CN109698869B - Private network crossing method, communication node and storage medium - Google Patents

Private network crossing method, communication node and storage medium Download PDF

Info

Publication number
CN109698869B
CN109698869B CN201710993048.0A CN201710993048A CN109698869B CN 109698869 B CN109698869 B CN 109698869B CN 201710993048 A CN201710993048 A CN 201710993048A CN 109698869 B CN109698869 B CN 109698869B
Authority
CN
China
Prior art keywords
access node
call request
address
destination
call
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710993048.0A
Other languages
Chinese (zh)
Other versions
CN109698869A (en
Inventor
杨晓伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Communications Ltd Research Institute filed Critical China Mobile Communications Group Co Ltd
Priority to CN201710993048.0A priority Critical patent/CN109698869B/en
Publication of CN109698869A publication Critical patent/CN109698869A/en
Application granted granted Critical
Publication of CN109698869B publication Critical patent/CN109698869B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal

Abstract

The embodiment of the invention discloses a private network crossing method, a communication node and a storage medium. The private network traversing method applied to the call control service node comprises the following steps: receiving a call request for calling a target terminal, wherein the call request carries target identification information of the target terminal; inquiring the address of an access node at the destination according to the destination identification information, wherein the access node at the destination is an access node for accessing the target terminal from a private network to a public network; adding the address of the destination access node in the call request; and forwarding the call request added with the address of the destination access node, wherein the call request added with the address of the destination access node is used for forwarding the call request to the target terminal in a private network based on the destination identification information after being transmitted to the destination access node.

Description

Private network crossing method, communication node and storage medium
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a private network traversal method, a communication node, and a storage medium.
Background
With the popularization of IP networks, the number and scale of private networks are also increasing. Because IPv4 Address is tense and Network security is a problem, Network Address Translation (NAT) equipment is generally placed on a private Network, so the private Network crossing problem becomes one of the problems to be solved for internet multimedia communication.
In the prior art, the private network Traversal problem is mainly solved by Using schemes such as Application Layer Gateways (AL G, hereinafter), Simple UDP Traversal of NAT (Simple Traversal of UDP through NAT, hereinafter abbreviated as STUN), Traversal of NAT (Traversal Using Traversal of NAT, hereinafter abbreviated as TURN) by a Relay mode, and the like.
Technical solutions disclosed in the prior art all need to change existing network devices or devices of clients, for example, an ALG method needs to modify network devices, and a STUN/TURN method needs to modify client devices. Moreover, since network devices such as NAT firewalls have been heavily used, upgrading them to support multimedia communications traversing NAT firewalls can be quite costly.
Disclosure of Invention
In view of this, embodiments of the present invention are to provide a private network traversal method, a communication node, and a storage medium, which at least partially solve the problem of difficulty in private network traversal.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
in a first aspect, an embodiment of the present invention provides a private network traversal method, applied to a call control service node, including:
receiving a call request for calling a target terminal, wherein the call request carries target identification information of the target terminal;
inquiring the address of an access node at the destination according to the destination identification information, wherein the access node at the destination is an access node for accessing the target terminal from a private network to a public network;
adding the address of the destination access node in the call request;
and forwarding the call request added with the address of the destination access node, wherein the call request added with the address of the destination access node is used for forwarding the call request to the target terminal in a private network based on the destination identification information after being transmitted to the destination access node.
Optionally, the querying, according to the destination identification information, an address of an access node at the destination includes:
inquiring the registration information of the target terminal according to the target identification information, wherein the registration information comprises: the destination identification information of the destination terminal and the address of the destination access node.
Optionally, the receiving a call request of a call target terminal includes:
receiving the call request forwarded by a source access node, wherein the call request carries an address of the source access node;
the method further comprises the following steps:
inquiring registration information of a source terminal, wherein the registration information comprises: the source end identification information of the source terminal and the address of the source end access node;
and when the address of the source end access node carried by the call request is inconsistent with the address of the source end access node in the registration message, rejecting to forward the call request.
Optionally, a source end access node of a source terminal is a load balancer connected with the source terminal;
and/or the presence of a gas in the gas,
the destination access node is a load balancer connected with the target terminal.
Optionally, the method further comprises:
receiving a registration request of a terminal;
generating registration information based on the registration request, wherein the registration information comprises: identification information of the terminal and an address of an access node where the terminal accesses a public network from a private network.
In a second aspect, an embodiment of the present invention provides a private network traversal method, applied to a source access node connecting a private network and a public network, including:
receiving a call request for calling a target terminal;
adding the address of the source end access node in the call request;
sending the call request added with the address of the source access node to a call control service node; wherein, the address of the source access node in the call request is used for the call control server to determine whether to continue forwarding the call request based on the registration information of the source terminal.
Optionally, the method further comprises:
receiving the registration request;
forwarding the registration request to the call control service node; the registration request is used for the call control service node to form registration information including identification information of a source terminal and an address of the source access node.
In a third aspect, an embodiment of the present invention provides a private network traversal method, applied to a destination access node connecting a private network and a public network, including:
receiving a call request which carries the address of the destination access node and is forwarded by a call control service node; wherein, the call request is used for calling a target terminal;
and forwarding the call request to the target terminal positioned in the private network according to the destination identification information in the call request.
Optionally, the method further comprises:
inquiring the call state information of the target terminal;
generating reply information of the call request according to the call state information;
and/or the presence of a gas in the gas,
and receiving reply information returned by the target terminal, and sending the reply information to the call control service node.
In a fourth aspect, an embodiment of the present invention provides a call control service node, including:
a first receiving unit, configured to receive a call request for calling a target terminal, where the call request carries destination identifier information of the target terminal;
the first query unit is used for querying an address of an access node at a destination according to the destination identification information, wherein the access node at the destination is an access node of the target terminal accessed from a private network to a public network;
a first adding unit, configured to add an address of the destination access node in the call request;
a first forwarding unit, configured to forward the call request added with the address of the destination access node, where the call request added with the address of the destination access node is used to forward, after being transmitted to the destination access node, the call request to the destination access node to the target terminal in a private network based on the destination identification information.
In a fifth aspect, an embodiment of the present invention provides a source access node for connecting a private network and a public network, where the source access node includes:
a second receiving unit for receiving a call request for calling a target terminal;
a second adding unit, configured to add an address of the source access node in the call request;
a second forwarding unit, configured to send the call request with the address of the source access node added to the call control service node; wherein, the address of the source access node in the call request is used for the call control server to determine whether to continue forwarding the call request based on the registration information of the source terminal.
In a sixth aspect, an embodiment of the present invention provides a destination access node for connecting a private network and a public network, including:
a third receiving unit, configured to receive a call request forwarded by a call control service node and carrying an address of the destination access node; the call request is used for calling a target terminal;
and a third forwarding unit, configured to forward the call request to the target terminal located in a private network according to the destination identifier information in the call request.
In a seventh aspect, an embodiment of the present invention provides a communication node, including: a transceiver, a memory, a processor, and a computer program stored on the memory and executed by the processor;
the processor is respectively connected with the transceiver and the memory, and executes the private network crossing method provided by one or more technical schemes by executing the computer program.
In an eighth aspect, an embodiment of the present invention provides a computer storage medium, where a computer program is stored in the computer storage medium; after being executed, the computer program can implement the private network crossing method provided by one or more of the above technical solutions.
In the private network crossing method, the communication node and the storage medium of the embodiment of the invention, the call control service node adds the address of the access node of the target terminal in the call request, routes the call request to the access node of the target terminal accessed from the private network to the public network, and after receiving the call request, the access node forwards the call request to the corresponding terminal in the connected private network, thereby completing the private network crossing.
Drawings
Fig. 1 is a schematic flow chart of a first private network traversal method according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a second private network traversal method according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a third private network traversal method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a call control service node according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a source access node according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a destination access node according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a communication system according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a communication node according to an embodiment of the present invention.
Detailed Description
The technical solution of the present invention is further described in detail with reference to the drawings and the specific embodiments of the specification.
As shown in fig. 1, the present embodiment provides a private network traversal method, applied to a call control service node, including:
step S110: receiving a call request for calling a target terminal, wherein the call request carries target identification information of the target terminal;
step S120: inquiring the address of an access node at the destination according to the destination identification information, wherein the access node at the destination is an access node for accessing the target terminal from a private network to a public network;
step S130: adding the address of the destination access node in the call request;
step S140: and forwarding the call request added with the address of the destination access node, wherein the call request added with the address of the destination access node is used for forwarding the call request to the target terminal in a private network based on the destination identification information after being transmitted to the destination access node.
The embodiment provides a private network crossing method, which is mainly used for calling a target device in a private network. In this embodiment, the method for processing a call control service node is described. In this embodiment, the call control service node is connected to an access node, where the access node may be a load balancing node for load balancing. The call control service node may be a communication node for call forwarding and distribution.
In this embodiment, the call control service node receives various call requests, some of which are call capability servers, may also initiate calls to the call proxy server, and others may directly call the target terminal. Step S110 of the present embodiment may include:
judging whether the call request is a call request for directly calling a target terminal, if so, extracting target identification information of the target terminal in the call terminal; the destination identification information may be various information for identifying the target terminal, such as a mobile phone number of the target terminal, an equipment identification number of the target terminal (e.g., an international mobile equipment identity, IMEI), or a user account allocated after the target terminal is registered in a network. Since the target terminal registers address information of an access node, which accesses itself from a private network to a public network, in the network in advance, for example, in a database of the network.
In this way, in step S120, the call control service node may obtain, according to the destination identifier information, an address of an access node through which the target terminal accesses the public network by querying a local database or a remote database.
In step S130, if the address of the access node where the target terminal accesses the public network from the private network is queried, the address of the access node of the target terminal is added to the call request, for example, a routing (Router) message header is added, the Router message header carries the address of the access node of the target terminal, and the address is used as the target address of the call request and is forwarded to the next node, so that the call request is naturally routed to the access node where the target terminal accesses the public network from the private network, and the access node can determine which target terminal in the private network to which the call request is currently connected according to the destination identification information in the call request, and the like, and further forward the corresponding call request to the target terminal, thereby completing the private network traversal of the call request.
In this embodiment, the target terminal accesses an access node of a public network from a private network, which is referred to as a target access node. In this embodiment, the address of the target access node may be an IP address of the target access node, and the IP address of the target access node may also be referred to as a public network address of the target terminal, where only a plurality of terminals located in a private network are connected to the public network address, and the terminals all have private network addresses.
Optionally, the step S120 may include:
inquiring the registration information of the target terminal according to the target identification information, wherein the registration information comprises: the destination identification information of the destination terminal and the address of the destination access node.
In this embodiment, the registration information may be information generated when the terminal registers to the network. For example, a terminal connects to a network, initiates a registration request to the network, and after receiving the registration request, a server on the network side generates corresponding registration information if agreeing to the registration of the terminal, so as to prove that the terminal has completed the registration in the network. In this embodiment, according to the destination identifier, the registration information of the target terminal is queried, and the registration information includes the address of the access node where the target terminal accesses the public network from the private network, so that in step S120, the address of the access node of the target terminal can be obtained by querying the registration information of the target terminal based on the destination identifier.
The step S110 may include:
receiving the call request forwarded by a source access node, wherein the call request carries an address of the source access node;
the method further comprises the following steps:
inquiring registration information of a source terminal, wherein the registration information comprises: the source end identification information of the source terminal and the address of the source end access node;
and when the address of the source end access node carried by the call request is inconsistent with the address of the source end access node in the registration message, rejecting to forward the call request.
The call request to the target terminal may be a call request forwarded through the originating access node in this embodiment. For example, a source terminal initiating a call sends a call request to an access node connected to the source terminal, and the access node connected to the source terminal performs subsequent forwarding, at this time, the call control server may determine that the call request is an illegal call request according to the fact that an address of a source end access node carried in the call request is not consistent with an address of the source end access node in the registration information, and in order to ensure security of a target terminal receiving the call, the source terminal will refuse to forward the call request received this time.
In some embodiments, the method further comprises:
and when the call request is refused to be forwarded, generating a refusing message, and sending the refusing message to the call source through the source end call request in the registration information and/or the remote call request carried in the call request so as to inform the reason that the call is refused.
In some embodiments, the method further comprises:
and counting the times of inconsistency between the address of the source access node carried in the call request initiated by the same call source in a preset time window and the address of the access node in the registration message, and if the times reach the specified times, adding the call source into a blacklist. Call sources in the blacklist may be barred from calling or barred from originating calls for a specified length of time.
In still other embodiments, the method further comprises:
determining whether an access node of the source terminal has changed;
if the access node of the source terminal is changed, sending a re-registration notification to the source terminal; the re-registration notification is used for triggering the source terminal to re-initiate registration, so that the address of the access node in the registration information of the source terminal stored in the network is the address of the access node which is accessed to the public network from the private network currently.
The registration request initiated by the terminal is transmitted to a server for processing the registration request through an access node, when the access node receives the registration request, the access node carries the address of the access node in the registration request, the registration request carrying the address of the access node is transmitted to the server, and then the server generates or updates registration information according to the registration request carrying the address of the access node.
Optionally, the source access node is a load balancer connected to the source terminal; and/or the destination access node is a load balancer connected with the target terminal.
Whatever the call source will be accessed to the network through the load balancer. In this embodiment, the destination access node and the source access node may both be corresponding load balancers.
In this embodiment, the call source may be divided into a terminal call source initiated by the terminal, a capability server type call source initiated by the capability control server, and a call agent type call source initiated by the call control server.
In this embodiment, a call initiated by a general terminal may involve private network traversal. In this case, step S110 in this embodiment may include: receiving a call request initiated by a terminal type call source, and extracting the destination identification information of a target terminal in the call request initiated by the terminal type call source.
In some embodiments, for a terminal-class call source, the source access node (e.g., a load balancer connected to the source terminal) adds a type identifier to the call request, where the type identifier indicates the call request originated for the terminal-class call source. In this way, after receiving the call request forwarded by the access node such as the load balancer, the call control server may determine whether the call source type is the call source type according to the type identifier, and determine whether the address of the access node of the destination needs to be added to the call request.
In still other embodiments, the method further comprises:
whether the target terminal is located in a private network;
when the target terminal is located in a private network, the step S120 is executed.
For example, whether a target IP address carried in the call request is a public network IP address is determined, for example, whether the target IP address is a unique IP address of the whole network is queried, and if not, the target terminal is considered to be located in the private network.
For another example, the registration information is queried according to the destination identification information, if a specified field in the registration information indicates that the target terminal is located in a private network, an address field of an access node in the registration information is queried, so as to obtain an address of the access node of the target terminal, the address field is added to the call request, the call request is forwarded to the access node connected with the target terminal, and the access node forwards the call request to the target terminal according to a connection relation recorded by the access node or information of the target terminal stored by the access node, so that private network traversal is completed.
Optionally, the method further comprises:
receiving a registration request of a terminal;
generating registration information based on the registration request, wherein the registration information comprises: identification information of the terminal and an address of an access node where the terminal accesses a public network from a private network.
In this embodiment, after the terminal connects to the network, a registration request may be initiated, and a server on the network side, for example, the call control server or other management server, may generate the registration information based on the registration request, where the registration information may include: the identification information of the terminal and the address of the access node, thereby facilitating the subsequent other call requests to pass through to the private network to call the terminal.
In some embodiments, the call control server further stores call state information of each terminal, and the method further includes:
and executing the reply or forwarding operation of the call request according to the call state information of the target terminal. For example, if the current idle state of the target terminal is determined according to the call state information of the target terminal, the call request is forwarded, and if the current busy state of the target terminal is determined, the notification information indicating the busy state of the target terminal is forwarded to the call source.
As shown in fig. 2, the present embodiment provides a private network traversal method, which is applied to a source access node connecting a private network and a public network, and includes:
step S210: receiving a call request for calling a target terminal;
step S220: adding the address of the source end access node in the call request;
step S230: sending the call request added with the address of the source access node to a call control service node; wherein, the address of the source access node in the call request is used for the call control server to determine whether to continue forwarding the call request based on the registration information of the source terminal.
In this embodiment, the access node receives a call request for calling a target terminal, where the call request may be originated by a source terminal, or may be originated or forwarded by a proxy server, or may be originated or forwarded by a capability server.
If the call request is received, the address of the source access node is added to the call request, where the added address may be the IP address of the source access node.
And sends the call request with the address of the source access node added to the call control service node.
If the address of the source access node carried in the call request is consistent with the address of the access node in the registration information after the call control service node receives the call request, the call request is determined to be forwarded, and if the address is inconsistent, the call request is rejected, so that the account number of the user is prevented from being stolen.
Optionally, the method further comprises:
receiving the registration request;
forwarding the registration request to a call control service node; the registration request is used for the call control service node to form registration information including identification information of a source terminal and an address of the access node.
In this embodiment, the access node further receives the registration request and sends the registration request to the call control service node. The call control service node may intervene in the registration request to generate registration information. The address of the access node may be automatically added to the registration request after the access node receives the registration request sent by the terminal, or the address of the access node determined by the call control service node according to the transmission path of the call request.
In this embodiment, the access node may be a load balancing server.
As shown in fig. 3, this embodiment provides a private network traversal method, which is applied to a destination access node connecting a private network and a public network, and includes:
step S310: receiving a call request which carries the address of the destination access node and is forwarded by a call control service node; the call request is used for calling a target terminal;
step S320: and forwarding the call request to the target terminal positioned in the private network according to the destination identification information in the call request.
In this embodiment, the method may be a method applied to an access node. The access node here may be a destination access node.
After receiving the call request, the call request is forwarded to a target terminal in a private network connected with the call request according to the destination identification information, so that the private network crossing of the call request is completed.
Optionally, the method further comprises:
inquiring the call state information of the target terminal;
generating reply information of the call request according to the call state information;
and/or the presence of a gas in the gas,
and receiving reply information returned by the target terminal, and sending the reply information to the call control service node.
For example, the call state information of the target terminal may include: whether the current target terminal is communicating with other terminals or other terminals are calling the target terminal, in order to avoid conflict between calls, the access node generates recovery information of the call request according to the call state information.
In other embodiments, the access node may not record the call state of the target terminal by itself, and at this time, the call request is directly sent to the target terminal in the private network, and the target terminal may generate a corresponding reply according to the call state of itself, for example, an answer, a response rejection, or a prompt of a call being made, and the target terminal may generate a corresponding reply message to the access node, and the access node of the target terminal may forward the reply message to the call control server after receiving the reply message. The call control server sends a corresponding source access node according to the IP address of the call source in the call request or the address of the source access node of the call source, and finally forwards the call source.
As shown in fig. 4, the present embodiment provides a call control service node, including:
a first receiving unit 110, configured to receive a call request for calling a target terminal, where the call request carries destination identifier information of the target terminal;
a first querying unit 120, configured to query, according to the destination identifier information, an address of an access node located at a destination, where the destination access node is an access node where the target terminal accesses a public network from a private network;
a first adding unit 130, configured to add an address of the destination access node in the call request;
a first forwarding unit 140, configured to forward the call request added with the address of the destination access node, where the call request added with the address of the destination access node is used to forward, after being transmitted to the destination access node, the call request to the destination access node to the target terminal in a private network based on the destination identification information.
In this embodiment, the first receiving unit 110 and the first forwarding unit 140 may correspond to a transceiver capable of transmitting and receiving information, such as a communication interface, and may be used for transmitting and receiving information.
The query unit and the first adding unit 130 may correspond to a processor, which may be a central processing unit, a digital signal processor, an application processor, a microprocessor, a programmable array or an application processor, etc. The processor may implement one or more of the foregoing steps by execution of executable instructions, such as a computer program.
Optionally, the first querying unit 120 is specifically configured to query, according to the destination identifier information, registration information of the target terminal, where the registration information includes: the destination identification information of the destination terminal and the address of the destination access node.
Optionally, the first receiving unit 110 is specifically configured to receive the call request forwarded by the source access node, where the call request carries an address of the source access node;
the first querying unit 120 is further configured to query registration information of a source terminal, where the registration information includes: the source end identification information of the source terminal and the address of the source end access node;
the first forwarding unit 140 is further configured to refuse to forward the call request when the address of the source access node carried in the call request is inconsistent with the address of the source access node in the registration message.
Optionally, the source access node is a load balancer connected to the source terminal; and/or the destination access node is a load balancer connected with the target terminal.
The first receiving unit 110 is further configured to receive a registration request of a terminal;
generating registration information based on the registration request, wherein the registration information comprises: identification information of the terminal and an address of an access node where the terminal accesses a public network from a private network.
As shown in fig. 5, this embodiment further provides a source access node for connecting a private network and a public network, including:
a second receiving unit 210 for receiving a call request of a call target terminal;
a second adding unit 220, configured to add the address of the source access node in the call request;
a second forwarding unit 230, configured to send the call request with the address of the source access node added to the call control service node; wherein, the address of the source access node in the call request is used for the call control server to determine whether to continue forwarding the call request based on the registration information of the source terminal.
The second receiving unit 210 and the second forwarding unit 230 in this embodiment may correspond to transceivers such as a communication interface. The second adding unit 220 may correspond to a processor or the like.
Optionally, the second receiving unit 210 is further configured to receive the registration request;
the second forwarding unit 230 is further configured to forward the registration request to a call control service node; the registration request is used for the call control service node to form registration information including identification information of a source terminal and an address of the access node.
Optionally, as shown in fig. 6, this embodiment provides a destination access node for connecting a private network and a public network, including:
a third receiving unit 310, configured to receive a call request forwarded by a call control service node and carrying an address of the destination access node; the call request is used for calling a target terminal;
a third forwarding unit 320, configured to forward the call request to the target terminal located in the private network according to the destination identifier information in the call request.
The third receiving unit 310 and the third forwarding unit 320 in this embodiment may correspond to transceivers such as a communication interface.
Optionally, the target access node further includes:
the third query unit is used for querying the call state information of the target terminal; generating reply information of the call request according to the call state information; and/or receiving reply information returned by the target terminal, and sending the reply information to the call control service node.
Several specific examples are provided based on any of the embodiments described above:
example 1:
referring to fig. 7, in this example, the call sources originating the call may be classified into three categories: a terminal class, a call agent class, and a capability server class. The terminal class can be a class in which a terminal initiates a call; the call agent class can be a class which is called by a proxy server; the capability server may be a type that initiates calls for servers with call capabilities. All three call sources are accessed through a Load Balancer (Load Balancer) to realize Load sharing.
The three call sources differ in that: in the process of terminal access, the problem of private network crossing needs to be solved, and the terminal type call source processing:
in the process of accessing the terminal, the terminal may be in a private Network, and since Network Address Translation (NAT) may be port-restricted or symmetric, this will cause that an external Network port found by the terminal using Simple Traversal of User data packet Protocol (STUN) cannot be accessed by the call server (STUN deployment Address and port, different from called server Address and load balancer Address). The actual address of the terminal therefore needs to use the actual address at which the user registration request was received (the received and reported address and port in the Via request) rather than the address identified in the communication path (Contact).
Also, since NAT may be port-restricted or symmetric, subsequent requests are sent to the terminal using the address and port (Load balance address and port) accessed by the terminal registration. Therefore, the Load Balancer of the access terminal class Call source needs to provide the Call State full Proxy (Call State full Proxy) function. Meanwhile, because there may be a plurality of Load balancers, the Load balancers accessed during terminal registration need to be recorded in each terminal registration message in the registration process, so as to ensure that subsequent requests can use the same Load balancers.
When the terminal initiates a call, the Load Balancer needs to add a Record-Route message header and leaves itself in a subsequent request forwarding path according to a loose routing rule. The address of the active access node may be carried in the Record-Route message header.
The call control service finds that the target user is the control domain user, needs to extract the Load balance when registering, adds a Route message header, and sets a forced Route. In this example, the domain controlled by the call control server is the local domain, the domains outside the local domain are external domains, and if the target user is located in the external domain, the call request is forwarded to the call control server controlling the corresponding domain. The Route message may carry the address of the destination access node.
In order to ensure private network crossing and call safety, the call address is checked when the call is initiated. If the call origination address is the address used when the user is registered, the call is allowed to originate, otherwise it is rejected, via 403. The call request is rejected, on one hand, the user account number can be prevented from being stolen, and on the other hand, the terminal can be informed of the change of the private network crossing address. After receiving 403 the response, the terminal can reinitiate the registration refresh, update its own registration binding address in time, and ensure that it can be called normally.
1. Recording Load balancers accessed during terminal registration in each terminal registration message in the registration process; 2. when a terminal initiates a call, adding a Record-Route message header in a Load Balancer; 3. and finding that the target user is the control domain user, needing to extract the Load balance when registering, adding a Route message header and setting a forced Route.
As shown in fig. 8, an embodiment of the present invention further provides a communication node, where the communication node may be the aforementioned call control service node, source access node, destination access node, and the like, and both the source access node and the destination access node may be load balancers connected to a private network and a public network. The communication node may comprise: a transceiver 330, a memory 310, a processor 320, and a computer program stored on the memory 310 and executed by the processor 320;
the processor 320 is connected to the memory 310 and the transceiver 330, respectively, and configured to control information storage of the memory 310 and information transceiving of the transceiver 330 by executing the computer program 340, and implement a private network crossing method provided by one or more of the foregoing technical solutions, for example, at least one of the private network crossing methods shown in fig. 1 to 3 may be executed.
In this embodiment, the transceiver 330 may correspond to a network interface, and the network interface may be a cable interface and may be used for data interaction with other network elements.
The memory 310 may include: various types of storage media may be used for data storage. In this embodiment, the storage medium included in the memory 310 is at least partially a non-volatile storage medium, and can be used for storing the computer program 340.
The processor 320 may include: a central processing unit, microprocessor, digital signal processor, application specific integrated circuit, or programmable array, etc., may be used to effect the formation of PNF packets through execution of computer program 340.
In this embodiment, the processor 320 may be connected to the transceiver 330 and the memory 310 through an intra-device bus such as an integrated circuit bus.
An embodiment of the present invention further provides a computer storage medium, where a computer program is stored, and after the computer program is executed by a processor, the computer program executes a private network traversal method provided in one or more of the foregoing technical solutions, for example, at least one of the private network traversal methods shown in fig. 1 to 3 may be executed.
The computer storage medium provided by the embodiment of the invention comprises: a mobile storage device, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes. Alternatively, the computer storage medium may be a non-transitory storage medium. The non-transitory storage medium herein may also be referred to as a non-volatile storage medium.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, all the functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may be separately used as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: a mobile storage device, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (14)

1. A private network traversing method is applied to a call control service node and comprises the following steps:
receiving a call request for calling a target terminal, wherein the call request carries target identification information of the target terminal;
inquiring the address of an access node at the destination according to the destination identification information, wherein the access node at the destination is an access node for accessing the target terminal from a private network to a public network;
adding the address of the destination access node in the call request;
and forwarding the call request added with the address of the destination access node, wherein the call request added with the address of the destination access node is used for forwarding the call request to the target terminal in a private network based on the destination identification information after being transmitted to the destination access node.
2. The method of claim 1,
the querying, according to the destination identification information, an address of an access node at a destination, includes:
inquiring the registration information of the target terminal according to the target identification information, wherein the registration information comprises: the destination identification information of the destination terminal and the address of the destination access node.
3. The method according to claim 1 or 2,
the receiving of the call request of the call target terminal includes:
receiving the call request forwarded by a source access node, wherein the call request carries an address of the source access node;
the method further comprises the following steps:
inquiring registration information of a source terminal, wherein the registration information comprises: the source end identification information of the source terminal and the address of the source end access node;
and when the address of the source end access node carried by the call request is inconsistent with the address of the source end access node in the registration message, rejecting to forward the call request.
4. The method according to claim 1 or 2,
a source end access node of a source terminal is a load balancer connected with the source terminal;
and/or the presence of a gas in the gas,
the destination access node is a load balancer connected with the target terminal.
5. The method according to claim 1 or 2,
the method further comprises the following steps:
receiving a registration request of a terminal;
generating registration information based on the registration request, wherein the registration information comprises: identification information of the terminal and an address of an access node where the terminal accesses a public network from a private network.
6. A private network crossing method is applied to a source end access node connecting a private network and a public network, and comprises the following steps:
receiving a call request for calling a target terminal, wherein the call request carries target identification information of the target terminal, and the target identification information is used for a call control service node to inquire an address of an access node at the target terminal;
adding the address of the source end access node in the call request;
sending the call request added with the address of the source access node to the call control service node; wherein, the address of the source access node in the call request is used for the call control service node to determine whether to continue forwarding the call request based on the registration information of the source terminal; and under the condition that the call control service node determines to continue forwarding the call request, the call control service node inquires the address of the destination access node based on the destination identification information, adds the address of the destination access node into the call request, and then forwards the call request added with the address of the destination access node, so that the call request is transmitted to the destination access node and then is forwarded to the target terminal in a private network based on the destination identification information by the destination access node.
7. The method of claim 6, further comprising:
receiving a registration request;
forwarding the registration request to the call control service node; the registration request is used for the call control service node to form registration information including identification information of a source terminal and an address of the source access node.
8. A private network crossing method is applied to a destination access node connecting a private network and a public network, and comprises the following steps:
receiving a call request which carries the address of the destination access node and is forwarded by a call control service node; the call request is used for calling a target terminal, and the access node of the target terminal is a load balancer connected with the target terminal; the call request is received by a source access node, and the address of the source access node is added and then the call request is forwarded to the call control service node; the call control service node inquires the address of the destination access node based on destination identification information, adds the address of the destination access node into the call request, and forwards the call request added with the address of the destination access node to the destination access node;
and forwarding the call request to the target terminal positioned in the private network according to the destination identification information in the call request.
9. The method of claim 8, further comprising:
inquiring the call state information of the target terminal;
generating reply information of the call request according to the call state information;
and/or the presence of a gas in the gas,
and receiving reply information returned by the target terminal, and sending the reply information to the call control service node.
10. A call control service node, comprising:
a first receiving unit, configured to receive a call request for calling a target terminal, where the call request carries destination identifier information of the target terminal;
the first query unit is used for querying an address of an access node at a destination according to the destination identification information, wherein the access node at the destination is an access node of the target terminal accessed from a private network to a public network;
a first adding unit, configured to add an address of the destination access node in the call request;
a first forwarding unit, configured to forward the call request added with the address of the destination access node, where the call request added with the address of the destination access node is used to forward, after being transmitted to the destination access node, the call request to the destination access node to the target terminal in a private network based on the destination identification information.
11. A source access node for connecting a private network to a public network, comprising:
a second receiving unit, configured to receive a call request for calling a target terminal, where the call request carries destination identification information of the target terminal, and the destination identification information is used for a call control service node to query an address of an access node located at the target terminal;
a second adding unit, configured to add an address of the source access node in the call request;
a second forwarding unit, configured to send the call request with the address of the source access node added to the call control service node; wherein, the address of the source access node in the call request is used for the call control service node to determine whether to continue forwarding the call request based on the registration information of the source terminal; and under the condition that the call control service node determines to continue forwarding the call request, the call control service node inquires the address of the destination access node based on the destination identification information, adds the address of the destination access node into the call request, and then forwards the call request added with the address of the destination access node, so that the call request is transmitted to the destination access node and then is forwarded to the target terminal in a private network based on the destination identification information by the destination access node.
12. A destination access node for connecting a private network to a public network, comprising:
a third receiving unit, configured to receive a call request forwarded by a call control service node and carrying an address of the destination access node; the call request is used for calling a target terminal, and the target terminal access node is a load balancer connected with the target terminal; the call request is received by a source access node, and the address of the source access node is added and then the call request is forwarded to the call control service node; the call control service node inquires the address of the destination access node based on destination identification information, adds the address of the destination access node into the call request, and forwards the call request added with the address of the destination access node to the destination access node;
and a third forwarding unit, configured to forward the call request to the target terminal located in a private network according to the destination identifier information in the call request.
13. A communication node, comprising: a transceiver, a memory, a processor, and a computer program stored on the memory and executed by the processor;
the processor is connected with the transceiver and the memory respectively, and executes the computer program to execute the private network crossing method provided by any one of the preceding claims 1 to 9.
14. A computer storage medium storing a computer program; the computer program, when executed, is capable of implementing a private network crossing method as provided in any of the preceding claims 1 to 9.
CN201710993048.0A 2017-10-23 2017-10-23 Private network crossing method, communication node and storage medium Active CN109698869B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710993048.0A CN109698869B (en) 2017-10-23 2017-10-23 Private network crossing method, communication node and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710993048.0A CN109698869B (en) 2017-10-23 2017-10-23 Private network crossing method, communication node and storage medium

Publications (2)

Publication Number Publication Date
CN109698869A CN109698869A (en) 2019-04-30
CN109698869B true CN109698869B (en) 2022-02-25

Family

ID=66225829

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710993048.0A Active CN109698869B (en) 2017-10-23 2017-10-23 Private network crossing method, communication node and storage medium

Country Status (1)

Country Link
CN (1) CN109698869B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111464964A (en) * 2020-04-01 2020-07-28 中国联合网络通信集团有限公司 Call addressing method and device
CN112153109B (en) * 2020-08-14 2023-09-29 深圳市捷视飞通科技股份有限公司 Method, device, computer equipment and storage medium for establishing communication connection

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1767509A (en) * 2004-10-29 2006-05-03 北京佳讯飞鸿电气有限责任公司 Method for realizing external network user crossing NAT equipment
CN100493048C (en) * 2004-10-18 2009-05-27 北京万林克网络技术有限公司 Multimedia communication proxy system and method capable of crossing network address conversion and firewall
CN102447748A (en) * 2010-10-15 2012-05-09 华为技术有限公司 Method, equipment and system for allocating outer Internet protocol IP addresses during network address translation (NAT)
CN104717311A (en) * 2013-12-12 2015-06-17 中国移动通信集团公司 NAT traversal method, network node and system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7933273B2 (en) * 2007-07-27 2011-04-26 Sony Computer Entertainment Inc. Cooperative NAT behavior discovery
US8769278B2 (en) * 2010-04-07 2014-07-01 Apple Inc. Apparatus and method for efficiently and securely exchanging connection data
CN104506404B (en) * 2014-12-17 2018-03-16 新华三技术有限公司 The method and apparatus for establishing VLAN forwarding channel

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100493048C (en) * 2004-10-18 2009-05-27 北京万林克网络技术有限公司 Multimedia communication proxy system and method capable of crossing network address conversion and firewall
CN1767509A (en) * 2004-10-29 2006-05-03 北京佳讯飞鸿电气有限责任公司 Method for realizing external network user crossing NAT equipment
CN102447748A (en) * 2010-10-15 2012-05-09 华为技术有限公司 Method, equipment and system for allocating outer Internet protocol IP addresses during network address translation (NAT)
CN104717311A (en) * 2013-12-12 2015-06-17 中国移动通信集团公司 NAT traversal method, network node and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
潘永东 ; 陈旭.《SBC网元实现SIP协议私网穿越的研究》.《计算机工程与科学》.2008, *

Also Published As

Publication number Publication date
CN109698869A (en) 2019-04-30

Similar Documents

Publication Publication Date Title
US20220224646A1 (en) Method for implementing service continuity and related device
US10079803B2 (en) Peer-to-peer connection establishment using TURN
US11451510B2 (en) Method and apparatus for processing service request
CN102656845B (en) Methods, systems, and computer readable media for providing diameter signaling router with integrated monitoring and/or firewall functionality
US8615237B2 (en) Methods, systems, and computer readable media for policy and charging rules function (PCRF) node selection
US8208930B2 (en) Message routing in a telecommunication system
EP3472992B1 (en) Network path probing using available network connections
US20230354149A1 (en) Method for identification of traffic suitable for edge breakout and for traffic steering in a mobile network
US10033736B2 (en) Methods, systems, and computer readable media for remote authentication dial-in user service (radius) topology hiding
JP2002094558A (en) Packet transfer method, mobile terminal and router device
US8018847B2 (en) System and method for redirecting requests
CN101820432A (en) Safety control method and device of stateless address configuration
EP2491732B1 (en) Wireless access point
US9667798B2 (en) Enabling a communication server to use MSC-S related functions
CN109698869B (en) Private network crossing method, communication node and storage medium
EP3016423A1 (en) Network safety monitoring method and system
US10129749B2 (en) Method and device for acquiring response message, method and device for routing response message, and system for acquiring response message and routing response message
US10009258B2 (en) Methods, systems, and computer readable media for routing a redirected request message
EP3989509A1 (en) Method for realizing network dynamics, system, terminal device and storage medium
GB2598293A (en) Apparatus, methods, and computer programs
CN103327006A (en) Safety method in multi-access network
KR102185665B1 (en) Server, Terminal, Method, and Recording Medium for IPv6-based Communication in All-IP environment
WO2012075779A1 (en) Method and system for guaranteeing quality of service of mobile node
JP4617203B2 (en) Server apparatus and communication connection method
CN116193421A (en) Verification method, device and system of network connection information and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant