Search

EP-3930283-B1 - COMMUNICATION METHOD, APPARATUS AND SYSTEM

EP3930283B1EP 3930283 B1EP3930283 B1EP 3930283B1EP-3930283-B1

Inventors

  • PENG, Shuping
  • CHEN, GUOYI
  • NIU, CHENGGUANG
  • YU, ZHOUYI

Dates

Publication Date
20260506
Application Date
20200318

Claims (19)

  1. A communication method, wherein the method comprises: receiving, by a broadband network gateway, BNG (2), a dial-up packet sent by a fixed network device (1); generating, by the BNG (2), first authentication information of the fixed network device (1) based on the dial-up packet, wherein the first authentication information comprises an identifier of the fixed network device (1); and sending, by the BNG (2), an access request message to a fixed mobile interworking function, FMIF (3), wherein the access request message carries the first authentication information, the access request message is used by the FMIF (3) to request a core network device (4) to perform authentication on the fixed network device (1) based on the first authentication information, and a communications network to which the core network device (4) belongs is a 5G core, 5GC, or a later 3GPP core-network release
  2. The method according to claim 1, wherein the access request message is a remote authentication dial-in user service Radius protocol access request message or a Diameter protocol access request message.
  3. The method according to claim 1 or 2, wherein after the sending, by the BNG (2), an access request message to a fixed mobile interworking function FMIF (3), the method further comprises: receiving, by the BNG (2), an address of the fixed network device (1) that is sent by the core network device (4) through the FMIF (3), wherein the address of the fixed network device (1) is assigned by the core network device after the core network device (4) receives a session establishment request message carrying the identifier of the fixed network device (1), and the session establishment request message is sent by the FMIF (3) after the authentication performed by the core network device (4) on the fixed network device (1) succeeds; and establishing, by the BNG (2) based on the address of the fixed network device (1) and an address of the FMIF (3), a data plane connection that is between the BNG (2) and the FMIF (3) and that corresponds to the fixed network device (1).
  4. A communication method, wherein the method comprises: receiving, by a fixed mobile interworking function, FMIF (3), an access request message sent by a broadband network gateway BNG (2), wherein the access request message comprises first authentication information of a fixed network device (1), the first authentication information is generated by the BNG (2) based on a dial-up packet sent by the fixed network device (1), and the first authentication information comprises an identifier of the fixed network device (1); encapsulating, by the FMIF (3), the first authentication information in a message format supported by a control plane interface, to obtain second authentication information, wherein the control plane interface is an interface that is in the FMIF (3) and that is used to communicate with a core network device (4), and a communications network to which the core network device (4) belongs is a 5G core, 5GC, or a later 3GPP core-network release; and sending, by the FMIF (3), a session establishment request message carrying the second authentication information to the core network device (4) through the control plane interface, wherein the second authentication information is used by the core network device (4) to perform authentication on the fixed network device (1).
  5. The method according to claim 4, wherein the control plane interface comprises an N1 interface or an N2 interface, and the second authentication information is a subscription concealed identifier SUCI, a subscription permanent identifier SUPI, or a 5G globally unique temporary identity 5G-GUTI.
  6. The method according to claim 4 or 5, wherein the method further comprises: receiving, by the FMIF (3), an acknowledgment message sent by the core network device (4) after the authentication succeeds; sending, by the FMIF (3), a session establishment request message to the core network device (4), wherein the session establishment request message carries the identifier of the fixed network device (1), the session establishment request message is used by the core network device (4) to allocate session information, the session information comprises an address of the fixed network device (1), a tunnel endpoint identifier TEID of a tunnel on the side of the core network device (4), and a tunnel parameter of the tunnel, and the tunnel is a tunnel that is between the FMIF (3) and the core network device (4) and that corresponds to the fixed network device (1); receiving, by the FMIF (3), the session information sent by the core network device (4); and establishing, by the FMIF (3) based on the session information, a data plane connection that is between the FMIF (3) and the BNG (2) and that corresponds to the fixed network device (1), and establishing the tunnel based on the session information.
  7. The method according to claim 6, wherein the establishing, by the FMIF (3) based on the session information, a data plane connection that is between the FMIF (3) and the BNG (2) and that corresponds to the fixed network device (1), and establishing the tunnel based on the session information comprises: sending, by the FMIF (3), the address of the fixed network device (1) to the BNG (2), and storing a correspondence between the address of the fixed network device (1) and an address of the BNG (2) into a first relationship table, wherein the first relationship table is used by the FMIF (3) to transmit a downlink service packet of the fixed network device (1); and storing, by the FMIF (3), a correspondence between the address of the fixed network device (1), a TEID of the tunnel on the side of the FMIF (3), and the TEID of the tunnel on the side of the core network device (4) into a second relationship table, wherein the second relationship table is used by the FMIF (3) to send an uplink service packet of the fixed network device (1).
  8. The method according to claim 6 or 7, wherein the session information further comprises the TEID of the tunnel on the side of the FMIF (3).
  9. The method according to claim 7, wherein before the storing, by the FMIF (3), a correspondence between the address of the fixed network device (1), a TEID of the tunnel on the side of the FMIF (3), and the TEID of the tunnel on the side of the core network device (4) into a second relationship table, the method further comprises: allocating, by the FMIF (3), the TEID of the tunnel on the side of the FMIF (3), and sending the TEID of the tunnel on the side of the FMIF (3) to the core network device (4), wherein the TEID of the tunnel on the side of the FMIF (3) is stored by the core network device (4) into a correspondence table, the correspondence table comprises the correspondence between the address of the fixed network device (1), the TEID of the tunnel on the side of the FMIF (3), and the TEID of the tunnel on the side of the core network device (4), and the correspondence table is used by the core network device (4) to transmit the downlink service packet of the fixed network device (1).
  10. The method according to any one of claims 6 to 9, wherein the sending, by the FMIF (3), a session establishment request message to the core network device (4) comprises: sending, by the FMIF (3), the session establishment request message to the core network device (4) through the control plane interface, wherein the control plane interface comprises the N1 interface or the N2 interface.
  11. A communication method, wherein the method comprises: receiving a session establishment request message carrying second authentication information, by a core network device, from a fixed mobile interworking function, FMIF (3), wherein the session establishment request message comprises an identifier of a fixed network device (1), and a communications network to which the core network device (4) belongs is a 5G core, 5GC, or a later 3GPP core-network release; allocating, by the core network device (4), session information to the fixed network device (1) based on the identifier of the fixed network device (1), wherein the session information comprises an address of the fixed network device (1), a tunnel endpoint identifier, TEID, of a tunnel on the side of the core network device (4), and a tunnel parameter of the tunnel, and the tunnel is a tunnel that is between the FMIF (3) and the core network device (4) and that corresponds to the fixed network device (1); and sending, by the core network device (4), the session information to the FMIF (3), wherein the session information is used by the FMIF (3) to establish a data plane connection between the fixed network device (1) and the core network device (4).
  12. The method according to claim 11, wherein before the receiving, by a core network device (4), a session establishment request message from a fixed mobile interworking function FMIF (3), the method further comprises: receiving, by the core network device (4), second authentication information sent by the FMIF (3), wherein the second authentication information is obtained by the FMIF (3) by encapsulating first authentication information in a message format supported by a control plane interface, the control plane interface is an interface that is in the FMIF (3) and that is used to communicate with the core network device (4), and the first authentication information comprises the identifier of the fixed network device (1); and performing, by the core network device (4), authentication on the fixed network device (1) based on the second authentication information.
  13. The method according to claim 11 or 12, wherein the session information further comprises a TEID of the tunnel on the side of the FMIF (3).
  14. The method according to claim 11 or 12, wherein the method further comprises: receiving, by the core network device (4), a TEID of the tunnel on the side of the FMIF (3) that is sent by the FMIF (3), wherein the TEID of the tunnel on the side of the FMIF (3) is sent by using the session establishment request message, or is sent after the FMIF (3) receives the session information.
  15. The method according to any one of claims 11 to 14, wherein after the sending, by the core network device (4), the session information to the FMIF (3), the method further comprises: storing, by the core network device (4), a correspondence between the address of the fixed network device (1), the TEID of the tunnel on the side of the FMIF (3), and the TEID of the tunnel on the side of the core network device (4) into a correspondence table, wherein the correspondence table is used by the core network device (4) to transmit a downlink service packet of the fixed network device (1).
  16. A communications system, comprising: a fixed mobile interworking function FMIF (3) and a core network device (4), wherein a communications network to which the core network device (4) belongs is a 5G core (5GC) or a later 3GPP core-network release; the FMIF (3) is configured to: receive an access request message, wherein the access request message comprises first authentication information of a fixed network device (1), and the first authentication information comprises an identifier of the fixed network device (1); encapsulate the first authentication information in a message format supported by a control plane interface, to obtain second authentication information; and send the second authentication information to the core network device (4), wherein the control plane interface is an interface that is in the FMIF (3) and that is used to communicate with the core network device (4); and the core network device (4) is configured to perform authentication on the fixed network device (1) based on the second authentication information.
  17. A communications apparatus (1200), wherein the apparatus comprises: a processor (1201) and a memory (1202), wherein the memory (1202) is configured to store a computer program, and the computer program is loaded and executed by the processor (1201) to implement instructions of the method according to any one of claims 1 to 3.
  18. A communications apparatus (1300), wherein the apparatus comprises: a processor (1301) and a memory (1302), wherein the memory (1302) is configured to store a computer program, and the computer program is loaded and executed by the processor (1301) to implement instructions of the method according to any one of claims 4 to 10.
  19. A communications apparatus (1400), wherein the apparatus comprises: a processor (1401) and a memory (1402), wherein the memory (1402) is configured to store a computer program, and the computer program is loaded and executed by the processor (1401) to implement instructions of the method according to any one of claims 11 to 15.

Description

TECHNICAL FIELD This application relates to the communications field, and in particular, to a communication method, a communications apparatus, and a communications system. BACKGROUND Communications networks are classified into a mobile network and a fixed network. A mobile subscriber is allowed to access the mobile network and can send or receive data in the mobile network. A fixed-network subscriber is allowed to access the fixed network and can send or receive data in the fixed network. In a 4G communications network, a fixed-network subscriber is allowed to access a mobile network, to facilitate management of mobile subscribers and fixed-network subscribers. When the fixed-network subscriber is to access the mobile network, authentication needs to be performed on the fixed-network subscriber in a core network of the mobile network, and the fixed-network subscriber can send or receive data in the mobile network only after the authentication succeeds. However, in a communications network that emerges after the 4G communications network, authentication cannot be performed on a fixed-network subscriber in a core network. For example, in a 5G communications network that emerges after the 4G communications network, authentication cannot be performed on a fixed-network subscriber in a 5G core network. WO 2019/047197 A1 describes implementing an interworking function. FXIWF, between a fixed access network and a mobile operator network and more particularly a 56 core network of a mobile operator. The fixed access network is viewed as an additional access network supported by the 5G core network. When the end device connected to a fixed access network signals (broadcast of EAPoL-start or TLS Client-Hello) that it wants to connect to the 5G core network, the network entity 140 instructs the end device to authenticate and register with the 5G core network. CN 101 404 798 A describes a method for a soft terminal accessed in a mobile core network to obtain business service by a fixed network. The method comprises the steps as follows: the soft terminal is arranged on a user access terminal; authentication information of a user is obtained; the soft terminal launches registration and completes authentication; voice and data service provided by the mobile core network is used; the soft terminal arranged on PC, PDA, television, WiFi cell phone or other hardware platform realizes voice, data and short message of a mobile network in a convenient and fast mode by the fixed network access; simultaneously, the authentication mode in which the soft terminal is accessed in the mobile core network obeys the current mobile network; the fixed broadband access advantage, and the authentication, charging and management control advantage of the mobile core network are combined to realize highspeed broadband teleservice of a user and internet service. SUMMARY To perform authentication on a fixed network device in a 5G core network or a core network later than a 5G core network, embodiments of this application provide a communication method and a communications apparatus. The technical solutions are as follows. According to a first aspect, this application provides a communication method. In the method, a broadband network gateway BNG receives a dial-up packet sent by a fixed network device, and generates first authentication information of the fixed network device based on the dial-up packet, where the first authentication information includes an identifier of the fixed network device. The BNG sends an access request message to a fixed mobile interworking function FMIF, where the access request message carries the first authentication information, and the access request message is used by the FMIF to request a core network device to perform authentication on the fixed network device based on the first authentication information. A communications network to which the core network device belongs is a 5G communications network or a communications network later than a 5G communications network. The BNG sends the authentication information of the fixed network device to the core network device through the FMIF, so that the core network device can perform authentication on the fixed network device. In this way, authentication can be performed on the fixed network device in a 5G core network or a core network later than a 5G core network. In an optional implementation, the access request message is a remote authentication dial-in user service Radius protocol access request message or a Diameter protocol access request message. In this way, the BNG may send the authentication information of the fixed network device to the FMIF by using the Radius protocol access request message or the Diameter protocol access request message, so that the FMIF sends the authentication information of the fixed network device to a core network device in the 5G core network or the core network later than the 5G core network. In an optional implementation, the BN