FIG. 1 is a composition framework diagram of the existing 3rd Generation Partnership Project (3GPP) Evolved Packet System (EPS). The EPS network framework in a non-roaming scene as shown in FIG. 1 includes an Evolved Universal Terrestrial Radio Access Network (E-UTRAN), a Mobility Management Entity (MME), a Serving Gateway (S-GW), a Packet Data Network Gateway (P-GW, and also called PDN GW), a Home Subscriber Server (HSS), a Policy and Charging Rules Function (PCRF) Entity and other supporting nodes.
Wherein, the PCRF is the core of the policy and charging control (PCC), taking charge of formulating the policy decision and charging rules. The PCRF provides the network control rules based on the service data flow, and those network controls include detection, Gating Control and the Quality of Service (QoS) control of the service data flow, and the charging rules based on the data flow, etc. The PCRF sends the policy and the charging rules defined by itself to the policy and charging execution function (PCEF) to carry out, and meanwhile, the PCRF also needs to guarantee that these rules keep consistent with the user signing information. The regular basis for the PCRF formulating the policy and charging rules includes: obtaining the information correlated to the service from the AF; obtaining the user policy and charging control signing information from the Subscription Profile Repository (SPR); and obtaining the information of the network related to bearing from the PCEF.
The EPS supports the intercommunication with the non-3GPP system, and the intercommunication between the EPS and the non-3GPP system is realized through the S2a/b/c interface, and the P-GW is the anchor point between the EPS and the non-3GPP system. As shown in FIG. 1, wherein, the non-3GPP system is divided into a trusted non-3GPP IP access and an untrusted 3GPP IP access. The trusted non-3GPP IP access can be connected to the P-GW through the S2a interface directly; the untrusted non-3GPP IP needs to be connected to the P-GW through the Evolved Packet Data Gateway (ePDG); the interface between the ePDG and the P-GW is an S2b interface, and the signaling and the data are enciphered and protected by adopting the Internet protocol security (IPSec) between the UE and the ePDG. The S2c interface provides the user plane related control and the mobility support between the User Equipment (UE) and the P-GW, and the mobility management protocol supported by itself is the Mobile IPv6 support for dual stack Hosts and Routers (DSMIPv6).
At present, a lot of operators pay close attention to the Fixed Mobile Convergence (FMC), and carry on research of the interconnection and interflow of the 3GPP and broadband forum (BBF). In the scene that the user gets access to the mobile core network through the fixed broadband access network, the QoS on the whole transmission path of the data (the data will be transmitted through the fixed network and the mobile network) needs to be guaranteed. In the current technology, the QoS guarantee is realized through the interaction between the PCRF and the Broadband Policy Control Framework (BPCF) of the fixed broadband access network. The BPCF is the policy control framework of the fixed broadband access network. For the resource request message of the PCRF, the BPCF performs the resource admission control or forwards the resource request messages to other network elements of the fixed broadband access network (such as, IP Edge) according to the network policy and signing information, etc. of the fixed broadband access network, and then other network elements performs the resource admission control (that is, other network elements are entrusted to perform the resource admission control). For example, when the UE gets access to the 3GPP core network through the Wireless Local Area Network (WLAN), in order to guarantee that the overall bandwidth requirement of visiting services of all UEs which access through one WLAN access line does not exceed the bandwidth of that line (such as, the signing bandwidth or the maximum bandwidth supported by that line). The PCRF needs to interact with the BPCF when performing the QoS authorization, so that the fixed broadband access network carries out the resource admission control.
FIG. 2a is a framework diagram of the UE accessing the 3GPP core network by adopting the DSMIPv6 protocol through the fixed broadband access network in the scene of the policy intercommunication between the 3GPP network and the fixed broadband access network in the related technology, wherein, the fixed broadband access network is a trusted non-3GPP access network, and there is a network address translation (abbreviated as NAT) between the UE and the P-GW, and usually that NAT lies in the Residential Gateway (RG). The IP Edge can be a BNG or a BRAS. The PCRF interacts with the IP Edge through the BPCF. FIG. 2b is a framework diagram of the UE accessing the 3GPP core network by adopting the DSMIPv6 protocol through the fixed broadband access network in the scene of the policy convergence between the 3GPP network and the fixed broadband access network in the related technology, wherein, the fixed broadband access network is a trusted non-3GPP access network, and there is an NAT between the UE and the P-GW, and usually this NAT lies in the RG. The IP Edge can be a BNG or a BRAS. The PCRF interacts with the IP Edge directly.
FIG. 3 is an adherence procedure of the UE accessing the 3GPP core network by adopting the DSMIPv6 protocol through the fixed broadband access network in the scene of the policy intercommunication, wherein, the fixed broadband access network is the trusted non-3GPP access network.
In step 301, the UE may carry out the access authentication procedure which is based on the 3GPP and participated by the fixed broadband access network;
in step 302, the UE obtains the local IP address from the fixed broadband access network as the care of address (CoA) of the UE;
in step 303, triggered by step 301 and step 302, the BPCF acquires that the UE is accessing the fixed broadband access network;
in step 304, after receiving the triggering, the BPCF initiates a gateway control session establishment procedure to the PCRF to establish the gateway control session, and the BPCF includes the user identification and the IP connection access network (IP-CAN) type in the message;
steps 301˜304 are optional steps and are performed when the UE performs the access authentication procedure which is based on the 3GPP and participated by the fixed broadband access network;
in step 305, the UE carries out the Bootstrapping procedure; the UE finds the P-GW, and in order to protect the DSMIPv6 message between the UE and the P-GW, the UE uses the IKEv2 to establishes the security association, and adopts the extendible identity authentication protocol (EAP) for authentication; the P-GW performs the communication with the Authentication, Authorization and Accounting server (AAA Server) (the AAA Server further interacts with the HSS) to finish the EAP authentication, and the P-GW distributes an IPv6 address prefix for the UE at the same time, and the UE constructs an IPv6 address as the home address (HoA) of the UE according to that prefix;
when the UE uses the IKEv2 to establish the security association with the P-GW, the source address for the UE sending the IKEv2 signaling is the IP Address1 (that is, the local IP address obtained in step 302), and the source UDP port number is Port1 (usually, the value is 500). There is an NAT between the UE and the P-GW, so the source address and source UDP port number of the IKEv2 signaling received by the P-GW are already changed. The source address of the IKEv2 signaling received by the P-GW is IP Address2, and the source UDP port number is Port2. In order to describe easily, the source address of the UE obtained by the P-GW is also called the local IP address of the UE. Because there is the NAT, then the local IP address and the source UDP port number of the UE of the IKEv2 signaling receive by the P-GW (also called the IPSec source UDP port number) can be used for identifying the data of the UE by the fixed broadband access network.
In step 306, the UE sends the DSMIPv6 binding update message to the P-GW, carrying the HoA and the CoA;
in step 307, the P-GW sends an IP-CAN session establishment indication message to the PCRF to establish a Gx session, and the message carries the user identification, the HoA, the UE local IP address (that is, CoA, and the CoA is a source address of the UE received by the P-GW on which the NAT is performed) and the IPSec source UDP port number (that is, Port2);
in step 308, if steps 301˜304 are carried out, the PCRF correlates the gateway control session established in step 304 with the Gx session established in step 307 according to the UE local IP address (that is, the CoA) or the user identification; the PCRF formulates the PCC rules and the QoS rules; and the PCRF returns confirmation message to the PCEF, the message carries the PCC rules;
in step 309, the P-GW returns the binding confirmation message to the UE;
in step 310, if steps 301˜304 are not performed, then the PCRF determines the entry point of the BPCF of the fixed broadband access network accessed by the UE at present according to the UE local IP address (that is, the CoA), and initiates the gateway control session establishment procedure initiated by the PCRF to establish the gateway control session, and the message carries the UE local IP address and the IPSec source UDP port number.
However, there are the following problems in the related art: (1). Whether IPSec capsulation needs to be performed on the user plane data of the DSMIPv6 is optional, therefore when there is an NAT between the UE and the P-GW, for the user plane data on which the IPSec capsulation is performed or is not performed, the source UDP port numbers of the user plane data are different after NAT traversing is performed; in the related art, only the UDP port number after the IKEv2 traversing is performed, (that is, the IPSec source UDP port number), is notified to the fixed broadband access network, and that the fixed broadband access network totally identifies the user plane data of the UE can not be realized; (2). After the above-mentioned procedures step 301˜step 304 are performed, the PCRF does not provide any source UDP port number for the fixed broadband access network, which makes the fixed broadband access network be unable to identify the data of the UE after step 301˜step 304 are performed.
Likewise, the above-mentioned problems exist in the policy convergence scene as well.