WO2015096302A1 - Nat traversal method based on sip media capability re-negotiation, proxy server and system - Google Patents

Nat traversal method based on sip media capability re-negotiation, proxy server and system Download PDF

Info

Publication number
WO2015096302A1
WO2015096302A1 PCT/CN2014/075265 CN2014075265W WO2015096302A1 WO 2015096302 A1 WO2015096302 A1 WO 2015096302A1 CN 2014075265 W CN2014075265 W CN 2014075265W WO 2015096302 A1 WO2015096302 A1 WO 2015096302A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
public network
port number
network address
media
Prior art date
Application number
PCT/CN2014/075265
Other languages
French (fr)
Chinese (zh)
Inventor
姚刚
张强
刘志鹏
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2015096302A1 publication Critical patent/WO2015096302A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2564NAT traversal for a higher-layer protocol, e.g. for session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2589NAT traversal over a relay server, e.g. traversal using relay for network address translation [TURN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/1045Proxies, e.g. for session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1101Session protocols
    • H04L65/1104Session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses

Definitions

  • the present invention relates to the field of NAT traversing technology, and in particular to a NAT traversal method, a proxy server and a system based on SIP media capability re-coordination. Background technique
  • the existing SIP (Session Initiation Protocol) traversal NAT (Network Address Translation) technology is mainly based on the following ideas:
  • the SIP signaling channel passes through the NAT through the registration request of the terminal, and is subsequently maintained by the registration refresh. Signaling channel. All subsequent signaling messages sent by the terminal share the registration channel transmission, and the server transmits the message along the reverse path of the registration channel.
  • the media stream also uses a similar technology.
  • the terminal sends an RTP (eal-time transport protocol) packet to the server.
  • the NAT will open a port for the RTP stream, and then the server will follow the direction of the RTP stream.
  • the path sends a TP packet.
  • the terminal interacts with the STU server to determine the public network address and port number assigned to them by the NAT;
  • the TURN (traversal using Relay NAT) protocol is a way to pass through the NAT through the relay mode.
  • the packets sent by the private network terminal are relayed and forwarded by the TURN server.
  • ICE Interactive Connectivity Establishment
  • SBC Session Border Controller
  • the existing network needs to be modified.
  • the terminal must support the STU, TURN or ICE protocol, and deploy the traversal server (unlike the normal NAT device, it needs to be deployed independently), which implements STUN or TURN server or SBC functions are costly.
  • the embodiments of the present invention provide a NAT traversal method, a proxy server, and a system based on SIP media capability renegotiation.
  • the embodiment of the present invention provides a method for NAT traversal based on SIP media capability re-negotiation. At least one of the first terminal and the second terminal is located on the private network, and the proxy server is located on the public network.
  • the method includes:
  • the proxy server receives the media code streams from the first terminal and the second terminal, respectively, and obtains the public network address and the public network port number of the first terminal and the second terminal;
  • the proxy server initiates the media capability renegotiation, and notifies the obtained public network address and the public network port number of the first terminal to the second terminal, and obtains the public network address of the second terminal and the public network.
  • the port number is notified to the first terminal.
  • the embodiment of the invention further provides a proxy server, where the proxy server is located on the public network, and includes:
  • An acquiring module configured to receive a media code stream from the first terminal and the second terminal, respectively, and obtain a public network address and a public network port number of the first terminal and the second terminal; the first terminal and the second terminal At least one of the terminals is located on the private network;
  • a media capability renegotiation module configured to initiate a media capability renegotiation, to notify the second terminal of the acquired public network address and the public network port number of the first terminal, and obtain the public network of the second terminal The address and the public network port number are notified to the first terminal.
  • the embodiment of the present invention further provides a NAT traversal system based on SIP media capability re-negotiation, including the foregoing proxy server, the first terminal, and the second terminal, where:
  • the proxy server is configured to receive the media code streams from the first terminal and the second terminal respectively, and obtain the public network address and the public network port number of the first terminal and the second terminal; Notifying, to the second terminal, the obtained public network address and the public network port number of the first terminal, and notifying the obtained public network address and the public network port number of the second terminal to the first terminal Terminal
  • the first terminal is configured to send a media code stream to a public network address and a public network port number of the second terminal;
  • the second terminal is configured to send a media code stream to a public network address and a public network port number of the first terminal.
  • An embodiment of the present invention further provides a NAT traversal device based on SIP media capability re-negotiation, where the device includes a hardware processing server, where:
  • the hardware processing server is configured to receive the media code streams from the first terminal and the second terminal respectively, and obtain the public network address and the public network port number of the first terminal and the second terminal; Re-negotiating, notifying the obtained second network address and the public network port number of the first terminal to the second terminal, and notifying the obtained public network address and the public network port number of the second terminal to the a terminal.
  • the proxy server In the NAT traversal method, the proxy server, and the system based on the SIP media capability re-negotiation, at least one of the first terminal and the second terminal is located in the private network, and the proxy server is located in the public network; the proxy server receives the first from the first a media stream of the terminal and the second terminal, and obtaining a public network address and a public network port number of the first terminal and the second terminal; the proxy server initiates the media
  • the capability re-negotiation is to notify the second terminal of the obtained public network address and the public network port number of the first terminal, and notify the first terminal of the obtained public network address and public network port number of the second terminal.
  • the first terminal and the second terminal can directly communicate based on the public network address of the opposite party and the public network port number, and do not need to be forwarded by the proxy server; in addition, the implementation of the foregoing technical solution is based on the existing network architecture, and does not need to be performed thereon. Improvements, as well as direct communication between terminals without the need to set up a dedicated traversal server, saves costs. DRAWINGS
  • FIG. 1 is a schematic diagram of a NAT traversal process based on SIP media capability re-negotiation according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram of media capability negotiation according to Embodiment 1 of the present invention.
  • FIG. 3 is a schematic diagram of receiving a media code stream by a proxy server according to Embodiment 1 of the present invention
  • FIG. 4 is a schematic diagram of media capability re-negotiation according to Embodiment 1 of the present invention.
  • FIG. 5 is a schematic diagram of media capability negotiation according to Embodiment 2 of the present invention.
  • FIG. 6 is a schematic diagram of a proxy server receiving a media code stream according to Embodiment 2 of the present invention.
  • FIG. 7 is a schematic diagram of media capability re-negotiation according to Embodiment 2 of the present invention.
  • FIG. 8 is a schematic structural diagram of a proxy server according to an embodiment of the present disclosure.
  • FIG. 9 is a schematic diagram of a NAT traversal system based on SIP media capability re-negotiation according to an embodiment of the present invention. detailed description
  • the terminal device can be notified by means of media capability renegotiation to inform the peer of the media stream to send and receive addresses and port numbers.
  • media capability renegotiation As long as the terminal does not change the media stream transceiver port of the local end during media capability renegotiation, NAT traversal of the media code stream can be implemented.
  • the general process is as follows: The proxy server (which is a mandatory network element in the SIP conference system, responsible for terminal registration, signaling forwarding, etc., which does not have the NAT traversal function itself) receives the first transmission by the first terminal.
  • the media stream data packet learns the public network address and the public network port number of the terminal, and then, on the corresponding call session, the proxy server initiates media capability re-negotiation (reinvite message or update message) to the opposite terminal (second terminal).
  • the corresponding SDP Session Description Protocol
  • the proxy server receives the first media stream packet of the second terminal. Then, the media capability re-negotiation is also initiated to the first terminal, and the corresponding SDP information carries the public network address and the public network port number of the second terminal, so that the media capability re-negotiation is completed.
  • the first terminal and the second terminal can directly send the media code stream through the public network address and the public network port number of the other party, and do not need to be forwarded by the proxy server, thereby realizing direct transmission of the media code stream between the terminals, thereby greatly improving efficiency.
  • the above process is based on the existing network architecture, eliminating the need to deploy a dedicated traversal server, saving costs.
  • the embodiment of the present invention provides a NAT traversal scheme based on SIP media capability renegotiation, in which: at least one of the first terminal and the second terminal is located in the private network, the proxy The server is located on the public network.
  • the detailed implementation process includes: Step 101: The proxy server receives the media code streams from the first terminal and the second terminal, respectively, and obtains a public network address and a public network port number of the first terminal and the second terminal.
  • the proxy server assigns a port number to the first terminal and the second terminal, and notifies the second terminal of the port number assigned to the first terminal, and notifies the port number assigned to the second terminal to the second terminal.
  • the proxy server listens on the port number assigned to the second terminal, and receives the media code stream from the first terminal; listens to the port number assigned to the first terminal, and receives the media code stream from the second terminal;
  • the proxy server extracts and records the public network address and the public network port number of the first terminal or the second terminal from the media code stream from the first terminal or the second terminal (the media code stream here is the first terminal and the second terminal
  • the first media stream sent by the proxy server specific:
  • the public network address and the public network port number of the first terminal or the second terminal are converted by the corresponding private network address and the private network port number, specifically: in the NAT device.
  • the source address and the source port number (that is, the private network address and the private network port number) are converted into a public network address and a public network port number;
  • the source address and the source port number of the corresponding media code stream are the public network address and the public network port number of the first terminal or the second terminal.
  • the proxy server establishes a mapping relationship between the public network address of the first terminal, the public network port number, the public network address of the second terminal, and the public network port number.
  • the foregoing media capability negotiation process includes: the proxy server receives the request message from the first terminal, allocates a port number to the first terminal, and forwards the request message to the second terminal; and the request message forwarded to the second terminal carries the proxy server a network address and a port number assigned to the first terminal; the proxy server receives the response message from the second terminal, assigns a port number to the second terminal, and forwards the response message to the first terminal; and forwards the response message to the first terminal
  • Step 102 The proxy server initiates the media capability renegotiation, and notifies the obtained second public terminal address and the public network port number of the first terminal to the second terminal, and notifies the obtained public network address and public network port number of the second terminal to the second terminal. a terminal.
  • the proxy server initiates media capability re-negotiation to the first terminal and the second terminal by using the request message; the request message sent to the first terminal carries the public network address and the public network port number of the second terminal; The request message to the second terminal carries the public network address and the public network port number of the first terminal.
  • Terminal A is in a fully conical NAT
  • terminal B and Proxy proxy server are located in the public network.
  • the implementation process of direct media code stream transmission between terminals A and B includes the following stages: 1. media capability negotiation between terminals; 2. proxy server receives media code stream; 3 media capability re-negotiation between terminals .
  • Figure 2 shows the media capability negotiation process between terminals, including:
  • the terminal A initiates a request call (for example, the request message may be an Invite message), and the SDP information carries the local media capability.
  • the information describing the media capabilities in the SDP information of the embodiment of the present invention is: c lines, m lines. Among them, the c line carries the connection information; the m line carries the media name and the transmission address. In this step, the c line carries the local address of the terminal A (here, the private network address of the terminal A), and the m line carries the local port number of each type of media stream (such as audio, video, picture, etc.) of the terminal A (here Terminal A's private network port number).
  • the Invite message reaches the Proxy through the NAT device. Because the media stream has not been established, the proxy cannot obtain the public network address and public network port number of the terminal A. In order to allow the media code stream from the terminal A to pass the proxy, the proxy allocates a new terminal A. The port number, then the proxy needs to forward the Invite message to the terminal B: Since the terminal B and the proxy are located in the public network, the Proxy already knows the address and port number of the terminal B during the registration phase (here, the signaling address and port) Number, with the media The sending and receiving addresses are different from the port number. Therefore, the Proxy can directly forward the Invite message from the terminal A to the terminal B. In the Invite message forwarded to the terminal B, the SDP information in the C line carries the address replaced with the public network address of the Proxy, and the port number carried in the m line is replaced with the new port number assigned by the Proxy to the terminal A.
  • the terminal B After receiving the Invite message forwarded by the Proxy, the terminal B returns a response message (for example, a 200 OK message) to the Proxy, where the SDP information c line carries the local address of the terminal B (here, the public network address), and the m line carries The local port number of terminal B (here, the public network port number).
  • a response message for example, a 200 OK message
  • the Proxy Since the media stream has not been established, the Proxy cannot obtain the public network address and the public network port number of the terminal B. In order to allow the media stream from the terminal B to pass the Proxy, the Proxy assigns a new port number to the terminal B, and then sets the 200 OK. The message is forwarded to the terminal A.
  • the public network address of the terminal B carried in the C line of the SDP information is replaced with the public network address of the proxy.
  • the public network port number of the terminal B carried in the m line is replaced with the new one assigned by the proxy to the terminal B. The port number.
  • the terminal A After the terminal A receives the 200 OK message forwarded by the proxy, the media capability negotiation between the terminals A and B is completed, the terminal A returns a response message (for example, an ACK message), and the proxy forwards the ACK to the terminal B, and the call connection is established.
  • a response message for example, an ACK message
  • the Proxy After the media capability negotiation process shown in FIG. 2, the Proxy starts listening on the port allocated for the terminal B, and receives the media code stream from the terminal A; listens on the port allocated for the terminal A, and receives the media code from the terminal B.
  • the terminal A sends the media code stream to the public network address of the Proxy and the port allocated by the Proxy to the terminal B according to the description of the SDP in the 200 OK message; and simultaneously listens to the local port at the local address (that is, the private network address) (ie, Private network port).
  • the media code stream sent by the terminal A needs to reach the Proxy through the NAT device.
  • the source address that is, the local address of the terminal A, in this embodiment is the private network address
  • the source port that is, the local port number of terminal A. This embodiment is the private network end.
  • the slogan is converted to obtain the public network address and the public network port number.
  • the proxy After receiving the media code stream sent by the terminal A, the proxy records the mapping relationship between the converted public network address, the public network port number, and the terminal A.
  • the Proxy discards the first media stream packet and does not forward it.
  • the terminal B sends the media code stream to the public network address of the Proxy and the port allocated by the proxy to the terminal A according to the description of the SDP in the Invite message.
  • the local port that is, the public network address
  • listens to the local port that is, the public).
  • Network port that is, the public).
  • the media stream sent by the terminal B can directly reach the proxy.
  • the proxy After receiving the media stream sent by the terminal B, the proxy records the source address and the source port number of the media stream, that is, the public network address and the public network port number of the terminal B. , the media stream packet Proxy is also not forwarded.
  • the proxy maps the recorded terminal A and the public network address, the public network port number, the public network address of the terminal B, and the public network port number, and records the mapping.
  • the media capability renegotiation process shown in FIG. 4 is performed:
  • the proxy In order to notify the other party of the public network address and the public network port number of the terminals A and B, the proxy initiates media capability renegotiation to the terminals A and B respectively through a request message (for example, a reinvite message).
  • a request message for example, a reinvite message
  • the Proxy sends a reinvite message to the terminal A.
  • the c line of the SDP information carries the public network address of the terminal B, and the m line carries the public network port number of the terminal B.
  • the Proxy sends a reinvite message to the terminal B.
  • the c line of the SDP information carries the public network address of the terminal A, and the m line carries the public network port number of the terminal A.
  • the address and port number of the media stream of the opposite end are updated, and the subsequent terminals A and B can directly send the media code stream to the media stream of the opposite end to send and receive addresses and ports.
  • the number can be achieved, the media stream of NAT is traversed, and no need to be forwarded by Proxy.
  • Scenario 2 Terminal A and terminal B are in a fully conical NAT, and the Proxy is located in the public network.
  • the implementation process of direct media code stream transmission between terminals A and B includes the following stages: 1. media capability negotiation between terminals; 2. proxy server receives media code stream; 3 media capability re-negotiation between terminals .
  • Figure 5 shows the media capability negotiation process between terminals, including:
  • Terminal A initiates an Invite call, and the SDP information carries the local media capability.
  • the c-line carries the local address of the terminal A (here, the private network address of the terminal A), and the m-line carries the local port number of each type of media stream (such as audio, video, picture, etc.) of the terminal A (here, the private address of the terminal A) Network port number).
  • the Invite message reaches the Proxy through the NAT device. Because the media stream has not been established, the proxy cannot obtain the public network address and the public network port number sent and received by the media stream of the terminal A. In order to allow the media stream from the terminal A to pass the Proxy, Proxy A new port number is assigned to terminal A, and then the proxy needs to forward the Invite message to terminal B, and the message arrives at terminal B through the NAT device.
  • the SDP information in the Invite message forwarded to the terminal B is replaced by the public network address of the proxy.
  • the port number carried in the m line is replaced with the new port number assigned by the proxy to the terminal A.
  • the terminal B After receiving the Invite message forwarded by the proxy, the terminal B returns a 200 OK message to the Proxy, where the SDP information c line carries the local address of the terminal B (here, the private network address), and the m line carries the local port of the terminal B. No. (here is the private network port number).
  • the 200 OK message arrives at the Proxy through the NAT device. Since the media stream has not been established, the proxy cannot obtain the public network address and the public network port number of the terminal B. In order to allow the media code stream from the terminal B to pass the proxy, the proxy allocates the terminal B. The new port number is then forwarded to the terminal A via the NAT device. The SDP information in the 200 OK message forwarded to the terminal A is changed to the public network address of the proxy, and the port number carried in the m line is replaced with the new port number assigned by the proxy to the terminal B.
  • the Proxy starts listening on the port allocated for the terminal B, and receives the media code stream from the terminal A; listens on the port allocated for the terminal A, and receives the media code from the terminal B.
  • the terminal A sends the media code stream to the public network address of the Proxy and the port allocated by the Proxy to the terminal B according to the description of the SDP in the 200 OK message; and simultaneously listens to the local port at the local address (that is, the private network address) (ie, Private network port).
  • the media code stream sent by the terminal A needs to reach the Proxy through the NAT device.
  • the source address that is, the local address of the terminal A, in this embodiment is the private network address
  • the source port that is, the local port number of the terminal A, which is the private network port number
  • the proxy After receiving the media code stream sent by the terminal A, the proxy records the converted public code. The mapping between the network address and the public network port number and terminal A.
  • the Proxy discards the first media stream packet and does not forward it.
  • the terminal B sends the media code stream to the public network address of the Proxy and the port allocated by the proxy to the terminal A according to the description of the SDP in the Invite message.
  • the local port that is, the private network address
  • listens to the local port that is, the private port).
  • Network port
  • the media code stream sent by the terminal B needs to reach the Proxy through the NAT device.
  • the source address that is, the local address of the terminal B, which is a private network address
  • the number that is, the local port number of the terminal B, which is the private network port number
  • the proxy After receiving the media code stream sent by the terminal B, the proxy records the converted public code.
  • the mapping relationship between the network address, the public network port number, and the terminal B is also not forwarded for the media stream packet Proxy.
  • the proxy maps the public network address of the terminal A, the public network port number, the public network address of the terminal B, and the public network port number, and records the mapping.
  • the media capability renegotiation process shown in FIG. 7 is performed: In order to notify the other party of the public network address and the public network port number of the terminals A and B, the proxy initiates media capability renegotiation to the terminals A and B through the reinvite message.
  • the Proxy sends a reinvite message to the terminal A.
  • the c line of the SDP information carries the public network address of the terminal B, and the m line carries the public network port number of the terminal B.
  • the Proxy sends a reinvite message to the terminal B.
  • the c line of the SDP information carries the public network address of the terminal A, and the m line carries the public network port number of the terminal A.
  • the public network address and the public network port number of the peer end are recorded, and the subsequent terminals A and B can directly send the media code stream to the peer public network.
  • the address and the public network port number can be used to implement NAT media stream traversal, and no need to be forwarded by Proxy.
  • Terminal A is located in a fully conical NAT.
  • the local address that is, the private network address is 10.1.1.2, the public network address mapped by NAT is 192.0.2.1 (the signaling address is the same as the media address); the local audio port is 10200, local video. The port is 10202.
  • Terminal B is located in a fully conical NAT.
  • the local address that is, the private network address is 10.0.0.3, and the public network address mapped by NAT is 192.0.2.3 (the signaling address is the same as the media address); the local audio port is 10000, local video.
  • the port is 10002.
  • the proxy is located on the public network and the public network address is 192.0.2.2.
  • the process of NAT traversal based on SIP media capability renegotiation includes:
  • the terminal A initiates an Invite call, and the SDP information carries the local media capability, where the c-line carries the local address of the terminal A, that is, the private network address is 10.1.1.2; the local audio port carried by the m-line is 10200, and the local video port is 10202, the related SDP is described as follows:
  • the Invite message reaches the Proxy through the NAT device. Since the media stream has not been established, the Proxy cannot obtain the public network sending and receiving address and port number corresponding to the media stream of the terminal A. In order to allow the media stream to pass the p r0X y, the Proxy A new audio port 8510, a new video port 8512, is assigned to the terminal A, and the address in the c-line of the SDP information is replaced with the public network address of the Proxy.
  • the SDP related description in the updated Invite message is as follows:
  • the Proxy forwards the Invite message to the terminal B, and the terminal B responds to the 200 OK message, where the SDP information carries the local media capability, where the c line carries the local address of the terminal B, that is, the private network address is 10.0.0.3, and the m line carries The local audio port is 10000 and the local video port is 10002.
  • the related SDP is described as follows:
  • the Proxy receives the 200 OK message from the terminal B. Since the media stream has not been established, the proxy cannot obtain the public network sending and receiving address and port number corresponding to the media stream of the terminal B, in order to allow the media stream to pass the Proxy, Proxy. Similarly, terminal B is assigned a new audio port 9510, a new video port 9512, and the address in the c-line of the SDP information is replaced with the public network address of the Proxy.
  • the SDP related description in the updated 200 OK message is as follows:
  • Terminal A receives the 200 OK message forwarded by the proxy, the media capability negotiation between the terminals A and B is completed, the terminal A returns an ACK message, the proxy forwards the ACK to the terminal B, and the call connection establishment is completed.
  • the Proxy starts listening on the 9510, 9512 ports and receives the terminal.
  • a media code stream listening on port 8510, 8512, receiving media code stream from terminal B;
  • terminal A After the call connection is established, terminal A sends the audio and video code streams to the address 192.0.2.2, port 9510, 9512 according to the description of SDP in the 200 OK message; and listens to 10200, 10202 at the local address 10.1.1.2. port.
  • the media code stream sent by the terminal A needs to pass through the NAT device to reach the proxy.
  • the source address ( 10.1.1.2 ) and the source port number ( 10200 , 10202 ) are converted.
  • the public network address is 192.0.2.1, and the public network port number is 38100 and 38102 respectively.
  • the proxy After receiving the media code stream sent by terminal A, the proxy records the mapping relationship between the translated public network address, port number, and terminal A. The Proxy discards the first media stream packet and does not forward it.
  • the terminal B sends the audio and video code streams to the address 192.0.2.2 according to the description of the SDP in the Invite message, and the port numbers are 8510 and 8512 respectively; and the local address 10.0.03 monitors 10000. , port 10002.
  • the media code stream sent by the terminal B needs to pass through the NAT device to reach the Proxy.
  • the source address ( 10.0.1.3 ) and the source port number ( 10000 , 10002 ) are converted.
  • the public network address is 192.0.2.3, and the public network port number is 39100 and 39102 respectively.
  • the proxy After receiving the media code stream sent by the terminal B, the proxy records the mapping relationship between the converted public network address, the port number, and the terminal B.
  • the code stream packet Proxy is also not forwarded.
  • the public network address corresponding to the terminal B recorded by the proxy is 192.0.2.3, and the public network port number is
  • the proxy in order to notify the terminal A of the public network address and the public network port number (that is, the destination address and the destination port number of the terminal A to send the media stream), the proxy initiates media capability re-negotiation to the terminal A through the reinvite message, reinvite
  • SDP Service Datagram Protocol
  • the public network address of the terminal A recorded by the proxy is 192.0.2.1, and the public network port numbers are 38100 and 38102 respectively, in order to use the public network address and the public network port number (that is, the destination address of the terminal B to send the media stream)
  • the destination port number is notified to the terminal B.
  • the proxy initiates media capability re-negotiation to the terminal B through the reinvite message.
  • the SDP related description in the reinvite message is as follows:
  • Terminal A receives the reinvite message from the Proxy, stops sending the media stream to the Proxy (address 192.0.2.2, port number 9510, 9512), and starts to the public network address 192.0.2.3 corresponding to the terminal 8, the public network port number 39100. 39102 sends a media code stream; terminal B receives the reinvite message of the proxy, stops sending the media code stream to the proxy (address 192.0.2.2, port number 8510, 8512), and starts to the corresponding public network address 192.0.2.1 of terminal A, Port numbers 38100, 38102 send the media stream. At this point, terminal A and terminal B implement direct transmission of the media code stream, and no longer transit through the proxy.
  • the solution provided by the foregoing embodiment of the present invention can directly communicate between two terminal media through the Proxy under the premise of modifying the existing network device when the primary or the called party or one of the two parties is in the full cone NAT. It saves the cost of upgrading network equipment, reduces the delay of data transmission, reduces the load on the server, and improves efficiency.
  • the embodiment of the present invention further provides a proxy server 10, which is located on the public network.
  • the proxy server includes:
  • the obtaining module 11 is configured to receive the media code streams from the first terminal and the second terminal, respectively, and obtain the public network address and the public network port number of the first terminal and the second terminal; and at least the first terminal and the second terminal One is located on the private network;
  • the media capability renegotiation module 12 is configured to initiate media capability renegotiation, and notify the obtained second terminal of the public address and the public network port number of the first terminal to the second terminal, and obtain the public network of the second terminal. The address and the public network port number are notified to the first terminal.
  • the proxy server further includes: a port assignment module 13 configured to allocate a port number to the first terminal and the second terminal respectively through the media capability negotiation process, and notify the second terminal of the port number assigned to the first terminal, which is to be The port number assigned by the second terminal is notified to the first terminal;
  • the monitoring module 14 is configured to listen to the port number assigned to the second terminal, and receive the media code stream from the first terminal; listen to the port number assigned to the first terminal, and receive the media code stream from the second terminal;
  • the obtaining module 11 is further configured to extract and record the public network address and the public network port number of the first terminal or the second terminal from the media code stream from the first terminal or the second terminal. Specifically: when the first terminal or the second terminal is located in the private network, the public network address and the public network port number of the first terminal or the second terminal are converted by the corresponding private network address and the private network port number, specifically: When the NAT device intercepts the media stream sent by the first terminal or the second terminal to the proxy server, the source address and the source port number (that is, the private network address and the private network port number) are converted into the public network address and the public network. Port number; The source address and source port number of the corresponding media stream are the public network address and the public network port number of the first terminal or the second terminal when the first terminal or the second terminal is located on the public network.
  • the interaction module 15 is configured to receive the request message from the first terminal, notify the port assignment module 13 to assign a port number to the first terminal, and forward the request message to the second terminal; the request message forwarded to the second terminal carries the proxy server a public network address and a port number assigned to the first terminal; configured to receive a response message from the second terminal, notify the port assignment module 13 to assign a port number to the second terminal, and forward the response message to the first terminal; The response message to the first terminal carries the public network address of the proxy server and the port number assigned to the second terminal.
  • the mapping module 16 is configured to establish a mapping relationship between the public network address of the first terminal, the public network port number, the public network address of the second terminal, and the public network port number.
  • the media capability renegotiation module 12 is further configured to initiate media capability re-negotiation to the first terminal and the second terminal by using the request message respectively; the request message sent to the first terminal carries the public network address and the public network port number of the second terminal The request message sent to the second terminal carries the first terminal Public network address and public network port number.
  • the foregoing obtaining module 11, the media capability renegotiation module 12, the port allocating module 13, the listening module 14, and the interaction module 15 may be implemented by a chip having a communication and processing function in the proxy server, and the mapping module 16 may be configured by The central processing unit (CPU) of the proxy server, the processor (MPU, Micro Processing Unit) or the digital signal processor (DSP) is implemented.
  • CPU central processing unit
  • MPU Micro Processing Unit
  • DSP digital signal processor
  • the embodiment of the present invention further provides a NAT traversal system based on SIP media capability re-negotiation, including the proxy server 10, the first terminal 20, and the second terminal 30 shown in FIG. 8, wherein:
  • the proxy server 10 is configured to obtain the public network address and the public network port number of the first terminal 20 and the second terminal 30.
  • the public network address and the public network port of the first terminal 20 to be obtained are also configured to initiate the media capability renegotiation.
  • the notification is sent to the second terminal 30, and the obtained public address of the second terminal 30 and the public network port number are notified to the first terminal 20;
  • the first terminal 20 is configured to send a media stream to the public network address and the public network port number of the second terminal 30;
  • the second terminal 30 is configured to send the media code stream to the public network address and the public network port number of the first terminal 20.
  • the embodiment of the present invention further provides a NAT traversal device based on SIP media capability renegotiation, which includes a hardware processing server, configured to respectively receive media code streams from the first terminal and the second terminal, and acquire the first terminal and the second terminal.
  • the public network address and the public network port number of the terminal are also configured to initiate the media capability renegotiation, and notify the obtained second terminal of the public network address and the public network port number of the first terminal, and obtain the public network of the second terminal. The address and the public network port number are notified to the first terminal.
  • the SIP traversal method, the proxy server and the system based on the SIP media capability renegotiation of the present invention enable the first terminal and the second terminal to directly communicate based on the public network address of the other party and the public network port number, without forwarding by the proxy server;
  • the implementation of the above technical solution is based on the existing network architecture, no need to improve it, and no need to set up a special traversing server to realize direct communication between terminals, thereby saving cost.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

An NAT traversal method based on an SIP media capability re-negotiation, a proxy server and a system. At least one of a first terminal and a second terminal is located in a private network, and the proxy server is located in a public network. The method comprises: receiving, by a proxy server, media code streams coming from a first terminal and a second terminal respectively, and acquiring public network addresses and public network port numbers of the first terminal and the second terminal; and initiating, by the proxy server, a media capability re-negotiation, notifying the second terminal of the acquired public network address and public network port number of the first terminal, and notifying the first terminal of the acquired public network address and public network port number of the second terminal.

Description

基于 SIP媒体能力重协商的 NAT穿越方法、 代理服务器和系统 技术领域  NAT traversal method, proxy server and system based on SIP media capability renegotiation
本发明涉及 NAT穿越技术领域, 特别是指一种基于 SIP媒体能力重协 商的 NAT穿越方法、 代理服务器和系统。 背景技术  The present invention relates to the field of NAT traversing technology, and in particular to a NAT traversal method, a proxy server and a system based on SIP media capability re-coordination. Background technique
现有的 SIP ( Session Initiation Protocol , 会话启动协议) 穿越 NAT ( Network Address Translation,网络地址转换)技术,主要基于以下的思路: SIP信令通道通过终端的注册请求穿过 NAT,后续通过注册刷新维持信令通 道。 终端发送的后续所有信令消息共用注册通道传送, 而服务器则沿着注 册通道的反向路径传送消息。 媒体码流也釆用类似技术, 首先是终端向服 务器发送 RTP ( eal-time Transport Protocol, 实时传输协议 )包, NAT将会 给此 RTP流打开一个端口, 然后服务器将沿着此 RTP流的方向路径发送 TP包。  The existing SIP (Session Initiation Protocol) traversal NAT (Network Address Translation) technology is mainly based on the following ideas: The SIP signaling channel passes through the NAT through the registration request of the terminal, and is subsequently maintained by the registration refresh. Signaling channel. All subsequent signaling messages sent by the terminal share the registration channel transmission, and the server transmits the message along the reverse path of the registration channel. The media stream also uses a similar technology. First, the terminal sends an RTP (eal-time transport protocol) packet to the server. The NAT will open a port for the RTP stream, and then the server will follow the direction of the RTP stream. The path sends a TP packet.
目前, NAT穿越技术的方案有以下几种:  Currently, there are several options for NAT traversal technology:
1、 STU ( Simple Traversal ofUDP over NATs, NAT的 UDP简单穿越) 协议, 终端与 STU 服务器进行交互, 从而确定 NAT分配给它们的公网地 址和端口号;  STU (Simple Traversal of UDP over NATs) protocol, the terminal interacts with the STU server to determine the public network address and port number assigned to them by the NAT;
2、 TURN ( Traversal Using Relay NAT )协议, 是一种通过中继方式穿 越 NAT的方式, 私网终端发出的报文都要经过 TURN服务器进行中继转 发;  2. The TURN (traversal using Relay NAT) protocol is a way to pass through the NAT through the relay mode. The packets sent by the private network terminal are relayed and forwarded by the TURN server.
3、 ICE ( Interactive Connectivity Establishment, 互动式连接建立 ), 是 一个综合解决方案, 它通过连接性测试来选取传输通道, 它所提供的是一 种框架, 使各种 NAT穿透技术可以实现统一; 4、 SBC ( Session Border Controller, 会话边缘控制器)是一种比较完善 的解决方案, 它对原有网络没有任何要求, 不需要终端做任何改造, 终端 的信令、 媒体码流都需要经过 SBC进行媒体转发。 3. ICE (Interactive Connectivity Establishment) is a comprehensive solution that selects the transmission channel through connectivity testing. It provides a framework that enables various NAT penetration technologies to be unified; 4. The SBC (Session Border Controller) is a relatively complete solution. It does not require any requirements on the original network. It does not require any modification of the terminal. The signaling and media streams of the terminal need to pass through the SBC. Media forwarding.
上述方案存在以下几点不足:  The above scheme has the following shortcomings:
1、 需要对现有网络进行改造, 根据上述不同的 NAT 穿越技术, 终端 必须要支持 STU 、 TURN或 ICE协议, 并且要部署穿越服务器(与一般 的 NAT设备不同,需要独立部署),它实现了 STUN或 TURN服务器或 SBC 功能, 代价较高。  1. The existing network needs to be modified. According to the above different NAT traversal technology, the terminal must support the STU, TURN or ICE protocol, and deploy the traversal server (unlike the normal NAT device, it needs to be deployed independently), which implements STUN or TURN server or SBC functions are costly.
2、 需要穿越服务器进行媒体码流中转, 无法在终端之间建立直连的媒 体码流。 发明内容  2. It is necessary to traverse the server for media stream forwarding, and it is impossible to establish a direct media stream between terminals. Summary of the invention
为解决现有存在的技术问题, 本发明实施例提供一种基于 SIP媒体能 力重协商的 NAT穿越方法、 代理服务器和系统。  To solve the existing technical problems, the embodiments of the present invention provide a NAT traversal method, a proxy server, and a system based on SIP media capability renegotiation.
本发明实施例提供了一种基于 SIP媒体能力重协商的 NAT穿越方法, 第一终端和第二终端中的至少一个位于私网, 代理服务器位于公网, 该方 法包括:  The embodiment of the present invention provides a method for NAT traversal based on SIP media capability re-negotiation. At least one of the first terminal and the second terminal is located on the private network, and the proxy server is located on the public network. The method includes:
所述代理服务器分别接收来自第一终端和第二终端的媒体码流, 并获 取所述第一终端和第二终端的公网地址和公网端口号;  The proxy server receives the media code streams from the first terminal and the second terminal, respectively, and obtains the public network address and the public network port number of the first terminal and the second terminal;
所述代理服务器发起媒体能力重协商, 将获取的所述第一终端的公网 地址和公网端口号通知给所述第二终端, 将获取的所述第二终端的公网地 址和公网端口号通知给所述第一终端。  The proxy server initiates the media capability renegotiation, and notifies the obtained public network address and the public network port number of the first terminal to the second terminal, and obtains the public network address of the second terminal and the public network. The port number is notified to the first terminal.
本发明实施例还提供了一种代理服务器, 所述代理服务器位于公网, 包括:  The embodiment of the invention further provides a proxy server, where the proxy server is located on the public network, and includes:
获取模块, 配置为分别接收来自第一终端和第二终端的媒体码流, 并 获取第一终端和第二终端的公网地址和公网端口号; 所述第一终端和第二 终端中的至少一个位于私网; An acquiring module, configured to receive a media code stream from the first terminal and the second terminal, respectively, and obtain a public network address and a public network port number of the first terminal and the second terminal; the first terminal and the second terminal At least one of the terminals is located on the private network;
媒体能力重协商模块, 配置为发起媒体能力重协商, 将获取的所述第 一终端的公网地址和公网端口号通知给所述第二终端, 将获取的所述第二 终端的公网地址和公网端口号通知给所述第一终端。  a media capability renegotiation module, configured to initiate a media capability renegotiation, to notify the second terminal of the acquired public network address and the public network port number of the first terminal, and obtain the public network of the second terminal The address and the public network port number are notified to the first terminal.
本发明实施例还提供了一种基于 SIP媒体能力重协商的 NAT穿越系统, 包括上述的代理服务器、 第一终端和第二终端, 其中:  The embodiment of the present invention further provides a NAT traversal system based on SIP media capability re-negotiation, including the foregoing proxy server, the first terminal, and the second terminal, where:
所述代理服务器, 配置为分别接收来自第一终端和第二终端的媒体码 流, 并获取所述第一终端和第二终端的公网地址和公网端口号; 还配置为 发起媒体能力重协商, 将获取的所述第一终端的公网地址和公网端口号通 知给所述第二终端, 将获取的所述第二终端的公网地址和公网端口号通知 给所述第一终端;  The proxy server is configured to receive the media code streams from the first terminal and the second terminal respectively, and obtain the public network address and the public network port number of the first terminal and the second terminal; Notifying, to the second terminal, the obtained public network address and the public network port number of the first terminal, and notifying the obtained public network address and the public network port number of the second terminal to the first terminal Terminal
所述第一终端, 配置为向所述第二终端的公网地址和公网端口号发送 媒体码流;  The first terminal is configured to send a media code stream to a public network address and a public network port number of the second terminal;
所述第二终端, 配置为向所述第一终端的公网地址和公网端口号发送 媒体码流。  The second terminal is configured to send a media code stream to a public network address and a public network port number of the first terminal.
本发明实施例还提供了一种基于 SIP媒体能力重协商的 NAT穿越装置, 该装置包括硬件处理服务器, 其中:  An embodiment of the present invention further provides a NAT traversal device based on SIP media capability re-negotiation, where the device includes a hardware processing server, where:
所述硬件处理服务器, 配置为分别接收来自第一终端和第二终端的媒 体码流, 并获取所述第一终端和第二终端的公网地址和公网端口号; 还配 置为发起媒体能力重协商, 将获取的所述第一终端的公网地址和公网端口 号通知给所述第二终端, 将获取的所述第二终端的公网地址和公网端口号 通知给所述第一终端。  The hardware processing server is configured to receive the media code streams from the first terminal and the second terminal respectively, and obtain the public network address and the public network port number of the first terminal and the second terminal; Re-negotiating, notifying the obtained second network address and the public network port number of the first terminal to the second terminal, and notifying the obtained public network address and the public network port number of the second terminal to the a terminal.
本发明实施例上述基于 SIP媒体能力重协商的 NAT穿越方法、 代理服 务器和系统中: 第一终端和第二终端中的至少一个位于私网, 代理服务器 位于公网; 代理服务器分别接收来自第一终端和第二终端的媒体码流, 并 获取第一终端和第二终端的公网地址和公网端口号; 代理服务器发起媒体 能力重协商, 将获取的第一终端的公网地址和公网端口号通知给第二终端, 将获取的第二终端的公网地址和公网端口号通知给第一终端。 之后, 第一 终端和第二终端可以基于对方的公网地址和公网端口号直接进行通信, 无 需代理服务器的转发;另外,上述技术方案的实现是基于现有的网络架构, 无需对其进行改进, 也无需设置专门的穿越服务器就实现了终端间的直接 通信, 节约了成本。 附图说明 In the NAT traversal method, the proxy server, and the system based on the SIP media capability re-negotiation, at least one of the first terminal and the second terminal is located in the private network, and the proxy server is located in the public network; the proxy server receives the first from the first a media stream of the terminal and the second terminal, and obtaining a public network address and a public network port number of the first terminal and the second terminal; the proxy server initiates the media The capability re-negotiation is to notify the second terminal of the obtained public network address and the public network port number of the first terminal, and notify the first terminal of the obtained public network address and public network port number of the second terminal. After that, the first terminal and the second terminal can directly communicate based on the public network address of the opposite party and the public network port number, and do not need to be forwarded by the proxy server; in addition, the implementation of the foregoing technical solution is based on the existing network architecture, and does not need to be performed thereon. Improvements, as well as direct communication between terminals without the need to set up a dedicated traversal server, saves costs. DRAWINGS
图 1为本发明实施例提供的基于 SIP媒体能力重协商的 NAT穿越过程 示意图;  FIG. 1 is a schematic diagram of a NAT traversal process based on SIP media capability re-negotiation according to an embodiment of the present invention;
图 2为本发明实施例一的媒体能力协商示意图;  2 is a schematic diagram of media capability negotiation according to Embodiment 1 of the present invention;
图 3为本发明实施例一的代理服务器接收媒体码流示意图;  3 is a schematic diagram of receiving a media code stream by a proxy server according to Embodiment 1 of the present invention;
图 4为本发明实施例一的媒体能力重协商示意图;  4 is a schematic diagram of media capability re-negotiation according to Embodiment 1 of the present invention;
图 5为本发明实施例二的媒体能力协商示意图;  FIG. 5 is a schematic diagram of media capability negotiation according to Embodiment 2 of the present invention;
图 6为本发明实施例二的代理服务器接收媒体码流示意图;  6 is a schematic diagram of a proxy server receiving a media code stream according to Embodiment 2 of the present invention;
图 7为本发明实施例二的媒体能力重协商示意图;  FIG. 7 is a schematic diagram of media capability re-negotiation according to Embodiment 2 of the present invention;
图 8为本发明实施例提供的代理服务器的结构示意图;  FIG. 8 is a schematic structural diagram of a proxy server according to an embodiment of the present disclosure;
图 9为本发明实施例提供的基于 SIP媒体能力重协商的 NAT穿越系统 示意图。 具体实施方式  FIG. 9 is a schematic diagram of a NAT traversal system based on SIP media capability re-negotiation according to an embodiment of the present invention. detailed description
下面结合附图和具体实施例对本发明的技术方案进一步详细阐述。 在 SIP会议电视的实际应用场景中, 都会要求开放一定范围的媒体端 口号, 所以终端、 MCU ( Micro Controller Unit, 微控制单元)设备绝大部 分都是处于完全锥形 NAT ( Full Cone NAT ) 中, 也就是同一个媒体私网地 址和媒体私网端口号发送过来的请求都会被映射到同一个媒体公网地址和 媒体公网端口号, 并且任何一个公网设备都可以通过这个映射的媒体公网 地址和媒体公网端口号向这台私网设备发包。 另外, 终端的媒体码流收发 端口是相同的, 即在同一个端口进行收发。 如后续无特殊说明, 本发明实 施例所涉及的地址及端口 (私网、 公网) 均为媒体码流收发地址和端口。 The technical solutions of the present invention are further elaborated below in conjunction with the accompanying drawings and specific embodiments. In the actual application scenario of SIP conference TV, a certain range of media port numbers are required to be opened, so most of the terminals and MCU (Micro Controller Unit) devices are in Full Cone NAT. , that is, the request sent by the same media private network address and media private network port number will be mapped to the same media public network address and The media public network port number, and any public network device can send packets to the private network device through the mapped media public network address and the media public network port number. In addition, the media stream transceiver port of the terminal is the same, that is, transmitting and receiving on the same port. The addresses and ports (private network, public network) involved in the embodiments of the present invention are both the media stream stream sending and receiving addresses and ports, unless otherwise specified.
基于这些特点, 可以釆用媒体能力重协商的方式通知终端设备, 告知 其对端的媒体码流收发地址及端口号, 只要终端在进行媒体能力重协商时 不改变本端的媒体码流收发端口, 就可以实现媒体码流的 NAT穿越。 大致 过程为: 代理服务器(该代理服务器为 SIP会议系统中的必备网元, 负责 终端的注册、 信令的转发等功能, 其本身不具备 NAT穿越功能)通过接收 第一终端发送的第一个媒体码流数据包学习到该终端的公网地址和公网端 口号, 然后, 在对应的呼叫会话上代理服务器向对端终端 (第二终端)发 起媒体能力重协商 (reinvite 消息或 update 消息), 对应的 SDP ( Session Description Protocol, 会话描述协议)信息中携带第一终端的公网地址和公 网端口号; 同样的方式, 代理服务器收到第二终端的第一个媒体码流数据 包后, 也向第一终端发起媒体能力重协商, 对应的 SDP信息中携带第二终 端的公网地址和公网端口号,如此媒体能力重协商完成。之后, 第一终端、 第二终端可以直接通过对方的公网地址和公网端口号发送媒体码流, 无需 经过代理服务器的转发, 实现了终端之间媒体码流的直接传输, 大大提高 了效率;并且上述过程基于现有的网络架构,无需部署专门的穿越服务器, 节省了成本。  Based on these characteristics, the terminal device can be notified by means of media capability renegotiation to inform the peer of the media stream to send and receive addresses and port numbers. As long as the terminal does not change the media stream transceiver port of the local end during media capability renegotiation, NAT traversal of the media code stream can be implemented. The general process is as follows: The proxy server (which is a mandatory network element in the SIP conference system, responsible for terminal registration, signaling forwarding, etc., which does not have the NAT traversal function itself) receives the first transmission by the first terminal. The media stream data packet learns the public network address and the public network port number of the terminal, and then, on the corresponding call session, the proxy server initiates media capability re-negotiation (reinvite message or update message) to the opposite terminal (second terminal). The corresponding SDP (Session Description Protocol) information carries the public network address of the first terminal and the public network port number. In the same manner, the proxy server receives the first media stream packet of the second terminal. Then, the media capability re-negotiation is also initiated to the first terminal, and the corresponding SDP information carries the public network address and the public network port number of the second terminal, so that the media capability re-negotiation is completed. After that, the first terminal and the second terminal can directly send the media code stream through the public network address and the public network port number of the other party, and do not need to be forwarded by the proxy server, thereby realizing direct transmission of the media code stream between the terminals, thereby greatly improving efficiency. And the above process is based on the existing network architecture, eliminating the need to deploy a dedicated traversal server, saving costs.
为了在不对现有网络设备进行改造的前提下实现媒体码流的 NAT穿越, 以及不经过穿越服务器的媒体中转、 直接在主被叫终端之间建立媒体码流, 减轻穿越服务器的负载, 降低数据传输的延时, 提高数据传输效率, 本发 明实施例提出了一种基于 SIP媒体能力重协商的 NAT穿越方案, 在该方案 中: 第一终端和第二终端中的至少一个位于私网, 代理服务器位于公网, 如图 1所示, 详细的实现过程包括: 步骤 101, 代理服务器分别接收来自第一终端和第二终端的媒体码流, 并获取第一终端和第二终端的公网地址和公网端口号。 In order to achieve NAT traversal of the media stream without modifying the existing network equipment, and without media transit through the server, directly establish a media stream between the calling and called terminals, reduce the load across the server, and reduce the data. The delay of the transmission improves the efficiency of the data transmission. The embodiment of the present invention provides a NAT traversal scheme based on SIP media capability renegotiation, in which: at least one of the first terminal and the second terminal is located in the private network, the proxy The server is located on the public network. As shown in Figure 1, the detailed implementation process includes: Step 101: The proxy server receives the media code streams from the first terminal and the second terminal, respectively, and obtains a public network address and a public network port number of the first terminal and the second terminal.
在媒体能力协商过程中, 代理服务器分别为第一终端和第二终端分配 端口号, 并将为第一终端分配的端口号通知给第二终端, 将为第二终端分 配的端口号通知给第一终端;  During the media capability negotiation process, the proxy server assigns a port number to the first terminal and the second terminal, and notifies the second terminal of the port number assigned to the first terminal, and notifies the port number assigned to the second terminal to the second terminal. a terminal
代理服务器在为第二终端分配的端口号监听、 并接收来自第一终端的 媒体码流; 在为第一终端分配的端口号监听、 并接收来自第二终端的媒体 码流;  The proxy server listens on the port number assigned to the second terminal, and receives the media code stream from the first terminal; listens to the port number assigned to the first terminal, and receives the media code stream from the second terminal;
代理服务器从来自第一终端或第二终端的媒体码流中提取并记录第一 终端或第二终端的公网地址和公网端口号 (这里的媒体码流为第一终端和 第二终端向代理服务器发送的第一个媒体码流)具体的:  The proxy server extracts and records the public network address and the public network port number of the first terminal or the second terminal from the media code stream from the first terminal or the second terminal (the media code stream here is the first terminal and the second terminal The first media stream sent by the proxy server) specific:
第一终端或第二终端位于私网时, 第一终端或第二终端的公网地址和 公网端口号是由对应的私网地址和私网端口号转换得到的,具体的:在 NAT 设备截获到第一终端或第二终端发送给代理服务器的媒体码流时, 将其中 的源地址和源端口号 (即私网地址和私网端口号)转换为公网地址和公网 端口号;  When the first terminal or the second terminal is located in the private network, the public network address and the public network port number of the first terminal or the second terminal are converted by the corresponding private network address and the private network port number, specifically: in the NAT device. When the media stream sent by the first terminal or the second terminal to the proxy server is intercepted, the source address and the source port number (that is, the private network address and the private network port number) are converted into a public network address and a public network port number;
第一终端或第二终端位于公网时, 对应的媒体码流的源地址和源端口 号即为第一终端或第二终端的公网地址和公网端口号。  When the first terminal or the second terminal is located on the public network, the source address and the source port number of the corresponding media code stream are the public network address and the public network port number of the first terminal or the second terminal.
优选地, 代理服务器建立第一终端的公网地址、 公网端口号与第二终 端的公网地址、 公网端口号的映射关系。  Preferably, the proxy server establishes a mapping relationship between the public network address of the first terminal, the public network port number, the public network address of the second terminal, and the public network port number.
上述媒体能力协商过程包括: 代理服务器接收来自第一终端的请求消 息, 为第一终端分配端口号, 并将请求消息转发给第二终端; 转发给第二 终端的请求消息中携带代理服务器的公网地址和为第一终端分配的端口号; 代理服务器接收来自第二终端的响应消息, 为第二终端分配端口号, 并将 响应消息转发给第一终端; 转发给第一终端的响应消息中携带代理服务器 的公网地址和为第二终端分配的端口号。 步骤 102, 代理服务器发起媒体能力重协商, 将获取的第一终端的公网 地址和公网端口号通知给第二终端, 将获取的第二终端的公网地址和公网 端口号通知给第一终端。 The foregoing media capability negotiation process includes: the proxy server receives the request message from the first terminal, allocates a port number to the first terminal, and forwards the request message to the second terminal; and the request message forwarded to the second terminal carries the proxy server a network address and a port number assigned to the first terminal; the proxy server receives the response message from the second terminal, assigns a port number to the second terminal, and forwards the response message to the first terminal; and forwards the response message to the first terminal The public network address carrying the proxy server and the port number assigned to the second terminal. Step 102: The proxy server initiates the media capability renegotiation, and notifies the obtained second public terminal address and the public network port number of the first terminal to the second terminal, and notifies the obtained public network address and public network port number of the second terminal to the second terminal. a terminal.
本发明实施例中, 代理服务器通过请求消息分别向第一终端和第二终 端发起媒体能力重协商; 发送给第一终端的请求消息中携带第二终端的公 网地址和公网端口号; 发送给第二终端的请求消息中携带第一终端的公网 地址和公网端口号。  In the embodiment of the present invention, the proxy server initiates media capability re-negotiation to the first terminal and the second terminal by using the request message; the request message sent to the first terminal carries the public network address and the public network port number of the second terminal; The request message to the second terminal carries the public network address and the public network port number of the first terminal.
下面以两个场景中的终端点对点呼叫为例, 来进一步说明上述技术方 案。  The following technical solution is further illustrated by taking a terminal point-to-point call in two scenarios as an example.
场景一: 终端 A位于完全锥形 NAT, 终端 B与 Proxy (代理服务器) 位于公网中。  Scenario 1: Terminal A is in a fully conical NAT, and terminal B and Proxy (proxy server) are located in the public network.
在该场景下, 终端 A和 B之间直接的媒体码流传输的实现过程包括如 下几个阶段: 1、 终端间媒体能力协商; 2、 代理服务器接收媒体码流; 3终 端间媒体能力重协商。  In this scenario, the implementation process of direct media code stream transmission between terminals A and B includes the following stages: 1. media capability negotiation between terminals; 2. proxy server receives media code stream; 3 media capability re-negotiation between terminals .
如图 2所示为终端间媒体能力协商过程, 包括:  Figure 2 shows the media capability negotiation process between terminals, including:
( 1 )终端 A发起请求呼叫(例如该请求消息可以是 Invite消息), SDP 信息中携带本地媒体能力。 本发明实施例所关注的 SDP信息中描述媒体能 力的信息有: c行、 m行。 其中, c行携带的是连接信息; m行携带的是媒 体名称和传输地址。 在本步骤中, c行携带终端 A的本地地址(这里为终 端 A的私网地址), m行携带终端 A各类型媒体码流(例如音频、 视频、 图片等) 的本地端口号 (这里为终端 A的私网端口号)。  (1) The terminal A initiates a request call (for example, the request message may be an Invite message), and the SDP information carries the local media capability. The information describing the media capabilities in the SDP information of the embodiment of the present invention is: c lines, m lines. Among them, the c line carries the connection information; the m line carries the media name and the transmission address. In this step, the c line carries the local address of the terminal A (here, the private network address of the terminal A), and the m line carries the local port number of each type of media stream (such as audio, video, picture, etc.) of the terminal A (here Terminal A's private network port number).
Invite消息经过 NAT设备到达 Proxy, 由于媒体码流还未建立, Proxy 无法获取到终端 A的公网地址及公网端口号, 为了让来自终端 A的媒体码 流经过 Proxy, Proxy为终端 A分配新的端口号, 然后 Proxy需将 Invite消 息转发给终端 B: 由于终端 B和 Proxy同位于公网中, 则在注册阶段 Proxy 已经知道了终端 B的地址和端口号 (这里是指信令地址和端口号, 与媒体 收发地址和端口号不同), 所以 Proxy可以直接将来自终端 A的 Invite消息 转发给终端 B。 转发给终端 B的 Invite消息中 SDP信息 c行携带地址被换 成 Proxy的公网地址, m行携带的端口号被替换为 Proxy为终端 A分配的 新的端口号。 The Invite message reaches the Proxy through the NAT device. Because the media stream has not been established, the proxy cannot obtain the public network address and public network port number of the terminal A. In order to allow the media code stream from the terminal A to pass the proxy, the proxy allocates a new terminal A. The port number, then the proxy needs to forward the Invite message to the terminal B: Since the terminal B and the proxy are located in the public network, the Proxy already knows the address and port number of the terminal B during the registration phase (here, the signaling address and port) Number, with the media The sending and receiving addresses are different from the port number. Therefore, the Proxy can directly forward the Invite message from the terminal A to the terminal B. In the Invite message forwarded to the terminal B, the SDP information in the C line carries the address replaced with the public network address of the Proxy, and the port number carried in the m line is replaced with the new port number assigned by the Proxy to the terminal A.
( 2 )终端 B收到 Proxy转发的 Invite消息后, 向 Proxy返回响应消息 (例如 200 OK消息), 该消息中 SDP信息 c行携带终端 B的本地地址(这 里为公网地址), m行携带终端 B的本地端口号 (这里为公网端口号)。  (2) After receiving the Invite message forwarded by the Proxy, the terminal B returns a response message (for example, a 200 OK message) to the Proxy, where the SDP information c line carries the local address of the terminal B (here, the public network address), and the m line carries The local port number of terminal B (here, the public network port number).
返回 200 OK消息直接到达 Proxy。 由于媒体码流还未建立, Proxy无 法获取到终端 B的公网地址及公网端口号, 为了让来自终端 B的媒体码流 经过 Proxy, Proxy为终端 B分配新的端口号, 然后将 200 OK消息转发给 终端 A: 其 SDP信息 c行携带的终端 B的公网地址被替换为 Proxy的公网 地址, m行携带的终端 B的公网端口号被替换为 Proxy为终端 B分配的新 的端口号。  Return 200 OK message directly to the Proxy. Since the media stream has not been established, the Proxy cannot obtain the public network address and the public network port number of the terminal B. In order to allow the media stream from the terminal B to pass the Proxy, the Proxy assigns a new port number to the terminal B, and then sets the 200 OK. The message is forwarded to the terminal A. The public network address of the terminal B carried in the C line of the SDP information is replaced with the public network address of the proxy. The public network port number of the terminal B carried in the m line is replaced with the new one assigned by the proxy to the terminal B. The port number.
( 3 )终端 A收到 Proxy转发的 200 OK消息后, 终端 A和 B之间的媒 体能力协商完成,终端 A返回响应消息(例如 ACK消息), Proxy转发 ACK 到终端 B, 呼叫连接建立完成。  (3) After the terminal A receives the 200 OK message forwarded by the proxy, the media capability negotiation between the terminals A and B is completed, the terminal A returns a response message (for example, an ACK message), and the proxy forwards the ACK to the terminal B, and the call connection is established.
在图 2所示的媒体能力协商过程之后, Proxy开始在为终端 B分配的端 口监听、 并接收来自终端 A的媒体码流; 在为终端 A分配的端口监听、 并 接收来自终端 B的媒体码流, 执行如图 3所示的代理服务器接收媒体码流 的过程:  After the media capability negotiation process shown in FIG. 2, the Proxy starts listening on the port allocated for the terminal B, and receives the media code stream from the terminal A; listens on the port allocated for the terminal A, and receives the media code from the terminal B. Flow, the process of receiving the media code stream by the proxy server as shown in FIG. 3:
( 1 )终端 A根据 200 OK消息中 SDP的相关描述, 将媒体码流发往 Proxy的公网地址、 Proxy为终端 B分配的端口; 同时在本地地址 (即私网 地址 )监听本地端口 (即私网端口)。  (1) The terminal A sends the media code stream to the public network address of the Proxy and the port allocated by the Proxy to the terminal B according to the description of the SDP in the 200 OK message; and simultaneously listens to the local port at the local address (that is, the private network address) (ie, Private network port).
上述终端 A发送的媒体码流需经过 NAT设备到达 Proxy, NAT设备截 获终端 A发送的媒体码流后, 对其源地址(即终端 A的本地地址, 该实施 例为私网地址)和源端口号 (即终端 A的本地端口号, 该实施例为私网端 口号)进行转换, 得到公网地址和公网端口号; Proxy接收到终端 A发送的 媒体码流后,记录下转换后的公网地址、公网端口号与终端 A的映射关系。 The media code stream sent by the terminal A needs to reach the Proxy through the NAT device. After the NAT device intercepts the media code stream sent by the terminal A, the source address (that is, the local address of the terminal A, in this embodiment is the private network address) and the source port. Number (that is, the local port number of terminal A. This embodiment is the private network end. The slogan is converted to obtain the public network address and the public network port number. After receiving the media code stream sent by the terminal A, the proxy records the mapping relationship between the converted public network address, the public network port number, and the terminal A.
Proxy丟弃第一个媒体码流数据包, 不作转发。 The Proxy discards the first media stream packet and does not forward it.
( 2 )终端 B根据 Invite消息中 SDP的相关描述,将媒体码流发往 Proxy 的公网地址、 Proxy为终端 A分配的端口; 同时在本地地址 (即公网地址 ) 监听本地端口 (即公网端口;)。  (2) The terminal B sends the media code stream to the public network address of the Proxy and the port allocated by the proxy to the terminal A according to the description of the SDP in the Invite message. At the same time, the local port (that is, the public network address) listens to the local port (that is, the public). Network port ;).
终端 B发送的媒体码流可以直接到达 Proxy, Proxy接收到终端 B发送 的媒体码流后, 记录下该媒体码流的源地址和源端口号, 即终端 B的公网 地址和公网端口号, 对于该媒体码流数据包 Proxy同样不作转发。  The media stream sent by the terminal B can directly reach the proxy. After receiving the media stream sent by the terminal B, the proxy records the source address and the source port number of the media stream, that is, the public network address and the public network port number of the terminal B. , the media stream packet Proxy is also not forwarded.
Proxy将记录的终端 A和公网地址、公网端口号与终端 B的公网地址、 公网端口号建立映射, 并记录该映射。  The proxy maps the recorded terminal A and the public network address, the public network port number, the public network address of the terminal B, and the public network port number, and records the mapping.
在图 3所示的代理服务器接收媒体码流的过程之后, 执行如图 4所示 的媒体能力重协商过程:  After the process of receiving the media code stream by the proxy server shown in FIG. 3, the media capability renegotiation process shown in FIG. 4 is performed:
为了将终端 A、 B各自的公网地址、 公网端口号通知给对方, Proxy通 过请求消息 (例如 reinvite消息 )分别向终端 A、 B发起媒体能力重协商。  In order to notify the other party of the public network address and the public network port number of the terminals A and B, the proxy initiates media capability renegotiation to the terminals A and B respectively through a request message (for example, a reinvite message).
Proxy向终端 A发送 reinvite消息,其 SDP信息中 c行携带终端 B的公 网地址, m行携带终端 B的公网端口号。  The Proxy sends a reinvite message to the terminal A. The c line of the SDP information carries the public network address of the terminal B, and the m line carries the public network port number of the terminal B.
Proxy向终端 B发送 reinvite消息,其 SDP信息中 c行携带终端 A的公 网地址, m行携带终端 A的公网端口号。  The Proxy sends a reinvite message to the terminal B. The c line of the SDP information carries the public network address of the terminal A, and the m line carries the public network port number of the terminal A.
至此媒体能力重协商完成。  At this point, the media capacity has been re-negotiated.
终端 A与终端 B的媒体能力重协商完成后, 都更新了对端的媒体码流 收发地址地址与端口号,后续终端 A、 B可以直接将媒体码流发送到对端的 媒体码流收发地址与端口号即可, 实现了 NAT的媒体码流穿越, 并且无需 再经过 Proxy转发。 场景二:终端 A、终端 B都处于完全锥形 NAT中, Proxy位于公网中。 在该场景下, 终端 A和 B之间直接的媒体码流传输的实现过程包括如 下几个阶段: 1、 终端间媒体能力协商; 2、 代理服务器接收媒体码流; 3终 端间媒体能力重协商。 After the media capability re-negotiation between the terminal A and the terminal B is completed, the address and port number of the media stream of the opposite end are updated, and the subsequent terminals A and B can directly send the media code stream to the media stream of the opposite end to send and receive addresses and ports. The number can be achieved, the media stream of NAT is traversed, and no need to be forwarded by Proxy. Scenario 2: Terminal A and terminal B are in a fully conical NAT, and the Proxy is located in the public network. In this scenario, the implementation process of direct media code stream transmission between terminals A and B includes the following stages: 1. media capability negotiation between terminals; 2. proxy server receives media code stream; 3 media capability re-negotiation between terminals .
如图 5所示为终端间媒体能力协商过程, 包括:  Figure 5 shows the media capability negotiation process between terminals, including:
( 1 )终端 A发起 Invite呼叫, SDP信息中携带本地媒体能力。 其中 c 行携带终端 A的本地地址 (这里为终端 A的私网地址), m行携带终端 A 各类型媒体码流(例如音频、 视频、 图片等)的本地端口号(这里为终端 A 的私网端口号)。  (1) Terminal A initiates an Invite call, and the SDP information carries the local media capability. The c-line carries the local address of the terminal A (here, the private network address of the terminal A), and the m-line carries the local port number of each type of media stream (such as audio, video, picture, etc.) of the terminal A (here, the private address of the terminal A) Network port number).
Invite消息经过 NAT设备到达 Proxy, 由于媒体码流还未建立, Proxy 无法获取到终端 A的媒体码流收发的公网地址及公网端口号, 为了让来自 终端 A的媒体码流经过 Proxy, Proxy为终端 A分配新的端口号,然后 Proxy 需将 Invite消息转发给终端 B, 该消息经过 NAT设备到达终端 B。 转发给 终端 B的 Invite消息中 SDP信息 c行携带地址被换成 Proxy的公网地址, m行携带的端口号被替换为 Proxy为终端 A分配的新的端口号。  The Invite message reaches the Proxy through the NAT device. Because the media stream has not been established, the proxy cannot obtain the public network address and the public network port number sent and received by the media stream of the terminal A. In order to allow the media stream from the terminal A to pass the Proxy, Proxy A new port number is assigned to terminal A, and then the proxy needs to forward the Invite message to terminal B, and the message arrives at terminal B through the NAT device. The SDP information in the Invite message forwarded to the terminal B is replaced by the public network address of the proxy. The port number carried in the m line is replaced with the new port number assigned by the proxy to the terminal A.
( 2 )终端 B收到 Proxy转发的 Invite消息后, 向 Proxy返回 200 OK 消息,该消息中 SDP信息 c行携带终端 B的本地地址(这里为私网地址), m行携带终端 B的本地端口号 (这里为私网端口号)。  (2) After receiving the Invite message forwarded by the proxy, the terminal B returns a 200 OK message to the Proxy, where the SDP information c line carries the local address of the terminal B (here, the private network address), and the m line carries the local port of the terminal B. No. (here is the private network port number).
200 OK消息经过 NAT设备到达 Proxy, 由于媒体码流还未建立, Proxy 无法获取到终端 B的公网地址及公网端口号, 为了让来自终端 B的媒体码 流经过 Proxy, Proxy为终端 B分配新的端口号, 然后将 200 OK消息经过 NAT设备转发给终端 A。 转发给终端 A的 200 OK消息中 SDP信息 c行携 带地址被换成 Proxy的公网地址, m行携带的端口号被替换为 Proxy为终 端 B分配的新的端口号。  The 200 OK message arrives at the Proxy through the NAT device. Since the media stream has not been established, the proxy cannot obtain the public network address and the public network port number of the terminal B. In order to allow the media code stream from the terminal B to pass the proxy, the proxy allocates the terminal B. The new port number is then forwarded to the terminal A via the NAT device. The SDP information in the 200 OK message forwarded to the terminal A is changed to the public network address of the proxy, and the port number carried in the m line is replaced with the new port number assigned by the proxy to the terminal B.
( 3 )终端 A收到 200 OK消息后, 终端 A和 B之间的媒体能力协商完 成, 终端 A返回 ACK消息, Proxy转发 ACK到终端 B, 呼叫连接建立完 成。 在图 5所示的媒体能力协商过程之后, Proxy开始在为终端 B分配的端 口监听、 并接收来自终端 A的媒体码流; 在为终端 A分配的端口监听、 并 接收来自终端 B的媒体码流, 执行如图 6所示的代理服务器接收媒体码流 的过程: (3) After the terminal A receives the 200 OK message, the media capability negotiation between the terminals A and B is completed, the terminal A returns an ACK message, the proxy forwards the ACK to the terminal B, and the call connection establishment is completed. After the media capability negotiation process shown in FIG. 5, the Proxy starts listening on the port allocated for the terminal B, and receives the media code stream from the terminal A; listens on the port allocated for the terminal A, and receives the media code from the terminal B. Flow, the process of receiving the media code stream by the proxy server as shown in FIG. 6:
( 1 )终端 A根据 200 OK消息中 SDP的相关描述, 将媒体码流发往 Proxy的公网地址、 Proxy为终端 B分配的端口; 同时在本地地址 (即私网 地址 )监听本地端口 (即私网端口)。  (1) The terminal A sends the media code stream to the public network address of the Proxy and the port allocated by the Proxy to the terminal B according to the description of the SDP in the 200 OK message; and simultaneously listens to the local port at the local address (that is, the private network address) (ie, Private network port).
上述终端 A发送的媒体码流需经过 NAT设备到达 Proxy, NAT设备截 获终端 A发送的媒体码流后, 对其源地址(即终端 A的本地地址, 该实施 例为私网地址)和源端口号 (即终端 A的本地端口号, 该实施例为私网端 口号)进行转换,得到公网地址和公网端口号; Proxy接收到终端 A发送的 媒体码流后,记录下转换后的公网地址、公网端口号与终端 A的映射关系。  The media code stream sent by the terminal A needs to reach the Proxy through the NAT device. After the NAT device intercepts the media code stream sent by the terminal A, the source address (that is, the local address of the terminal A, in this embodiment is the private network address) and the source port. The number (that is, the local port number of the terminal A, which is the private network port number) is converted to obtain the public network address and the public network port number. After receiving the media code stream sent by the terminal A, the proxy records the converted public code. The mapping between the network address and the public network port number and terminal A.
Proxy丟弃第一个媒体码流数据包, 不作转发。  The Proxy discards the first media stream packet and does not forward it.
( 2 )终端 B根据 Invite消息中 SDP的相关描述,将媒体码流发往 Proxy 的公网地址、 Proxy为终端 A分配的端口; 同时在本地地址 (即私网地址 ) 监听本地端口 (即私网端口)。  (2) The terminal B sends the media code stream to the public network address of the Proxy and the port allocated by the proxy to the terminal A according to the description of the SDP in the Invite message. At the same time, the local port (that is, the private network address) listens to the local port (that is, the private port). Network port).
上述终端 B发送的媒体码流需经过 NAT设备到达 Proxy, NAT设备截 获终端 B发送的媒体码流后, 对其源地址(即终端 B的本地地址, 该实施 例为私网地址)和源端口号 (即终端 B的本地端口号, 该实施例为私网端 口号)进行转换,得到公网地址和公网端口号; Proxy接收到终端 B发送的 媒体码流后,记录下转换后的公网地址、公网端口号与终端 B的映射关系, 对于该媒体码流数据包 Proxy同样不作转发。  The media code stream sent by the terminal B needs to reach the Proxy through the NAT device. After the NAT device intercepts the media code stream sent by the terminal B, the source address (that is, the local address of the terminal B, which is a private network address) and the source port. The number (that is, the local port number of the terminal B, which is the private network port number) is converted to obtain the public network address and the public network port number. After receiving the media code stream sent by the terminal B, the proxy records the converted public code. The mapping relationship between the network address, the public network port number, and the terminal B is also not forwarded for the media stream packet Proxy.
Proxy将记录的终端 A的公网地址、公网端口号与终端 B的公网地址、 公网端口号建立映射, 并记录该映射。  The proxy maps the public network address of the terminal A, the public network port number, the public network address of the terminal B, and the public network port number, and records the mapping.
在图 6所示的代理服务器接收媒体码流的过程之后, 执行如图 7所示 的媒体能力重协商过程: 为了将终端 A、 B各自的公网地址、 公网端口号通知给对方, Proxy通 过 reinvite消息分别向终端 A、 B发起媒体能力重协商。 After the process of receiving the media code stream by the proxy server shown in FIG. 6, the media capability renegotiation process shown in FIG. 7 is performed: In order to notify the other party of the public network address and the public network port number of the terminals A and B, the proxy initiates media capability renegotiation to the terminals A and B through the reinvite message.
Proxy向终端 A发送 reinvite消息,其 SDP信息中 c行携带终端 B的公 网地址, m行携带终端 B的公网端口号。  The Proxy sends a reinvite message to the terminal A. The c line of the SDP information carries the public network address of the terminal B, and the m line carries the public network port number of the terminal B.
Proxy向终端 B发送 reinvite消息,其 SDP信息中 c行携带终端 A的公 网地址, m行携带终端 A的公网端口号。  The Proxy sends a reinvite message to the terminal B. The c line of the SDP information carries the public network address of the terminal A, and the m line carries the public network port number of the terminal A.
至此媒体能力重协商完成。  At this point, the media capacity has been re-negotiated.
终端 A与终端 B的媒体能力重协商完成后, 都记录了对端的 (媒体码 流收发 )公网地址与公网端口号,后续终端 A、 B可以直接将媒体码流发送 到对端的公网地址与公网端口号即可, 实现了 NAT的媒体码流穿越, 并且 无需再经过 Proxy转发。  After the media capability re-negotiation between the terminal A and the terminal B is completed, the public network address and the public network port number of the peer end (media stream transmission and reception) are recorded, and the subsequent terminals A and B can directly send the media code stream to the peer public network. The address and the public network port number can be used to implement NAT media stream traversal, and no need to be forwarded by Proxy.
为使本发明的目的、 技术方法和优点表达的更清楚, 下面结合附图和 场景 2 (两个终端都在 NAT中) 实施例对本发明做更进一步的说明。  In order to make the objects, technical methods, and advantages of the present invention clearer, the present invention will be further described below in conjunction with the accompanying drawings and the embodiment of FIG. 2 (both terminals are in NAT).
终端 A位于完全锥形 NAT中, 本地地址、 即私网地址为 10.1.1.2, 经 过 NAT映射的公网地址为 192.0.2.1 (信令地址与媒体地址相同); 本地音 频端口为 10200, 本地视频端口为 10202。  Terminal A is located in a fully conical NAT. The local address, that is, the private network address is 10.1.1.2, the public network address mapped by NAT is 192.0.2.1 (the signaling address is the same as the media address); the local audio port is 10200, local video. The port is 10202.
终端 B位于完全锥形 NAT中, 本地地址、 即私网地址为 10.0.1.3, 经 过 NAT映射的公网地址为 192.0.2.3 (信令地址与媒体地址相同); 本地音 频端口为 10000, 本地视频端口为 10002。  Terminal B is located in a fully conical NAT. The local address, that is, the private network address is 10.0.0.3, and the public network address mapped by NAT is 192.0.2.3 (the signaling address is the same as the media address); the local audio port is 10000, local video. The port is 10002.
Proxy位于公网中, 公网地址为 192.0.2.2。  The proxy is located on the public network and the public network address is 192.0.2.2.
基于 SIP媒体能力重协商的 NAT穿越的过程包括:  The process of NAT traversal based on SIP media capability renegotiation includes:
( 1 )终端 A发起 Invite呼叫, SDP信息中携带本地媒体能力, 其中 c 行携带终端 A的本地地址、 即私网地址为 10.1.1.2; m行携带的本地音频端 口为 10200, 本地视频端口为 10202, 相关 SDP描述如下:  (1) The terminal A initiates an Invite call, and the SDP information carries the local media capability, where the c-line carries the local address of the terminal A, that is, the private network address is 10.1.1.2; the local audio port carried by the m-line is 10200, and the local video port is 10202, the related SDP is described as follows:
c=IN IP4 10.1.1.2  c=IN IP4 10.1.1.2
m=audio 10200 TP/AVP 9 8 0 m=video 10202 TP/AVP 109 34 m=audio 10200 TP/AVP 9 8 0 m=video 10202 TP/AVP 109 34
( 2 ) Invite消息经过 NAT设备到达 Proxy, 由于媒体码流还未建立, Proxy无法获取到终端 A的媒体码流对应的公网收发地址及端口号,为了让 媒体码流经过 pr0Xy, Proxy为终端 A分配一个新的音频端口 8510, 一个新 的视频端口 8512, 并将 SDP信息 c行中的地址替换成 Proxy的公网地址, 更新后的 Invite消息中 SDP相关描述如下: (2) The Invite message reaches the Proxy through the NAT device. Since the media stream has not been established, the Proxy cannot obtain the public network sending and receiving address and port number corresponding to the media stream of the terminal A. In order to allow the media stream to pass the p r0X y, the Proxy A new audio port 8510, a new video port 8512, is assigned to the terminal A, and the address in the c-line of the SDP information is replaced with the public network address of the Proxy. The SDP related description in the updated Invite message is as follows:
c=IN IP4 192.0.2.2  c=IN IP4 192.0.2.2
m=audio 8510 RTP/AVP 9 8 0  m=audio 8510 RTP/AVP 9 8 0
m=video 8512 RTP/AVP 109 34  m=video 8512 RTP/AVP 109 34
( 3 ) Proxy转发 Invite消息到终端 B, 终端 B响应 200 OK消息, 该消 息中 SDP信息携带本地媒体能力, 其中 c行携带终端 B的本地地址、 即私 网地址为 10.0.1.3, m行携带的本地音频端口为 10000, 本地视频端口为 10002, 相关 SDP描述如下:  (3) The Proxy forwards the Invite message to the terminal B, and the terminal B responds to the 200 OK message, where the SDP information carries the local media capability, where the c line carries the local address of the terminal B, that is, the private network address is 10.0.0.3, and the m line carries The local audio port is 10000 and the local video port is 10002. The related SDP is described as follows:
c=IN IP4 10.0.1.3  c=IN IP4 10.0.1.3
m=audio 10000 RTP/AVP 9 8 0  m=audio 10000 RTP/AVP 9 8 0
m=video 10002 RTP/AVP 109 34  m=video 10002 RTP/AVP 109 34
( 4 ) Proxy收到终端 B的 200 OK消息,由于媒体码流还未建立, Proxy 无法获取到终端 B的媒体码流对应的公网收发地址及端口号, 为了让媒体 码流经过 Proxy, Proxy同样为终端 B分配一个新的音频端口 9510, 一个新 的视频端口 9512, 并将 SDP信息 c行中的地址替换成 Proxy的公网地址, 更新后的 200 OK消息中 SDP相关描述如下:  (4) The Proxy receives the 200 OK message from the terminal B. Since the media stream has not been established, the proxy cannot obtain the public network sending and receiving address and port number corresponding to the media stream of the terminal B, in order to allow the media stream to pass the Proxy, Proxy. Similarly, terminal B is assigned a new audio port 9510, a new video port 9512, and the address in the c-line of the SDP information is replaced with the public network address of the Proxy. The SDP related description in the updated 200 OK message is as follows:
c=IN IP4 192.0.2.2  c=IN IP4 192.0.2.2
m=audio 9510 RTP/AVP 9 8 0  m=audio 9510 RTP/AVP 9 8 0
m=video 9512 RTP/AVP 109 34  m=video 9512 RTP/AVP 109 34
( 5 )终端 A收到 Proxy转发的 200 OK消息, 终端 A和 B之间的媒体 能力协商完成, 终端 A返回 ACK消息, Proxy转发 ACK到终端 B, 呼叫 连接建立完成。 此时 Proxy开始在 9510、 9512端口监听、 并接收来自终端 A的媒体码流; 在 8510、 8512端口监听, 接收来自终端 B的媒体码流;(5) Terminal A receives the 200 OK message forwarded by the proxy, the media capability negotiation between the terminals A and B is completed, the terminal A returns an ACK message, the proxy forwards the ACK to the terminal B, and the call connection establishment is completed. At this point, the Proxy starts listening on the 9510, 9512 ports and receives the terminal. A media code stream; listening on port 8510, 8512, receiving media code stream from terminal B;
( 6 )呼叫连接建立完成后, 终端 A根据 200 OK消息中 SDP的相关描 述, 将音频、 视频码流发往地址 192.0.2.2, 端口 9510、 9512; 同时在本地 地址 10.1.1.2监听 10200、 10202端口。 (6) After the call connection is established, terminal A sends the audio and video code streams to the address 192.0.2.2, port 9510, 9512 according to the description of SDP in the 200 OK message; and listens to 10200, 10202 at the local address 10.1.1.2. port.
上述终端 A发送的媒体码流需经过 NAT设备到达 Proxy, NAT设备截 获终端 A发送的媒体码流后, 对其源地址( 10.1.1.2 )和源端口号( 10200、 10202 )进行转换,得到的公网地址为 192.0.2.1,公网端口号分别为 38100、 38102; Proxy接收到终端 A发送的媒体码流后,记录下转换后的公网地址、 端口号与终端 A的映射关系。 Proxy丟弃第一个媒体码流数据包,不作转发。  The media code stream sent by the terminal A needs to pass through the NAT device to reach the proxy. After the NAT device intercepts the media code stream sent by the terminal A, the source address ( 10.1.1.2 ) and the source port number ( 10200 , 10202 ) are converted. The public network address is 192.0.2.1, and the public network port number is 38100 and 38102 respectively. After receiving the media code stream sent by terminal A, the proxy records the mapping relationship between the translated public network address, port number, and terminal A. The Proxy discards the first media stream packet and does not forward it.
( 7 )呼叫连接建立完成后,终端 B根据 Invite消息中 SDP的相关描述, 将音频、 视频码流发往地址 192.0.2.2, 端口号分别为 8510、 8512; 同时在 本地地址 10.0.1.3监听 10000、 10002端口。  (7) After the call connection is established, the terminal B sends the audio and video code streams to the address 192.0.2.2 according to the description of the SDP in the Invite message, and the port numbers are 8510 and 8512 respectively; and the local address 10.0.03 monitors 10000. , port 10002.
上述终端 B发送的媒体码流需经过 NAT设备到达 Proxy, NAT设备截 获终端 B发送的媒体码流后, 对其源地址( 10.0.1.3 )和源端口号( 10000、 10002 )进行转换, 得到的公网地址为 192.0.2.3, 公网端口号分别 39100、 39102; Proxy接收到终端 B发送的媒体码流后,记录下转换后的公网地址、 端口号与终端 B的映射关系,对于该媒体码流数据包 Proxy同样不作转发。  The media code stream sent by the terminal B needs to pass through the NAT device to reach the Proxy. After the NAT device intercepts the media code stream sent by the terminal B, the source address ( 10.0.1.3 ) and the source port number ( 10000 , 10002 ) are converted. The public network address is 192.0.2.3, and the public network port number is 39100 and 39102 respectively. After receiving the media code stream sent by the terminal B, the proxy records the mapping relationship between the converted public network address, the port number, and the terminal B. The code stream packet Proxy is also not forwarded.
( 8 )通过步骤( 6 )和( 7 ) Proxy收集到了终端 A、 B各自的 (媒体 码流收发 )公网地址和公网端口号, 建立两者之间的映射关系。  (8) The public network address (publication and reception of the media stream) and the public network port number of the terminals A and B are collected through the steps (6) and (7), and the mapping relationship between the two is established.
Proxy记录的终端 B对应的公网地址是 192.0.2.3 , 公网端口号分别为 The public network address corresponding to the terminal B recorded by the proxy is 192.0.2.3, and the public network port number is
39100、 39102, 为了将该公网地址和公网端口号 (即终端 A发送媒体码流 的目的地址和目的端口号)通知到终端 A, Proxy通过 reinvite消息向终端 A发起媒体能力重协商, reinvite消息中 SDP相关描述如下: 39100, 39102, in order to notify the terminal A of the public network address and the public network port number (that is, the destination address and the destination port number of the terminal A to send the media stream), the proxy initiates media capability re-negotiation to the terminal A through the reinvite message, reinvite The relevant description of SDP in the message is as follows:
c=IN IP4 192.0.2.3  c=IN IP4 192.0.2.3
m=audio 39100 TP/AVP 9 8 0  m=audio 39100 TP/AVP 9 8 0
m=video 39102 RTP/AVP 109 34 同样的, Proxy记录的终端 A的公网地址是 192.0.2.1 ,公网端口号分别 为 38100、 38102, 为了将该公网地址和公网端口号 (即终端 B发送媒体码 流的目的地址和目的端口号)通知到终端 B, Proxy通过 reinvite消息向终 端 B发起媒体能力重协商, reinvite消息中 SDP相关描述如下: m=video 39102 RTP/AVP 109 34 Similarly, the public network address of the terminal A recorded by the proxy is 192.0.2.1, and the public network port numbers are 38100 and 38102 respectively, in order to use the public network address and the public network port number (that is, the destination address of the terminal B to send the media stream) The destination port number is notified to the terminal B. The proxy initiates media capability re-negotiation to the terminal B through the reinvite message. The SDP related description in the reinvite message is as follows:
c=IN IP4 192.0.2.1  c=IN IP4 192.0.2.1
m=audio 38100 TP/AVP 9 8 0  m=audio 38100 TP/AVP 9 8 0
m=video 38102 RTP/AVP 109 34  m=video 38102 RTP/AVP 109 34
如此完成了媒体能力重协商。  This completes the media capability renegotiation.
( 9 )终端 A收到 Proxy的 reinvite消息,停止向 Proxy (地址 192.0.2.2, 端口号9510、9512 )发送媒体码流,开始向终端8对应的公网地址 192.0.2.3, 公网端口号 39100、 39102发送媒体码流; 终端 B收到 Proxy的 reinvite消 息, 停止向 Proxy (地址 192.0.2.2, 端口号 8510、 8512 )发送媒体码流, 开始向终端 A的对应的公网地址 192.0.2.1, 端口号 38100、 38102发送媒体 码流。 至此终端 A与终端 B实现了媒体码流的直接传输, 不再经过 Proxy 中转。  (9) Terminal A receives the reinvite message from the Proxy, stops sending the media stream to the Proxy (address 192.0.2.2, port number 9510, 9512), and starts to the public network address 192.0.2.3 corresponding to the terminal 8, the public network port number 39100. 39102 sends a media code stream; terminal B receives the reinvite message of the proxy, stops sending the media code stream to the proxy (address 192.0.2.2, port number 8510, 8512), and starts to the corresponding public network address 192.0.2.1 of terminal A, Port numbers 38100, 38102 send the media stream. At this point, terminal A and terminal B implement direct transmission of the media code stream, and no longer transit through the proxy.
本发明上述实施例提供的方案在主、 被叫双方或其中之一处于完全锥 形 NAT时, 能够不对现有网络设备进行改造的前提下, 通过 Proxy实现两 个终端媒体之间直接的通信, 节约了升级网络设备的成本, 并且降低了数 据传输的延时, 减轻了服务器的负载, 提高了效率。  The solution provided by the foregoing embodiment of the present invention can directly communicate between two terminal media through the Proxy under the premise of modifying the existing network device when the primary or the called party or one of the two parties is in the full cone NAT. It saves the cost of upgrading network equipment, reduces the delay of data transmission, reduces the load on the server, and improves efficiency.
为了更好的实现上述技术方案, 本发明实施例还提供了一种代理服务 器 10, 其位于公网, 如图 8所示, 该代理服务器包括:  In order to achieve the above technical solution, the embodiment of the present invention further provides a proxy server 10, which is located on the public network. As shown in FIG. 8, the proxy server includes:
获取模块 11, 配置为分别接收来自第一终端和第二终端的媒体码流, 并获取第一终端和第二终端的公网地址和公网端口号; 第一终端和第二终 端中的至少一个位于私网;  The obtaining module 11 is configured to receive the media code streams from the first terminal and the second terminal, respectively, and obtain the public network address and the public network port number of the first terminal and the second terminal; and at least the first terminal and the second terminal One is located on the private network;
媒体能力重协商模块 12, 配置为发起媒体能力重协商, 将获取的第一 终端的公网地址和公网端口号通知给第二终端, 将获取的第二终端的公网 地址和公网端口号通知给第一终端。 The media capability renegotiation module 12 is configured to initiate media capability renegotiation, and notify the obtained second terminal of the public address and the public network port number of the first terminal to the second terminal, and obtain the public network of the second terminal. The address and the public network port number are notified to the first terminal.
代理服务器还包括:端口分配模块 13,配置为通过媒体能力协商过程, 分别为第一终端和第二终端分配端口号, 并将为第一终端分配的端口号通 知给第二终端, 将为第二终端分配的端口号通知给第一终端;  The proxy server further includes: a port assignment module 13 configured to allocate a port number to the first terminal and the second terminal respectively through the media capability negotiation process, and notify the second terminal of the port number assigned to the first terminal, which is to be The port number assigned by the second terminal is notified to the first terminal;
监听模块 14, 配置为在为第二终端分配的端口号监听、 并接收来自第 一终端的媒体码流; 在为第一终端分配的端口号监听、 并接收来自第二终 端的媒体码流;  The monitoring module 14 is configured to listen to the port number assigned to the second terminal, and receive the media code stream from the first terminal; listen to the port number assigned to the first terminal, and receive the media code stream from the second terminal;
获取模块 11, 还配置为从来自第一终端或第二终端的媒体码流中提取 并记录第一终端或第二终端的公网地址和公网端口号。 具体的: 第一终端 或第二终端位于私网时, 第一终端或第二终端的公网地址和公网端口号是 由对应的私网地址和私网端口号转换得到的, 具体的: 在 NAT设备截获到 第一终端或第二终端发送给代理服务器的媒体码流时, 将其中的源地址和 源端口号 (即私网地址和私网端口号) 转换为公网地址和公网端口号; 第 一终端或第二终端位于公网时, 对应的媒体码流的源地址和源端口号即为 第一终端或第二终端的公网地址和公网端口号。  The obtaining module 11 is further configured to extract and record the public network address and the public network port number of the first terminal or the second terminal from the media code stream from the first terminal or the second terminal. Specifically: when the first terminal or the second terminal is located in the private network, the public network address and the public network port number of the first terminal or the second terminal are converted by the corresponding private network address and the private network port number, specifically: When the NAT device intercepts the media stream sent by the first terminal or the second terminal to the proxy server, the source address and the source port number (that is, the private network address and the private network port number) are converted into the public network address and the public network. Port number; The source address and source port number of the corresponding media stream are the public network address and the public network port number of the first terminal or the second terminal when the first terminal or the second terminal is located on the public network.
交互模块 15, 配置为接收来自第一终端的请求消息, 通知端口分配模 块 13为第一终端分配端口号, 并将请求消息转发给第二终端; 转发给第二 终端的请求消息中携带代理服务器的公网地址和为第一终端分配的端口号; 还配置为接收来自第二终端的响应消息, 通知端口分配模块 13为第二终端 分配端口号, 并将响应消息转发给第一终端; 转发给第一终端的响应消息 中携带代理服务器的公网地址和为第二终端分配的端口号。  The interaction module 15 is configured to receive the request message from the first terminal, notify the port assignment module 13 to assign a port number to the first terminal, and forward the request message to the second terminal; the request message forwarded to the second terminal carries the proxy server a public network address and a port number assigned to the first terminal; configured to receive a response message from the second terminal, notify the port assignment module 13 to assign a port number to the second terminal, and forward the response message to the first terminal; The response message to the first terminal carries the public network address of the proxy server and the port number assigned to the second terminal.
映射模块 16, 配置为建立第一终端的公网地址、 公网端口号与第二终 端的公网地址、 公网端口号的映射关系。  The mapping module 16 is configured to establish a mapping relationship between the public network address of the first terminal, the public network port number, the public network address of the second terminal, and the public network port number.
媒体能力重协商模块 12, 还配置为通过请求消息分别向第一终端和第 二终端发起媒体能力重协商; 发送给第一终端的请求消息中携带第二终端 的公网地址和公网端口号; 发送给第二终端的请求消息中携带第一终端的 公网地址和公网端口号。 The media capability renegotiation module 12 is further configured to initiate media capability re-negotiation to the first terminal and the second terminal by using the request message respectively; the request message sent to the first terminal carries the public network address and the public network port number of the second terminal The request message sent to the second terminal carries the first terminal Public network address and public network port number.
在具体实施过程中, 上述获取模块 11、 媒体能力重协商模块 12、 端口 分配模块 13、 监听模块 14、 交互模块 15可以由代理服务器中具备通信和 处理功能的芯片来实现,映射模块 16可以由代理服务器的中央处理器( CPU, Central Processing Unit )、 处理器(MPU, Micro Processing Unit )或数字 信号处理器(DSP, Digital Signal Processor )来实现。  In the specific implementation process, the foregoing obtaining module 11, the media capability renegotiation module 12, the port allocating module 13, the listening module 14, and the interaction module 15 may be implemented by a chip having a communication and processing function in the proxy server, and the mapping module 16 may be configured by The central processing unit (CPU) of the proxy server, the processor (MPU, Micro Processing Unit) or the digital signal processor (DSP) is implemented.
如图 9所示, 本发明实施例还提供了一种基于 SIP媒体能力重协商的 NAT穿越系统, 包括图 8所示的代理服务器 10、 第一终端 20和第二终端 30, 其中:  As shown in FIG. 9, the embodiment of the present invention further provides a NAT traversal system based on SIP media capability re-negotiation, including the proxy server 10, the first terminal 20, and the second terminal 30 shown in FIG. 8, wherein:
代理服务器 10, 配置为获取第一终端 20和第二终端 30的公网地址和 公网端口号; 还配置为发起媒体能力重协商, 将获取的第一终端 20的公网 地址和公网端口号通知给第二终端 30,将获取的第二终端 30的公网地址和 公网端口号通知给第一终端 20;  The proxy server 10 is configured to obtain the public network address and the public network port number of the first terminal 20 and the second terminal 30. The public network address and the public network port of the first terminal 20 to be obtained are also configured to initiate the media capability renegotiation. The notification is sent to the second terminal 30, and the obtained public address of the second terminal 30 and the public network port number are notified to the first terminal 20;
第一终端 20,配置为向第二终端 30的公网地址和公网端口号发送媒体 码流;  The first terminal 20 is configured to send a media stream to the public network address and the public network port number of the second terminal 30;
第二终端 30,配置为向第一终端 20的公网地址和公网端口号发送媒体 码流。  The second terminal 30 is configured to send the media code stream to the public network address and the public network port number of the first terminal 20.
本发明实施例还提供了一种基于 SIP媒体能力重协商的 NAT穿越装置, 包括硬件处理服务器, 配置为分别接收来自第一终端和第二终端的媒体码 流, 并获取第一终端和第二终端的公网地址和公网端口号; 还配置为发起 媒体能力重协商, 将获取的第一终端的公网地址和公网端口号通知给第二 终端, 将获取的第二终端的公网地址和公网端口号通知给第一终端。  The embodiment of the present invention further provides a NAT traversal device based on SIP media capability renegotiation, which includes a hardware processing server, configured to respectively receive media code streams from the first terminal and the second terminal, and acquire the first terminal and the second terminal. The public network address and the public network port number of the terminal are also configured to initiate the media capability renegotiation, and notify the obtained second terminal of the public network address and the public network port number of the first terminal, and obtain the public network of the second terminal. The address and the public network port number are notified to the first terminal.
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。 工业实用性 The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention. Industrial applicability
本发明的基于 SIP媒体能力重协商的 NAT穿越方法、 代理服务器和系 统, 使得第一终端和第二终端可以基于对方的公网地址和公网端口号直接 进行通信, 无需代理服务器的转发; 另外, 上述技术方案的实现是基于现 有的网络架构, 无需对其进行改进, 也无需设置专门的穿越服务器就实现 了终端间的直接通信, 节约了成本。  The SIP traversal method, the proxy server and the system based on the SIP media capability renegotiation of the present invention enable the first terminal and the second terminal to directly communicate based on the public network address of the other party and the public network port number, without forwarding by the proxy server; The implementation of the above technical solution is based on the existing network architecture, no need to improve it, and no need to set up a special traversing server to realize direct communication between terminals, thereby saving cost.

Claims

权利要求书 claims
1、 一种基于 SIP媒体能力重协商的 NAT穿越方法, 第一终端和第二 终端中的至少一个位于私网, 代理服务器位于公网, 该方法包括: 1. A NAT traversal method based on SIP media capability renegotiation. At least one of the first terminal and the second terminal is located in the private network, and the proxy server is located in the public network. The method includes:
所述代理服务器分别接收来自第一终端和第二终端的媒体码流, 并 获取所述第一终端和第二终端的公网地址和公网端口号; The proxy server receives the media code stream from the first terminal and the second terminal respectively, and obtains the public network address and public network port number of the first terminal and the second terminal;
所述代理服务器发起媒体能力重协商, 将获取的所述第一终端的公 网地址和公网端口号通知给所述第二终端, 将获取的所述第二终端的公 网地址和公网端口号通知给所述第一终端。 The proxy server initiates media capability renegotiation, notifies the second terminal of the obtained public network address and public network port number of the first terminal, and transmits the obtained public network address and public network port number of the second terminal to the second terminal. The port number is notified to the first terminal.
2、 根据权利要求 1所述基于 SIP媒体能力重协商的 NAT穿越方法, 其中, 所述代理服务器分别接收来自第一终端和第二终端的媒体码流, 并获取所述第一终端和第二终端的公网地址和公网端口号, 包括: 2. The NAT traversal method based on SIP media capability renegotiation according to claim 1, wherein the proxy server receives media code streams from the first terminal and the second terminal respectively, and obtains the media code streams from the first terminal and the second terminal. The terminal’s public network address and public network port number, including:
在媒体能力协商过程中, 所述代理服务器分别为所述第一终端和第 二终端分配端口号, 并将为所述第一终端分配的端口号通知给所述第二 终端, 将为所述第二终端分配的端口号通知给所述第一终端; During the media capability negotiation process, the proxy server allocates port numbers to the first terminal and the second terminal respectively, and notifies the second terminal of the port number allocated to the first terminal, and provides the Notify the first terminal of the port number assigned by the second terminal;
所述代理服务器在为所述第二终端分配的端口号监听、 并接收来自 所述第一终端的媒体码流; 在为所述第一终端分配的端口号监听、 并接 收来自所述第二终端的媒体码流; The proxy server listens on the port number assigned to the second terminal and receives the media code stream from the first terminal; the proxy server listens on the port number assigned to the first terminal and receives the media code stream from the second terminal. The media code stream of the terminal;
所述代理服务器从来自所述第一终端或第二终端的媒体码流中提取 并记录所述第一终端或第二终端的公网地址和公网端口号。 The proxy server extracts and records the public network address and public network port number of the first terminal or the second terminal from the media code stream from the first terminal or the second terminal.
3、 根据权利要求 2所述基于 SIP媒体能力重协商的 NAT穿越方法, 其中, 在媒体能力协商过程中, 所述代理服务器分别为所述第一终端和 第二终端分配端口号, 并将为所述第一终端分配的端口号通知给所述第 二终端, 将为所述第二终端分配的端口号通知给所述第一终端, 包括: 所述代理服务器接收来自第一终端的请求消息, 为所述第一终端分 配端口号, 并将所述请求消息转发给所述第二终端; 所述转发给所述第 二终端的请求消息中携带所述代理服务器的公网地址和为所述第一终端 分配的端口号; 3. The NAT traversal method based on SIP media capability renegotiation according to claim 2, wherein during the media capability negotiation process, the proxy server allocates port numbers to the first terminal and the second terminal respectively, and assigns port numbers to the first terminal and the second terminal. Notifying the second terminal of the port number assigned by the first terminal, and notifying the first terminal of the port number assigned to the second terminal, including: the proxy server receiving a request message from the first terminal. , allocate a port number to the first terminal, and forward the request message to the second terminal; The request message from the second terminal carries the public network address of the proxy server and the port number assigned to the first terminal;
所述代理服务器接收来自所述第二终端的响应消息, 为所述第二终 端分配端口号, 并将所述响应消息转发给所述第一终端; 所述转发给所 述第一终端的响应消息中携带所述代理服务器的公网地址和为所述第二 终端分配的端口号。 The proxy server receives the response message from the second terminal, allocates a port number to the second terminal, and forwards the response message to the first terminal; the response forwarded to the first terminal The message carries the public network address of the proxy server and the port number assigned to the second terminal.
4、 根据权利要求 2所述基于 SIP媒体能力重协商的 NAT穿越方法, 其中, 所述代理服务器从来自所述第一终端或第二终端的媒体码流中提 取并记录的所述第一终端或第二终端的公网地址和公网端口号为: 4. The NAT traversal method based on SIP media capability renegotiation according to claim 2, wherein the proxy server extracts and records the first terminal's media code stream from the first terminal or the second terminal. Or the public network address and public network port number of the second terminal are:
所述第一终端或第二终端位于私网时, 由所述第一终端或第二终端 的私网地址和私网端口号转换得到的公网地址和公网端口号; When the first terminal or the second terminal is located in a private network, the public network address and public network port number obtained by converting the private network address and private network port number of the first terminal or the second terminal;
所述第一终端或第二终端位于公网时, 对应的所述媒体码流的源地 址和源端口号为第一终端或第二终端的公网地址和公网端口号。 When the first terminal or the second terminal is located on the public network, the corresponding source address and source port number of the media code stream are the public network address and public network port number of the first terminal or the second terminal.
5、根据权利要求 1或 4所述基于 SIP媒体能力重协商的 NAT穿越方 法, 其中, 在所述代理服务器获取所述第一终端和第二终端的公网地址 和公网端口号之后; 该方法还包括: 所述代理服务器建立所述第一终端 的公网地址、 公网端口号与所述第二终端的公网地址、 公网端口号的映 射关系。 5. The NAT traversal method based on SIP media capability renegotiation according to claim 1 or 4, wherein, after the proxy server obtains the public network address and public network port number of the first terminal and the second terminal; The method further includes: the proxy server establishing a mapping relationship between the public network address and public network port number of the first terminal and the public network address and public network port number of the second terminal.
6、 根据权利要求 1所述基于 SIP媒体能力重协商的 NAT穿越方法, 其中, 所述代理服务器通过请求消息分别向所述第一终端和第二终端发 起媒体能力重协商; 6. The NAT traversal method based on SIP media capability renegotiation according to claim 1, wherein the proxy server initiates media capability renegotiation to the first terminal and the second terminal respectively through a request message;
发送所述给所述第一终端的请求消息中携带所述第二终端的公网地 址和公网端口号; 发送所述给所述第二终端的请求消息中携带所述第一 终端的公网地址和公网端口号。 The request message sent to the first terminal carries the public network address and public network port number of the second terminal; the request message sent to the second terminal carries the public network address of the first terminal. network address and public network port number.
7、 一种代理服务器, 所述代理服务器位于公网, 包括: 7. A proxy server, the proxy server is located on the public network, including:
获取模块, 配置为分别接收来自第一终端和第二终端的媒体码流, 并获取第一终端和第二终端的公网地址和公网端口号; 所述第一终端和 第二终端中的至少一个位于私网; The acquisition module is configured to receive media code streams from the first terminal and the second terminal respectively, and obtain the public network address and public network port number of the first terminal and the second terminal; at least one of the first terminal and the second terminal is located in a private network;
媒体能力重协商模块, 配置为发起媒体能力重协商, 将获取的所述 第一终端的公网地址和公网端口号通知给所述第二终端, 将获取的所述 第二终端的公网地址和公网端口号通知给所述第一终端。 The media capability renegotiation module is configured to initiate media capability renegotiation, notify the second terminal of the obtained public network address and public network port number of the first terminal, and provide the obtained public network address and public network port number of the second terminal. The address and public network port number are notified to the first terminal.
8、 根据权利要求 7所述代理服务器, 其中, 还包括: 8. The proxy server according to claim 7, further comprising:
端口分配模块, 配置为通过媒体能力协商过程, 分别为所述第一终 端和第二终端分配端口号, 并将为所述第一终端分配的端口号通知给所 述第二终端, 将为所述第二终端分配的端口号通知给所述第一终端; 监听模块, 配置为在为所述第二终端分配的端口号监听、 并接收来 自所述第一终端的媒体码流; 在为所述第一终端分配的端口号监听、 并 接收来自所述第二终端的媒体码流; The port allocation module is configured to allocate port numbers to the first terminal and the second terminal respectively through the media capability negotiation process, and notify the second terminal of the port number allocated to the first terminal, and provide the port number for the first terminal. Notify the first terminal of the port number assigned by the second terminal; a monitoring module configured to listen at the port number assigned to the second terminal and receive the media code stream from the first terminal; The port number assigned by the first terminal monitors and receives the media code stream from the second terminal;
所述获取模块, 还配置为从来自所述第一终端或第二终端的媒体码 流中提取并记录所述第一终端或第二终端的公网地址和公网端口号。 The acquisition module is further configured to extract and record the public network address and public network port number of the first terminal or the second terminal from the media code stream from the first terminal or the second terminal.
9、 根据权利要求 8所述代理服务器, 其中, 还包括: 9. The proxy server according to claim 8, further comprising:
交互模块, 配置为接收来自第一终端的请求消息, 通知所述端口分 配模块所述第一终端分配端口号, 并将所述请求消息转发给所述第二终 端; 所述转发给所述第二终端的请求消息中携带所述代理服务器的公网 地址和为所述第一终端分配的端口号; 还配置为接收来自所述第二终端 的响应消息, 通知所述端口分配模块为所述第二终端分配端口号, 并将 所述响应消息转发给所述第一终端; 所述转发给所述第一终端的响应消 息中携带所述代理服务器的公网地址和为所述第二终端分配的端口号。 The interaction module is configured to receive a request message from the first terminal, notify the port allocation module that the first terminal allocates a port number, and forward the request message to the second terminal; The request message from the second terminal carries the public network address of the proxy server and the port number allocated to the first terminal; it is also configured to receive a response message from the second terminal and notify the port allocation module to The second terminal allocates a port number and forwards the response message to the first terminal; the response message forwarded to the first terminal carries the public network address of the proxy server and the The assigned port number.
10、 根据权利要求 7所述代理服务器, 其中, 还包括: 10. The proxy server according to claim 7, further comprising:
映射模块, 配置为建立所述第一终端的公网地址、 公网端口号与所 述第二终端的公网地址、 公网端口号的映射关系。 The mapping module is configured to establish a mapping relationship between the public network address and public network port number of the first terminal and the public network address and public network port number of the second terminal.
11、 根据权利要求 7所述代理服务器, 其中, 所述媒体能力重协商模块, 还配置为通过请求消息分别向所述第一 终端和第二终端发起媒体能力重协商; 发送所述给所述第一终端的请求 消息中携带所述第二终端的公网地址和公网端口号; 发送所述给所述第 二终端的请求消息中携带所述第一终端的公网地址和公网端口号。 11. The proxy server according to claim 7, wherein, The media capability renegotiation module is further configured to initiate media capability renegotiation to the first terminal and the second terminal respectively through a request message; the request message sent to the first terminal carries the second terminal The public network address and public network port number; The request message sent to the second terminal carries the public network address and public network port number of the first terminal.
12、 一种基于 SIP媒体能力重协商的 NAT穿越系统, 包括权利要求 7至 10任一所述的代理服务器、 第一终端和第二终端, 其中: 12. A NAT traversal system based on SIP media capability renegotiation, including the proxy server according to any one of claims 7 to 10, a first terminal and a second terminal, wherein:
所述代理服务器, 配置为分别接收来自第一终端和第二终端的媒体 码流, 并获取所述第一终端和第二终端的公网地址和公网端口号; 还配 置为发起媒体能力重协商, 将获取的所述第一终端的公网地址和公网端 口号通知给所述第二终端, 将获取的所述第二终端的公网地址和公网端 口号通知给所述第一终端; The proxy server is configured to receive media code streams from the first terminal and the second terminal respectively, and obtain the public network addresses and public network port numbers of the first terminal and the second terminal; and is also configured to initiate a media capability reset. Negotiate, notify the second terminal of the obtained public network address and public network port number of the first terminal, and notify the obtained first terminal of the public network address and public network port number of the second terminal. terminal;
所述第一终端, 配置为向所述第二终端的公网地址和公网端口号发 送媒体码流; The first terminal is configured to send a media code stream to the public network address and public network port number of the second terminal;
所述第二终端, 配置为向所述第一终端的公网地址和公网端口号发 送媒体码流。 The second terminal is configured to send a media code stream to the public network address and public network port number of the first terminal.
13、 一种基于 SIP媒体能力重协商的 NAT穿越装置, 该装置包括硬 件处理服务器, 其中: 13. A NAT traversal device based on SIP media capability renegotiation. The device includes a hardware processing server, wherein:
所述硬件处理服务器, 配置为分别接收来自第一终端和第二终端的 媒体码流, 并获取所述第一终端和第二终端的公网地址和公网端口号; 还配置为发起媒体能力重协商, 将获取的所述第一终端的公网地址和公 网端口号通知给所述第二终端, 将获取的所述第二终端的公网地址和公 网端口号通知给所述第一终端。 The hardware processing server is configured to receive media code streams from the first terminal and the second terminal respectively, and obtain the public network addresses and public network port numbers of the first terminal and the second terminal; and is also configured to initiate media capabilities. Re-negotiate, notify the second terminal of the obtained public network address and public network port number of the first terminal, and notify the obtained public network address and public network port number of the second terminal to the third terminal. a terminal.
PCT/CN2014/075265 2013-12-25 2014-04-14 Nat traversal method based on sip media capability re-negotiation, proxy server and system WO2015096302A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310728499.3 2013-12-25
CN201310728499.3A CN103916382B (en) 2013-12-25 2013-12-25 NAT through method, proxy server and system based on SIP media ability re-negotiations

Publications (1)

Publication Number Publication Date
WO2015096302A1 true WO2015096302A1 (en) 2015-07-02

Family

ID=51041789

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/075265 WO2015096302A1 (en) 2013-12-25 2014-04-14 Nat traversal method based on sip media capability re-negotiation, proxy server and system

Country Status (2)

Country Link
CN (1) CN103916382B (en)
WO (1) WO2015096302A1 (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106302846B (en) * 2015-06-12 2019-05-28 华为技术有限公司 A kind of communication connection method for building up and device, system
CN105049545B (en) * 2015-06-17 2018-02-02 广州云积软件技术有限公司 Based on the Streaming Media NAT through method under the online inspection system video standard of the national education examinations
CN105187567B (en) * 2015-06-24 2019-01-08 东莞市南星电子有限公司 A kind of audio/video communication method based on SIP and ICE
CN106534393B (en) * 2015-09-15 2019-09-03 中国电信股份有限公司 Realize the method and system that NAT device passes through
CN106941527B (en) * 2017-03-15 2021-02-02 网宿科技股份有限公司 Data transmission transfer method and system
CN107395496B (en) * 2017-06-16 2020-12-15 腾讯科技(深圳)有限公司 Data forwarding method and device, gateway equipment and storage medium
CN110809014B (en) * 2018-08-06 2023-03-03 中兴通讯股份有限公司 Service request, negotiation and response method, device, network equipment and system
CN110677291A (en) * 2019-09-26 2020-01-10 广州兰德视讯有限公司 Method and device for reducing server load and network bandwidth in multipoint communication
CN112637364B (en) * 2021-01-06 2023-01-10 上海哔哩哔哩科技有限公司 Method, client and system for establishing P2P connection

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050033985A1 (en) * 2003-07-26 2005-02-10 Innomedia Pte Ltd. Firewall penetration system and method for real time media communications
CN101478493A (en) * 2009-02-10 2009-07-08 杭州华三通信技术有限公司 Method and device for NAT through communication
CN101977178A (en) * 2010-08-09 2011-02-16 中兴通讯股份有限公司 Relay-based media channel establishing method and system
CN102055816A (en) * 2010-12-28 2011-05-11 华为技术有限公司 Communication method, business server, intermediate equipment, terminal and communication system

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7411917B1 (en) * 2003-03-26 2008-08-12 Network Equipment Technologies, Inc. Method and system for providing registration-based SIP NAT traversal
US8509148B2 (en) * 2010-12-29 2013-08-13 Industrial Technology Research Institute System and method for application layer gateway assisted local IP access at a femto base station by network address translation
WO2012109865A1 (en) * 2011-07-30 2012-08-23 华为技术有限公司 Nat processing method, device and system for calls between clients of private network and clients out of network
CN103023858B (en) * 2011-09-20 2015-07-22 佳都新太科技股份有限公司 Method for solving normal call under network address translation (NAT) network environment in session initiation protocol (SIP) network system
CN103391334B (en) * 2013-06-28 2016-12-28 贵阳朗玛信息技术股份有限公司 A kind of network traversal method, Apparatus and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050033985A1 (en) * 2003-07-26 2005-02-10 Innomedia Pte Ltd. Firewall penetration system and method for real time media communications
CN101478493A (en) * 2009-02-10 2009-07-08 杭州华三通信技术有限公司 Method and device for NAT through communication
CN101977178A (en) * 2010-08-09 2011-02-16 中兴通讯股份有限公司 Relay-based media channel establishing method and system
CN102055816A (en) * 2010-12-28 2011-05-11 华为技术有限公司 Communication method, business server, intermediate equipment, terminal and communication system

Also Published As

Publication number Publication date
CN103916382A (en) 2014-07-09
CN103916382B (en) 2018-05-01

Similar Documents

Publication Publication Date Title
WO2015096302A1 (en) Nat traversal method based on sip media capability re-negotiation, proxy server and system
JP5972398B2 (en) ICE-based NAT traversal
WO2008000188A1 (en) Method and system for realizing media stream interaction and media gateway controller and media gateway
US8082324B2 (en) Method of establishing a tunnel between network terminal devices passing through firewall
EP2048832B1 (en) Method and system for connecting a media stream
TWI357749B (en)
WO2007036160A1 (en) An apparatus, system and method for realizing communication between the client and the server
US9686709B2 (en) Method, apparatus and system for guaranteeing QoS of communication service in NAT scenario
WO2005041491A1 (en) Method of implementing multimedia protocol passing through network address transform device
WO2008104128A1 (en) Method, system and device for realizing network address translation passing
WO2005011216A1 (en) The system and method for realize multimedia call crossover the private network
US20130007291A1 (en) MEDIA INTERWORKING IN IPv4 AND IPv6 SYSTEMS
WO2011076041A1 (en) Method, device and system for call establishment
WO2019184262A1 (en) Multi-type media data network address translation traversing method, terminal and system
WO2012109865A1 (en) Nat processing method, device and system for calls between clients of private network and clients out of network
WO2015062454A1 (en) Audio and video call method, device and system
EP2987295B1 (en) Local control of additional media session for a packet based call
US9042376B2 (en) Traversal method for ICMP-sensitive NAT
CN104994067A (en) System and method for SIP network to access RTSP monitoring network
WO2006015525A1 (en) A method for point-to-point calling between two multimedia terminals in the private network
CN107634954B (en) Soft switch calling method and system
WO2008003214A1 (en) Method, device and system for media flow traversing nat
WO2023016172A1 (en) Call processing method, apparatus and system
WO2023016177A1 (en) Call processing method, apparatus, and system
JP2004312392A (en) Multimedia terminal, proxy server, router, and communication control method in multimedia communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14873508

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14873508

Country of ref document: EP

Kind code of ref document: A1