用于获取所述终端的上下文信息;Step 1: The third network side device receives a third request message sent by the second network side device, wherein the third request message carries the identifier of the terminal, and the third request is used to obtain Context information of the terminal;
步骤2,所述第三网络侧设备向所述第二网络侧设备发送所述终端的上下文信息,其中,所述上下文信息中包括所述第一网络侧设备的标识。Step 2: The third network side device sends the context information of the terminal to the second network side device, where the context information includes the identification of the first network side device.
例如,在第三网络侧设备为AMF的情况下,AMF可以按照图5所示的方法,向SMF提供AM-PCF ID。For example, when the third network side device is an AMF, the AMF can provide the AM-PCF ID to the SMF according to the method shown in Figure 5.
在一个可能的实现方式中,在S810之前,该方法还可以包括以下步骤:In a possible implementation, before S810, the method may also include the following steps:
步骤1,所述第三网络侧设备接收所述第二网络侧设备发送的第四请求消息,其中,所述第四请求消息用于请求获取向所述终端发送URSP规则的第一网络侧设备的标识,所述第四请求消息中携带有所述终端的标识;Step 1: The third network side device receives a fourth request message sent by the second network side device, wherein the fourth request message is used to request to obtain the first network side device that sends URSP rules to the terminal. The identification of the terminal is carried in the fourth request message;
步骤2,所述第三网络侧设备将与所述终端的标识对应的所述第一网络侧设备的标识发送给所述第二网络侧设备。Step 2: The third network side device sends the identity of the first network side device corresponding to the identity of the terminal to the second network side device.
例如,在第三网络侧设备为AMF的情况下,AMF可以按照图6所示的方法,向SMF提供AM-PCF ID。For example, when the third network side device is an AMF, the AMF can provide the AM-PCF ID to the SMF according to the method shown in Figure 6.
在本申请实施例中,第三网络侧设备还可以传输上述第一网络侧设备和第二网络侧设备之间传输的第一URSP规则、第二指示信息及第三验证结果等。In this embodiment of the present application, the third network side device may also transmit the first URSP rule, the second instruction information, the third verification result, etc. transmitted between the first network side device and the second network side device.
其中,第一网络侧设备可以通过与第三网络侧设备之间交互的信令,发送所述请求信息。例如,所述AM-PCF与AMF的交互信令包括:AM-PCF通过Namf_CommunicationWherein, the first network side device may send the request information through signaling interacted with the third network side device. For example, the interactive signaling between AM-PCF and AMF includes: AM-PCF through Namf_Communication
N1MessageNotify_Subscribe,发送所述请求信息;或者,AM-PCF通过以下至少一项发送请求信息Npcf_UEPolicyControl_Update response或Npcf_UEPolicyControl_UpdateNotify notify;也可以是AM-PCF与AMF之间定义的其他信令。 N1MessageNotify_Subscribe, send the request information; or, AM-PCF sends the request information Npcf_UEPolicyControl_Update response or Npcf_UEPolicyControl_UpdateNotify notify through at least one of the following; it can also be other signaling defined between AM-PCF and AMF.
下面以第一网络侧设备为AM-PCF,第二网络侧设备为SMF为例,对本申请实施例提供的URSP规则的验证方法进行说明。Taking the first network side device as AM-PCF and the second network side device as SMF as an example, the following describes the verification method of URSP rules provided by the embodiment of the present application.
图9示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图,如图9所示,该方法900主要包括以下步骤:Figure 9 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application. As shown in Figure 9, the method 900 mainly includes the following steps:
S901:SMF发送请求信息至AM-PCF。S901: SMF sends request information to AM-PCF.
其中,SMF发送给AM-PCF的请求信息包括:Among them, the request information sent by SMF to AM-PCF includes:
(1)终端上报的终端执行的URSP规则。(1) URSP rules executed by the terminal reported by the terminal.
比如,终端为某个应用的流量(比如某应用提供商A),使用的URSP规则。比如,Traffic descriptor,以及使用的RSD。该信息可以包含在一个container里,所述container中,携带UE SUPI、终端执行的Traffic descriptor和RSD;还有一种办法是所述container中携带Traffic descriptor的优先级和RSD的优先级。For example, the terminal uses URSP rules for traffic of a certain application (such as application provider A). For example, Traffic descriptor, and the RSD used. This information can be included in a container, which carries the UE SUPI, the Traffic descriptor and RSD executed by the terminal; another method is that the container carries the priority of the Traffic descriptor and the priority of the RSD.
例如,终端为APP1的流量,执行了一个URSP规则:For example, the terminal executes a URSP rule for the traffic of APP1:
Rule Precedence=1Rule Precedence=1
Traffic Descriptor:Application descriptor=App1Traffic Descriptor:Application descriptor=App1
Route Selection Descriptor Precedence=1Route Selection Descriptor Precedence=1
Network Slice Selection:S-NSSAI-aNetwork Slice Selection:S-NSSAI-a
SSC Mode Selection:SSC Mode 3SSC Mode Selection:SSC Mode 3
DNN Selection:internetDNN Selection:internet
Access Type preference:3GPP accessAccess Type preference:3GPP access
则终端的执行结果可以有以下两种发送方式:Then the execution results of the terminal can be sent in the following two ways:
第一种:将Rule Precedence=1和Route Selection Descriptor Precedence=1发送上去。The first one: Send Rule Precedence=1 and Route Selection Descriptor Precedence=1.
第二种:将具体执行的TD和RSD发送上去,包括:Second: Send the TD and RSD of the specific execution, including:
Traffic Descriptor:Application descriptor=App1Traffic Descriptor:Application descriptor=App1
RSD 1:RSD 1:
Network Slice Selection:S-NSSAI-aNetwork Slice Selection:S-NSSAI-a
SSC Mode Selection:SSC Mode 3SSC Mode Selection:SSC Mode 3
DNN Selection:internetDNN Selection:internet
Access Type preference:3GPP accessAccess Type preference:3GPP access
(2)PDU会话ID的对应的属性参数。终端在执行应用流量匹配到PDU会话的时候,终端可以上报该流量匹配至的PDU session ID,然后SMF可以将该PDU会话ID的对应的属性参数也发给AM-PCF。该PDU会话ID的对应的属性参数包括但不限于以下至少之一:SSCmode,Access type,DNN,S-NSSAI,PDU session type。(2) The corresponding attribute parameters of the PDU session ID. When the terminal matches application traffic to a PDU session, the terminal can report the PDU session ID to which the traffic matches, and then SMF can also send the corresponding attribute parameters of the PDU session ID to AM-PCF. The corresponding attribute parameters of the PDU session ID include but are not limited to at least one of the following: SSCmode, Access type, DNN, S-NSSAI, PDU session type.
S902:AM-PCF验证所述终端是否正确使用了URSP规则。S902: AM-PCF verifies whether the terminal uses URSP rules correctly.
具体地,AM-PCF可以执行以下步骤:Specifically, AM-PCF can perform the following steps:
步骤1,根据UE上报的使用的URSP规则,比如,TD优先级,RSD优先级,恢复RSD 的参数,然后跟终端自己上报的RSD比较,如果不相同,则认为终端没有正确使用URSP规则。如果相同,则进入步骤2;Step 1. According to the URSP rules reported by the UE, such as TD priority and RSD priority, restore RSD. parameters, and then compare them with the RSD reported by the terminal itself. If they are not the same, it is considered that the terminal does not use the URSP rules correctly. If they are the same, go to step 2;
步骤2,AM-PCF获取终端上报的URSP规则中的RSD描述的参数,将该参数与SMF反馈的承载该APP traffic的PDU session的参数进行比较,如果参数均相同,则认为终端正确使用;如果不完全相同,则认为终端没有正确使用URSP规则。Step 2: AM-PCF obtains the parameters described by the RSD in the URSP rules reported by the terminal, and compares the parameters with the parameters of the PDU session carrying the APP traffic reported by the SMF. If the parameters are the same, the terminal is considered to have used them correctly; if If they are not exactly the same, it is considered that the terminal does not use URSP rules correctly.
比如说,终端自己上报使用的URSP规则,比如Rule Precedence=1和Route Selection Descriptor Precedence=1;For example, the terminal reports the URSP rules used by itself, such as Rule Precedence=1 and Route Selection Descriptor Precedence=1;
则AM-PCF根据这个信息可以获取真正发给UE的URSP规则如下:Then based on this information, AM-PCF can obtain the URSP rules actually sent to the UE as follows:
Rule Precedence=1Rule Precedence=1
Traffic Descriptor:Application descriptor=App1Traffic Descriptor:Application descriptor=App1
Route Selection Descriptor Precedence=1Route Selection Descriptor Precedence=1
Network Slice Selection:S-NSSAI-aNetwork Slice Selection:S-NSSAI-a
SSC Mode Selection:SSC Mode 3SSC Mode Selection:SSC Mode 3
DNN Selection:internetDNN Selection:internet
Access Type preference:3GPP accessAccess Type preference:3GPP access
终端自己上报了一个使用的URSP规则如下:The terminal itself reports a URSP rule used as follows:
Rule Precedence=1Rule Precedence=1
Traffic Descriptor:Application descriptor=App1Traffic Descriptor:Application descriptor=App1
Route Selection Descriptor Precedence=1Route Selection Descriptor Precedence=1
Network Slice Selection:S-NSSAI-aNetwork Slice Selection:S-NSSAI-a
SSC Mode Selection:SSC Mode 3SSC Mode Selection:SSC Mode 3
DNN Selection:internetDNN Selection:internet
Access Type preference:3GPP accessAccess Type preference:3GPP access
AM-PCF发现,终端上报的使用规则,和实际AM-PCF给UE发的规则一样,那么第一步验证就通过了,UE上报的规则正确。AM-PCF finds that the usage rules reported by the terminal are the same as the rules actually sent by AM-PCF to the UE. Then the first step of verification is passed and the rules reported by the UE are correct.
第二步,AM-PCF需要把实际发给UE的规则中的RSD的参数,与SMF反馈的承载该流量的PDU会话的参数比较。In the second step, AM-PCF needs to compare the RSD parameters in the rules actually sent to the UE with the parameters of the PDU session carrying the traffic fed back by SMF.
比如说,SMF或者SM-PCF,经过检查实际承载这个应用流量的PDU会话,该会话的参数为:For example, SMF or SM-PCF, after checking the PDU session that actually carries the application traffic, the parameters of the session are:
Network Slice Selection:S-NSSAI-bNetwork Slice Selection:S-NSSAI-b
SSC Mode Selection:SSC Mode 3SSC Mode Selection:SSC Mode 3
DNN Selection:internetDNN Selection:internet
Access Type preference:3GPP accessAccess Type preference:3GPP access
SM-PCF确定两者切片使用的不一样,因此,确定终端并没有正确使用URSP规则。SM-PCF determined that the slices used by the two are different, therefore, it was determined that the terminal did not use the URSP rules correctly.
也就是说,终端虽然上报了自己用的URSP规则,但是其实所述APP的流量并没有真 正的使用这个RSD对应的PDU会话承载。In other words, although the terminal reported the URSP rules it used, in fact, the traffic of the APP was not really Correctly use the PDU session bearer corresponding to this RSD.
S903:AM-PCF发送URSP规则执行验证的结果。S903: AM-PCF sends the result of URSP rule execution verification.
其中,该结果可以包括:Among others, the results can include:
(1)ACK:指示终端正确使用了URSP规则。然后,AM-PCF还可以指示SMF,进行第三次验证,即包检测过程。这里的ACK可以指示所述第一验证和第二验证均通过,或者指示任意一次验证,比如第一验证或第二验证通过。(1)ACK: Indicates that the terminal has correctly used URSP rules. Then, AM-PCF can also instruct SMF to perform the third verification, that is, the packet inspection process. The ACK here may indicate that both the first verification and the second verification are passed, or may indicate that any one verification, such as the first verification or the second verification is passed.
(2)NACK:否定应答,说明两个验证中的任意一个都没通过。(2) NACK: Negative response, indicating that either of the two verifications failed.
根据AM-PCF对终端URSP规则使用的验证结果,SMF或者SM-PCF可以执行相应的操作,例如,SMF拒绝所述PDU session ID对应的会话建立请求;或者,SMF释放所述PDU session ID对应的PDU会话;或者,SMF先建立新的PDU会话,然后将所述APP流量迁移至该新建PDU会话,然后释放旧的所述PDU session ID对应的PDU会话。According to the verification results of AM-PCF's use of terminal URSP rules, SMF or SM-PCF can perform corresponding operations. For example, SMF rejects the session establishment request corresponding to the PDU session ID; or SMF releases the session establishment request corresponding to the PDU session ID. PDU session; or, SMF first establishes a new PDU session, then migrates the APP traffic to the new PDU session, and then releases the PDU session corresponding to the old PDU session ID.
图10示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图,如图10所示,该方法1000主要包括以下步骤:Figure 10 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application. As shown in Figure 10, the method 1000 mainly includes the following steps:
S1001,SMF发送请求信息至AMF,该请求信息请求AM-PCF执行URSP规则的验证。S1001, SMF sends request information to AMF, and the request information requests AM-PCF to perform verification of URSP rules.
该请求信息与方法1000的S1001中的请求信息相同,具体可以参见方法1000的相关描述。The request information is the same as the request information in S1001 of method 1000. For details, please refer to the relevant description of method 1000.
S1002,AMF根据终端的标识找到对应的AM-PCF,将该请求信息转发给AM-PCF。S1002. The AMF finds the corresponding AM-PCF according to the terminal identifier, and forwards the request information to the AM-PCF.
S1003,AM-PCF验证所述终端是否正确使用了URSP规则。S1003, AM-PCF verifies whether the terminal uses URSP rules correctly.
该步骤与方法900中的S902相同,具体可以参见方法900中的相关描述。This step is the same as S902 in method 900. For details, please refer to the relevant description in method 900.
S1004,AM-PCF将URSP规则执行验证的结果发送至AMF。S1004, AM-PCF sends the result of URSP rule execution verification to AMF.
该URSP规则执行验证的结果与方法900中的URSP规则执行验证的结果相同,具体可以参见方法900中的相关描述。The result of the verification of the URSP rule is the same as the result of the verification of the URSP rule in method 900. For details, please refer to the relevant description in method 900.
S1005,AMF将URSP规则执行验证的结果发送给SMF。S1005, AMF sends the result of URSP rule execution verification to SMF.
SMF接收到URSP规则执行验证的结果之后,可以执行相应的操作。After SMF receives the results of URSP rule execution verification, it can perform corresponding operations.
图11示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图,如图11所示,该方法1100主要包括以下步骤:Figure 11 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application. As shown in Figure 11, the method 1100 mainly includes the following steps:
S1101,SMF发送请求信息至SM-PCF,该请求信息请求AM-PCF执行URSP规则的验证。S1101, SMF sends request information to SM-PCF, and the request information requests AM-PCF to perform verification of URSP rules.
该请求信息与方法900的S901中的请求信息相同,具体可以参见方法900的相关描述。The request information is the same as the request information in S901 of method 900. For details, please refer to the relevant description of method 900.
S1102,SM-PCF将该请求信息转发给AM-PCF。S1102, SM-PCF forwards the request information to AM-PCF.
其中,SM-PCF可以采用图4至图7中与SMF相同的方法获取AM-PCF ID。Among them, SM-PCF can obtain the AM-PCF ID using the same method as SMF in Figures 4 to 7.
S1103,AM-PCF验证所述终端是否正确使用了URSP规则。S1103, AM-PCF verifies whether the terminal uses URSP rules correctly.
该步骤与方法900中的S902相同,具体可以参见方法900中的相关描述。This step is the same as S902 in method 900. For details, please refer to the relevant description in method 900.
S1104,AM-PCF将URSP规则执行验证的结果发送至SM-PCF。S1104, AM-PCF sends the result of URSP rule execution verification to SM-PCF.
该URSP规则执行验证的结果与方法900中的URSP规则执行验证的结果相同,具体 可以参见方法900中的相关描述。The result of the verification performed by this URSP rule is the same as the result of the verification performed by the URSP rule in method 900. Specifically, Please refer to the relevant description in method 900.
S1105,SM-PCF将URSP规则执行验证的结果发送给SMF。S1105, SM-PCF sends the result of URSP rule execution verification to SMF.
SMF接收到URSP规则执行验证的结果之后,可以执行相应的操作。After SMF receives the results of URSP rule execution verification, it can perform corresponding operations.
图12示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图,如图12所示,该方法1200主要包括以下步骤:Figure 12 shows another schematic flow chart of the URSP rule verification method provided by the embodiment of the present application. As shown in Figure 12, the method 1200 mainly includes the following steps:
S1201,SMF发送请求信息至SM-PCF,该请求信息请求AM-PCF执行URSP规则的验证。S1201, SMF sends request information to SM-PCF, and the request information requests AM-PCF to perform verification of URSP rules.
该请求信息与方法900的S901中的请求信息相同,具体可以参见方法900的相关描述。The request information is the same as the request information in S901 of method 900. For details, please refer to the relevant description of method 900.
S1202,SM-PCF将该请求信息转发给AMF。S1202, SM-PCF forwards the request information to AMF.
S1203,AMF将该请求信息转发给AM-PCF。S1203, AMF forwards the request information to AM-PCF.
S1204,AM-PCF验证所述终端是否正确使用了URSP规则。S1204, AM-PCF verifies whether the terminal uses URSP rules correctly.
该步骤与方法900中的S902相同,具体可以参见方法900中的相关描述。This step is the same as S902 in method 900. For details, please refer to the relevant description in method 900.
S1205,AM-PCF将URSP规则执行验证的结果发送至AMF。S1205, AM-PCF sends the result of URSP rule execution verification to AMF.
该URSP规则执行验证的结果与方法900中的URSP规则执行验证的结果相同,具体可以参见方法900中的相关描述。The result of the verification of the URSP rule is the same as the result of the verification of the URSP rule in method 900. For details, please refer to the relevant description in method 900.
S1206,AMF将URSP规则执行验证的结果发送至SM-PCF。S1206, AMF sends the result of URSP rule execution verification to SM-PCF.
S1207,SM-PCF将URSP规则执行验证的结果发送给SMF。S1207, SM-PCF sends the result of URSP rule execution verification to SMF.
SMF接收到URSP规则执行验证的结果之后,可以执行相应的操作。After SMF receives the results of URSP rule execution verification, it can perform corresponding operations.
图13示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图,如图13所示,该方法1300主要包括以下步骤:Figure 13 shows another schematic flow chart of the URSP rule verification method provided by the embodiment of the present application. As shown in Figure 13, the method 1300 mainly includes the following steps:
S1301,终端使用URSP规则,匹配APP的流程到PDU会话,或使用匹配到的URSP规则中的RSD建立新的PDU会话。S1301. The terminal uses URSP rules to match the APP process to a PDU session, or uses the RSD in the matched URSP rules to establish a new PDU session.
S1302,终端通过上行NAS消息,向AMF发送所使用的URSP规则以及RSD、PDU会话标识。S1302: The terminal sends the used URSP rules, RSD, and PDU session identifiers to the AMF through the uplink NAS message.
S1303,AMF通过上行NAS消息,将所述URSP规则以及RSD、PDU会话标识发送给SMF。S1303: AMF sends the URSP rule, RSD, and PDU session identifier to SMF through the uplink NAS message.
S1304,SMF获取终端对应的AM-PCF。例如,SMF可以通过图4至图7所示的方法,获取终端对应的AM-PCF ID。S1304. The SMF obtains the AM-PCF corresponding to the terminal. For example, SMF can obtain the AM-PCF ID corresponding to the terminal through the methods shown in Figure 4 to Figure 7.
S1305,SMF向AM-PCF发送请求信息,该请求信息包括终端上报的终端执行的URSP规则以及终端上报的APP流所在的PDU会话参数。S1305. The SMF sends request information to the AM-PCF. The request information includes the URSP rules executed by the terminal reported by the terminal and the PDU session parameters of the APP flow reported by the terminal.
AM-PCF进行第一验证和第二验证,如果验证失败,则执行S1306,如果验证成功,则触发第三验证,执行S1306。AM-PCF performs the first verification and the second verification. If the verification fails, S1306 is executed. If the verification is successful, the third verification is triggered and S1306 is executed.
S1306,AM-PCF向SMF发送验证结果,指示验证失败,终端未正确使用URSP规则,则跳过中间流程,直接执行S1314。S1306, AM-PCF sends the verification result to SMF, indicating that the verification failed and the terminal did not use the URSP rules correctly, so the intermediate process is skipped and S1314 is executed directly.
S1307,AM-PCF向SMF发送需要监控的URSP规则,该URSP规则用于生成包检测 规则,还可以包括终端的SUPI、PDU会话ID。此步骤可以是在第一和第二验证通过的前提下执行。S1307, AM-PCF sends the URSP rules that need to be monitored to SMF. The URSP rules are used to generate packet detection. Rules can also include the terminal's SUPI and PDU session ID. This step can be performed on the premise that the first and second verifications pass.
S1308,SMF将TD转换成所需的包检测规则(例如,将FQDN、应用描述符等转换成目的IP三元组用于检包),该包检测规则在PDU会话标识对应的PDU会话中进行检测。S1308, SMF converts TD into required packet inspection rules (for example, converts FQDN, application descriptor, etc. into destination IP triples for packet inspection). The packet inspection rules are performed in the PDU session corresponding to the PDU session identifier. detection.
S1309,SMF确定服务所述终端的与所述PDU会话标识对应的UPF。S1309: The SMF determines the UPF corresponding to the PDU session identifier serving the terminal.
S1310,SMF将包检测规则发送给UPF。SMF还可以指示UPF在规定的时间内进行包检测。S1310, SMF sends the packet detection rules to UPF. SMF can also instruct UPF to perform packet inspection within a specified time.
S1311,UPF应用所述包检测规则进行包检测,如果在所述PDU会话中检测到所述APP的流量包,则确定PDU会话中包括所述APP的流量包,验证通过;如果在所述PDU会话中未检测所述APP的流量包,则验证未通过。此时,UPF可以在SMF所指示的规定时间内进行包检测。S1311, UPF applies the packet detection rules to perform packet detection. If the traffic packet of the APP is detected in the PDU session, it is determined that the PDU session includes the traffic packet of the APP, and the verification passes; if the traffic packet of the APP is detected in the PDU session, If the traffic packet of the APP is not detected in the session, the verification fails. At this time, UPF can perform packet detection within the specified time indicated by SMF.
S1312,UPF向SMF发送检测报告,反馈检测结果。即,是否在规定时间里检测出了目标数据包。检测结果包括:检测出或者未检测出。S1312, UPF sends a detection report to SMF and feeds back the detection results. That is, whether the target data packet is detected within the specified time. The detection results include: detected or not detected.
S1313,在预定时间内,结束包检测,SMF向AM-PCF发送包检测结果。S1313: Within the predetermined time, packet detection ends, and the SMF sends the packet detection result to AM-PCF.
S1314,AM-PCF获取对终端的URSP规则的验证结果,如果验证结果指示终端未正确使用URSP规则,则执行S1315。S1314. AM-PCF obtains the verification result of the terminal's URSP rules. If the verification result indicates that the terminal does not use the URSP rules correctly, S1315 is executed.
S1315,AM-PCF根据终端上报的URSP规则,对终端内的URSP规则进行调整。S1315, AM-PCF adjusts the URSP rules in the terminal according to the URSP rules reported by the terminal.
S1316,AM-PCF指示SMF:终端未正确使用URSP规则。S1316, AM-PCF indicates SMF: the terminal does not use URSP rules correctly.
S1317,SMF拒绝所述PDU会话的建立请求或释放所述PDU会话或修改所述PDU会话的参数。S1317: The SMF rejects the establishment request of the PDU session or releases the PDU session or modifies the parameters of the PDU session.
图14示出本申请实施例提供的URSP规则的验证方法的又一种流程示意图,如图14所示,该方法1400主要包括以下步骤:Figure 14 shows another schematic flow chart of the verification method of URSP rules provided by the embodiment of the present application. As shown in Figure 14, the method 1400 mainly includes the following steps:
S1401,终端使用URSP规则,匹配APP的流程到PDU会话,或使用匹配到的URSP规则中的RSD建立新的PDU会话。S1401. The terminal uses URSP rules to match the APP process to a PDU session, or uses the RSD in the matched URSP rules to establish a new PDU session.
S1402,终端通过上行NAS消息,向AMF发送所使用的URSP规则以及RSD、PDU会话标识。S1402: The terminal sends the used URSP rules and RSD and PDU session identifiers to the AMF through the uplink NAS message.
S1403,AMF通过上行NAS消息,将所述URSP规则以及RSD、PDU会话标识发送给SMF。S1403: AMF sends the URSP rule, RSD, and PDU session identifier to SMF through the uplink NAS message.
S1404,SMF获取终端对应的AM-PCF。例如,SMF可以通过图4至图7所示的方法,获取终端对应的AM-PCF ID。S1404, SMF obtains the AM-PCF corresponding to the terminal. For example, SMF can obtain the AM-PCF ID corresponding to the terminal through the methods shown in Figure 4 to Figure 7.
S1405,SMF向SM-PCF发送请求信息,该请求信息包括终端上报的终端执行的URSP规则以及终端上报的APP流所在的PDU会话参数。S1405. The SMF sends request information to the SM-PCF. The request information includes the URSP rules executed by the terminal reported by the terminal and the PDU session parameters of the APP flow reported by the terminal.
S1406,SM-PCF转发所述请求信息至AM-PCF发送请求信息。S1406: SM-PCF forwards the request information to AM-PCF to send the request information.
S1407,AM-PCF进行第一验证和第二验证,如果验证失败,则执行S1408,如果验证成功,则触发第三验证,执行S1409。 In S1407, AM-PCF performs the first verification and the second verification. If the verification fails, S1408 is executed. If the verification is successful, the third verification is triggered and S1409 is executed.
S1408,AM-PCF向SM-PCF发送验证结果,指示验证失败,终端未正确使用URSP规则。S1408, AM-PCF sends the verification result to SM-PCF, indicating that the verification failed and the terminal did not use URSP rules correctly.
S1409,SM-PCF向SMF发送验证结果,指示验证失败,终端未正确使用URSP规则,执行S1419。S1409, SM-PCF sends the verification result to SMF, indicating that the verification failed and the terminal did not use URSP rules correctly, and execute S1419.
S1410,AM-PCF向SM-PCF发送需要监控的URSP规则,该URSP规则用于生成包检测规则,还可以包括终端的SUPI、PDU会话IDS1410, AM-PCF sends URSP rules that need to be monitored to SM-PCF. The URSP rules are used to generate packet detection rules and can also include the terminal's SUPI and PDU session ID.
S1411,SM-PCF向SMF发送需要监控的URSP规则,该URSP规则用于生成包检测规则,还可以包括终端的SUPI、PDU会话ID。S1411. The SM-PCF sends the URSP rules that need to be monitored to the SMF. The URSP rules are used to generate packet detection rules and may also include the terminal's SUPI and PDU session ID.
S1412,SMF将TD转换成必须的包检测规则(例如,将FQDN、应用描述符等转换成目的IP三元组用于检包),该包检测规则在PDU会话标识对应的PDU会话中进行检测。S1412, SMF converts TD into necessary packet detection rules (for example, converts FQDN, application descriptor, etc. into destination IP triples for packet detection). The packet detection rules are detected in the PDU session corresponding to the PDU session identifier. .
S1413,SMF确定服务所述终端的与所述PDU会话标识对应的UPF。S1413. The SMF determines the UPF corresponding to the PDU session identifier serving the terminal.
S1414,SMF将包检测规则发送给UPF。SMF还可以指示UPF在规定的时间内进行包检测。S1414, SMF sends the packet detection rules to UPF. SMF can also instruct UPF to perform packet inspection within a specified time.
S1415,UPF应用所述包检测规则进行包检测,如果在所述PDU会话中检测到所述APP的流量包,则确定PDU会话中包括所述APP的流量包,验证通过;如果在所述PDU会话中未检测所述APP的流量包,则验证未通过。此时,UPF可以在在SMF所指示的规定时间内进行包检测。S1415, UPF applies the packet detection rules to perform packet detection. If the traffic packet of the APP is detected in the PDU session, it is determined that the PDU session includes the traffic packet of the APP, and the verification passes; if the traffic packet of the APP is detected in the PDU session, If the traffic packet of the APP is not detected in the session, the verification fails. At this time, UPF can perform packet detection within the specified time indicated by SMF.
S1416,UPF向SMF发送检测报告,反馈检测结果。即,是否在规定时间里检测出了目标数据包。检测结果包括:检测出或者未检测出。S1416, UPF sends a detection report to SMF and feeds back the detection results. That is, whether the target data packet is detected within the specified time. The detection results include: detected or not detected.
S1417,在预定时间内,结束包检测,SMF向SM-PCF发送包检测结果。S1417: Within the predetermined time, the packet detection ends, and the SMF sends the packet detection result to the SM-PCF.
S1418,SM-PCF向AM-PCF发送包检测结果。S1418, SM-PCF sends the packet detection result to AM-PCF.
S1419,AM-PCF获取对终端的URSP规则的验证结果,如果验证结果指示终端未正确使用URSP规则,则执行S1415。S1419, AM-PCF obtains the verification result of the terminal's URSP rules. If the verification result indicates that the terminal does not use the URSP rules correctly, S1415 is executed.
S1420,AM-PCF根据终端上报的URSP规则,对终端内的URSP规则进行调整。S1420: AM-PCF adjusts the URSP rules in the terminal according to the URSP rules reported by the terminal.
S1421,AM-PCF发送指示信息至SM-PCF,该指示信息指示终端未正确使用URSP规则。S1421, AM-PCF sends indication information to SM-PCF. The indication information indicates that the terminal does not use URSP rules correctly.
S1422,SM-PCF将上述指示信息转发给SMF。S1422, SM-PCF forwards the above instruction information to SMF.
S1423,SMF拒绝所述PDU会话的建立请求或释放所述PDU会话或修改所述PDU会话的参数。S1423. The SMF rejects the establishment request of the PDU session or releases the PDU session or modifies the parameters of the PDU session.
在一个可能的实现方式中,SMF与AM-PCF之间还可以通过AMF进行通信,具体流程与上述方法1300和方法1400相似,在此不在赘述。In a possible implementation, SMF and AM-PCF can also communicate through AMF. The specific process is similar to the above-mentioned method 1300 and method 1400, and will not be described again here.
在一个可能的实现方式中,SMF与AM-PCF之间还可以通过AMF和SM-PCF进行通信,具体流程与上述方法1300和方法1400相似,在此不在赘述。In a possible implementation, SMF and AM-PCF can also communicate through AMF and SM-PCF. The specific process is similar to the above-mentioned method 1300 and method 1400, and will not be described again here.
本申请实施例提供的URSP规则的验证方法,执行主体可以为URSP规则的验证装置。本申请实施例中以URSP规则的验证装置执行URSP规则的验证方法为例,说明本申请实 施例提供的URSP规则的验证装置。For the verification method of URSP rules provided by the embodiments of this application, the execution subject may be a verification device of URSP rules. In the embodiment of the present application, the verification device of the URSP rule executes the verification method of the URSP rule as an example to illustrate the implementation of the present application. The embodiment provides a verification device for URSP rules.
图15示出本申请实施例提供的URSP规则的验证装置的一种结构示意图,如图15所示,该装置1500主要包括:第一获取模块1501、第一验证模块1502和第二验证模块1503。Figure 15 shows a schematic structural diagram of a verification device for URSP rules provided by an embodiment of the present application. As shown in Figure 15, the device 1500 mainly includes: a first acquisition module 1501, a first verification module 1502 and a second verification module 1503 .
在本申请实施例中,第一获取模块1501,用于获取第二网络侧设备发送的目标请求信息,其中,所述目标请求信息包括:终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话的第一参数;第一验证模块1502,用于通过验证所述第一URSP规则与第二URSP规则是否一致,得到第一验证结果,其中,所述第二URSP规则为所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则;第二验证模块1503,用于验证所述第一PDU会话的第一参数与所述第一URSP规则中的路由选择描述符RSD描述的第二参数是否一致,得到第二验证结果。In this embodiment of the present application, the first acquisition module 1501 is used to acquire the target request information sent by the second network side device, where the target request information includes: the first URSP rule used by the terminal for the target application and the first URSP rule that carries the The first parameter of the first PDU session of the target application; the first verification module 1502 is used to obtain the first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein the second URSP rule It is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal; the second verification module 1503 is used to verify the first parameter of the first PDU session and the first Whether the second parameter described by the routing descriptor RSD in the URSP rule is consistent, the second verification result is obtained.
在一个可能的实现方式中,所述第一参数包括以下至少一项:PDU会话类型、PDU会话的接入类型、会话和服务连续性SSC模式、网络切片标识符、数据网络名称DNN;和/或,所述第二参数包括以下至少一项:PDU会话类型、PDU会话的接入类型、SSC模式、网络切片标识符、DNN。In a possible implementation, the first parameter includes at least one of the following: PDU session type, access type of PDU session, session and service continuity SSC mode, network slice identifier, data network name DNN; and/ Or, the second parameter includes at least one of the following: PDU session type, PDU session access type, SSC mode, network slice identifier, and DNN.
在一个可能的实现方式中,第一获取模块1501获取第二网络侧设备发送的目标请求信息,包括以下之一:In a possible implementation, the first obtaining module 1501 obtains the target request information sent by the second network side device, including one of the following:
接收来自所述第二网络侧设备的所述目标请求信息;Receive the target request information from the second network side device;
接收所述第二网络侧设备通过第三网络侧设备和/或第四网络侧设备转发的所述目标请求信息。Receive the target request information forwarded by the second network side device through the third network side device and/or the fourth network side device.
在一个可能的实现方式中,如图15所示,所述装置还可以包括:第一收发模块1504,用于向所述终端发送URSP规则;向第三网络侧设备发送第一指示信息,其中,所述第一指示信息指示所述第三网络侧设备在接收到所述终端的PDU会话建立请求或PDU会话修改请求之后,向所述第二网络侧设备发送所述第一网络侧设备的标识。In a possible implementation, as shown in Figure 15, the device may further include: a first transceiver module 1504, configured to send URSP rules to the terminal; and send first indication information to the third network side device, where , the first instruction information instructs the third network side device to send the first network side device to the second network side device after receiving a PDU session establishment request or a PDU session modification request from the terminal. logo.
在一个可能的实现方式,所述第一收发模块1504还用于接收所述第三网络侧设备发送的第一请求消息,所述第一请求消息用于请求为所述终端创建或更新URSP规则,所述第一请求消息中携带有所述终端的能力信息,所述能力信息指示所述终端支持上报所述终端的URSP规则的使用信息。In a possible implementation, the first transceiver module 1504 is also configured to receive a first request message sent by the third network side device, where the first request message is used to request to create or update a URSP rule for the terminal. , the first request message carries capability information of the terminal, and the capability information indicates that the terminal supports reporting the usage information of the URSP rule of the terminal.
在一个可能的实现方式中,第二验证模块1503验证所述第一PDU会话的第一参数与所述第一URSP规则中的路由选择描述符RSD描述的第二参数是否一致,包括:In a possible implementation, the second verification module 1503 verifies whether the first parameter of the first PDU session is consistent with the second parameter described by the routing descriptor RSD in the first URSP rule, including:
在所述第一验证结果指示所述第一URSP规则与所述第二URSP规则一致的情况下,所述第一网络侧设备验证所述第一PDU会话的第一参数与所述第一URSP规则中的RSD描述的第二参数是否一致。When the first verification result indicates that the first URSP rule is consistent with the second URSP rule, the first network side device verifies that the first parameter of the first PDU session is consistent with the first URSP rule. Whether the second parameter described by RSD in the rule is consistent.
在一个可能的实现方式中,所述第一获取模块1501,还用于获取所述第二网络侧设备发送的第三验证结果,其中,所述第三验证结果指示所述第一PDU会话中是否包括所述目标应用的数据包。 In a possible implementation, the first obtaining module 1501 is also configured to obtain a third verification result sent by the second network side device, wherein the third verification result indicates that the first PDU session Whether to include the data packet of the target application.
在一个可能的实现方式中,所述第一获取模块1501,还用于在以下任一情况下,所述第一网络侧设备发送第二指示信息,其中,所述第二指示信息用于指示所述终端未正确使用URSP规则:In a possible implementation, the first acquisition module 1501 is also configured to send the first network side device second indication information in any of the following situations, where the second indication information is used to indicate The endpoint in question is not using URSP rules correctly:
所述第一验证结果指示所述第一URSP规则与所述第二URSP规则不一致;The first verification result indicates that the first URSP rule is inconsistent with the second URSP rule;
所述第二验证结果指示所述第一参数与所述第二参数不一致;The second verification result indicates that the first parameter is inconsistent with the second parameter;
所述第三验证结果指示所述第一PDU会话中未包括所述目标应用的数据包。The third verification result indicates that the data packet of the target application is not included in the first PDU session.
在一个可能的实现方式中,如图15所示,所述装置还可以包括:更新模块1505,用于在以下任一情况下,更新所述终端的URSP规则:In a possible implementation, as shown in Figure 15, the device may also include: an update module 1505, configured to update the URSP rules of the terminal in any of the following situations:
所述第一验证结果指示所述第一URSP规则与所述第二URSP规则不一致;The first verification result indicates that the first URSP rule is inconsistent with the second URSP rule;
所述第二验证结果指示所述第一参数中的至少一项参数与所述第二参数不一致;The second verification result indicates that at least one of the first parameters is inconsistent with the second parameter;
所述第三验证结果指示所述第一PDU会话中未包括所述目标应用的数据包。The third verification result indicates that the data packet of the target application is not included in the first PDU session.
图16示出本申请实施例提供的URSP规则的验证装置的另一种结构示意图,如图16所示,该装置1600主要包括:第二收发模块1601和第二获取模块1602。Figure 16 shows another schematic structural diagram of a URSP rule verification device provided by an embodiment of the present application. As shown in Figure 16, the device 1600 mainly includes: a second transceiver module 1601 and a second acquisition module 1602.
在本申请实施例中,第二收发模块1601,用于接收终端发送的上报信息,其中,所述上报信息包括:所述终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话标识,所述第一PDU会话标识用于指示第一PDU会话;第二获取模块1602,用于获取所述第一PDU会话的第一参数;所述第二收发模块1601,还用于向第一网络侧设备发送目标请求信息,其中,所述目标请求信息指示所述第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数。In this embodiment of the present application, the second transceiver module 1601 is used to receive reporting information sent by the terminal, where the reporting information includes: the first URSP rule used by the terminal for the target application and the third URSP rule carrying the target application. A PDU session identifier, the first PDU session identifier is used to indicate the first PDU session; the second acquisition module 1602 is used to acquire the first parameters of the first PDU session; the second transceiver module 1601 is also used For sending target request information to the first network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly, and the target request information includes the first URSP rules and the first parameter of the first PDU session.
在一个可能的实现方式中,所述第二获取模块1602还用于获取所述第一网络侧设备的标识。In a possible implementation, the second obtaining module 1602 is also configured to obtain the identity of the first network side device.
在一个可能的实现方式中,所述第二获取模块获取1602所述第一网络侧设备的标识,包括以下之一:In a possible implementation, the second acquisition module acquires 1602 the identity of the first network side device, including one of the following:
接收第三网络侧设备发送的第二请求消息,其中,所述第二请求消息用于请求建立或更新所述第一PDU会话的上下文,所述第二请求消息中携带有目标标识,所述目标标识用于指示为所述终端提供服务的所述第一网络侧设备;Receive a second request message sent by a third network side device, wherein the second request message is used to request the establishment or update of the context of the first PDU session, the second request message carries a target identifier, and the The target identifier is used to indicate the first network side device that provides services for the terminal;
向所述第三网络侧设备发送第三请求消息,其中,所述第三请求消息中携带有所述终端的标识,所述第三请求用于获取所述终端的上下文信息;接收所述第三网络侧设备返回的所述终端的上下文信息,从所述终端的上下文信息中获取所述第一网络侧设备的标识;Send a third request message to the third network side device, wherein the third request message carries the identifier of the terminal, and the third request is used to obtain context information of the terminal; receive the third request message. The context information of the terminal returned by the third network side device is used to obtain the identity of the first network side device from the context information of the terminal;
向所述第三网络侧设备发送第四请求消息,其中,所述第四请求消息用于请求获取向所述终端发送URSP规则的第一网络侧设备的标识,所述第四请求消息中携带有所述终端的标识;接收所述第三网络侧设备返回的所述第一网络侧设备的标识;Send a fourth request message to the third network side device, wherein the fourth request message is used to request to obtain the identity of the first network side device that sends the URSP rule to the terminal, and the fourth request message carries having the identification of the terminal; receiving the identification of the first network side device returned by the third network side device;
向第五网络侧设备发送第五请求消息,其中,所述第五请求消息用于获得向所述终端发送URSP规则的第一网络侧设备的标识,所述第五请求消息中携带有所述终端的标识; 获取第五网络侧设备返回的所述第一网络侧设备的标识。Send a fifth request message to the fifth network side device, wherein the fifth request message is used to obtain the identity of the first network side device that sends the URSP rule to the terminal, and the fifth request message carries the The identification of the terminal; Obtain the identification of the first network side device returned by the fifth network side device.
在一个可能的实现方式中,如图16所示,所述装置还可以包括:In a possible implementation, as shown in Figure 16, the device may also include:
第三验证模块1603,用于获取所述第一网络侧设备发送的所述第一URSP规则,根据所述第一URSP规则,生成包检测规则,将所述包检测规则应用于所述第一PDU会话标识指示的第一PDU会话,获取第三验证结果,其中,所述包检测规则用于验证所述第一PDU会话中是否包括所述目标应用的数据包。The third verification module 1603 is used to obtain the first URSP rule sent by the first network side device, generate a packet detection rule according to the first URSP rule, and apply the packet detection rule to the first The first PDU session indicated by the PDU session identifier obtains a third verification result, wherein the packet detection rule is used to verify whether the first PDU session includes the data packet of the target application.
在一个可能的实现方式中,第二获取模块1602还用于获取所述第一网络侧设备发送的第二指示信息,其中,所述第二指示信息用于指示所述终端未正确使用URSP规则;拒绝所述第一PDU会话标识对应的会话建立请求,或者,所述第二网络侧设备释放所述第一PDU会话标识对应的PDU会话。In a possible implementation, the second acquisition module 1602 is also configured to acquire second indication information sent by the first network side device, wherein the second indication information is used to indicate that the terminal does not use the URSP rules correctly. ;Reject the session establishment request corresponding to the first PDU session identifier, or, the second network side device releases the PDU session corresponding to the first PDU session identifier.
在一个可能的实现方式中,所述终端未正确使用URSP规则包括以下至少之一:In a possible implementation, the incorrect use of URSP rules by the terminal includes at least one of the following:
所述第一URSP规则与第二URSP规则是否一致,所述第二URSP规则为所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则;Whether the first URSP rule is consistent with the second URSP rule. The second URSP rule is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal;
所述第一参数的至少一项与所述第二参数中的至少一项不一致;At least one of the first parameters is inconsistent with at least one of the second parameters;
所述第一PDU会话中未包括所述目标应用的数据包。The first PDU session does not include the data packet of the target application.
图17示出本申请实施例提供的URSP规则的验证装置的又一种结构示意图,如图17所示,该装置1700主要包括:接收模块1701和发送模块1702。Figure 17 shows another schematic structural diagram of a URSP rule verification device provided by an embodiment of the present application. As shown in Figure 17, the device 1700 mainly includes: a receiving module 1701 and a sending module 1702.
在本申请实施例中,接收模块1701,用于接收第二网络侧设备发送的目标请求信息,其中,所述目标请求信息指示第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数;发送模块1702,用于将所述目标请求信息发送给所述第一网络侧设备。In this embodiment of the present application, the receiving module 1701 is used to receive target request information sent by the second network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly, The target request information includes the first URSP rule and the first parameter of the first PDU session; the sending module 1702 is configured to send the target request information to the first network side device.
在一个可能的实现方式中,所述接收模块1701还用于接收所述第一网络侧设备发送的第一指示信息,其中,所述第一指示信息指示所述第三网络侧设备在接收到所述终端的PDU会话建立请求或PDU会话修改请求之后,向所述第二网络侧设备发送所述第一网络侧设备的标识;接收所述终端发送的PDU会话建立请求或PDU会话修改请求,其中,所述PDU会话建立请求消息或PDU会话修改请求,用于请求建立或请求修改所述第一PDU会话;所述发送模块1702,还用于向所述第二网络侧设备发送第二请求消息,其中,所述第二请求消息用于请求建立或更新所述第一PDU会话的上下文,所述第二请求消息中携带有目标标识,所述目标标识用于指示为所述终端提供服务的所述第一网络侧设备。In a possible implementation, the receiving module 1701 is further configured to receive first indication information sent by the first network side device, wherein the first indication information indicates that the third network side device receives After the terminal sends a PDU session establishment request or a PDU session modification request, send the identification of the first network side device to the second network side device; receive the PDU session establishment request or PDU session modification request sent by the terminal, Wherein, the PDU session establishment request message or PDU session modification request is used to request the establishment or modification of the first PDU session; the sending module 1702 is also used to send a second request to the second network side device. message, wherein the second request message is used to request the establishment or update of the context of the first PDU session, the second request message carries a target identifier, and the target identifier is used to indicate providing services to the terminal. the first network side device.
在一个可能的实现方式中,所述接收模块1701,还用于接收所述第二网络侧设备发送的第三请求消息,其中,所述第三请求消息中携带有所述终端的标识,所述第三请求用于获取所述终端的上下文信息;所述发送模块1702,还用于向所述第二网络侧设备发送所述终端的上下文信息,其中,所述上下文信息中包括所述第一网络侧设备的标识。In a possible implementation, the receiving module 1701 is also configured to receive a third request message sent by the second network side device, where the third request message carries the identification of the terminal, so The third request is used to obtain the context information of the terminal; the sending module 1702 is also used to send the context information of the terminal to the second network side device, wherein the context information includes the third An identification of the network side device.
在一个可能的实现方式中,所述接收模块1701,还用于接收所述第二网络侧设备发送的第四请求消息,其中,所述第四请求消息用于请求获取向所述终端发送URSP规则的第 一网络侧设备的标识,所述第四请求消息中携带有所述终端的标识;所述发送模块1702,还用于将与所述终端的标识对应的所述第一网络侧设备的标识发送给所述第二网络侧设备。In a possible implementation, the receiving module 1701 is also configured to receive a fourth request message sent by the second network side device, wherein the fourth request message is used to request to obtain the URSP sent to the terminal. Rule No. An identifier of a network-side device, and the fourth request message carries the identifier of the terminal; the sending module 1702 is also configured to send the identifier of the first network-side device corresponding to the identifier of the terminal. to the second network side device.
本申请实施例中的URSP规则的验证装置可以是电子设备,例如具有操作系统的电子设备,也可以是电子设备中的部件,例如集成电路或芯片。The verification device of the URSP rules in the embodiment of the present application may be an electronic device, such as an electronic device with an operating system, or may be a component in the electronic device, such as an integrated circuit or chip.
本申请实施例提供的URSP规则的验证装置能够实现图2至图14的方法实施例实现的各个过程,并达到相同的技术效果,为避免重复,这里不再赘述。The URSP rule verification device provided by the embodiment of the present application can implement each process implemented by the method embodiments of Figures 2 to 14, and achieve the same technical effect. To avoid duplication, the details will not be described here.
可选的,如图18所示,本申请实施例还提供一种通信设备1800,包括处理器1801和存储器1802,存储器1802上存储有可在所述处理器1801上运行的程序或指令,例如,该通信设备1800为网络侧设备时,该程序或指令被处理器1801执行时实现上述URSP规则的验证方法实施例的各个步骤,且能达到相同的技术效果,为避免重复,这里不再赘述。Optionally, as shown in Figure 18, this embodiment of the present application also provides a communication device 1800, including a processor 1801 and a memory 1802. The memory 1802 stores programs or instructions that can be run on the processor 1801, for example. , when the communication device 1800 is a network-side device, when the program or instruction is executed by the processor 1801, each step of the above-mentioned URSP rule verification method embodiment is implemented, and the same technical effect can be achieved. To avoid duplication, it will not be described again here. .
本申请实施例还提供一种网络侧设备,包括处理器和通信接口,处理器用于实现上述URSP规则的验证方法实施例的各个步骤,通信接口用于与外部设备进行通信。该网络侧设备实施例与上述网络侧设备方法实施例对应,上述方法实施例的各个实施过程和实现方式均可适用于该网络侧设备实施例中,且能达到相同的技术效果。An embodiment of the present application also provides a network-side device, including a processor and a communication interface. The processor is used to implement each step of the above URSP rule verification method embodiment, and the communication interface is used to communicate with an external device. This network-side device embodiment corresponds to the above-mentioned network-side device method embodiment. Each implementation process and implementation manner of the above-mentioned method embodiment can be applied to this network-side device embodiment, and can achieve the same technical effect.
具体地,本申请实施例还提供了一种网络侧设备。如图19所示,该网络侧设备1900包括:处理器1901、网络接口1902和存储器1903。其中,网络接口1902例如为通用公共无线接口(common public radio interface,CPRI)。Specifically, the embodiment of the present application also provides a network side device. As shown in Figure 19, the network side device 1900 includes: a processor 1901, a network interface 1902, and a memory 1903. Among them, the network interface 1902 is, for example, a common public radio interface (CPRI).
具体地,本发明实施例的网络侧设备1900还包括:存储在存储器1903上并可在处理器1901上运行的指令或程序,处理器1901调用存储器1903中的指令或程序执行图15至图17所示各模块执行的方法,并达到相同的技术效果,为避免重复,故不在此赘述。Specifically, the network side device 1900 in this embodiment of the present invention also includes: instructions or programs stored in the memory 1903 and executable on the processor 1901. The processor 1901 calls the instructions or programs in the memory 1903 to execute Figures 15 to 17 The execution methods of each module are shown and achieve the same technical effect. To avoid repetition, they will not be described in detail here.
本申请实施例还提供一种可读存储介质,所述可读存储介质上存储有程序或指令,该程序或指令被处理器执行时实现上述URSP规则的验证方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。Embodiments of the present application also provide a readable storage medium. Programs or instructions are stored on the readable storage medium. When the program or instructions are executed by a processor, each process of the above-mentioned URSP rule verification method embodiment is implemented, and can To achieve the same technical effect, to avoid repetition, we will not repeat them here.
其中,所述处理器为上述实施例中所述的终端中的处理器。所述可读存储介质,包括计算机可读存储介质,如计算机只读存储器ROM、随机存取存储器RAM、磁碟或者光盘等。Wherein, the processor is the processor in the terminal described in the above embodiment. The readable storage medium includes computer readable storage media, such as computer read-only memory ROM, random access memory RAM, magnetic disk or optical disk, etc.
本申请实施例另提供了一种芯片,所述芯片包括处理器和通信接口,所述通信接口和所述处理器耦合,所述处理器用于运行程序或指令,实现上述URSP规则的验证方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。应理解,本申请实施例提到的芯片还可以称为系统级芯片,系统芯片,芯片系统或片上系统芯片等。An embodiment of the present application further provides a chip. The chip includes a processor and a communication interface. The communication interface is coupled to the processor. The processor is used to run programs or instructions to implement the verification method of the above URSP rules. Each process in the example can achieve the same technical effect. To avoid repetition, we will not repeat it here. It should be understood that the chips mentioned in the embodiments of this application may also be called system-on-chip, system-on-a-chip, system-on-chip or system-on-chip, etc.
本申请实施例另提供了一种计算机程序/程序产品,所述计算机程序/程序产品被存储在存储介质中,所述计算机程序/程序产品被至少一个处理器执行以实现上述URSP规则的验证方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。Embodiments of the present application further provide a computer program/program product. The computer program/program product is stored in a storage medium. The computer program/program product is executed by at least one processor to implement the above verification method of URSP rules. Each process of the embodiment can achieve the same technical effect, so to avoid repetition, it will not be described again here.
本申请实施例还提供了一种URSP规则的验证系统,包括:第一网络侧设备及第二网 络侧设备,所述第一网络侧设备可用于执行如上所述的URSP规则的验证方法中第一网络侧设备执行的步骤,所述第二网络侧设备可用于执行如上所述的URSP规则的验证方法中第二网络侧设备执行的步骤。The embodiment of the present application also provides a verification system for URSP rules, including: a first network side device and a second network side device. Network side device, the first network side device can be used to perform the steps performed by the first network side device in the verification method of the URSP rule as described above, and the second network side device can be used to perform the steps of the URSP rule as described above. Steps performed by the second network side device in the verification method.
可选地,所述URSP规则的验证系统还可以包括第三网络侧设备,所述第三网络侧设备可用于执行如上所述的URSP规则的验证方法中第三网络侧设备执行的步骤。Optionally, the URSP rule verification system may further include a third network side device, and the third network side device may be configured to perform the steps performed by the third network side device in the URSP rule verification method as described above.
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。此外,需要指出的是,本申请实施方式中的方法和装置的范围不限按示出或讨论的顺序来执行功能,还可包括根据所涉及的功能按基本同时的方式或按相反的顺序来执行功能,例如,可以按不同于所描述的次序来执行所描述的方法,并且还可以添加、省去、或组合各种步骤。另外,参照某些示例所描述的特征可在其他示例中被组合。It should be noted that, in this document, the terms "comprising", "comprises" or any other variations thereof are intended to cover a non-exclusive inclusion, such that a process, method, article or device that includes a series of elements not only includes those elements, It also includes other elements not expressly listed or inherent in the process, method, article or apparatus. Without further limitation, an element defined by the statement "comprises a..." does not exclude the presence of additional identical elements in a process, method, article or apparatus that includes that element. In addition, it should be pointed out that the scope of the methods and devices in the embodiments of the present application is not limited to performing functions in the order shown or discussed, but may also include performing functions in a substantially simultaneous manner or in reverse order according to the functions involved. Functions may be performed, for example, the methods described may be performed in an order different from that described, and various steps may be added, omitted, or combined. Additionally, features described with reference to certain examples may be combined in other examples.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分可以以计算机软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本申请各个实施例所述的方法。Through the above description of the embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus the necessary general hardware platform. Of course, it can also be implemented by hardware, but in many cases the former is better. implementation. Based on this understanding, the technical solution of the present application can be embodied in the form of a computer software product that is essentially or contributes to the existing technology. The computer software product is stored in a storage medium (such as ROM/RAM, disk , CD), including several instructions to cause a terminal (which can be a mobile phone, computer, server, air conditioner, or network device, etc.) to execute the methods described in various embodiments of this application.
上面结合附图对本申请的实施例进行了描述,但是本申请并不局限于上述的具体实施方式,上述的具体实施方式仅仅是示意性的,而不是限制性的,本领域的普通技术人员在本申请的启示下,在不脱离本申请宗旨和权利要求所保护的范围情况下,还可做出很多形式,均属于本申请的保护之内。 The embodiments of the present application have been described above in conjunction with the accompanying drawings. However, the present application is not limited to the above-mentioned specific implementations. The above-mentioned specific implementations are only illustrative and not restrictive. Those of ordinary skill in the art will Inspired by this application, many forms can be made without departing from the purpose of this application and the scope protected by the claims, all of which fall within the protection of this application.

Claims (36)

  1. 一种用户设备路由选项策略URSP规则的验证方法,包括:A verification method for user equipment routing option policy URSP rules, including:
    第一网络侧设备获取第二网络侧设备发送的目标请求信息,其中,所述目标请求信息包括:终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一协议数据单元PDU会话的第一参数;The first network side device obtains the target request information sent by the second network side device, wherein the target request information includes: the first URSP rule used by the terminal for the target application and the first protocol data unit PDU session carrying the target application. The first parameter;
    所述第一网络侧设备通过验证所述第一URSP规则与第二URSP规则是否一致,得到第一验证结果,其中,所述第二URSP规则为所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则;The first network side device obtains a first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein the second URSP rule is sent by the first network side device to the terminal. At least one URSP rule corresponding to the target application;
    所述第一网络侧设备验证所述第一PDU会话的第一参数与所述第一URSP规则中的路由选择描述符RSD描述的第二参数是否一致,得到第二验证结果。The first network side device verifies whether the first parameter of the first PDU session is consistent with the second parameter described by the routing descriptor RSD in the first URSP rule, and obtains a second verification result.
  2. 根据权利要求1所述的方法,其中,The method of claim 1, wherein,
    所述第一参数包括以下至少一项:PDU会话类型、PDU会话的接入类型、会话和服务连续性SSC模式、网络切片标识符、数据网络名称DNN;和/或,The first parameter includes at least one of the following: PDU session type, access type of PDU session, session and service continuity SSC mode, network slice identifier, data network name DNN; and/or,
    所述第二参数包括以下至少一项:PDU会话类型、PDU会话的接入类型、会话和服务连续性SSC模式、网络切片标识符、数据网络名称DNN。The second parameter includes at least one of the following: PDU session type, access type of PDU session, session and service continuity SSC mode, network slice identifier, and data network name DNN.
  3. 根据权利要求1所述的方法,其中,第一网络侧设备获取第二网络侧设备发送的目标请求信息,包括以下之一:The method according to claim 1, wherein the first network side device obtains the target request information sent by the second network side device, including one of the following:
    所述第一网络侧设备接收来自所述第二网络侧设备的所述目标请求信息;The first network side device receives the target request information from the second network side device;
    所述第一网络侧设备接收所述第二网络侧设备通过第三网络侧设备和/或第四网络侧设备转发的所述目标请求信息。The first network side device receives the target request information forwarded by the second network side device through the third network side device and/or the fourth network side device.
  4. 根据权利要求1所述的方法,其中,在所述第一网络侧设备获取第二网络侧设备发送的目标请求信息之前,所述方法还包括:The method according to claim 1, wherein before the first network side device obtains the target request information sent by the second network side device, the method further includes:
    所述第一网络侧设备向所述终端发送URSP规则;The first network side device sends a URSP rule to the terminal;
    所述第一网络侧设备向第三网络侧设备发送第一指示信息,其中,所述第一指示信息指示所述第三网络侧设备在接收到所述终端的PDU会话建立请求或PDU会话修改请求之后,向所述第二网络侧设备发送所述第一网络侧设备的标识。The first network side device sends first indication information to the third network side device, wherein the first indication information indicates that the third network side device receives a PDU session establishment request or a PDU session modification from the terminal. After the request, send the identification of the first network side device to the second network side device.
  5. 根据权利要求4所述的方法,其中,在所述第一网络侧设备向第三网络侧设备发送第一指示信息之前,所述方法还包括:The method according to claim 4, wherein before the first network side device sends the first indication information to the third network side device, the method further includes:
    所述第一网络侧设备接收所述第三网络侧设备发送的第一请求消息,所述第一请求消息用于请求为所述终端创建或更新URSP规则,所述第一请求消息中携带有所述终端的能力信息,所述能力信息指示所述终端支持上报所述终端的URSP规则的使用信息。The first network side device receives a first request message sent by the third network side device. The first request message is used to request to create or update a URSP rule for the terminal. The first request message carries The capability information of the terminal indicates that the terminal supports reporting the usage information of the URSP rules of the terminal.
  6. 根据权利要求1至5任一项所述的方法,其中,所述第一网络侧设备验证所述第一PDU会话的第一参数与所述第一URSP规则中的路由选择描述符RSD描述的第二参数是否一致,包括:The method according to any one of claims 1 to 5, wherein the first network side device verifies that the first parameter of the first PDU session is described by the routing descriptor RSD in the first URSP rule. Whether the second parameter is consistent, including:
    在所述第一验证结果指示所述第一URSP规则与所述第二URSP规则一致的情况下, 所述第一网络侧设备验证所述第一PDU会话的第一参数与所述第一URSP规则中的RSD描述的第二参数是否一致。In the case where the first verification result indicates that the first URSP rule is consistent with the second URSP rule, The first network side device verifies whether the first parameter of the first PDU session is consistent with the second parameter described by the RSD in the first URSP rule.
  7. 根据权利要求1至5任一项所述的方法,其中,所述方法还包括:The method according to any one of claims 1 to 5, wherein the method further includes:
    所述第一网络侧设备获取所述第二网络侧设备发送的第三验证结果,其中,所述第三验证结果指示所述第一PDU会话中是否包括所述目标应用的数据包。The first network side device obtains a third verification result sent by the second network side device, wherein the third verification result indicates whether the first PDU session includes the data packet of the target application.
  8. 根据权利要求7所述的方法,其中,所述方法还包括:The method of claim 7, further comprising:
    在以下任一情况下,所述第一网络侧设备发送第二指示信息,其中,所述第二指示信息用于指示所述终端未正确使用URSP规则:In any of the following situations, the first network side device sends second indication information, where the second indication information is used to indicate that the terminal does not use URSP rules correctly:
    所述第一验证结果指示所述第一URSP规则与所述第二URSP规则不一致;The first verification result indicates that the first URSP rule is inconsistent with the second URSP rule;
    所述第二验证结果指示所述第一参数与所述第二参数不一致;The second verification result indicates that the first parameter is inconsistent with the second parameter;
    所述第三验证结果指示所述第一PDU会话中未包括所述目标应用的数据包。The third verification result indicates that the data packet of the target application is not included in the first PDU session.
  9. 根据权利要求7所述的方法,其中,所述方法还包括:The method of claim 7, further comprising:
    在以下任一情况下,所述第一网络侧设备更新所述终端的URSP规则:In any of the following situations, the first network side device updates the URSP rule of the terminal:
    所述第一验证结果指示所述第一URSP规则与所述第二URSP规则不一致;The first verification result indicates that the first URSP rule is inconsistent with the second URSP rule;
    所述第二验证结果指示所述第一参数中的至少一项参数与所述第二参数不一致;The second verification result indicates that at least one of the first parameters is inconsistent with the second parameter;
    所述第三验证结果指示所述第一PDU会话中未包括所述目标应用的数据包。The third verification result indicates that the data packet of the target application is not included in the first PDU session.
  10. 根据权利要求1至9任一项所述的方法,其中,所述第一网络侧设备与所述第二网络侧设备之间直接进行信息传输,或者,所述第一网络侧设备与所述第二网络侧设备之间通过第三网络侧设备进行信息传输。The method according to any one of claims 1 to 9, wherein information transmission is performed directly between the first network side device and the second network side device, or the first network side device and the second network side device Information is transmitted between the second network side devices through the third network side device.
  11. 一种URSP规则的验证方法,包括:A verification method for URSP rules, including:
    第二网络侧设备接收终端发送的上报信息,其中,所述上报信息包括:所述终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话标识,所述第一PDU会话标识用于指示第一PDU会话;The second network side device receives the reporting information sent by the terminal, where the reporting information includes: the first URSP rule used by the terminal for the target application and the first PDU session identifier carrying the target application. The first PDU The session identifier is used to indicate the first PDU session;
    所述第二网络侧设备获取所述第一PDU会话的第一参数;The second network side device obtains the first parameter of the first PDU session;
    所述第二网络侧设备向第一网络侧设备发送目标请求信息,其中,所述目标请求信息指示所述第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数。The second network side device sends target request information to the first network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses the URSP rule correctly, and the target request information The first URSP rule and the first parameter of the first PDU session are included.
  12. 根据权利要求11所述的方法,其中,在所述第二网络侧设备向第一网络侧设备发送目标请求信息之前,所述方法还包括:The method according to claim 11, wherein before the second network side device sends the target request information to the first network side device, the method further includes:
    所述第二网络侧设备获取所述第一网络侧设备的标识。The second network side device obtains the identity of the first network side device.
  13. 根据权利要求12所述的方法,其中,所述第二网络侧设备获取所述第一网络侧设备的标识包括以下之一:The method according to claim 12, wherein the second network side device obtaining the identity of the first network side device includes one of the following:
    所述第二网络侧设备接收第三网络侧设备发送的第二请求消息,其中,所述第二请求消息用于请求建立或更新所述第一PDU会话的上下文,所述第二请求消息中携带有目标标识,所述目标标识用于指示为所述终端提供服务的所述第一网络侧设备; The second network side device receives a second request message sent by the third network side device, wherein the second request message is used to request the establishment or update of the context of the first PDU session. In the second request message Carrying a target identifier, the target identifier is used to indicate the first network side device that provides services for the terminal;
    所述第二网络侧设备向所述第三网络侧设备发送第三请求消息,其中,所述第三请求消息中携带有所述终端的标识,所述第三请求用于获取所述终端的上下文信息;所述第二网络侧设备接收所述第三网络侧设备返回的所述终端的上下文信息,从所述终端的上下文信息中获取所述第一网络侧设备的标识;The second network side device sends a third request message to the third network side device, where the third request message carries the identifier of the terminal, and the third request is used to obtain the identifier of the terminal. Context information; the second network side device receives the context information of the terminal returned by the third network side device, and obtains the identity of the first network side device from the context information of the terminal;
    所述第二网络侧设备向所述第三网络侧设备发送第四请求消息,其中,所述第四请求消息用于请求获取向所述终端发送URSP规则的第一网络侧设备的标识,所述第四请求消息中携带有所述终端的标识;所述第二网络侧设备接收所述第三网络侧设备返回的所述第一网络侧设备的标识;The second network side device sends a fourth request message to the third network side device, wherein the fourth request message is used to request to obtain the identity of the first network side device that sends the URSP rule to the terminal, so The fourth request message carries the identification of the terminal; the second network side device receives the identification of the first network side device returned by the third network side device;
    所述第二网络侧设备向第五网络侧设备发送第五请求消息,其中,所述第五请求消息用于获得向所述终端发送URSP规则的第一网络侧设备的标识,所述第五请求消息中携带有所述终端的标识;获取第五网络侧设备返回的所述第一网络侧设备的标识。The second network side device sends a fifth request message to the fifth network side device, wherein the fifth request message is used to obtain the identity of the first network side device that sends the URSP rule to the terminal, and the fifth network side device The request message carries the identifier of the terminal; and the identifier of the first network-side device returned by the fifth network-side device is obtained.
  14. 根据权利要求11至13任一项所述的方法,其中,在所述第二网络侧设备向第一网络侧设备发送目标请求信息之后,所述方法还包括:The method according to any one of claims 11 to 13, wherein after the second network side device sends the target request information to the first network side device, the method further includes:
    所述第二网络侧设备获取所述第一网络侧设备发送的所述第一URSP规则;The second network side device obtains the first URSP rule sent by the first network side device;
    所述第二网络侧设备根据所述第一URSP规则,生成包检测规则,将所述包检测规则应用于所述第一PDU会话标识指示的第一PDU会话,获取第三验证结果,其中,所述包检测规则用于验证所述第一PDU会话中是否包括所述目标应用的数据包;The second network side device generates a packet detection rule according to the first URSP rule, applies the packet detection rule to the first PDU session indicated by the first PDU session identifier, and obtains a third verification result, wherein, The packet detection rule is used to verify whether the first PDU session includes the data packet of the target application;
    所述第二网络侧设备向所述第一网络侧设备发送所述第三验证结果。The second network side device sends the third verification result to the first network side device.
  15. 根据权利要求14所述的方法,其中,所述方法还包括:The method of claim 14, wherein the method further includes:
    所述第二网络侧设备获取所述第一网络侧设备发送的第二指示信息,其中,所述第二指示信息用于指示所述终端未正确使用URSP规则;The second network side device obtains second indication information sent by the first network side device, wherein the second indication information is used to indicate that the terminal does not use URSP rules correctly;
    所述第二网络侧设备拒绝所述第一PDU会话标识对应的会话建立请求,或者,所述第二网络侧设备释放所述第一PDU会话标识对应的PDU会话。The second network side device rejects the session establishment request corresponding to the first PDU session identifier, or the second network side device releases the PDU session corresponding to the first PDU session identifier.
  16. 根据权利要求15所述的方法,其中,所述终端未正确使用URSP规则包括以下至少之一:The method according to claim 15, wherein the incorrect use of URSP rules by the terminal includes at least one of the following:
    所述第一URSP规则与第二URSP规则是否一致,所述第二URSP规则为所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则;Whether the first URSP rule is consistent with the second URSP rule. The second URSP rule is at least one URSP rule corresponding to the target application sent by the first network side device to the terminal;
    所述第一参数的至少一项与所述第二参数中的至少一项不一致;At least one of the first parameters is inconsistent with at least one of the second parameters;
    所述第一PDU会话中未包括所述目标应用的数据包。The first PDU session does not include the data packet of the target application.
  17. 根据权利要求10至16任一项所述的方法,其中,所述第二网络侧设备与所述第一网络侧设备之间直接进行信息传输,或者,所述第二网络侧设备与所述第一网络侧设备之间通过第三网络侧设备进行信息传输。The method according to any one of claims 10 to 16, wherein information is transmitted directly between the second network side device and the first network side device, or the second network side device and the first network side device Information is transmitted between the first network side devices through the third network side device.
  18. 一种URSP规则的验证方法,包括:A verification method for URSP rules, including:
    第三网络侧设备接收第二网络侧设备发送的目标请求信息,其中,所述目标请求信息指示第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包 括所述第一URSP规则和所述第一PDU会话的第一参数;The third network side device receives the target request information sent by the second network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly, and the target request information packet including the first URSP rule and the first parameter of the first PDU session;
    所述第三网络侧设备将所述目标请求信息发送给所述第一网络侧设备。The third network side device sends the target request information to the first network side device.
  19. 根据权利要求18所述的方法,其中,在第三网络侧设备接收第二网络侧设备发送的目标请求信息之前,所述方法还包括:The method according to claim 18, wherein before the third network side device receives the target request information sent by the second network side device, the method further includes:
    所述第三网络侧设备接收所述第一网络侧设备发送的第一指示信息,其中,所述第一指示信息指示所述第三网络侧设备在接收到所述终端发送的PDU会话建立请求或PDU会话修改请求之后,向所述第二网络侧设备发送所述第一网络侧设备的标识;The third network side device receives the first indication information sent by the first network side device, wherein the first indication information indicates that the third network side device receives the PDU session establishment request sent by the terminal. or after the PDU session modification request, send the identification of the first network side device to the second network side device;
    所述第三网络侧设备接收所述终端发送的PDU会话建立请求或PDU会话修改请求,其中,所述PDU会话建立请求消息或PDU会话修改请求,用于请求建立或请求修改所述第一PDU会话;The third network side device receives a PDU session establishment request or a PDU session modification request sent by the terminal, wherein the PDU session establishment request message or PDU session modification request is used to request establishment or modification of the first PDU Conversation;
    所述第三网络侧设备向所述第二网络侧设备发送第二请求消息,其中,所述第二请求消息用于请求建立或更新所述第一PDU会话的上下文,所述第二请求消息中携带有目标标识,所述目标标识用于指示为所述终端提供服务的所述第一网络侧设备。The third network side device sends a second request message to the second network side device, wherein the second request message is used to request to establish or update the context of the first PDU session, and the second request message carries a target identifier, and the target identifier is used to indicate the first network side device that provides services for the terminal.
  20. 根据权利要求18所述的方法,其中,在第三网络侧设备接收第二网络侧设备发送的第一请求消息之前,所述方法还包括:The method according to claim 18, wherein before the third network side device receives the first request message sent by the second network side device, the method further includes:
    所述第三网络侧设备接收所述第二网络侧设备发送的第三请求消息,其中,所述第三请求消息中携带有所述终端的标识,所述第三请求用于获取所述终端的上下文信息;The third network side device receives a third request message sent by the second network side device, wherein the third request message carries the identifier of the terminal, and the third request is used to obtain the contextual information;
    所述第三网络侧设备向所述第二网络侧设备发送所述终端的上下文信息,其中,所述上下文信息中包括所述第一网络侧设备的标识。The third network side device sends the context information of the terminal to the second network side device, where the context information includes the identification of the first network side device.
  21. 根据权利要求18所述的方法,其中,在第三网络侧设备接收第二网络侧设备发送的第一请求消息之前,所述方法还包括:The method according to claim 18, wherein before the third network side device receives the first request message sent by the second network side device, the method further includes:
    所述第三网络侧设备接收所述第二网络侧设备发送的第四请求消息,其中,所述第四请求消息用于请求获取向所述终端发送URSP规则的第一网络侧设备的标识,所述第四请求消息中携带有所述终端的标识;The third network side device receives a fourth request message sent by the second network side device, wherein the fourth request message is used to request to obtain the identity of the first network side device that sends the URSP rule to the terminal, The fourth request message carries the identification of the terminal;
    所述第三网络侧设备将与所述终端的标识对应的所述第一网络侧设备的标识发送给所述第二网络侧设备。The third network side device sends the identity of the first network side device corresponding to the identity of the terminal to the second network side device.
  22. 一种URSP规则的验证装置,包括:A verification device for URSP rules, including:
    第一获取模块,用于获取第二网络侧设备发送的目标请求信息,其中,所述目标请求信息包括:终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话的第一参数;The first acquisition module is configured to acquire the target request information sent by the second network side device, where the target request information includes: the first URSP rule used by the terminal for the target application and the first PDU session carrying the target application. first parameter;
    第一验证模块,用于通过验证所述第一URSP规则与第二URSP规则是否一致,得到第一验证结果,其中,所述第二URSP规则为所述第一网络侧设备发送给所述终端的与所述目标应用对应的至少一个URSP规则;A first verification module, configured to obtain a first verification result by verifying whether the first URSP rule and the second URSP rule are consistent, wherein the second URSP rule is sent by the first network side device to the terminal At least one URSP rule corresponding to the target application;
    第二验证模块,用于验证所述第一PDU会话的第一参数与所述第一URSP规则中的路由选择描述符RSD描述的第二参数是否一致,得到第二验证结果。 The second verification module is used to verify whether the first parameter of the first PDU session is consistent with the second parameter described by the routing descriptor RSD in the first URSP rule, and obtain a second verification result.
  23. 根据权利要求22所述的装置,其中,所述装置还包括:The device of claim 22, wherein the device further comprises:
    第一收发模块,用于向所述终端发送URSP规则;向第三网络侧设备发送第一指示信息,其中,所述第一指示信息指示所述第三网络侧设备在接收到所述终端的PDU会话建立请求或PDU会话修改请求之后,向所述第二网络侧设备发送所述第一网络侧设备的标识。The first transceiver module is configured to send URSP rules to the terminal; send first indication information to the third network side device, wherein the first indication information indicates that the third network side device receives the request from the terminal. After the PDU session establishment request or the PDU session modification request, the identifier of the first network side device is sent to the second network side device.
  24. 根据权利要求23所述的装置,其中,所述第一收发模块还用于接收到所述第三网络侧设备发送的第一请求消息,所述第一请求消息用于请求为所述终端创建或更新URSP规则,所述第一请求消息中携带有所述终端的能力信息,所述能力信息指示所述终端支持上报所述终端的URSP规则的使用信息。The apparatus according to claim 23, wherein the first transceiver module is further configured to receive a first request message sent by the third network side device, the first request message is used to request to create a Or update the URSP rule, the first request message carries capability information of the terminal, and the capability information indicates that the terminal supports reporting the usage information of the URSP rule of the terminal.
  25. 根据权利要求22至24任一项所述的装置,其中,所述第一获取模块,还用于获取所述第二网络侧设备发送的第三验证结果,其中,所述第三验证结果指示所述第一PDU会话中是否包括所述目标应用的数据包。The apparatus according to any one of claims 22 to 24, wherein the first acquisition module is further configured to acquire a third verification result sent by the second network side device, wherein the third verification result indicates Whether the first PDU session includes the data packet of the target application.
  26. 根据权利要求25所述的装置,其中,所述装置还包括:The device of claim 25, wherein the device further comprises:
    更新模块,用于在以下任一情况下,更新所述终端的URSP规则:The update module is used to update the URSP rules of the terminal in any of the following situations:
    所述第一验证结果指示所述第一URSP规则与所述第二URSP规则不一致;The first verification result indicates that the first URSP rule is inconsistent with the second URSP rule;
    所述第二验证结果指示所述第一参数中的至少一项参数与所述第二参数不一致;The second verification result indicates that at least one of the first parameters is inconsistent with the second parameter;
    所述第三验证结果指示所述第一PDU会话中未包括所述目标应用的数据包。The third verification result indicates that the data packet of the target application is not included in the first PDU session.
  27. 一种URSP规则的验证装置,包括:A verification device for URSP rules, including:
    第二收发模块,用于接收终端发送的上报信息,其中,所述上报信息包括:所述终端针对目标应用使用的第一URSP规则以及承载所述目标应用的第一PDU会话标识,所述第一PDU会话标识用于指示第一PDU会话;The second transceiver module is configured to receive reporting information sent by the terminal, where the reporting information includes: the first URSP rule used by the terminal for the target application and the first PDU session identifier carrying the target application, and the third A PDU session identifier is used to indicate the first PDU session;
    第二获取模块,用于获取所述第一PDU会话的第一参数;A second acquisition module, configured to acquire the first parameter of the first PDU session;
    所述第二收发模块,还用于向第一网络侧设备发送目标请求信息,其中,所述目标请求信息指示所述第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数。The second transceiver module is also configured to send target request information to the first network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly, and the The target request information includes the first URSP rule and the first parameter of the first PDU session.
  28. 根据权利要求27所述的装置,其中,所述第二获取模块还用于获取所述第一网络侧设备的标识。The apparatus according to claim 27, wherein the second obtaining module is further used to obtain the identity of the first network side device.
  29. 根据权利要求28所述的装置,其中,所述第二获取模块获取所述第一网络侧设备的标识,包括以下之一:The apparatus according to claim 28, wherein the second acquisition module acquires the identity of the first network side device, including one of the following:
    接收第三网络侧设备发送的第二请求消息,其中,所述第二请求消息用于请求建立或更新所述第一PDU会话的上下文,所述第二请求消息中携带有目标标识,所述目标标识用于指示为所述终端提供服务的所述第一网络侧设备;Receive a second request message sent by a third network side device, wherein the second request message is used to request the establishment or update of the context of the first PDU session, the second request message carries a target identifier, and the The target identifier is used to indicate the first network side device that provides services for the terminal;
    向所述第三网络侧设备发送第三请求消息,其中,所述第三请求消息中携带有所述终端的标识,所述第三请求用于获取所述终端的上下文信息;接收所述第三网络侧设备返回的所述终端的上下文信息,从所述终端的上下文信息中获取所述第一网络侧设备的标识;Send a third request message to the third network side device, wherein the third request message carries the identifier of the terminal, and the third request is used to obtain context information of the terminal; receive the third request message. The context information of the terminal returned by the third network side device is used to obtain the identity of the first network side device from the context information of the terminal;
    向所述第三网络侧设备发送第四请求消息,其中,所述第四请求消息用于请求获取向 所述终端发送URSP规则的第一网络侧设备的标识,所述第四请求消息中携带有所述终端的标识;接收所述第三网络侧设备返回的所述第一网络侧设备的标识;Send a fourth request message to the third network side device, where the fourth request message is used to request to obtain the The terminal sends the identifier of the first network-side device of the URSP rule, and the fourth request message carries the identifier of the terminal; receives the identifier of the first network-side device returned by the third network-side device;
    向第五网络侧设备发送第五请求消息,其中,所述第五请求消息用于获得向所述终端发送URSP规则的第一网络侧设备的标识,所述第五请求消息中携带有所述终端的标识;获取第五网络侧设备返回的所述第一网络侧设备的标识。Send a fifth request message to the fifth network side device, wherein the fifth request message is used to obtain the identity of the first network side device that sends the URSP rule to the terminal, and the fifth request message carries the The identification of the terminal; obtaining the identification of the first network side device returned by the fifth network side device.
  30. 根据权利要求27至29任一项所述的装置,其中,所述装置还包括:The device according to any one of claims 27 to 29, wherein the device further comprises:
    第三验证模块,用于获取所述第一网络侧设备发送的所述第一URSP规则,根据所述第一URSP规则,生成包检测规则,将所述包检测规则应用于所述第一PDU会话标识指示的第一PDU会话,获取第三验证结果,其中,所述包检测规则用于验证所述第一PDU会话中是否包括所述目标应用的数据包。A third verification module, configured to obtain the first URSP rule sent by the first network side device, generate a packet detection rule according to the first URSP rule, and apply the packet detection rule to the first PDU The first PDU session indicated by the session identifier obtains a third verification result, wherein the packet detection rule is used to verify whether the first PDU session includes the data packet of the target application.
  31. 一种URSP规则的验证装置,包括:A verification device for URSP rules, including:
    接收模块,用于接收第二网络侧设备发送的目标请求信息,其中,所述目标请求信息指示第一网络侧设备对所述终端是否正确使用URSP规则进行验证,所述目标请求信息包括所述第一URSP规则和所述第一PDU会话的第一参数;A receiving module configured to receive target request information sent by the second network side device, wherein the target request information instructs the first network side device to verify whether the terminal uses URSP rules correctly, and the target request information includes the The first URSP rule and the first parameter of the first PDU session;
    发送模块,用于将所述目标请求信息发送给所述第一网络侧设备。A sending module, configured to send the target request information to the first network side device.
  32. 根据权利要求31所述的装置,其中,The device of claim 31, wherein:
    所述接收模块,还用于接收所述第一网络侧设备发送的第一指示信息,其中,所述第一指示信息指示所述第三网络侧设备在接收到所述终端发送的PDU会话建立请求或PDU会话修改请求之后,向所述第二网络侧设备发送所述第一网络侧设备的标识;接收所述终端发送的PDU会话建立请求或PDU会话修改请求,其中,所述PDU会话建立请求消息或PDU会话修改请求,用于请求建立或请求修改所述第一PDU会话;The receiving module is further configured to receive first indication information sent by the first network side device, wherein the first indication information indicates that the third network side device establishes a session after receiving the PDU sent by the terminal. After the request or the PDU session modification request, send the identification of the first network side device to the second network side device; receive the PDU session establishment request or the PDU session modification request sent by the terminal, wherein the PDU session establishment A request message or PDU session modification request, used to request the establishment or modification of the first PDU session;
    所述发送模块,还用于向所述第二网络侧设备发送第二请求消息,其中,所述第二请求消息用于请求建立或更新所述第一PDU会话的上下文,所述第二请求消息中携带有目标标识,所述目标标识用于指示为所述终端提供服务的所述第一网络侧设备。The sending module is also configured to send a second request message to the second network side device, wherein the second request message is used to request to establish or update the context of the first PDU session, and the second request The message carries a target identifier, and the target identifier is used to indicate the first network side device that provides services for the terminal.
  33. 根据权利要求31所述的装置,其中,The device of claim 31, wherein:
    所述接收模块,还用于接收所述第二网络侧设备发送的第三请求消息,其中,所述第三请求消息中携带有所述终端的标识,所述第三请求用于获取所述终端的上下文信息;The receiving module is also configured to receive a third request message sent by the second network side device, wherein the third request message carries the identification of the terminal, and the third request is used to obtain the Terminal context information;
    所述发送模块,还用于向所述第二网络侧设备发送所述终端的上下文信息,其中,所述上下文信息中包括所述第一网络侧设备的标识。The sending module is further configured to send context information of the terminal to the second network side device, where the context information includes an identifier of the first network side device.
  34. 根据权利要求31所述的装置,其中,The device of claim 31, wherein:
    所述接收模块,还用于接收所述第二网络侧设备发送的第四请求消息,其中,所述第四请求消息用于请求获取向所述终端发送URSP规则的第一网络侧设备的标识,所述第四请求消息中携带有所述终端的标识;The receiving module is also configured to receive a fourth request message sent by the second network side device, wherein the fourth request message is used to request to obtain the identity of the first network side device that sends the URSP rule to the terminal. , the fourth request message carries the identification of the terminal;
    所述发送模块,还用于将与所述终端的标识对应的所述第一网络侧设备的标识发送给所述第二网络侧设备。 The sending module is further configured to send the identity of the first network side device corresponding to the identity of the terminal to the second network side device.
  35. 一种网络侧设备,包括处理器和存储器,所述存储器存储可在所述处理器上运行的程序或指令,所述程序或指令被所述处理器执行时实现如权利要求1至21任一项所述的URSP规则的验证方法的步骤。A network side device, including a processor and a memory. The memory stores programs or instructions that can be run on the processor. When the program or instructions are executed by the processor, any one of claims 1 to 21 is implemented. Steps for the verification method of URSP rules as described in the item.
  36. 一种可读存储介质,所述可读存储介质上存储程序或指令,所述程序或指令被处理器执行时实现如权利要求1至21任一项所述的URSP规则的验证方法的步骤。 A readable storage medium on which a program or instructions are stored. When the program or instructions are executed by a processor, the steps of the URSP rule verification method according to any one of claims 1 to 21 are implemented.
PCT/CN2023/092335 2022-05-06 2023-05-05 Ursp rule verification method and apparatus, and network side device WO2023213309A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210487743.0A CN117062248A (en) 2022-05-06 2022-05-06 URSP rule verification method and device and network equipment
CN202210487743.0 2022-05-06

Publications (1)

Publication Number Publication Date
WO2023213309A1 true WO2023213309A1 (en) 2023-11-09

Family

ID=88646308

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/092335 WO2023213309A1 (en) 2022-05-06 2023-05-05 Ursp rule verification method and apparatus, and network side device

Country Status (2)

Country Link
CN (1) CN117062248A (en)
WO (1) WO2023213309A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111601353A (en) * 2020-05-08 2020-08-28 北京紫光展锐通信技术有限公司 Routing method of application program and related device
WO2021022460A1 (en) * 2019-08-05 2021-02-11 Oppo广东移动通信有限公司 Session verification method, electronic device, and storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021022460A1 (en) * 2019-08-05 2021-02-11 Oppo广东移动通信有限公司 Session verification method, electronic device, and storage medium
CN111601353A (en) * 2020-05-08 2020-08-28 北京紫光展锐通信技术有限公司 Routing method of application program and related device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
HUAWEI, HISILICON: "Clarifications for eNPN related description", 3GPP DRAFT; S2-2202684, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG2, no. e-meeting; 20220406 - 20220412, 29 March 2022 (2022-03-29), Mobile Competence Centre ; 650, route des Lucioles ; F-06921 Sophia-Antipolis Cedex ; France, XP052133519 *

Also Published As

Publication number Publication date
CN117062248A (en) 2023-11-14

Similar Documents

Publication Publication Date Title
CN114145054B (en) System and method for supporting traffic steering through service function chains
US11612013B2 (en) Data transmission method, device, and system
CN108432185B (en) Application class based network slice selection in a wireless communication system
US20200413241A1 (en) Method for terminal setting update in wireless communication system and apparatus therefor
EP3703399A1 (en) Method for supporting and providing ladn service in wireless communication system and apparatus therefor
CN109548175B (en) Session processing method and device
US20210385284A1 (en) Session establishment method and apparatus
EP4040813B1 (en) Communication method, device and apparatus
KR102313165B1 (en) Data transmission method, device and system
EP3979757A1 (en) Multicast communication method, device, and system
US20200296181A1 (en) Data transmission method, apparatus and system
EP4117299A1 (en) Communication method and device for multicast/broadcast service
EP4277208A1 (en) Service identifier allocation method in computing aware network and communication apparatus
CN113038590B (en) Time synchronization method, electronic device, and storage medium
KR102282532B1 (en) Link reset method, device, and system
WO2023213309A1 (en) Ursp rule verification method and apparatus, and network side device
WO2023213282A1 (en) Ursp rule verification method and apparatus, and network side device
WO2024061205A1 (en) Parameter acquisition method and apparatus, first network function, and second network function
WO2024045970A1 (en) Route selection policy execution result processing methods, apparatus and device
WO2023179709A1 (en) Information processing method and apparatus, communication device, and readable storage medium
WO2024027578A1 (en) Traffic routing method and apparatus, and device
WO2023185810A1 (en) Ue route selection policy (ursp) determination method, user equipment, and network-side device
WO2023208040A1 (en) Method and apparatus for eps pdn connection context information update
WO2023056954A1 (en) Domain name system (dns) query method and apparatus, and network side device
WO2023016400A1 (en) Method and apparatus for session restoration

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23799295

Country of ref document: EP

Kind code of ref document: A1