23.501中英对照（1）：网元与架构

媒介
本文是对5G最基础也是最重要的规范TS23.501的中英对照翻译。 
但不是全文翻译，有以下重要说明：

• 不是全文翻译，一些国内不大概用到的特性不翻。
  
• 原文有些章节没有内容，或者意义不大，直接跳过。
  
• 所以是从第4章开始翻译。
  
• 一句英文原文，一句中文。方便对照。
  
• 接纳最新的2024年12月发布的R18.8版本。
  
• 本期开始连载，直到结束。接待关注。
  
• 任何问题，接待微信交流。
  
• 作者微信：gprshome201101，微信名：爱卫生
  

本文是第1篇，约7780字。
「4 架构模子和概念」
「4.1 一般概念」
「4 Architecture model and concepts」
「4.1 General concepts」
5G体系架构被定义为支持数据毗连和服务，使部署可以或许使用诸如网络功能虚拟化（NFV）和软件定义网络（SDN）等技能。5G体系架构应在已辨认的控制平面（CP）网络功能之间利用基于服务的交互。一些关键原则和概念包罗：
The 5G System architecture is defined to support data connectivity and services enabling deployments to use techniques such as e.g. Network Function Virtualization and Software Defined Networking. The 5G System architecture shall leverage service-based interactions between Control Plane (CP) Network Functions where identified. Some key principles and concept are to:

• 将用户平面（UP）功能与控制平面（CP）功能分离，允许独立的扩展性、演进和机动的部署，例如会合式位置或分布式（远程）位置。
  
• Separate the User Plane (UP) functions from the Control Plane (CP) functions, allowing independent scalability, evolution and flexible deployments e.g. centralized location or distributed (remote) location.
  
• 对功能设计进行模块化，例如实现机动高效的网络切片。
  
• Modularize the function design, e.g. to enable flexible and efficient network slicing.
  
• 在适用的环境下，将程序（即网络功能之间的交互集）定义为服务，以便可以重用它们。
  
• Wherever applicable, define procedures (i.e. the set of interactions between network functions) as services, so that their re-use is possible.
  
• 使每个网络功能及其网络功能服务可以或许根据必要直接或间接通过服务通讯署理与其他NF及其网络功能服务进行交互。该架构不排除使用另一个中心功能来帮助路由控制平面消息（例如像DRA）。
  
• Enable each Network Function and its Network Function Services to interact with other NF and its Network Function Services directly or indirectly via a Service Communication Proxy if required. The architecture does not preclude the use of another intermediate function to help route Control Plane messages (e.g. like a DRA).
  
• 最小化接入网（AN）和核心网（CN）之间的依赖关系。该架构接纳融合核心网和通用的AN-CN接口，集成了差别的接入类型，例如3GPP接入和非3GPP接入。
  
• Minimize dependencies between the Access Network (AN) and the Core Network (CN). The architecture is defined with a converged core network with a common AN - CN interface which integrates different Access Types e.g. 3GPP access and non-3GPP access.
  
• 支持统一的认证框架。
  
• Support a unified authentication framework.
  
• 支持“无状态”NF，其中“计算”资源与“存储”资源解耦。
  
• Support "stateless" NFs, where the "compute" resource is decoupled from the "storage" resource.
  
• 支持本领开放。
  
• Support capability exposure.
  
• 支持同时访问本地和会合式服务。为了支持低延迟服务和对数据网络的本地访问，可以将UP功能部署在靠近接入网的位置。
  
• Support concurrent access to local and centralized services. To support low latency services and local access to data networks, UP functions can be deployed close to the Access Network.
  
• 支持在拜访PLMN中使用家乡路由流量和本地劝导流量的环游。
  
• Support roaming with both Home routed traffic as well as Local breakout traffic in the visited PLMN.
  

「4.2 架构参考模子」
「4.2.1 概述」
「4.2 Architecture reference model」
「4.2.1 General」
本规范形貌了5G体系的架构。5G架构被定义为基于服务的，网络功能之间的交互以两种方式表现。
This specification describes the architecture for the 5G System. The 5G architecture is defined as service-based and the interaction between network functions is represented in two ways.

• 基于服务的表现，其中控制平面内的网络功能（例如AMF）使其它授权的网络功能可以或许访问其服务。此表现还包罗必要的点对点参考点。
  
• A service-based representation, where network functions (e.g. AMF) within the Control Plane enables other authorized network functions to access their services. This representation also includes point-to-point reference points where necessary.
  
• 参考点表现，显示了由任意两个网络功能（例如AMF和SMF）之间的点对点参考点（例如N11）形貌的网络功能中的NF服务之间存在的交互。
  
• A reference point representation, shows the interaction exist between the NF services in the network functions described by point-to-point reference point (e.g. N11) between any two network functions (e.g. AMF and SMF).
  

基于服务的接口在第4.2.6条中列出。参考点在第4.2.7条中列出。
Service-based interfaces are listed in clause 4.2.6. Reference points are listed in clause 4.2.7.
5GC控制平面内的网络功能应仅使用基于服务的接口进行交互。
Network functions within the 5GC Control Plane shall only use service-based interfaces for their interactions.
注1：本规范的本版本未指定一个NF内的NF服务之间的交互。
NOTE 1: The interactions between NF services within one NF are not specified in this Release of the specification.
NF和NF服务可以直接通讯（称为直接通讯），也可以通过SCP间接通讯（称为间接通讯）。有关通讯选项的更多信息，请拜见附件E以及6.3.1和7.1.2下的条款。
NFs and NF services can communicate directly, referred to as Direct Communication, or indirectly via the SCP, referred to as Indirect Communication. For more information on communication options, see Annex E and clauses under 6.3.1 and 7.1.2.
除了第4条中的架构形貌外，其他规范还进一步形貌了以下范畴：
In addition to the architecture descriptions in clause 4, the following areas are further described in other specifications:

• NG-RAN架构在TS 38.300 [27]和TS 38.401 [42]中形貌。
  
• NG-RAN architecture is described in TS 38.300 [27] and TS 38.401 [42].
  
• 安全架构在TS 33.501 [29]和TS 33.535 [124]中形貌。
  
• Security architecture is described in TS 33.501 [29] and TS 33.535 [124].
  
• 计费架构在TS 32.240 [41]中形貌。
  
• Charging architecture is described in TS 32.240 [41].
  
• 5G媒体流架构在TS 26.501 [135]中形貌。
  
• 5G Media streaming architecture is described in TS 26.501 [135].
  

注3：第4.2.2条中列出的NF在以下条款或上述规范中形貌。
NOTE 3: The NFs listed in clause 4.2.2 are described in the following clauses or in the specifications above.
「4.2.2 网络功能和实体」
「4.2.2 Network Functions and entities」
5G体系架构由以下网络功能（NF）构成：
The 5G System architecture consists of the following network functions (NF):

• 认证服务器功能（AUSF）。
  
• Authentication Server Function (AUSF).
  
• 接入和移动性管理功能（AMF）。
  
• Access and Mobility Management Function (AMF).
  
• 数据网络（DN），例如运营商服务、互联网接入或第三方服务。
  
• Data Network (DN), e.g. operator services, Internet access or 3rd party services.
  
• 非结构化数据存储功能（UDSF）。
  
• Unstructured Data Storage Function (UDSF).
  
• 网络开放功能（NEF）。
  
• Network Exposure Function (NEF).
  
• 网络存储功能（NRF）。
  
• Network Repository Function (NRF).
  
• 网络切片准入控制功能（NSACF）。
  
• Network Slice Admission Control Function (NSACF).
  
• 网络切片特定和SNPN认证和授权功能（NSSAAF）。
  
• Network Slice-specific and SNPN Authentication and Authorization Function (NSSAAF).
  
• 网络切片选择功能（NSSF）。
  
• Network Slice Selection Function (NSSF).
  
• 计谋控制功能（PCF）。
  
• Policy Control Function (PCF).
  
• 会话管理功能（SMF）。
  
• Session Management Function (SMF).
  
• 统一数据管理（UDM）。
  
• Unified Data Management (UDM).
  
• 统一数据存储库（UDR）。
  
• Unified Data Repository (UDR).
  
• 用户平面功能（UPF）。
  
• User Plane Function (UPF).
  
• UE无线本领管理功能（UCMF）。
  
• UE radio Capability Management Function (UCMF).
  
• 应用功能（AF）。
  
• Application Function (AF).
  
• 用户设备（UE）。
  
• User Equipment (UE).
  
• （无线）接入网（（R）AN）。
  
• (Radio) Access Network ((R)AN).
  
• 5G设备标识寄存器（5G-EIR）。
  
• 5G-Equipment Identity Register (5G-EIR).
  
• 网络数据分析功能（NWDAF）。
  
• Network Data Analytics Function (NWDAF).
  
• 计费功能（CHF）。
  
• CHarging Function (CHF).
  
• 时间敏感网络AF（TSN AF）。
  
• Time Sensitive Networking AF (TSN AF).
  
• 时间敏感通讯和时间同步功能（TSCTSF）。
  
• Time Sensitive Communication and Time Synchronization Function (TSCTSF).
  
• 数据收集调和功能（DCCF）。
  
• Data Collection Coordination Function (DCCF).
  
• 分析数据存储功能（ADRF）。
  
• Analytics Data Repository Function (ADRF).
  
• 消息框架适配器功能（MFAF）。
  
• Messaging Framework Adaptor Function (MFAF).
  
• 非无缝WLAN卸载功能（NSWOF）。
  
• Non-Seamless WLAN Offload Function (NSWOF).
  

注：DCCF和/或ADRF提供的功能也可以由NWDAF托管。
NOTE: The functionalities provided by DCCF and/or ADRF can also be hosted by an NWDAF.

• 边缘应用服务器发现功能（EASDF）。
  
• Edge Application Server Discovery Function (EASDF).
  

5G体系架构还包罗以下网络实体：
The 5G System architecture also comprises the following network entities:

• 服务通讯署理（SCP）。
  
• Service Communication Proxy (SCP).
  
• 安全边缘保护署理（SEPP）。
  
• Security Edge Protection Proxy (SEPP).
  

这些网络功能和实体的功能形貌在第6条中指定。
The functional descriptions of these Network Functions and entities are specified in clause 6.

• 非3GPP互通功能（N3IWF）。
  
• Non-3GPP InterWorking Function (N3IWF).
  
• 可信非3GPP网关功能（TNGF）。
  
• Trusted Non-3GPP Gateway Function (TNGF).
  
• 有线接入网关功能（W-AGF）。
  
• Wireline Access Gateway Function (W-AGF).
  
• 可信WLAN互通功能（TWIF）。
  
• Trusted WLAN Interworking Function (TWIF).
  

「4.2.3 非环游参考架构」
「4.2.3 Non-roaming reference architecture」
图4.2.3-1形貌了非环游参考架构。在控制平面内使用基于服务的接口。
Figure 4.2.3-1 depicts the non-roaming reference architecture. Service-based interfaces are used within the Control Plane.

图4.2.3-1：非环游5G体系架构
Figure 4.2.3-1: Non-Roaming 5G System Architecture
注：如果部署了SCP，则可以将其用于NF和NF服务之间的间接通讯，如附件E中所述。SCP自己不公开服务。
NOTE: If an SCP is deployed it can be used for indirect communication between NFs and NF services as described in Annex E. SCP does not expose services itself.
图4.2.3-2使用参考点表现法形貌了非环游环境下的5G体系架构，显示了各种网络功能如何相互交互。
Figure 4.2.3-2 depicts the 5G System architecture in the non-roaming case, using the reference point representation showing how various network functions interact with each other.

图4.2.3-2：参考点表现法中的非环游5G体系架构
Figure 4.2.3-2: Non-Roaming 5G System Architecture in reference point representation
注1：N9、N14未在所有其他图中显示，但它们也大概适用于其他场景。
NOTE 1: N9, N14 are not shown in all other figures however they may also be applicable for other scenarios.
注2：为了点对点图的清晰起见，未描绘UDSF、NEF和NRF。但是，所有描绘的网络功能都可以根据必要与UDSF、UDR、NEF和NRF交互。
NOTE 2: For the sake of clarity of the point-to-point diagrams, the UDSF, NEF and NRF have not been depicted. However, all depicted Network Functions can interact with the UDSF, UDR, NEF and NRF as necessary.
注3：UDM使用大概存储在UDR中的订阅数据和认证数据，PCF使用大概存储在UDR中的计谋数据（拜见第4.2.5条）。
NOTE 3: The UDM uses subscription data and authentication data and the PCF uses policy data that may be stored in UDR (refer to clause 4.2.5).
注4：为清楚起见，点对点和基于服务的架构图中未描绘UDR及其与其他NF（例如PCF）的毗连。有关数据存储架构的更多信息，请参阅第4.2.5条。
NOTE 4: For clarity, the UDR and its connections with other NFs, e.g. PCF, are not depicted in the point-to-point and service-based architecture diagrams. For more information on data storage architectures refer to clause 4.2.5.
注5：为清楚起见，点对点和基于服务的架构图中未描绘NWDAF、DCCF、MFAF和ADRF及其与其他NF的毗连。有关网络数据分析架构的更多信息，请参阅TS 23.288 [86]。
NOTE 5: For clarity, the NWDAF(s), DCCF, MFAF and ADRF and their connections with other NFs, are not depicted in the point-to-point and service-based architecture diagrams. For more information on network data analytics architecture refer to TS 23.288 [86].
注6：为清楚起见，点对点和基于服务的架构图中未描绘5G DDNMF及其与其他NF（例如UDM、PCF）的毗连。有关ProSe架构的更多信息，请参阅TS 23.304 [128]。
NOTE 6: For clarity, the 5G DDNMF and its connections with other NFs, e.g. UDM, PCF are not depicted in the point-to-point and service-based architecture diagrams. For more information on ProSe architecture refer to TS 23.304 [128].
注7：为清楚起见，点对点和基于服务的架构图中未描绘TSCTSF及其与其他NF（例如PCF、NEF、UDR）的毗连。有关TSC架构的更多信息，请参阅第4.4.8条。
NOTE 7: For clarity, the TSCTSF and its connections with other NFs, e.g. PCF, NEF, UDR are not depicted in the point-to-point and service-based architecture diagrams. For more information on TSC architecture refer to clause 4.4.8.
注8：为了公开第5.8.2.18条中规定的QoS监控信息，公开为第23.502 [3]条5.2.26.2中规定的分析收集的数据以及公开第5.8.5.14条中规定的TSC管理信息，可以通过Nupf接口支持UPF和NF之间的直接交互（拜见第4.2.16条）。
NOTE 8: For exposure of the QoS monitoring information as specified in clause 5.8.2.18, exposure of data collected for analytics as specified in clause 5.2.26.2 of TS 23.502 [3] and exposure of the TSC management information as specified in clause 5.8.5.14, direct interaction between UPF and NFs can be supported via the Nupf interface (see clause 4.2.16).
注9：为清楚起见，点对点和基于服务的架构图中未描绘EASDF及其与SMF的毗连。有关边缘计算架构的更多信息，请参阅TS 23.548 [130]。
NOTE 9: For clarity, the EASDF and its connections with SMF is not depicted in the point-to-point and service-based architecture diagrams. For more information on edge computing architecture refer to TS 23.548 [130].
图4.2.3-3使用参考点表现法形貌了UE使用多个PDU会话同时访问两个（例如本地和中央）数据网络的非环游架构。此图显示了多个PDU会话的架构，其中为两个差别的PDU会话选择了两个SMF。但是，每个SMF也大概具有在PDU会话中控制本地和中央UPF的本领。
Figure 4.2.3-3 depicts the non-roaming architecture for UEs concurrently accessing two (e.g. local and central) data networks using multiple PDU Sessions, using the reference point representation. This figure shows the architecture for multiple PDU Sessions where two SMFs are selected for the two different PDU Sessions. However, each SMF may also have the capability to control both a local and a central UPF within a PDU Session.

图4.2.3-3：在参考点表现法中应用非环游5G体系架构进行多个PDU会话
Figure 4.2.3-3: Applying Non-Roaming 5G System Architecture for multiple PDU Session in reference point representation
图4.2.3-4使用参考点表现法形貌了在单个PDU会话内提供对两个（例如本地和中央）数据网络的并发访问的非环游架构。
Figure 4.2.3-4 depicts the non-roaming architecture in the case of concurrent access to two (e.g. local and central) data networks is provided within a single PDU Session, using the reference point representation.

图4.2.3-4：在参考点表现法中应用非环游5G体系架构以并发访问两个（例如本地和中央）数据网络（单个PDU会话选项）
Figure 4.2.3-4: Applying Non-Roaming 5G System Architecture for concurrent access to two (e.g. local and central) data networks (single PDU Session option) in reference point representation
图4.2.3-5使用参考点表现法形貌了网络开放功能的非环游架构。
Figure 4.2.3-5 depicts the non-roaming architecture for Network Exposure Function, using reference point representation.

图4.2.3-5：参考点表现法中的网络开放功能非环游架构
Figure 4.2.3-5: Non-Roaming Architecture for Network Exposure Function in reference point representation
注1：在图4.2.3-5中，NEF的信任域与TS 23.682 [36]中定义的SCEF的信任域雷同。
NOTE 1: In Figure 4.2.3-5, Trust domain for NEF is same as Trust domain for SCEF as defined in TS 23.682 [36].
注2：在图4.2.3-5中，3GPP接口表现NEF和5GC网络功能之间的南向接口，例如NEF和SMF之间的N29接口，NEF和PCF之间的N30接口等。为了简朴起见，未显示来自NEF的所有南向接口。
NOTE 2: In Figure 4.2.3-5, 3GPP Interface represents southbound interfaces between NEF and 5GC Network Functions e.g. N29 interface between NEF and SMF, N30 interface between NEF and PCF, etc. All southbound interfaces from NEF are not shown for the sake of simplicity.
「4.2.4 环游参考架构」
「4.2.4 Roaming reference architectures」
图4.2.4-1形貌了在控制平面内具有基于服务的接口的本地劝导的5G体系环游架构。
Figure 4.2.4-1 depicts the 5G System roaming architecture with local breakout with service-based interfaces within the Control Plane.

图4.2.4-1：环游5G体系架构-基于服务接口表现的本地劝导场景
Figure 4.2.4-1: Roaming 5G System architecture- local breakout scenario in service-based interface representation
注1：在LBO架构中。VPLMN中的PCF可以与AF交互以天生通过VPLMN提供的服务的PCC规则，VPLMN中的PCF根据与HPLMN运营商的环游协议使用本地设置的计谋作为PCC规则天生的输入，VPLMN中的PCF无法访问HPLMN中的用户计谋信息。
NOTE 1: In the LBO architecture. the PCF in the VPLMN may interact with the AF in order to generate PCC Rules for services delivered via the VPLMN, the PCF in the VPLMN uses locally configured policies according to the roaming agreement with the HPLMN operator as input for PCC Rule generation, the PCF in VPLMN has no access to subscriber policy information from the HPLMN.
注2：SCP可用于VPLMN内、HPLMN内或VPLMN和HPLMN内的NF和NF服务之间的间接通讯。为简朴起见，环游架构中未显示SCP。
NOTE 2: An SCP can be used for indirect communication between NFs and NF services within the VPLMN, within the HPLMN, or in within both VPLMN and HPLMN. For simplicity, the SCP is not shown in the roaming architecture.
注3：为清楚起见，服务架构图中未描绘具有环游交换本领（RE-NWDAF）的NWDAF及其与其他NF的毗连。有关网络数据分析架构的更多信息，请参阅TS 23.288 [86]。
NOTE 3: For clarity, the NWDAF(s) with roaming exchange capability (RE-NWDAF) and their connections with other NFs, are not depicted in the service-based architecture diagram. For more information on network data analytics architecture refer to TS 23.288 [86].
注4：根据部署的架构，VPLMN中的主要或会合式NSACF可以从HPLMN主要或会合式NSACF获取要执行的最大注册UE数或最大LBO PDU会话数，如第5.15.11.3.1条所述。
NOTE 4: Depending on the architecture deployed, the Primary or Centralized NSACF at the VPLMN can fetch the maximum number of registered UEs or the maximum number of LBO PDU sessions to be enforced from the HPLMN Primary or Centralized NSACF as described in clause 5.15.11.3.1.
图4.2.4-2：无效
Figure 4.2.4-2: Void
图4.2.4-3形貌了在控制平面内具有基于服务的接口的家乡路由场景下的5G体系环游架构。
Figure 4.2.4-3 depicts the 5G System roaming architecture in the case of home routed scenario with service-based interfaces within the Control Plane.

图4.2.4-3：环游5G体系架构-基于服务接口表现的家乡路由场景
Figure 4.2.4-3: Roaming 5G System architecture - home routed scenario in service-based interface representation
注4：SCP可用于VPLMN内、HPLMN内或VPLMN和HPLMN内的NF和NF服务之间的间接通讯。为简朴起见，环游架构中未显示SCP。
NOTE 4: An SCP can be used for indirect communication between NFs and NF services within the VPLMN, within the HPLMN, or in within both VPLMN and HPLMN. For simplicity, the SCP is not shown in the roaming architecture.
注5：家乡路由场景中的UPF也可用于支持IPUPS功能（拜见第5.8.2.14条）。
NOTE 5: UPFs in the home routed scenario can be used also to support the IPUPS functionality (see clause 5.8.2.14).
注6：为清楚起见，服务架构图中未描绘具有环游交换本领（RE-NWDAF）的NWDAF及其与其他NF的毗连。有关网络数据分析架构的更多信息，请参阅TS 23.288 [86]。
NOTE 6: For clarity, the NWDAF(s) with roaming exchange capability (RE-NWDAF) and their connections with other NFs, are not depicted in the service-based architecture diagram. For more information on network data analytics architecture refer to TS 23.288 [86].
图4.2.4-4使用参考点表现法形貌了本地劝导场景下的5G体系环游架构。
Figure 4.2.4-4 depicts 5G System roaming architecture in the case of local break out scenario using the reference point representation.

图4.2.4-4：环游5G体系架构-参考点表现法中的本地劝导场景
Figure 4.2.4-4: Roaming 5G System architecture - local breakout scenario in reference point representation
注7：参考点架构图中未描绘NRF。有关NRF和NF接口的具体信息，请参阅图4.2.4-7。
NOTE 7: The NRF is not depicted in reference point architecture figures. Refer to Figure 4.2.4-7 for details on NRF and NF interfaces.
注8：为了清楚起见，环游参考点架构图中未描绘SEPP。
NOTE 8: For the sake of clarity, SEPPs are not depicted in the roaming reference point architecture figures.
注9：为清楚起见，参考点架构图中未描绘具有环游交换本领（RE-NWDAF）的NWDAF及其与其他NF的毗连。有关网络数据分析架构的更多信息，请参阅TS 23.288 [86]。
NOTE 9: For clarity, the NWDAF(s) with roaming exchange capability (RE-NWDAF) and their connections with other NFs, are not depicted in the reference point architecture figure. For more information on network data analytics architecture refer to TS 23.288 [86].
下图4.2.4-6使用参考点表现法形貌了家乡路由场景下的5G体系环游架构。
The following figure 4.2.4-6 depicts the 5G System roaming architecture in the case of home routed scenario using the reference point representation.

图4.2.4-6：环游5G体系架构-参考点表现法中的家乡路由场景
Figure 4.2.4-6: Roaming 5G System architecture - Home routed scenario in reference point representation
N38参考点可以在同一VPLMN中的V-SMF之间，也可以在差别VPLMN中的V-SMF之间（以实现PLMN间移动性）。
The N38 references point can be between V-SMFs in the same VPLMN, or between V-SMFs in different VPLMNs (to enable inter-PLMN mobility).
注10：为清楚起见，参考点架构图中未描绘具有环游交换本领（RE-NWDAF）的NWDAF及其与其他NF的毗连。有关网络数据分析架构的更多信息，请参阅TS 23.288 [86]。
NOTE 10: For clarity, the NWDAF(s) with roaming exchange capability (RE-NWDAF) and their connections with other NFs, are not depicted in the reference point architecture figure. For more information on network data analytics architecture refer to TS 23.288 [86].
对于上述环游场景，每个PLMN都实施署理功能，以保护互连并在PLMN间接口上隐蔽拓扑。
For the roaming scenarios described above each PLMN implements proxy functionality to secure interconnection and hide topology on the inter-PLMN interfaces.

图4.2.4-7：参考点表现法中的NRF环游架构
Figure 4.2.4-7: NRF Roaming architecture in reference point representation
注11：为了清楚起见，图4.2.4-7中未描绘PLMN边界两侧的SEPP。
NOTE 11: For the sake of clarity, SEPPs on both sides of PLMN borders are not depicted in figure 4.2.4-7.
图4.2.4-8：无效
Figure 4.2.4-8: Void
运营商可以部署支持其网络边界处的PLMN间UP安全（IPUPS）功能的UPF，以保护其网络免受家乡路由环游场景中无效的PLMN间N9流量的侵害。支持VPLMN和HPLMN中的IPUPS功能的UPF分别由该PDU会话的V-SMF和H-SMF控制。支持IPUPS功能的UPF停止GTP-U N9隧道。SMF可以在同一UPF中与其他UP功能一起激活IPUPS功能，或者在UP路径中为IPUPS功能插入单独的UPF（例如，可以专用于IPUPS功能）。图4.2.4-9形貌了在UP路径中为IPUPS功能插入UPF的家乡路由环游架构。图4.2.4-3形貌了两个UPF为PDU会话执行IPUPS功能和其他UP功能的家乡路由环游架构。
Operators can deploy UPFs supporting the Inter PLMN UP Security (IPUPS) functionality at the border of their network to protect their network from invalid inter PLMN N9 traffic in home routed roaming scenarios. The UPFs supporting the IPUPS functionality in VPLMN and HPLMN are controlled by the V-SMF and the H-SMF of that PDU Session respectively. A UPF supporting the IPUPS functionality terminates GTP-U N9 tunnels. The SMF can activate the IPUPS functionality together with other UP functionality in the same UPF, or insert a separate UPF for the IPUPS functionality in the UP path (which e.g. may be dedicated to be used for IPUPS functionality). Figure 4.2.4-9 depicts the home routed roaming architecture where a UPF is inserted in the UP path for the IPUPS functionality. Figure 4.2.4-3 depicts the home routed roaming architecture where the two UPFs perform the IPUPS functionality and other UP functionality for the PDU Session.
注12：不禁止运营商将IPUPS功能部署为与UPF分离的单独网络功能，充当可以透明读取N4和N9接口的透明署理。但是，此类部署选项未指定，并且至少必要思量具有不频仍流量和PLMN间切换的非常持久的PDU会话。
NOTE 12: Operators are not prohibited from deploying the IPUPS functionality as a separate Network Function from the UPF, acting as a transparent proxy which can transparently read N4 and N9 interfaces. However, such deployment option is not specified and needs to take at least into account very long lasting PDU Sessions with infrequent traffic and Inter-PLMN handover.
IPUPS功能在第5.8.2.14条和TS 33.501 [29]中指定。
The IPUPS functionality is specified in clause 5.8.2.14 and TS 33.501 [29].

图4.2.4-9：环游5G体系架构-接纳专用于IPUPS的UPF的基于服务接口表现的家乡路由环游场景
Figure 4.2.4-9: Roaming 5G System architecture - home routed roaming scenario in service-based interface representation employing UPF dedicated to IPUPS

免责声明：如果侵犯了您的权益，请联系站长，我们会及时删除侵权内容，谢谢合作！更多信息从访问主页：qidao123.com:ToB企服之家，中国第一个企服评测及商务社交产业平台。

继续阅读请点击广告