An international roaming dual-domain private network access method based on visit location distribution

By enhancing information transmission and policy offloading between the user equipment's home and access networks, and utilizing the offloading technology of the ULCL standard, the problems of large-scale transformation of dual-domain private network services and user access restrictions in existing technologies have been solved. This enables dual-domain private network service access under international roaming, improves user experience, and reduces network transformation costs.

CN122395578APending Publication Date: 2026-07-14CHINA MOBILE HONG KONG CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
CHINA MOBILE HONG KONG CO LTD
Filing Date
2025-01-14
Publication Date
2026-07-14

AI Technical Summary

Technical Problem

Existing technologies require extensive modifications to the core network of mobile communication networks when implementing dual-domain private network services. This is especially true when user devices roam to different operators' networks, particularly overseas operators' networks. In such cases, user devices' access to dual-domain private network services is restricted, and it is difficult for operators to reach an agreement, resulting in a poor user experience.

Method used

By enhancing information transmission and policy offloading between the user equipment's home network and access network, utilizing the offloading technology of the ULCL standard, inserting ULCL functionality into the UPF of the access network, selecting an appropriate UPF based on the user equipment's location information, and providing a dual-domain private network service offloading strategy, user equipment can access the Internet and the enterprise intranet in international roaming scenarios.

Benefits of technology

Without changing the user's general DNN subscription, it reduces the amount of core network modification required, is suitable for flat network architecture, enables user equipment to access dual-domain private network services in international roaming scenarios, reduces Internet access latency, and improves user experience.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122395578A_ABST
    Figure CN122395578A_ABST
Patent Text Reader

Abstract

A method performed in a core network of a mobile communication network providing services for a user equipment as a visited network of a roaming user equipment is disclosed. The method comprises: in response to receiving a registration request from the user equipment, obtaining a configuration profile of the user equipment from a home network of the user equipment, and marking the user equipment as being associated with a roaming dual private network user based on a dual private network user flag field included in the configuration profile; in response to receiving a session establishment request initiated based on a generic DNN from the user equipment, obtaining a dual private network traffic steering policy of the user equipment from the home network, wherein the dual private network traffic steering policy comprises a private network traffic characteristic indicating a private network to be accessed by the user equipment via the home network and an identifier of a home UPF associated with the private network in the home network; based on the dual private network traffic steering policy, inserting a ULCL function into an access UPF selected based on location information of the user equipment in the visited network, and providing the dual private network traffic steering policy to the access UPF; and in response to receiving an access traffic from the user equipment, steering the access traffic associated with the private network from the access UPF to the home UPF according to the traffic characteristic of the access traffic and based on the dual private network traffic steering policy.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to mobile communication networks, and more specifically to methods, apparatus and / or systems for providing dual-domain private network access to roaming users based on visited / accessed location routing. Background Technology

[0002] Dual-domain private network services have been developed by some mobile network operators as a flagship product for various industries. This service allows industry clients to access the internet and their industry's private network or intranet using the same terminal without changing their SIM card or phone number. Typical scenarios include university faculty and students accessing the internet via their mobile phones while simultaneously connecting to the campus network for online learning and digital library access; similarly, corporate employees can access the internet via their mobile phones and remotely work on their company's intranet while traveling. Dual-domain private network services can be widely applied in education, law enforcement, government affairs, and cultural tourism industries.

[0003] Currently, most operators primarily employ DNN (Data Network Name)-based technical solutions to implement dual-domain private network services. One common approach is the dedicated DNN solution, which establishes a dedicated DNN session for users on the network side, selects a specific UPF (User Plane Function), configures traffic offloading rules for the traffic carried by the dedicated session, and enables user traffic offloading. Users can then switch between these offloading methods based on their access needs. Another common approach involves general / dedicated DNN + ULCL (Uplink Classifier) ​​traffic offloading technology. When a user device moves to a specific area, the network inserts an ULCLUPF for traffic offloading, allowing the user device to simultaneously access both the internal and public networks.

[0004] Currently, the technical solutions used by various operators to implement dual-domain private network services have some problems. For example, they require a lot of modifications to some network elements in the core network of the mobile communication network, and when user equipment roams from its home network to the access networks of different operators, especially when roaming to the access networks of overseas operators, the user equipment's access to dual-domain private network services is restricted to varying degrees. Summary of the Invention

[0005] To solve or at least alleviate one or more of the above problems, this application provides the following technical solutions.

[0006] According to a first aspect of this application, a method is provided to be performed in the core network of a mobile communication network that serves as an access network for roaming user equipment. The method includes: in response to receiving a registration request from the user equipment, obtaining a configuration profile of the user equipment from the user equipment's home network, and marking the user equipment as associated with a roaming dual-domain private network user based on a dual-domain private network user identification field included in the configuration profile; in response to receiving a session establishment request initiated by the user equipment based on a generic DNN, obtaining a dual-domain private network service offloading policy of the user equipment from the home network, wherein the dual-domain private network service offloading policy includes: private network service traffic characteristics indicating that the user equipment should access the private network via the home network and an identifier of a home UPF associated with the private network in the home network; based on the dual-domain private network service offloading policy, inserting a ULCL function into an access UPF selected based on the user equipment's location information in the access network, and providing the dual-domain private network service offloading policy to the access UPF; and in response to receiving an access service from the user equipment, offloading the access service associated with the private network from the access UPF to the home UPF according to the service traffic characteristics of the access service and based on the dual-domain private network service offloading policy.

[0007] According to a second aspect of this application, a method is provided for execution in the core network of a mobile communication network, the mobile communication network serving as the home network of a user equipment (UE). The method includes: in response to receiving a first signaling message from an access network to which the UE is roaming, providing the access network with a configuration profile of the UE, wherein the first signaling message includes the home AUSF (Authentication Server Function) / home UDM (Unified Data Function) of the home network. The discovery conditions of Management (Unified Data Management), and wherein the configuration profile includes a dual-domain private network user tagging field, enabling the access network to tag the user equipment as associated with a roaming dual-domain private network user; in response to receiving a second signaling message from the access network, providing the access network with a dual-domain private network service offloading policy for the user equipment, wherein the second signaling message includes at least the user equipment's general DNN, and wherein the dual-domain private network service offloading policy includes; private network service traffic characteristics indicating that the user equipment should access the private network via the home network and the identifier of the home UPF associated with the private network in the home network; providing the home UPF with a corresponding private network offloading policy for the home network; and in response to receiving private network access services from the user equipment that are offloaded from the access UPF of the access network to the home UPF, causing the private network access services to be outsourced from the home UPF to the private network.

[0008] According to a third aspect of this application, a network node is provided in a mobile communication network that serves as an access network for roaming user equipment. The network node includes: a processor; and a memory storing computer-executable instructions, which, when executed by the processor, configure the network node to perform various operations of methods and / or processes according to this application.

[0009] According to a fourth aspect of this application, a network node is provided in a mobile communication network that serves as a home network for roaming user equipment. The network node includes: a processor; and a memory storing computer-executable instructions, which, when executed by the processor, configure the network node to perform various operations of methods and / or processes according to this application.

[0010] According to a fifth aspect of this application, a device is provided in a network node of a mobile communication network that serves as an access network for user equipment. The device includes one or more components for performing methods and / or processes according to this application.

[0011] According to a sixth aspect of this application, a device is provided in a network node of a mobile communication network, which serves as the home network of a user equipment to provide services to the user equipment. The device includes one or more components for performing methods and / or processes according to this application.

[0012] According to a seventh aspect of this application, a computer-readable storage medium is provided that stores computer-executable instructions, which, when executed by a processor, perform methods and / or processes according to this application.

[0013] According to an eighth aspect of this application, a computer program product storing computer-executable instructions is provided, which, when executed by a processor, perform methods and / or processes according to this application.

[0014] By adopting a traffic offloading technology based on the ULCL standard, this application can avoid the difficulty of operators reaching an agreement on dedicated DNNs without changing the user's general DNN subscription. The overall solution requires less modification to core network elements, and the requirements for visited network elements are easy to implement. It is suitable for operator network architectures with relatively simple and flat network organization. Attached Figure Description

[0015] The above and / or other aspects and advantages of this application will become clearer and more readily understood through the following description of various aspects in conjunction with the accompanying drawings, in which the same or similar elements are denoted by the same reference numerals. In the drawings:

[0016] Figure 1 This demonstrates a typical dedicated DNN+ULCL offloading and roaming scheme for implementing dual-domain private network services;

[0017] Figure 2 This demonstrates a typical dedicated DNN+ULCL offloading international roaming solution for implementing dual-domain private network services in international roaming scenarios;

[0018] Figure 3 This illustrates a dual-domain private network international roaming scenario according to an embodiment of this application;

[0019] Figure 4 A flowchart is shown illustrating a method for implementing dual-domain private network services for a user equipment on the access network side according to an embodiment of this application;

[0020] Figure 5 A flowchart is shown illustrating a method for implementing dual-domain private network services for a user equipment on the home network side according to an embodiment of this application;

[0021] Figure 6A schematic diagram of the structure of a network node according to an embodiment of this application is shown; and

[0022] Figure 7 A schematic diagram of the structure of a network node according to another embodiment of this application is shown. Detailed Implementation

[0023] The following detailed description is merely exemplary in nature and is not intended to limit the disclosed technology or its application and use. Furthermore, it is not intended to be bound by any express or implied theory presented in the foregoing technical fields, background art, or the following detailed description.

[0024] In the following detailed description of preferred embodiments, numerous specific details are set forth in order to provide a more thorough understanding of the disclosed technology. However, it will be apparent to those skilled in the art that the disclosed technology can be practiced without these specific details. In other examples, well-known features have not been described in detail to avoid unnecessarily complicating the description.

[0025] Terms such as "comprising" and "including" indicate that, in addition to the units and steps directly and explicitly stated in the specification, the technical solution of this application does not exclude the presence of other units and steps not directly or explicitly stated. Furthermore, unless otherwise expressly stated, the terms "first," "second," "third," etc., are intended to distinguish the specific nouns they modify (e.g., elements, regions, modules, activities, operations, etc.), but are not intended to indicate any type of order, rank, importance, temporal sequence, or hierarchy of the modified nouns. For example, "first x" and "second x" are intended to represent two independent x elements that are not necessarily limited by any order, rank, importance, temporal sequence, or hierarchy of these two elements.

[0026] In the following description, various aspects of this application will be described in detail with reference to the accompanying drawings.

[0027] Currently, dual-domain private network services are gradually being accepted by more and more industry customers and are beginning to be widely used in education, police, government affairs, culture and tourism, and other industries. In order to solve the needs of industry customers such as university teachers and students or corporate office workers to access their internal networks and the Internet when roaming across provinces and around the world, a dedicated DNN+ULCL traffic offloading roaming solution is proposed. Figure 1 This paper demonstrates a typical dedicated DNN+ULCL offloading and roaming scheme for implementing dual-domain private network services.

[0028] like Figure 1 As shown, this typical dedicated DNN+ULCL traffic offloading and roaming scheme may include the following business operations / actions / processes:

[0029] A0: Pre-configure the network for the customer group, sign up for a dedicated DNN for the customer on UDM and delete some outdated contracts, and sign up for a private network service offloading policy on PCF (Policy Control function).

[0030] A1: When a user initiates an initial session establishment request at the visited location, the request carries a general DNN by default. During the session establishment process, the DNN obtained from the UDM is a dedicated DNN. The network-side AMF (Access Management function) determines and modifies it to the dedicated DNN. Subsequent business processes will establish a dedicated DNN session for the user.

[0031] A2: The AMF / MME (Mobility Management Entity) selects the SMF / PGW-C (Packet Data Network Gateway Control Plane) based on the dedicated DNN, location information TAI (Tracking Area Identity), and slice information S-NSSAI (Supplemental Network Slicing Selection Information). After querying the NRF (Network Repository Function), it determines that the home SMF / PGW-C that supports the dedicated DNN is the anchor SMF / PGW-C. The AMF / MME selects the SMF / SGW-C (Serving Gateway Controller) as the intermediate node I-SMF (Intermediary-SMF) or SGW-C based on the location information TAI.

[0032] A3: SMF / SGW-C selects the visited UPF / PGW-U (Packet Data Network Gateway-User Plane) as an intermediate node I-UPF (Intermediary-UPF) or PGW-U to insert into the session;

[0033] A4: PCF will distribute the private network service offloading strategy to the anchor point SMF / PGW-C;

[0034] A5: The anchor point SMF / PGW-C determines that an ULCLUPF needs to be inserted, selects to co-configure ULCLU and the main anchor point UPF, performs signaling interaction, and distributes the private network service offloading policy to the UPF / PGW-U. Figure 12C UPF / PGW-U1 in;

[0035] A6: Anchor point SMF / PGW-C selects auxiliary anchor point UPF based on DNN, i.e. Figure 1 The private network UPF / PGW-U2 in the middle performs signaling interaction;

[0036] A7: The subsequent process is complete, and the user's dedicated DNN session has been established.

[0037] A8: When a UE (User Equipment) requests a service, the traffic is routed by ULCUPF according to the service traffic characteristics. The traffic path for accessing the Internet / Internet is UE <—> I-UPF / SGW-U <—> 2C UPF / PGW-U1 <—> Internet ( Figure 1 (Used as orange lines), while the traffic path to the private network / internal network is UE<—>I-UPF / SGW-U<—>2C UPF / PGW-U1<—>Private Network UPF / PGW-U2<—>Private Network DN ( Figure 1 (Used as purple lines).

[0038] Considering factors such as the rollout progress of 5G SA (5G Standalone) international roaming, current dual-domain private network services are primarily used within the local network area, such as the coverage area of ​​a single PLMN (Public Land Mobile Network), and international roaming scenarios have not yet been enabled. However, dual-domain private network enterprise users also have a need to access their home network's intranet in international roaming scenarios. For example, Hong Kong dual-domain private network users may still wish to access their industry intranet after traveling to mainland China or abroad.

[0039] Figure 2 This paper demonstrates a typical dedicated DNN+ULCL offloading international roaming scheme for implementing dual-domain private network services in international roaming scenarios. This roaming scheme can be extended from the existing inter-provincial dual-domain private network roaming scheme.

[0040] like Figure 2 As shown, a User Equipment (UE) can roam from its Home PLMN to its Visited PLMN. The roaming UE can interact with the core network of the Visited PLMN via the gNodeB of the Visited PLMN. Furthermore, some network elements in the HPLMN and VPLMN interact with each other through corresponding interfaces to enable dual-domain private network services for the UE roaming to the VPLMN. These interfaces between network elements are known in the art and will not be described further.

[0041] Figure 2The typical dedicated DNN+ULCL offloading international roaming solution shown includes the following business operations / actions / processes:

[0042] B0: Pre-configure the network for the customer group, subscribe to a dedicated DNN for the customer on UDM / HSS (Home Subscriber Server) and delete some outdated subscriptions, and subscribe to a private network service offloading policy for the customer on PCF / PCRF (Policy and Charging Rules Function).

[0043] B1: When a user roams to the visited location, their user equipment initiates a registration process with the VPLMN in the visited location. The VPLMN's vAMF (Visited-AMF) discovers that the user is an international roaming user and queries the home I-NRF (International-NRF) of the home location HPLMN through the VPLMN's access I-NRF (International-NRF).

[0044] B2: vAMF discovers the access SEPP (Security Edge Protection Proxy) of the visited VPLMN via signaling messages through the PLMN. This signaling message carries the FQDN information of the home I-NRF. The access SEPP discovers the home SEPP of the home HPLMN based on the PLMN information of the home I-NRF. The home SEPP then passes the discovery conditions of the home AUSF / UDM of the home HPLMN, such as the SUCI (Subscription Concealed Identifier) ​​and / or SUPI (Subscription Permanent Identifier) ​​of the home AUSF / UDM, to the home I-NRF for home AUSF / UDM discovery.

[0045] B3: After the Home I-NRF discovers the Home AUSF / UDM through the Home L-NRF (Low-NRF) of the Home HPLMN, it returns the discovery result to the vAMF of the Visited VPLMN through the Home SEPP, thereby completing the registration process of the roaming UE in the access network.

[0046] B4: The User Equipment (UE) initiates an initial session establishment request to the VPLMN. This request carries the UE's general DNN by default. During the session establishment process, the UE obtains the subscribed DNN from the UDM of the visited VPLMN as a dedicated DNN. The network-side vAMF modifies it to the subscribed dedicated DNN by judgment. The subsequent service process is to establish a dedicated DNN session for the UE.

[0047] B5: vAMF uses HPLMN, dedicated DNN, and slice information based on user equipment identifiers. S-NSSAI routes to the home I-NRF via the access I-NRF and access SEPP, and then routes to the home L-NRF to discover anchor points hSMF (homeSMF) that support dedicated DNNs; vAMF uses HPLMN, slice, and location information based on user equipment identifiers. TAI selects the visited SMF (visited SMF) via the L-NRF of the vPLMN.

[0048] B6: vSMF selects the UPF of the visited VPLMN as the intermediate node I-UPF;

[0049] B7: When hSMF receives a session establishment request from vSMF, it immediately triggers a request for a private network service offloading policy from hPCF (homePCF: home PCF) of the home HPLMN. Then, hPCF distributes the private network service offloading policy to the anchor hSMF.

[0050] B8: The anchor point hSMF determines that ULCLhUPF needs to be inserted, selects ULCL and the main anchor point hUPF to be set up together, performs signaling interaction, and sends the private network service diversion policy to hUPF;

[0051] B9: The anchor hSMF selects the secondary anchor hUPF for signaling interaction based on the IP address of the private network hUPF in the DNN and the traffic splitting strategy.

[0052] B10: The subsequent process is complete, and the user's dedicated DNN session has been established.

[0053] B11: When a user equipment requests access to a service from a VPLMN, the traffic is routed by ULCLhUPF according to the service traffic characteristics. Specifically, the traffic path for accessing the Internet is UE<—>vUPF / SGW-U<—>hUPF / PGW-U<—>Internet, while the traffic path for accessing the private network / internal network is UE<—>vUPF / SGW-U<—>hUPF / PGW-U<—>private network hUPF / PGW-U<—>internal network DN.

[0054] This application further recognizes that, considering the demand scenarios of international roaming solutions for dual-domain private networks, the basic business logic of current SA dual-domain private networks can also be met. However, there are some problems: (1) For the business home location, a lot of modifications are required to network equipment such as SMF and UPF. Especially for relatively simple and flat networks in regions like Hong Kong, the amount of engineering work and cost need to be carefully considered; (2) Overseas operators' AMFs cannot have configurations that prohibit dedicated DNN roaming access. They need to allow dedicated DNN access. It is generally difficult to reach an agreement with all operators. Furthermore, using dedicated DNNs to replace the original operator contracts to handle dual-domain private network services means that users only have dedicated DNN contracts, which brings certain conflicts or hidden dangers to the subsequent application of dedicated DNNs; and (3) Internet traffic needs to flow back to the home network's Internet exit before it can be exited. It is impossible to achieve local offloading of the visited Internet exit, which increases Internet access latency.

[0055] Therefore, this application addresses international roaming scenarios in dual-domain private networks by implementing a visitor / accessor traffic splitting approach. Through enhanced UDM subscription fields, improved information transmission between vAMF and the visited vSMF, visitor vSMF triggering the acquisition of PCC (Policy and Charging Control) policies, dynamic PCF policy distribution, and internet traffic offloading at the visited location, this solution enables users to still access the industry intranet while roaming internationally. For example, employees of Hong Kong companies can access the internet normally while traveling to mainland China or other countries, and simultaneously log into the company intranet for work. This technical solution is based on the ULCL standard's traffic splitting technology, without altering the user's general DNN subscription, avoiding the difficulty of reaching consensus among operators regarding dedicated DNNs. Designed around the distribution and activation of the visited location traffic splitting policy, the overall solution requires minimal modification, is easy to implement for visited network elements, and is suitable for relatively simple and flat operator network architectures.

[0056] Figure 3 An international roaming scenario for a dual-domain private network according to an embodiment of this application is illustrated. This roaming scenario can also be applied to roaming of user equipment (UE) across PLMNs, such as roaming from its home network HPLMN to the access network VPLMN of the destination.

[0057] like Figure 3 As shown, a User Equipment (UE) can roam from its home network (HPLMN) to its access network (VPLMN). The roaming UE can interact with the core network of the access network via the gNodeB of the access location. Furthermore, some network elements in the HPLMN and VPLMN interact with each other through corresponding interfaces to enable dual-domain private network services for the UE roaming to the VPLMN. These interfaces between network elements are known in the art and will not be described further.

[0058] Figure 3 The dual-domain private network international roaming scenario shown may include the following business operations / actions / processes:

[0059] S0: Pre-configure the network for the customer group, which means creating a configuration profile for the UE in the home network of the user equipment (UE), including but not limited to: subscribing to a general DNN on the home UDM / HSS instead of a dedicated DNN, adding a dual-domain private network subscription tag and a general (Internet) traffic visit location offload tag for users who have enabled dual-domain private networks, also known as a general service access location offload tag; and adding a private network service offloading policy subscription for international roaming scenarios on the home PCF / PCRF, so that the configuration profile created for the UE can include a dual-domain private network user tag field and a general service access location offload tag field;

[0060] S1: The user equipment (UE) leaves the coverage area of ​​the HPLMN and roams to the coverage area of ​​the VPLMN. It initiates a registration process with the VPLMN at the visited location. The vAMF discovers that the user associated with the UE is an international roaming user and queries the FQDN of the home I-NRF in the UE's home network through the access I-NRF of the VPLMN.

[0061] S2: vAMF discovers the access SEPP of the visited VPLMN via signaling messages through the PLMN. The signaling messages carry the FQDN information of the home I-NRF. The access SEPP discovers the home SEPP of the home HPLMN based on the PLMN information of the home I-NRF. The home SEPP then passes the discovery conditions of the home AUSF / UDM of the home HPLMN (e.g., the SUCI and SUPI of the home AUSF / UDM) to the home I-NRF for home AUSF / UDM discovery.

[0062] S3: After the Home I-NRF discovers the Home AUSF / UDM through the Home L-NRF of the Home location HPLMN, it returns the discovery result to the vAMF of the Visited VPLMN through the Home SEPP;

[0063] S4: vAMF completes the UE's registration process in accessing the network. During the process of obtaining hUDM subscription, if it finds that the UE's home UDM / HSS has subscribed to the dual-domain private network user mark and the allow general (Internet) traffic visitation offload mark field, then vAMF should locally mark the international roaming + dual-domain private network user so as to distinguish and process it in the subsequent session process.

[0064] Specifically, after obtaining the UE's configuration profile from the HPLMN, the vAMF can mark the UE as associated with a roaming dual-domain private network user based on the dual-domain private network user tag field included in the UE configuration profile. Furthermore, the vAMF can determine whether the UE is further associated with the access location offloading of general services access other than private network access services based on the general services access location offloading tag field included in the UE configuration profile. If so, the UE is further associated with the general services access location offloading tag field.

[0065] S5: The User Equipment (UE) initiates an initial session establishment request to the Access Network (VPLMN), which is based on the UE's generic DNN.

[0066] S6: vAMF discovers anchor points hSMF that support the general DNN based on user equipment identifier hPLMN, general DNN, and slice information S-NSSAI by accessing I-NRF and SEPP to home I-NRF, and then by accessing home L-NRF; vAMF selects the vSMF of the visited VPLMN based on user equipment identifier hPLMN, slice, and location information TAI by accessing L-NRF.

[0067] S7: The PDU session establishment request sent by vAMF to vSMF carries the visited location acquisition policy identifier and the general (Internet) traffic visited location offload flag. That is, by adding a field, it indicates that vSMF should acquire the PCC policy and allows general (Internet) traffic to be offloaded locally through the visited location. In contrast, in the corresponding process of the existing technology, the home SMF initiates the policy acquisition request to the home PCF. For international roaming users, if vAMF finds that they are dual-domain private network users (according to step S4), it should instruct vSMF to acquire the visited location PCC policy.

[0068] S8: vSMF recognizes the visited location to obtain the policy identifier, which triggers the acquisition of the dual-domain private network service diversion policy from the hPCF of the home HPLMN. The message can be obtained through the local vPCF relay policy, and the hPCF of the home HPLMN will send the private network service diversion policy to vSMF.

[0069] In contrast, in the corresponding strategies of existing technologies, the hPCF issues service offloading policies to the hSMF. Since these two network elements belong to the same operator network, the hPCF generally issues predefined rules. That is, the hPCF and hSMF coordinate, the hSMF performs specific policy configuration, and the hPCF issues policy numbers.

[0070] For the aforementioned international roaming scenario in this application, vSMF and hPCF cannot be pre-configured collaboratively. Therefore, hPCF needs to issue dynamic rules. Since each operator has designated a general exit UPF for Internet services, hPCF can issue only the private network service flow characteristics and the hUPF that guides the service flow. For example, a dual-domain private network service diversion strategy may include: private network service flow characteristics (private network IP address, IP address range, URL list, etc.) and UPF IP (i.e., the IP address of the private network UPF in the hUPF, where the private network UPF is selected by hSMF, see step S11).

[0071] Additionally, the hPCF should also contain a private network traffic offloading policy for the home HPLMN, which includes the private network's DNAI (Data Network Access Identifier). After obtaining the PCC policy, the hSMF distributes it to the selected private network UPF. Because it does not involve home UPF traffic offloading, the private network traffic offloading policy does not need to include private network service flow characteristics; that is, the hPCF can distribute service policies separately when the vSMF and hSMF obtain the policies.

[0072] S9: Based on the permission flag sent by vAMF for general (Internet) traffic to visit the destination for offloading, vSMF determines whether general (Internet) traffic should be offloaded locally in the visited destination: if the flag is set to 0, the general (Internet) traffic will be returned to the home destination for outgoing; if the flag is set to 1, the general (Internet) traffic will be offloaded locally in the visited destination. This requires the cooperation and support of the visited operator's vSMF and vUPF, including billing negotiation.

[0073] S10: Based on the location information TAI and the traffic offloading capability information, the vSMF selects the vUPF of the visited VPLMN that supports traffic offloading capability as the intermediate node I-UPF; at the same time, it determines whether to insert an ULCLUPF for traffic offloading, selects the vUPF as the ULCLUPF and issues the traffic offloading strategy, so that the UE's private network traffic can be offloaded to the private network UPF of the home network, while the general (Internet) traffic is determined by the general service access location offloading flag field to determine whether it is offloaded locally in the access network or flowed back to the main anchor point hUPF of the home HPLMN;

[0074] Specifically, if the general service access location offloading flag field is set to 1, indicating that the user equipment is further associated with the access location offloading of general service access other than private network access services, then the vSMF can select the main anchor point vUPF0 in the access network for the user equipment's general service access based on the general DNN accessed by the user equipment. This is used to offload the access services associated with the user equipment's general access services from the offloading point vUPF to the main anchor point vUPF0 for local outbound. If the general service access location offloading flag field is set to 0, then the vSMF does not need to establish a main anchor point vUPF0 for the user equipment's general service access, but instead instructs the vUPF to backflow the user equipment's general service access to the home network HPLMN.

[0075] S11: Upon receiving a session establishment request from the vSMF, the hSMF immediately requests subscription data from the hUDM of the home HPLMN and PCC policy from the hPCF. Based on the private network hUPF IP address in the PCC policy, the session DNN obtained from the hUDM, and the General Service Access Location Offload (GOA) flag field, the hUPF is selected and signaling interaction is performed. Specifically: if the GOA flag field in the configuration profile is set to 0, the hUPF includes the primary anchor point PSA0UPF and the private network PSA1UPF; if the flag field is set to 1, the hUPF only includes the private network PSA1 UPF. In international roaming scenarios, PSA0UPF is the UPF that the gateway hSMF connects to, and PSA1 UPF is the private network UPF selected by the hSMF based on the PCC policy.

[0076] S12: Complete the subsequent process; the user's DNN session and ULCL insertion are now established.

[0077] S13: When a user equipment requests access to a service from a VPLMN, the VPLMN uses ULCUPF to distribute the traffic based on the service traffic characteristics. The general service traffic path for accessing the Internet is determined by the value of 0 or 1 in the general service access location offload flag field, which is either UE<—>vUPF / SGW-U<—>hUPF / PGW-U0 (primary anchor point)<—>Internet, or UE<—>vUPF / SGW-U<—>vUPF / PGW-U0 (primary anchor point)<—>Internet; while the traffic path for accessing the private network is UE<—>vUPF / SGW-U<—>hUPF / PGW-U1 (secondary anchor point)<—>internal DN.

[0078] about Figure 3 Those skilled in the art will understand that the aforementioned business operations / actions / processes can be executed in a manner different from the above step sequence (e.g., in parallel). Figure 3 The business operations / actions / processes involving VPLMN can be handled by Figure 6The network node 600 in the mobile communication network shown in the figure performs the service operations / actions / processes involving the HPLMN. Figure 7 The network node 700 in the mobile communication network shown in the figure performs the operation. The network node 600 may include one or more network sub-nodes, and Figure 3 The various network elements involved in the VPLMN and their related service operations / actions / processes can be distributed to one or more network sub-nodes. Similarly, network node 700 may include one or more network sub-nodes, and Figure 3 The various network elements involved in HPLMN and related service operations / actions / processes can be distributed to one or more network sub-nodes.

[0079] Figure 4 A flowchart illustrating a method 400 for implementing dual-domain private network services for a user equipment on the access network side according to an embodiment of this application is shown. After the user equipment roams from its home network to the access network, it can be... Figure 6 The network node 600 shown in the figure executes method 400, thereby enabling the access network (such as its core network) to provide dual-domain private network services for roaming user equipment.

[0080] like Figure 4 As shown, in step 410, in response to receiving a registration request from the user equipment, a configuration profile of the user equipment is obtained from the user equipment's home network. The obtained configuration profile may include a dual-domain private network user identification field and a general service access location offload (GMAO) identification field. In one example, after obtaining the configuration profile of the roaming user equipment, the access network may identify the user equipment as associated with a roaming dual-domain private network user based on the dual-domain private network user identification field included in the configuration profile. In another example, the access network may determine, based on the GMAO identification field included in the configuration profile, that the roaming user equipment is further associated with a GMAO offload for general services access other than private network access services.

[0081] In one example, step 410 may also include finding the FQDN of the home network's I-NRF by querying the I-NRF of the access network, and obtaining the user equipment configuration profile from the home network via the access SEPP associated with the access network based on the FQDN of the home network's I-NRF.

[0082] Method 400 continues to step 420, in response to receiving a session establishment request initiated by the user equipment based on a generic DNN, obtaining the user equipment's dual-domain private network service offloading policy from the home network. The obtained dual-domain private network service offloading policy may include private network service traffic characteristics instructing the user equipment to access the private network via the home network and the identifier of the home UPF associated with the private network in the home network. In one example, the private network service traffic characteristics include the private network's IP address, IP address range, and / or URL list, and the identifier of the home UPF includes the IP address of the home UPF.

[0083] In step 430, based on the dual-domain private network service offloading strategy, the ULCL function is inserted into the access UPF selected based on the user equipment's location information in the access network, and the dual-domain private network service offloading strategy is provided to the selected access UPF. In one example, if the general service access location offloading flag field indicates that the user equipment is further associated with the access location offloading of general service access other than private network access services, the access network further selects a primary anchor point UPF in the access network for the user equipment's general service access based on the general DNN accessed by the user equipment, so as to offload the access services associated with the general access services from the offloading point access UPF to the primary anchor point UPF for outgoing traffic.

[0084] In step 440, in response to receiving an access service from a user equipment, the access service is routed according to its traffic characteristics and based on the dual-domain private network service routing policy. In one example, when the traffic characteristics of the access service indicate an access service associated with a private network, the access network will route the access service associated with the private network from the routing point access UPF to the user equipment's home network's home UPF for outbound traffic. In another example, when the traffic characteristics of the access service indicate an access service associated with a general access service, based on whether the general service access location offload flag field is set to 1 or 0, the routing point access UPF will route the access service associated with the general access service to the access network's main anchor UPF for outbound traffic, or route it back to the home network for outbound traffic.

[0085] Figure 5 A flowchart illustrating a method 500 for implementing dual-domain private network services for a user equipment on the home network side according to an embodiment of this application is shown. After the user equipment roams from its home network to the access network, it can be... Figure 7 The network node 700 shown executes method 500, thereby enabling the home network (such as its core network) to provide dual-domain private network services for user equipment roaming to the access network.

[0086] like Figure 5As shown, in step 510, in response to receiving a first signaling message from the access network to which the user equipment (UE) has roamed, a configuration profile of the UE is provided to the access network. In one example, the received first signaling message may include the discovery conditions of the home AUSF / home UDM of the home network, which may include the SUCI and / or SUPI of the home AUSF / home UDM. In one example, the provided configuration profile may include a dual-domain private network user identification field and a general service access location offload (GMO) identification field. The dual-domain private network user identification field enables the access network to which the UE has roamed to to identify the UE as associated with a roaming dual-domain private network user, and the GMO identification field enables the access network to further determine, based on this identification field, whether the UE is further associated with a GMO for general service access outside of private network access services.

[0087] In one example, step 410 may further include: receiving the aforementioned first signaling message via the home SEPP associated with the home network; passing the home AUSF / home UDM discovery conditions to the home I-NRF of the home network to obtain the user equipment configuration profile by performing AUSF / UDM discovery; and providing the user equipment configuration profile to the access network via the home SEPP.

[0088] Method 500 continues to step 520, in response to receiving a second signaling message from the access network, providing the access network with a dual-domain private network service offloading policy for the user equipment. In one example, the received second signaling message includes at least the user equipment's generic DNN, and the provided dual-domain private network service offloading policy may include: private network service traffic characteristics instructing the user equipment to access the private network via the home network and the identifier of the home UPF associated with the private network in the home network. In one example, the private network service traffic characteristics include the private network's IP address, IP address range, and / or URL list, and the identifier of the home UPF includes the IP address of the home UPF. In one example, the user equipment's dual-domain private network service offloading policy is provided to the access network from the home PCF of the home network, via the home SEPP associated with the home network. In one example, in response to receiving the second signaling message, the home network can look up the home SMF that supports the generic DNN in the home network from the home I-NRF, and the home UPF is selected by the home SMF based on the generic DNN.

[0089] In step 530, the corresponding private network offloading policy for the home network is provided to the home UPF. In one example, the corresponding private network offloading policy provided to the home UPF includes the private network's DNAI.

[0090] In step 540, in response to receiving a private network access service from the user equipment that is routed from the access network UPF to the home UPF, the private network access service is sent out from the home UPF to the private network.

[0091] In one example, method 500 may further include: determining that the generic service access location offloading flag field does not indicate (i.e., the flag field is set to 0) that the user equipment is associated with access location offloading for generic service access other than private network access services; selecting a primary anchor point UPF in the home network for the generic service access of the user equipment; and, in response to receiving a generic service access from the user equipment that is offloaded from the access UPF of the access network to the primary anchor point UPF, causing the generic service access to be outbound from the primary anchor point UPF. In one example, if the generic service access location offloading flag field indicates that the user equipment is associated with access location offloading for generic service access other than private network access services (i.e., the flag field is set to 1), then the home network does not select a primary anchor point UPF in the home network for the outbound of generic service access, because the generic service access of the user equipment in the access network will be offloaded locally by the access network.

[0092] like Figure 6 As shown, network node 600 may include processor 610 and may also include memory 620 storing instructions 630. In one example, processor 610 may be configured to perform operations within one or more methods (such as method 400) or processes described herein. In another example, processor 610 may execute instructions 630 stored in memory 620 such that network node 600 may be configured to perform operations within one or more methods or processes described herein.

[0093] like Figure 7 As shown, network node 700 may include processor 710 and may also include memory 720 storing instructions 730. In one example, processor 710 may be configured to perform operations in one or more methods (such as method 500) or processes described herein. In another example, processor 710 may execute instructions 730 stored in memory 720 such that network node 700 may be configured to perform operations in one or more methods or processes described herein.

[0094] In another example, this application provides a device in a network node of a mobile communication network that serves as an access network for user equipment. The device may include one or more components for performing one or more methods (such as method 400) or processes described herein.

[0095] In another example, this application provides a device in a network node of a mobile communication network, wherein the mobile communication network serves as the home network of the user equipment. The device may include one or more components for performing one or more methods (such as method 500) or processes described herein.

[0096] In another example, this application also provides a computer-readable storage medium storing computer-executable instructions that, when executed by a processor or computing device, perform the operations of one or more methods or processes described herein.

[0097] In another example, this application also provides a computer program product storing computer-executable instructions that, when executed by a processor or computing device, perform the operations of one or more methods or processes described herein.

[0098] This application addresses the shortcomings of existing technologies by proposing a relevant process solution, including: Based on a general DNN, adding a dual-domain private network subscription marker and a marker allowing general (Internet) traffic to visit and offload to the UDM / HSS to identify the user as a dual-domain private network subscriber and granting local general traffic offloading capability; during the UE registration process, if the vAMF discovers that the user's UDM / HSS has a dual-domain private network subscriber marker field, the vAMF should locally mark the roaming dual-domain private network user and, in the subsequent session establishment process, include the visited location acquisition policy identifier and the allowed general (Internet) traffic to visit and offload marker in the PDU session establishment request sent to the vSMF; during the UE session establishment process, the vSMF can initiate a policy request to the hPCF based on the visited location acquisition policy identifier; the hPCF can return a dual-domain private network service offloading policy to the vSMF, which may include private network service flow characteristics and private network UPF. IP; vSMF determines whether general (Internet) traffic should be offloaded locally at the visited location based on the user's allowed general (Internet) traffic visit location offload flag. This requires the cooperation and support of the visited operator's vSMF and vUPF, including billing negotiation; and when the UE requests access to services from the access network, vUPF performs service diversion, directing traffic that meets the characteristics of private network services to hUPF1 (secondary anchor point), while general (Internet) traffic is determined based on the offload flag to be offloaded locally or returned to the home primary anchor point UPF for outgoing.

[0099] This application utilizes ULCL standard-based traffic offloading technology, which does not alter the user's general DNN subscription. This avoids the difficulty in reaching consensus among operators regarding dedicated DNNs. The overall solution requires minimal modification to the mobile communication network, is easy to implement for visited network elements, and is suitable for operator network architectures with relatively simple and flat network structures. Furthermore, for general (Internet) traffic, the system can determine whether to offload general (Internet) traffic locally at the visited location based on the allowed general (Internet) traffic visit offloading flag, thereby reducing Internet access latency.

[0100] The embodiments and examples presented herein are provided to best illustrate embodiments of this application and its particular applications, thereby enabling those skilled in the art to implement and use this application. However, those skilled in the art will appreciate that the above description and examples are provided merely for ease of illustration and example. The descriptions presented are not intended to cover all aspects of this application or to limit this application to the precise forms disclosed.

Claims

1. A method executed in the core network of a mobile communication network, the mobile communication network serving as an access network for roaming user equipment to provide services to the user equipment, the method comprising: In response to receiving a registration request from the user equipment, the configuration profile of the user equipment is obtained from the home network of the user equipment, and the user equipment is marked as associated with a roaming dual-domain private network user based on the dual-domain private network user identification field included in the configuration profile. In response to receiving a session establishment request initiated by the user equipment based on a generic DNN (DataNetworkName), the dual-domain private network service offloading policy of the user equipment is obtained from the home network, wherein the dual-domain private network service offloading policy includes: private network service traffic characteristics indicating the private network to be accessed by the user equipment via the home network and the identifier of the home UPF (UserPlane Function) associated with the private network in the home network; Based on the dual-domain private network service offloading strategy, the ULCL (Uplink Classifier) ​​function is inserted into the access network and selected by the access UPF based on the location information of the user equipment, and the dual-domain private network service offloading strategy is provided to the access UPF. as well as In response to receiving an access service from the user equipment, based on the service traffic characteristics of the access service and the dual-domain private network service diversion strategy, the access service associated with the private network is diverted from the access UPF to the home UPF.

2. The method according to claim 1, wherein, The configuration profile also includes a general service access location offload flag field, and the method further includes: The determination of the general service access location offload flag field indicates that the user equipment is further associated with the access location offload of general service access other than private network access services; Based at least on the location information of the user equipment, a primary anchor point (UPF) in the access network is selected for the general service access of the user equipment; and In response to receiving an access service from the user equipment, based on the service traffic characteristics of the received access service and the dual-domain private network service diversion strategy, the access service associated with the general access service is diverted from the access UPF to the main anchor UPF for outgoing traffic.

3. The method according to claim 1, wherein, The private network service traffic characteristics include the private network's IP address, IP address range, and / or URL list, and the identifier of the home UPF includes the IP address of the home UPF.

4. The method according to claim 1, 2 or 3, wherein, In response to receiving a registration request from the user equipment, obtaining the user equipment's configuration profile from the user equipment's home network includes: By querying the I-NRF (International-Network Repository Function) of the accessed network, the FQDN (Fully Qualified Domain Name) of the home network's I-NRF is found; and The configuration profile of the user equipment is obtained from the home network via the access SEPP (Security Edge Protection Proxy) associated with the access network, based on the FQDN of the home network's I-NRF.

5. The method according to claim 1, 2 or 3, wherein, In response to receiving a session establishment request initiated by the user equipment based on a general DNN, obtaining the dual-domain private network service offloading strategy of the user equipment from the home network includes: Based at least on the location information of the user equipment, select an access SMF (Session Management Function) in the access network for the user equipment; and The access SMF is instructed to obtain the dual-domain private network service offloading policy of the user equipment from the home PCF (Policy Control function) of the home network via the access SEPP associated with the access network.

6. A method executed in the core network of a mobile communication network, the mobile communication network serving as the home network of a user equipment to provide services to the user equipment, the method comprising: In response to receiving a first signaling message from the access network to which the user equipment has roamed, the access network is provided with a configuration profile of the user equipment, wherein the first signaling message includes the home AUSF (Authentication Server Function) / home UDM (Unified Data Management) discovery conditions of the home network, and wherein the configuration profile includes a dual-domain private network user identification field, enabling the access network to identify the user equipment as associated with a roaming dual-domain private network user; In response to receiving a second signaling message from the access network, the system provides the access network with a dual-domain private network service offloading strategy for the user equipment, wherein the second signaling message includes at least the user equipment's generic DNN (DataNetworkName), and wherein the dual-domain private network service offloading strategy includes: private network service traffic characteristics indicating the private network to be accessed by the user equipment via the home network and the identifier of the home UPF (User Plane Function) associated with the private network in the home network; Provide the home UPF with a corresponding private network traffic offloading strategy for the home network; as well as In response to receiving a private network access service from the user equipment that is diverted from the access network's access UPF to the home UPF, the private network access service is diverted from the home UPF to the private network.

7. The method according to claim 6, wherein, The private network service traffic characteristics include the private network's IP address, IP address range, and / or URL list, and the identifier of the home UPF includes the IP address of the home UPF.

8. The method according to claim 6, wherein, The discovery criteria for the ASF / UDM include the SUCI (Subscription Concealed Identifier) ​​and / or SUPI (Subscription Permanent Identifier) ​​of the ASF / UDM.

9. The method according to claim 6, wherein, The corresponding private network traffic offloading strategy includes the private network's DNAI (Data Network Access Identifier).

10. The method according to claim 6, wherein, The configuration profile also includes a general service access location offload flag field, and the method further includes: If the general service access location offload flag field does not indicate that the user equipment is associated with the access location offload of general service access other than private network access services; Select the primary anchor point (UPF) in the home network for the general service access of the user equipment; and In response to receiving a general service access from the user equipment that is routed from the access network's access UPF to the main anchor UPF, the general service access is sent out of the main anchor UPF.

11. The method according to claim 6, 7, 8, 9 or 10, wherein, In response to receiving a first signaling message from the access network to which the user equipment is roaming, providing the access network with the configuration profile of the user equipment includes: The first signaling message is received via the home SEPP (Security Edge Protection Proxy) associated with the home network; The discovery conditions of the home AUSF / home UDM are passed to the home I-NRF (International-Network Repository Function) of the home network to obtain the configuration profile of the user equipment by performing AUSF / UDM discovery; and The configuration profile of the user equipment is provided to the access network via the home SEPP.

12. The method according to claim 11, wherein, The method further includes: In response to receiving the second signaling message, the Home I-NRF searches for a Home SMF (Session Management Function) in the home network that supports the Universal DNN, wherein the Home UPF is selected by the Home SMF based on the Universal DNN.

13. The method according to claim 6, 7, 8, 9 or 10, wherein, In response to receiving a second signaling message from the access network, providing the access network with the dual-domain private network service offloading strategy for the user equipment includes: The dual-domain private network service offloading policy of the user equipment is provided to the access network from the home PCF (Policy Control function) of the home network via the home SEPP associated with the home network.

14. A network node in a mobile communication network, the mobile communication network serving as an access network for roaming user equipment to provide services to the user equipment, the network node comprising: processor; and A memory storing computer-executable instructions, which, when executed by the processor, configure the network node to perform the method according to any one of claims 1-5.

15. A network node in a mobile communication network, wherein the mobile communication network serves as the home network of a user equipment to provide services to the user equipment, the network node comprising: processor; and A memory storing computer-executable instructions, which, when executed by the processor, configure the network node to perform the method according to any one of claims 6-13.

16. A device in a network node of a mobile communication network, the mobile communication network serving as an access network for a user equipment, the device comprising one or more components for performing the method according to any one of claims 1-5.

17. A device in a network node of a mobile communication network, the mobile communication network serving as a home network for a user equipment, the device comprising one or more components for performing the method according to any one of claims 6-13.

18. A computer-readable storage medium storing computer-executable instructions, which, when executed by a processor, perform the method according to any one of claims 1-13.

19. A computer program product storing computer-executable instructions, which, when executed by a processor, perform the method according to any one of claims 1-13.