CN100382552C - Method for establishing VOIP communication penetrating fire wall - Google Patents
Method for establishing VOIP communication penetrating fire wall Download PDFInfo
- Publication number
- CN100382552C CN100382552C CNB2003101058410A CN200310105841A CN100382552C CN 100382552 C CN100382552 C CN 100382552C CN B2003101058410 A CNB2003101058410 A CN B2003101058410A CN 200310105841 A CN200310105841 A CN 200310105841A CN 100382552 C CN100382552 C CN 100382552C
- Authority
- CN
- China
- Prior art keywords
- call server
- gateway
- voip
- address
- called
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention relates to a method for establishing VOIP communication by penetrating a fire wall. A calling server with a public network IP address is arranged at the region center of an IP telephone network by the present invention. The calling server is used as a VOIP control signal retransmission center. After a VOIP gateway is energized to be started, one survival TCP connection is established by the VOIP gateway and the calling server, and survival information is regularly reported to the calling server. One indirect VOIP control channel is established between a calling VOIP gateway and a called VOIP gateway by the calling server, and thereby, the control of an inner VOIP gateway and an outer VOIP gateway to signal interaction is realized. A medium channel is further established, and VOIP communication is realized. The method of the present invention is adopted to cause gateway devices in different local area networks to normally and bidirectionally communicate, and the technical problem of penetrating a fire wall is effectively solved.
Description
One, technical field
The invention belongs to the telecommunication technology field, particularly a kind of firewall-penetrating is set up VOIP (VoiceOver IP IP phone) method for communicating.
Two, background technology
The realization principle of VOIP is earlier the phone speech to be become digital signal through coding with compressing and converting, is sent to receiving terminal by the ICP/IP protocol network after packing, and receiving terminal is reduced to telephone speech signal to audio digital signals reorganization, decompress(ion), decoding.
The problem that VOIP often occurs in actual applications is when the VOIP gateway is placed on fire compartment wall inside, and how outside VOIP gateway device sets up control signalling path and media channel with the VOIP gateway of inside, carries out VOIP communication then.
The key of problem is that in actual applications the VOIP gateway of fire compartment wall inside all adopts private network IP, and outside VOIP gateway can only be seen the fire compartment wall with public network IP address, therefore produces two problems, is described below:
1) foundation of control channel
Because the VOIP gateway of fire compartment wall inside adopts private network IP, when outside VOIP gateway is done caller, need transmit control message to the called VOIP gateway of fire compartment wall inside, message directly can't be sent to called VOIP gateway but be actually, thereby can't set up the VOIP control channel.
2) foundation of media channel
The another one problem is relevant information (the IP address of VOIP media channel, port, voice compression algorithm etc.) consult to obtain by control messages, the IP address that inner VOIP gateway is filled in the local media passage in fact also is private network IP, and so outside VOIP gateway and inner VOIP gateway also can't be set up media channel.
Also can not solve firewall-penetrating at present, make outside VOIP gateway device and inner VOIP gateway set up the technical solution of VOIP communication issue, the difficulty that this explanation solves this class problem is very big, also illustrate simultaneously under VOIP application main trend more and more widely, provide firewall-penetrating to set up the urgency of the technical solution of VOIP communication.
Three, summary of the invention
The purpose of this invention is to provide a kind of firewall-penetrating and set up the VOIP method for communicating, for setting up an indirect VOIP control channel between the calling and called VOIP gateway, thereby realize that inside and outside VOIP gateway control Signalling exchange, further set up media channel, carry out VOIP communication.
Concrete technic relization scheme of the present invention is: the regional regional center at IP telephony network is provided with a call server with public network IP address, the corresponding VOIP protocol stack of call server support, for example H.323, H.248, MGCP, call server is as VOIP control signaling retransmission center, be main, set up an indirect VOIP control channel between the called VOIP gateway, all VOIP gateways in the call server compass of competency are after powering up startup, need set up a TCP with call server and be connected (this TCP connects hereinafter referred to as survival TCP and connects), and regularly report alive message to call server.In addition, the VOIP gateway is set to mode back-to-back, that is to say the IP address that called gateway ip address all is set to call server.The VOIP gateway Shi Douhui that makes a call issues call server with control messages like this.The relevant information of all VOIP gateways comprises that sign, IP address, the VOIP gateway of VOIP gateway is with the user's telephone number scope in the compass of competency of call server configuration simultaneously.
When the caller gateway will be called out, earlier and call server sets up that a new TCP is connected and to call server transmission Setup message.Call server parses the called gateway at called number place, then by being connected to called gateway forwards Setup message with survival TCP that called gateway has been set up.Called gateway connects at survival TCP receives Setup message, and knowing has new calling to produce, just oppositely set up a new TCP and be connected with call server, and in this TCP connection to subsequent control message such as call server transmission Call Proceeding.Same, call server is transmitted to the caller gateway with the control messages of receiving.Like this, call server just is main, and called gateway has been set up an indirect control channel.
After control channel is set up, the calling and called gateway is consulted media channel, call server is configured to the call server local ip address with called gateway ip address in giving the media channel negotiation result of caller gateway forwards, the port that the control channel TCP that port arrangement becomes this road of call server and caller gateway to call out is connected; Call server is configured to the call server local ip address with the caller gateway ip address in giving the media channel negotiation result of called gateway forwards, the port that the control channel TCP that port arrangement becomes this road of call server and called gateway to call out is connected.Like this calling and called gateway with medium voice IP bag all by and call server between control channel TCP connect and send to call server, call server is transmitted to corresponding gateway with the medium voice IP bag of receiving again then.
In fact pass through call server, for one of the calling and called gateway call out indirect foundation a TCP connect, the mutual control messages of calling and called gateway in this TCP connection, and medium voice IP bag also is encapsulated in the TCP bag, in this TCP connections, transmit.Utilize call server to set up VOIP communication for calling and called gateway penetration fire compartment wall.
In the practical application of VOIP, integrated access equipment IAD (Integrated Access Device) is the VOIP gateway of low capacity, usually support 2-16 road VOIP passage, and the normally enterprise customer of use low capacity integrated access equipment, the enterprise customer has the local area network (LAN) of oneself mostly, fire compartment wall is placed in outlet at local area network (LAN), and the internal unit of local area network (LAN) comprises that integrated access equipment all adopts private network IP.
Intercommunication between the integrated access equipment of a large amount of like this local area network (LAN) inside is exactly very difficult thing, control protocol according to VOIP, be to carry out addressing by the IP address of integrated access equipment, but integrated access equipment uses the words of private network IP, equipment for the local area network (LAN) outside is sightless, therefore the integrated access equipment in LAN can't directly carry out VOIP communication, has so also limited the promotion and application of VOIP technology.
Adopt firewall-penetrating of the present invention to set up the VOIP method for communicating, can make the normal two-way communication of integrated access equipment in LAN, integrated access equipment both can be breathed out like this, but also incoming call, solved this technical barrier of firewall-penetrating effectively, for the wider application of VOIP provides new technical solution.
Four, description of drawings
Fig. 1 is an IP Access Network networking schematic diagram;
Fig. 2 carries out the flow chart of VOIP communication for firewall-penetrating.
Five, embodiment
With the networking of IP Access Network is that example illustrates the specific embodiment of the present invention, and relatively typical application of the present invention is to utilize correlation technique provided by the invention to solve the problem of the firewall-penetrating that exists in the networking of IP Access Network.The IP Access Network is based on the IP network framework, can comprehensively inserts speech data and multimedia service, speech business is finished the conversion of circuit switching to packet switching at the integrated access equipment access gateway node, carries on the IP access network by packet mode again and realizes that at local side OLT (Optical LineTerminal optical line terminal) speech inserts public switched telephone network (PSTN) PSTN (Public switched telephone network) by the V5 interface again from the conversion that is grouped into TDM (Time DivisionMultiplexing time division multiplexing).
Because adopt the VOIP technology, there is the integrated access equipment problem how firewall-penetrating is communicated by letter with local side OLT that adopts private network IP equally in the IP Access Network, in practical application is provided with, can realize the function of call server at terminal OLT device, be that OLT adopts public network IP, the integrated access equipment in the OLT compass of competency all adopts private network IP.
IP Access Network networking schematic diagram is referring to accompanying drawing 1.Wherein the IP address of integrated access equipment 1 is IP1, the IP address of the fire compartment wall A of integrated access equipment 1 place local area network (LAN) is IP2, the IP address of integrated access equipment 2 is IP3, and the IP address of the fire compartment wall B of integrated access equipment 2 place local area network (LAN)s is IP4, and the IP address of call server is IP5.Wherein IP1, IP3 are private network IP address, and IP2, IP4, IP5 are public network IP address.
The solution of two subject matters being brought with regard to private network IP is described below, referring to accompanying drawing
2 illustrate that firewall-penetrating sets up the process of VOIP communication:
1) foundation of control channel
When call out producing, suppose that integrated access equipment 1 will call out certain user of integrated access equipment 2, be convenient the description, suppose that integrated access equipment 1, integrated access equipment 2 all are gateways H.323, the steps A that control channel is set up is as follows:
A1 integrated access equipment 1 with set up TCP with call server respectively after integrated access equipment 2 powers up startup and be connected, be numbered TCP1 and TCP2;
A2 integrated access equipment 1 user will call out integrated access equipment 2 users, integrated access equipment 1 is at first set up a TCP and is connected (being numbered TCP3) to call server transmission Setup message, call server is inquired about the configuration of local VOIP gateway according to the called number in the Setup message, the relevant information that obtains integrated access equipment 2 is not (if find, illustrate that the called subscriber is not in local call server compass of competency, can not do description in this article by the inquiry of higher level's call server);
The A3 call server connects to integrated access equipment 2 by the TCP2 that has set up transmits Setup message, notices that call server all will replace to source IP address in the message IP address of call server oneself when transmitting message;
A4 integrated access equipment 2 receives that it is that new calling arrives that the back is judged, the TCP that sets up again between and the call server connects (being numbered TCP4), and subsequent control message such as Call Proceeding are transmitted on TCP4;
After the A5 call server is received the subsequent control message of integrated access equipment 2, transmit message to integrated access equipment 1, so just between integrated access equipment 1 and integrated access equipment 2, set up an indirect control channel by TCP3;
Need write down a pair of TCP link information that call out on this road at call server simultaneously, it is the relevant information such as source IP address, source port of TCP3 and TCP4, in fact because the process firewall network address is changed the conversion of NAT (Network Address Translation), these information are actually the IP address and the port of fire compartment wall.
So far, set up an indirect control by call server between integrated access equipment 1 and the integrated access equipment 2, integrated access equipment 1, integrated access equipment 2 are controlled the mutual of signaling by this control channel.
2) foundation of media channel
After control channel was set up, the calling and called gateway was consulted the relevant information of media channel, so that carry out media communication, the step B that media channel is set up is as follows:
The B1 call server is configured to call server local ip address IP5 with called gateway ip address in giving the media channel negotiation result of integrated access equipment 1, port arrangement is the port that is connected with this TCP of TCP3 of integrated access equipment 1;
The B2 call server is configured to call server local ip address IP5 with the caller gateway ip address in giving the media channel negotiation result of integrated access equipment 2, port arrangement is the port that is connected with this TCP of TCP4 of integrated access equipment 2.Integrated access equipment 1, integrated access equipment 2 all will send medium voice IP bag to call server like this;
B 3 integrated access equipment 1 are realtime transmission protocol RTP (Real-time Transport Protocol) voice IP bag with pulse code modulation PCM (Pulse Code Modulation) voice by Digital Signal Processing DSP (Digital Signal Processor) compress speech, by TCP3 the RTP bag is sent to call server with call server foundation, that is to say, the TCP control channel that utilizes integrated access equipment 1 and call server to set up transmits the realtime transmission protocol RTP voice packet, and TCP connects and is equivalent to a tunnel;
After the B4 call server is received RTP bag, source IP address replaced with local ip address IP5 after, the realtime transmission protocol RTP bag is issued integrated access equipment 2 by TCP4;
After B5 integrated access equipment 2 is received the RTP bag, decompression is reduced to the PCM voice packet, same, it also is similar process to integrated access equipment 1 that integrated access equipment 2 sends the realtime transmission protocol RTP bag: integrated access equipment 2 is RTP voice IP bag with the PCM voice by Digital Signal Processing DSP compress speech, by the TCP4 with call server foundation the realtime transmission protocol RTP bag is sent to call server;
After the B6 call server is received the realtime transmission protocol RTP bag, source IP address replaced with local ip address IP5 after, the RTP bag is issued integrated access equipment 1 by TCP3;
So just set up media channel by call server between integrated access equipment 1 and integrated access equipment 2, the user can carry out the VOIP conversation.After user's on-hook, discharge this road accordingly and call out corresponding TCP connection, i.e. TCP3 and TCP4.
The present invention's " firewall-penetrating is set up VOIP communication " technology can be applied to other the firewall-penetrating that needs widely and set up in the application of VOIP communication.For example in the VOIP network that H.323 gateway is formed, among the next generation network NGN that media gateway and Media Gateway Controller are formed, the IP terminal (as computer) between the different local area network (LAN)s is carried out VOIP communication etc.
For those skilled in the art; after having understood content of the present invention and principle; can be under the situation that does not deviate from the spirit and scope of the present invention; carry out the processing method of VOIP communication according to firewall-penetrating of the present invention and carry out multiple correction and distortion, but these based on correction of the present invention and distortion still within claim protection range of the present invention.
Claims (5)
1. a firewall-penetrating is set up the VOIP method for communicating, it is characterized in that: the regional center at IP telephony network is provided with a call server with public network IP address, the corresponding VOIP protocol stack of call server support, call server is as VOIP control signaling retransmission center, for setting up an indirect VOIP control and a media channel between the calling and called VOIP gateway; All VOIP gateways in the call server compass of competency will be set up a survival TCP with call server and be connected, and regularly report alive message to call server after powering up startup;
When the caller gateway is called out, earlier and call server sets up that a new TCP is connected and to call server transmission Setup message; Call server parses the called gateway at called number place, then by being connected to called gateway forwards Setup message with survival TCP that called gateway has been set up; Called gateway connects at survival TCP receives Setup message, and knowing has new calling to produce, and just oppositely sets up a new TCP with call server and is connected, and transmit control message to call server in this TCP connection; Same, call server is transmitted to the caller gateway with the control messages of receiving; Call server just is main, and called gateway has been set up an indirect control channel;
After control channel is set up, the calling and called gateway is consulted media channel, call server is configured to the call server local ip address with called gateway ip address in giving the media channel negotiation result of caller gateway forwards, the port that the control channel TCP that port arrangement becomes this road of call server and caller gateway to call out is connected; Call server is configured to the call server local ip address with the caller gateway ip address in giving the media channel negotiation result of called gateway forwards, the port that the control channel TCP that port arrangement becomes this road of call server and called gateway to call out is connected.
2. firewall-penetrating according to claim 1 is set up the VOIP method for communicating, it is characterized in that: called gateway ip address all is set to the IP address of call server, control messages can be issued call server when the VOIP gateway makes a call.
3. firewall-penetrating according to claim 1 is set up the VOIP method for communicating, it is characterized in that: the relevant information of all VOIP gateways in the call server configuration compass of competency.
4. firewall-penetrating according to claim 1 is set up the VOIP method for communicating, and it is as follows to it is characterized in that setting up the steps A that VOIP control of communication channel sets up:
A1 caller gateway with set up TCP1 with call server respectively after called gateway powers up startup and be connected with TCP2;
A2 caller gateway user will call out called gateway user, the caller gateway is at first set up a TCP3 and is connected the message to call server transmission Setup, call server is inquired about the configuration of local VOIP gateway according to the called number in the Setup message, obtains the relevant information of called gateway;
The A3 call server connects to called gateway forwards Setup message by the TCP2 that has set up, and notices that call server all will replace to source IP address in the message IP address of call server oneself when transmitting message;
The called gateway of A4 receives that it is that new calling arrives that the back is judged, the TCP4 that sets up again between and the call server connects, and subsequent control message is transmitted on TCP4;
After the A5 call server is received the subsequent control message of called gateway, to caller gateway forwards message, so just between caller gateway and called gateway, set up an indirect control channel by TCP3; Need write down a pair of TCP link information that call out on this road at call server simultaneously.
5. firewall-penetrating according to claim 4 is set up the VOIP method for communicating, and it is as follows to it is characterized in that setting up the step B that VOIP communicating medium channel sets up:
The B1 call server is configured to the call server local ip address with called gateway ip address in giving the media channel negotiation result of caller gateway, port arrangement is the port that is connected with this TCP of TCP3 of caller gateway;
The B2 call server is configured to the call server local ip address with the caller gateway ip address in giving the media channel negotiation result of called gateway, port arrangement is the port that is connected with this TCP of TCP4 of called gateway;
B3 caller gateway is realtime transmission protocol RTP voice IP bag with pulse code modulation PCM voice by Digital Signal Processing DSP compress speech, by the TCP3 with call server foundation the RTP bag is sent to call server;
After the B4 call server is received RTP bag, source IP address replaced with local ip address after, the realtime transmission protocol RTP bag is issued called gateway by TCP4;
After the called gateway of B5 is received the RTP bag, decompression is reduced to the PCM voice packet, same, called gateway is RTP voice IP bag with the PCM voice by Digital Signal Processing DSP compress speech, by the TCP4 with call server foundation the realtime transmission protocol RTP bag is sent to call server;
After the B6 call server is received the realtime transmission protocol RTP bag, source IP address replaced with local ip address after, the RTP bag is issued the caller gateway by TCP3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2003101058410A CN100382552C (en) | 2003-10-17 | 2003-10-17 | Method for establishing VOIP communication penetrating fire wall |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2003101058410A CN100382552C (en) | 2003-10-17 | 2003-10-17 | Method for establishing VOIP communication penetrating fire wall |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1610351A CN1610351A (en) | 2005-04-27 |
| CN100382552C true CN100382552C (en) | 2008-04-16 |
Family
ID=34757439
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2003101058410A Expired - Fee Related CN100382552C (en) | 2003-10-17 | 2003-10-17 | Method for establishing VOIP communication penetrating fire wall |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100382552C (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8023432B2 (en) * | 2007-03-12 | 2011-09-20 | Microsoft Corporation | Cost reduction of NAT connection state keep-alive |
| CN104683360B (en) * | 2015-03-27 | 2017-11-10 | 北京理想固网科技股份有限公司 | Ip voice communication system |
| CN106572275A (en) * | 2015-10-10 | 2017-04-19 | 华为技术有限公司 | Method and apparatus for transmitting signal |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1349698A (en) * | 1999-05-04 | 2002-05-15 | 伊科梅拉股份公司 | System for data transmission via several communication routes |
| WO2002067531A1 (en) * | 2001-02-20 | 2002-08-29 | Eyeball Networks Inc. | Method and apparatus to permit data transmission to traverse firewalls |
| CA2461418A1 (en) * | 2001-09-25 | 2003-04-03 | Siemens Aktiengesellschaft | Method and device for implementing a firewall application for communication data |
| CN1411220A (en) * | 2001-10-04 | 2003-04-16 | 华为技术有限公司 | Method and system of realizing IP speech service of private network |
-
2003
- 2003-10-17 CN CNB2003101058410A patent/CN100382552C/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1349698A (en) * | 1999-05-04 | 2002-05-15 | 伊科梅拉股份公司 | System for data transmission via several communication routes |
| WO2002067531A1 (en) * | 2001-02-20 | 2002-08-29 | Eyeball Networks Inc. | Method and apparatus to permit data transmission to traverse firewalls |
| CA2461418A1 (en) * | 2001-09-25 | 2003-04-03 | Siemens Aktiengesellschaft | Method and device for implementing a firewall application for communication data |
| CN1411220A (en) * | 2001-10-04 | 2003-04-16 | 华为技术有限公司 | Method and system of realizing IP speech service of private network |
Non-Patent Citations (2)
| Title |
|---|
| iShuttle突破VoIP应用瓶颈. 洪涓.中国数据通信,第07期. 2002 * |
| MPLS和LDP会话技术. 陈跃斌,梁虹,林孝康.电讯技术,第02期. 2001 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1610351A (en) | 2005-04-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8243720B2 (en) | Voice-over-IP hybrid digital loop carrier | |
| US6567399B1 (en) | Hi-fidelity line card | |
| US6636508B1 (en) | Network resource conservation system | |
| US6487196B1 (en) | System and method for simulating telephone use in a network telephone system | |
| US7715413B2 (en) | Multi-network exchange system for telephony applications | |
| US20050117605A1 (en) | Network address and port translation gateway with real-time media channel management | |
| US20030088619A1 (en) | Using PSTN to convey participant IP addresses for multimedia conferencing | |
| CN100521631C (en) | System and method for generating ringbace tone | |
| KR100602638B1 (en) | The method for VoIP-UMS system access | |
| KR100705568B1 (en) | apparatus and method for processing SIP signaling in voice/data integration switching system | |
| EP1985095B1 (en) | Telephone call processing method and apparatus | |
| KR20010092015A (en) | Method and system for providing internet phone service for multimedia communication over high speed mobile internet | |
| NZ542879A (en) | Real-time communications between telephone and internet users | |
| CN100382552C (en) | Method for establishing VOIP communication penetrating fire wall | |
| US7533174B1 (en) | Media gateway connection information recovery | |
| EP2088759A1 (en) | A method, telephone system and telephone terminal for calling session | |
| Maresca et al. | Internet protocol support for telephony | |
| CN101110751A (en) | IP PBX based on P2P technology | |
| CN100499720C (en) | Realization method for providing multi-rate data information loading service | |
| KR100809398B1 (en) | Method and system for transmitting SMS for VoIP service supproting Multi-protocol | |
| JP4215550B2 (en) | Private branch exchange system for intersystem connection by IP and system information transmission method thereof | |
| KR20050055872A (en) | Apparatus and method for voice data processing in voip gateway system | |
| CN1720694A (en) | Modem relay originator | |
| KR20040095094A (en) | VoIP VIDEO TELEPHONY SERVICE METHOD USING PHONE AND PC | |
| JP2005072673A (en) | Method, apparatus and system for telephone exchange |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Assignee: Datang Telecom Tianjin Technology Service Co., Ltd. Assignor: Xi'an Datang Telecommunication Co., Ltd. Contract fulfillment period: 2009.7.1 to 2014.6.30 contract change Contract record no.: 2009120000124 Denomination of invention: Method for establishing VOIP communication penetrating fire wall Granted publication date: 20080416 License type: Exclusive license Record date: 2009.7.15 |
|
| LIC | Patent licence contract for exploitation submitted for record |
Free format text: EXCLUSIVE LICENSE; TIME LIMIT OF IMPLEMENTING CONTACT: 2009.7.1 TO 2014.6.30; CHANGE OF CONTRACT Name of requester: DATANG TELECOM( TIANJIN ) TECHNOLOGY SERVICE CO., Effective date: 20090715 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20080416 Termination date: 20141017 |
|
| EXPY | Termination of patent right or utility model |