A protocol data unit (PDU) type setting method, a user equipment (UE) policy setting method, and a related entity, where the PDU type setting method includes: setting, by UE, a requested PDU type of a PDU session in a process of establishing the PDU session, where the requested PDU type of the PDU session is set by the UE based on a first condition, the first condition includes an Internet Protocol (IP) version corresponding to an application, and the application is associated with the PDU session. In the embodiments of the present disclosure, the requested PDU type of the PDU session can be consistent with a PDU type requested by the application, such that the application can normally perform communication.

This document describes network filtering with private resolvable addresses in a wireless network. A source node in the wireless network hashes an identity resolving key and a value of a random number field to generate an address hash. The source node forms an advertisement address that includes a portion of the address hash and inserts the advertisement address in an advertising extension packet. The source node transmits the advertising extension packet over the wireless network, the address hash being usable by a destination node to filter the advertising extension packet.

A controller can securely publish an application of a tenant by securely extending a network fabric into the networks of the tenant with virtual private networks and NAT. After a tenant deploys an application into one or more networks of the tenant, the tenant can indicate select applications to publish. The network controller assigns a network address from the routable address space of the network fabric to the application and a network address aggregate to each application connector that will front an instance of the application, which securely extends the network fabric into the tenant network. The network controller configures NAT rules in the network fabric and on the application connector to create a route for traffic of the application through the network fabric to the application instance using a fully qualified domain name assigned to the application without exposing a private network address of the application instance and preserving security of other resource on the tenant network.

A base station may include one or more processors and memory storing instructions that, when executed by the one or more processors, cause the base station to perform a process. The process may include sending, to a wireless device, a radio resource control (RRC) message comprising at least one packet data convergence protocol (PDCP) configuration parameter indicating Ethernet header compression for a data radio bearer. The method may also include sending, to the wireless device, information associated with the Ethernet header compression. The information may include a source medium access control (MAC) address and a destination MAC address, as well as a header compression index corresponding to the source MAC address and the destination MAC address. The process may further include sending, to the wireless device, a compressed Ethernet packet comprising a packet header being compressed and the corresponding header compression index.

In some instances, a method for generating network traffic rules for a cloud environment is provided. The method comprises: converting a plurality of internet protocol (IP) addresses from a plurality of network traffic rules into a plurality of integer pair representations of the IP addresses; determining a plurality of similarity values based on the plurality of integer pair representations of the IP addresses and a similarity algorithm; determining stability of one or more of the plurality of network traffic rules based on the plurality of similarity values and one or more thresholds; and applying the one or more of the plurality of network traffic rules that are determined to be stable.

Embodiments of the present disclosure provide methods and apparatus for providing edge service. A method performed at a first network function comprises: receiving, a request for querying information associated to a location of a terminal device; wherein the request includes an internet protocol, IP, address of the terminal device; obtaining, from a second network function, a global identifier of the terminal device, based on the IP address of the terminal device; obtaining a location of the terminal device, based on the global identifier or the IP address of the terminal device; and transmitting, information associated to the location of the terminal device.

In some instances, a method for generating security rules for a cloud environment is provided. The method comprises: generating one or more dictionary data structures based on a plurality of data logs, wherein each of the one or more dictionary data structures comprise a key and a value; determining one or more recent network traffic rules based on the one or more generated dictionary data structures; determining a new recommended network traffic rule based on one or more security groups associated with the plurality of data logs and consolidating the one or more recent network traffic rules with historical proposed traffic rules; and applying the new recommended network traffic rule to network data transferred between a server machine and one or more client machines.