WO2009114997A1 - Application-oriented name registration system for used in multi-layer network address translator environment and the method thereof - Google Patents

Application-oriented name registration system for used in multi-layer network address translator environment and the method thereof Download PDF

Info

Publication number
WO2009114997A1
WO2009114997A1 PCT/CN2009/000305 CN2009000305W WO2009114997A1 WO 2009114997 A1 WO2009114997 A1 WO 2009114997A1 CN 2009000305 W CN2009000305 W CN 2009000305W WO 2009114997 A1 WO2009114997 A1 WO 2009114997A1
Authority
WO
WIPO (PCT)
Prior art keywords
message
registration
network
user
registration service
Prior art date
Application number
PCT/CN2009/000305
Other languages
French (fr)
Chinese (zh)
Inventor
傅川
张国清
王迪
杨清峰
Original Assignee
中国科学院计算技术研究所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国科学院计算技术研究所 filed Critical 中国科学院计算技术研究所
Publication of WO2009114997A1 publication Critical patent/WO2009114997A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

An application-oriented name registration system for used in multi-layer network address translator environment, a logon method and a query method are provided, said multi-layer network address translator environment includes a public network and at least a private network, and said private network accesses the public network and other private networks via the network address translation unit, said name registration system includes a system terminal device, a calling agent server and a registration service device which accesses the public network and at least a private network; application of the present invention enables the application, service, user to be located by the ID in the multi-layer NAT network environment.

Description

多层 N A T网络中面向应用的名字注册系统及方法 技术领域  Application-oriented name registration system and method in multi-layer N A T network
本发明涉及计算机网络通信技术领域, 更具体地, 本发明涉及一 种多层 NAT网络中面向应用的名字注册系统及方法。 背景技术  The present invention relates to the field of computer network communication technologies, and more particularly, to an application-oriented name registration system and method in a multi-layer NAT network. Background technique
众所周知由于 IP地址地址空间有限以及分配上的不均勾, 导致 网络地址严重缺乏, 从实际应用和部署上看, NAT ( Network Addres s Trans lator )技术是解决 IP地址不足情况下网民接入互联网的重要 方法。 随着个人信息设备的增多, 网络接入设备的普及, 网络技术的 发展,越来越多的公司、 团体和家庭希望将这些设备以网络的方式组 织在一起, 并接入互联网, 而且出于安全的考虑, 如何在网络上隐藏 高安全等级的节点是 4艮多公司面临的问题,在这种 IP地址严重缺乏、 设备组网互联需求迫切并且存在大量安全隐患的情况下,通过 NAT技 术形成的单级或者多层私网结构接入互联网在实际部署中已经越来 越普遍和流行。  It is well known that due to the limited IP address space and the uneven distribution of the network, the network address is seriously lacking. From the perspective of practical application and deployment, NAT (Network Addres s Trans lator) technology is to solve the problem of Internet users accessing the Internet when the IP address is insufficient. Important method. With the increase of personal information devices, the popularity of network access devices, and the development of network technologies, more and more companies, groups, and families hope to organize these devices in a networked manner and access the Internet. Security considerations, how to hide high-security nodes on the network is a problem faced by more than 4 companies. In the case of such a serious lack of IP addresses, urgent need for network interconnection, and a large number of security risks, NAT technology is formed. The single-layer or multi-layer private network structure accessing the Internet has become more and more popular and popular in actual deployment.
NAT设备为 NAT下的私网地址提供地址翻译功能, 使得私网内的 主机可以透明地访问外部网络地址,而 NAT下主机的私网地址在外部 网络中是不可路由的,外部网络主机无法直接访问位于 NAT下私网内 的主机。 因而, 部署在私网内的大量服务比如 Web服务、 即时消息、 f tp服务节点等无法直接被此私网所对应的外部网络所直接访问。  The NAT device provides the address translation function for the private network address under the NAT, so that the host in the private network can transparently access the external network address. The private network address of the host under the NAT is not routable in the external network. The external network host cannot directly Access the host located in the private network under NAT. Therefore, a large number of services deployed in the private network, such as Web services, instant messages, and FTP services nodes, cannot be directly accessed by the external network corresponding to the private network.
目前互联网上的服务一般都拥有全球统一 IP地址, 在 NAT内, 私网 IP地址上的服务(如 Web服务节、 FTP服务节点)一般只在该 私网内部可见,该私网外的其他主机域无法知道该私网内的服务并对 其进行访问。 而部署在 NAT内私网 IP上的对等通信服务(如即时消 息、文件共享和媒体传输等 ),一般可以利用 STUN [2] . TURN [3]、 ICE [4] 等 RFC标准的协议, 通过公网服务节点中继、 NAT穿洞、 反转联接等 技术向 Internet上主机提供服务。 不难发现, 这些实现方案都是跟 具体应用紧密相关的, 是作为一个功能模块内嵌在应用中, 而且对于 和该服务位于同根多层 NAT下的主机节点而言,也要通过公网服务节 点中继提供服务,这显然是不合理的。如何提供一种统一的解决办法, 使得私网内的服务对其外部网络可见,做到与具体应用无关, 并且为 外部网络节点提供更为合理的访问途径, 是现存的一个重要问题。 发明内容 Currently, services on the Internet generally have a globally uniform IP address. In a NAT, services on a private network IP address (such as a Web service node or an FTP service node) are generally only visible inside the private network, and other hosts outside the private network. The domain cannot know and access the services within the private network. Peer-to-peer communication services (such as instant messaging, file sharing, and media transmission) deployed on the private IP of the NAT can generally use the protocols of the RFC standard such as STUN [2], TURN [3], and ICE [4]. Provide services to hosts on the Internet through technologies such as public network service node relay, NAT tunneling, and reverse connection. It is not difficult to find that these implementations are closely related to the specific application, and are embedded in the application as a function module, and for the host node under the same-layer multi-layer NAT with the service, also through the public network service. Node relay provides services, which is obviously unreasonable. How to provide a unified solution, making the services in the private network visible to its external network, independent of the specific application, and providing a more reasonable access path for the external network node is an important issue. Summary of the invention
为克服现有多层 NAT 网络环境中私网内服务对外部网络不可见 的缺陷,本发明提出了一种多层 NAT网络中面向应用的名字注册系统 及方法。  In order to overcome the defect that the services in the private network are invisible to the external network in the existing multi-layer NAT network environment, the present invention proposes an application-oriented name registration system and method in a multi-layer NAT network.
根据本发明的第一方面, 本发明提供了一种多层 NAT环境下面向 应用的名字注册系统, 所述多层 NAT环境包括公有网络和至少一个私 有网络,所述私有网络通过地址转换单元接入公有网络或其它私有网 络; 所述名字注册系统包括系统终端设备、呼叫代理服务器以及接入 公有网络和至少一个私有网络的注册服务装置;  According to a first aspect of the present invention, the present invention provides a name registration system for an application under a multi-layer NAT environment, the multi-layer NAT environment comprising a public network and at least one private network, the private network being connected by an address translation unit Entering a public network or other private network; the name registration system includes a system terminal device, a call proxy server, and a registration service device that accesses the public network and at least one private network;
其中,所述注册服务装置由接入公有网络和各私有网络的注册服 务单元组成;所述注册服务单元用于接受系统终端设备的注册和登录 请求, 并记录所述系统终端设备的用户注册、 登录信息,所述用户登 录信息包括用户标识、用户使用的系统终端设备在所述注册服务单元 接入的网络中的用户登录点和用户使用的系统终端设备在所述注册 服务单元接入的网络中的系统终端设备访问点;  The registration service device is composed of a registration service unit that accesses the public network and each private network; the registration service unit is configured to accept a registration and login request of the system terminal device, and record a user registration of the system terminal device, Login information, the user login information includes a user identifier, a user login point used by the system terminal device used by the user in the network accessed by the registration service unit, and a network accessed by the system terminal device used by the user in the registration service unit System terminal access point in the system;
所述系统终端设备用于同注册服务装置、呼叫代理服务器交互信 息, 通过呼叫代理服务器向注册服务装置发送用户登录信息; 所述系 统终端设备可以识别 S I P协议,使用 S I P协议中定义的消息和实体传递 用户登录消息;  The system terminal device is configured to exchange information with the registration service device and the call proxy server, and send the user login information to the registration service device by using the call proxy server; the system terminal device can identify the SIP protocol, and use the message and the entity defined in the SIP protocol. Pass the user login message;
所述呼叫代理服务器,包括与公网相连接的顶级呼叫代理服务器 和与各私有网络相连接的呼叫代理服务器, 用于转发 S I P协议中规定 的消息, 可以根据注册服务实体或其它功能实体的指示转发消息, 所 述呼叫代理服务器可以从注册服务装置获取服务入口、向注册服务装 置发送用户登录信息、 向注册服务装置查询用户登录点。  The call proxy server includes a top-level call proxy server connected to the public network and a call proxy server connected to each private network, and is used to forward the message specified in the SIP protocol, according to an indication of the registration service entity or other functional entity. Forwarding the message, the call proxy server may obtain a service portal from the registration service device, send the user login information to the registration service device, and query the registration service device for the user login point.
其中,所述注册服务单元还用于根据记录的所述用户登录信息进 行查询。  The registration service unit is further configured to perform an inquiry according to the recorded user login information.
其中,所述用户登录点为注册服务单元或系统终端设备的网络地 址和端口,或可以被转化为注册月良务单元或系统终端设备的网络地址 和端口的标识; 所述系统终端设备访问点为 NAT设备的网络地址和端 口, 或可以被转化为 NAT设备的网络地址和端口的标识。  The user login point is a network address and port of the registration service unit or the system terminal device, or may be converted into an identifier of the network address and port of the registered monthly service unit or the system terminal device; the system terminal device access point The network address and port of the NAT device, or the identifier of the network address and port that can be translated to the NAT device.
其中,所述查询是根据用户登录信息在被叫方所有用户登录点中 查找出被叫方到主叫方 NAT距离最短的用户登录点。 其中,所述注册服务单元包括接入公有网络的顶层注册服务单元 和接入私有网络的基本注册服务单元。 The query is to find the user login point with the shortest distance from the called party to the calling party NAT in all the user login points of the called party according to the user login information. The registration service unit includes a top-level registration service unit that accesses the public network and a basic registration service unit that accesses the private network.
其中, 所述顶层注册服务单元通过顶级服务总线接入公有网络, 所述基本注册服务单元通过服务总线接入私有网络,所述通过顶级服 务总线接入公有网络的顶层注册服务单元使用公有网络的网络地址 进行编址,所述通过服务总线接入私有网络的基本注册服务单元使用 相连的私有网络的网络地址进行编址。  The top-level registration service unit accesses the public network through the top-level service bus, and the basic registration service unit accesses the private network through the service bus, and the top-level registration service unit accessing the public network through the top-level service bus uses the public network. The network address is addressed, and the basic registration service unit accessing the private network through the service bus is addressed using the network address of the connected private network.
其中, 所述注册服务单元包括: 注册服务逻辑控制单元、 基本配 置信息记录表、 层级信息记录表、 目标注册服务器记录表、 子注册服 务单元记录表、 用户注册信息记录表、 用户登录信息记录表、 消息緩 存区和通信单元。  The registration service unit includes: a registration service logic control unit, a basic configuration information record table, a hierarchical information record table, a target registration server record table, a sub-registration service unit record table, a user registration information record table, and a user login information record table. , message buffer and communication unit.
其中, 所述注册服务逻辑控制单元用于控制注册服务的执行; 所 述基本配置信息记录表用于记录本单元标识、本单元主机地址和本单 元服务端口; 所述层级信息记录表用于记录层级信息; 所述目标注册 服务器记录表用于记录祖先注册服务器的网络地址和端口;所述子注 册服务器记录表用于记录子注册服务单元的网络地址、 端口、 标识及 对应的 NAT设备的网络地址和端口; 所述用户注册信息记录表用于记 录用户标识、 用户注册表和系统终端设备访问点; 所述用户登录信息 记录表用于记录用户标识、用户登录表和系统终端设备访问点; 所述 消息緩存区用于暂时保存接收到的数据分组中的信息,转发关系记录 表; 所述通信单元同顶级服务总线装置或服务总线装置联接, 负责收 发数据;  The registration service logic control unit is configured to control execution of the registration service; the basic configuration information record table is used to record the identity of the unit, the host address of the unit, and the service port of the unit; the hierarchical information record table is used for recording Level information; the target registration server record table is used to record a network address and port of the ancestor registration server; the sub-registration server record table is used to record a network address, a port, an identifier, and a network of the corresponding NAT device of the sub-registration service unit An address and a port; the user registration information record table is used to record a user identifier, a user registry, and a system terminal device access point; the user login information record table is used to record a user identifier, a user login table, and a system terminal device access point; The message buffer area is configured to temporarily save information in the received data packet, and forward the relationship record table; the communication unit is connected to the top service bus device or the service bus device, and is responsible for transmitting and receiving data;
其中,所述注册服务逻辑控制单元可以实现与所述基本配置信息 记录表、 所述层级信息记录表、 所述目标注册服务器记录表、 所述子 注册服务器记录表、 所述用户注册信息记录表、所述用户登录信息记 录表、 所述消息緩存区和所述通信单元的数据双向交互。  The registration service logic control unit may implement the basic configuration information record table, the hierarchical information record table, the target registration server record table, the sub-registration server record table, and the user registration information record table. And the user login information record table, the message buffer area, and the data of the communication unit are bidirectionally exchanged.
其中, 所述注册服务单元包括服务单元代理, 所述服务单元代理 用于扩大被代理的注册服务单元的覆盖范围或用于向系统终端设备 提供统一的服务入口;所述服务单元代理可以与被代理者部署于同一 NAT设备控制的网络或公有网络, 也可以部署在被代理者所属网络的 直接下层网络中。  The registration service unit includes a service unit agent for expanding coverage of the registered registration service unit or for providing a unified service entry to the system terminal device; the service unit agent may be The agent is deployed on the network controlled by the same NAT device or the public network, and can also be deployed in the direct lower layer network of the network to which the agent belongs.
其中,所述服务单元代理可以广播被代理者的服务入口或在注册 服务装置的请求者和被代理注册服务装置间转发消息。  The service unit agent may broadcast the service entry of the agent or forward the message between the requestor of the registration service device and the proxy registration service device.
其中, 所述系统终端设备包括终端设备控制单元、基本配置信息 记录表、 目标注册服务器记录表、 目标呼叫代理服务器记录表、 消息 緩存区和通信单元,基本配置信息记录表用于记录用户标识、 本终端 设备的网络地址、 端口等信息; 所述目标呼叫代理服务器记录表用于 记录呼叫代理服务器的网络地址和端口,所述目标注册服务器记录表 记录顶级注册服务器的全局服务入口;消息緩存区用于暂时存储收到 或发出的消息; 通信单元用于公有网络或私有网络连接, 所述终端设 备控制单元从基本配置信息记录表、 目标注册服务器记录表、 目标呼 叫代理服务器记录表、 消息緩存区读写信息, 所述终端设备控制单元 通过通信单元从网络收发数据。 The system terminal device includes a terminal device control unit and basic configuration information. a record table, a target registration server record table, a target call proxy server record table, a message buffer area, and a communication unit, wherein the basic configuration information record table is used to record information such as a user identifier, a network address of the terminal device, a port, and the like; The server record table is used to record the network address and port of the call proxy server, the target registration server record table records the global service entry of the top-level registration server; the message buffer is used to temporarily store the received or sent message; the communication unit is used for public a network or private network connection, the terminal device control unit reads and writes information from a basic configuration information record table, a target registration server record table, a target call proxy server record table, a message buffer area, and the terminal device control unit accesses the network through the communication unit Send and receive data.
其中, 所述系统终端设备包括 SIP协议处理单元, 与所述终端设 备控制单元交互信息, 识别 SIP消息。  The system terminal device includes a SIP protocol processing unit, and interacts with the terminal device control unit to identify a SIP message.
其中,所述呼叫代理服务器可以参照所述系统终端设备获取所述 注册服务装置的网络地址和端口的方式获取注册服务装置的网络地 址和端口。  The call proxy server may acquire the network address and port of the registration service device by referring to the manner in which the system terminal device acquires the network address and port of the registration service device.
其中, 所述呼叫代理服务器在获取注册服务装置的服务入口时, 需要保证所述呼叫代理服务器和注册服务装置的服务入口对应的注 册服务单元部署于同一个 NAT设备控制的网络, 或者注册服务装置的 服务入口对应的注册服务单元位于所述呼叫代理服务器的直接上层。  The call proxy server needs to ensure that the registration service unit corresponding to the service portal of the call proxy server and the registration service device is deployed on the network controlled by the same NAT device, or the registration service device, when acquiring the service portal of the registration service device. The service entry corresponding to the service entry is located directly above the call proxy server.
其中,上层网络中的呼叫代理服务器作为本地呼叫代理服务器转 发 SIP消息的缺省目标, 需要在本地呼叫代理服务器目标呼叫代理记 录中保存上层网络中的呼叫代理服务器的网络地址、端口; 同时在上 层网络中的呼叫代理服务器在子呼叫代理记录中保存所述呼叫代理 服务器的标识、 网络地址、 端口以及对应的 NAT设备的网络地址和端 口。  The call proxy server in the upper layer network serves as a default destination for forwarding the SIP message by the local call proxy server, and needs to save the network address and port of the call proxy server in the upper layer network in the local call proxy server target call proxy record; The Call Proxy Server in the network saves the identity of the Call Proxy Server, the network address, the port, and the network address and port of the corresponding NAT device in the sub-call proxy record.
根据本发明的第二方面,本发明提供了一种利用所述的名字注册 系统进行名字登录的方法, 包括:  According to a second aspect of the present invention, there is provided a method for name registration using the name registration system, comprising:
步骤 10 )、 呼叫代理服务器获取用户登录点和系统终端设备访问 点, 生成 "呼叫代理用户登录消息", 所述 "呼叫代理用户登录消息" 包括用户标识、用户登录点和系统终端设备访问点, 所述呼叫代理服 务器建立消息发送者和消息的对应关系;  Step 10), the call proxy server acquires the user login point and the system terminal device access point, and generates a "call proxy user login message", where the "call proxy user login message" includes the user identifier, the user login point, and the system terminal device access point. The call proxy server establishes a correspondence between a message sender and a message;
步骤 20 )、 根据本地保存的注册服务装置的服务入口, 所述呼叫 代理服务器向所述注册服务装置发送 "呼叫代理用户登录消息", 并 向上级呼叫代理服务器转发 REGISTER消息,所述 REGISTER消息包括用 户标识;所述服务入口是网络地址和端口或者可以转化为网络地址和 端口的标 、; Step 20), according to a service portal of the locally stored registration service device, the call proxy server sends a "call proxy user login message" to the registration service device, and forwards a REGISTER message to the upper call proxy server, where the REGISTER message includes User ID; the service portal is a network address and port or can be converted to a network address and The label of the port;
步骤 30 )、 所述注册服务装置接收到所述 "呼叫代理用户登录消 息"后, 在本地用户信息存储表中创建新纪录, 记录所述 "呼叫代理 用户登录消息" 中的用户标识、 用户登录点和系统终端设备访问点, 返回成功注册消息;  Step 30) After the "registration agent user login message" is received by the registration service device, a new record is created in the local user information storage table, and the user identifier and user login in the "call agent user login message" are recorded. Points and system terminal access points, returning a successful registration message;
步骤 40 )、 所述呼叫代理服务器接收所述注册服务装置的应答消 息, 根据所述消息发送者和消息的对应关系, 向所述消息发送者发送 成功或者失败应答消息;  Step 40) The call proxy server receives a response message of the registration service device, and sends a success or failure response message to the message sender according to the correspondence between the message sender and the message;
步骤 50 )、 所述上级呼叫代理服务器收到所述 REGISTER消息后, 根据所述消息发送者和消息的对应关系,向消息发送者返回所述消息 的成功或者失败应答消息, 删除所述消息发送者和消息的对应关系。  Step 50) After receiving the REGISTER message, the upper-level call proxy server returns a success or failure response message of the message to the message sender according to the correspondence between the message sender and the message, and deletes the message sending. Correspondence between the person and the message.
其中, 所述用户登录点为网络地址和端口, 或可以被转化为网络 地址和端口的标识; 所述系统终端设备访问点为网络地址和端口, 或 可以被转化为网给地址和端口的标识。  The user login point is a network address and a port, or may be converted into an identifier of a network address and a port; the system terminal device access point is a network address and a port, or may be converted into an identifier of the network to the address and the port. .
其中, 在步骤 10 )执行之前启动接入公有网络的顶层注册服务单 元, 然后接入私有网络的基本注册服务单元逐层启动, 并向所述名字 注册系统注册以加入名字注册系统。  The top-level registration service unit accessing the public network is started before the step 10) is executed, and then the basic registration service unit accessing the private network is started layer by layer, and registered with the name registration system to join the name registration system.
其中, 步骤 10 )进一步包括:  Wherein, step 10) further comprises:
步骤 110 )、 SIP协议中, 当 REGISTER消息中的 Contac t项为呼 叫代理服务器时, 本地呼叫代理服务器根据 REGISTER消息中的用户 标识, 将所述本地呼叫代理服务器的网络地址和端口作为用户登录 点, 将携带所述 REGISTER消息的数据分组的源地址和源端口作为系 统终端设备访问点;  Step 110), in the SIP protocol, when the Contac t item in the REGISTER message is a call proxy server, the local call proxy server uses the network address and port of the local call proxy server as a user login point according to the user identifier in the REGISTER message. And using a source address and a source port of the data packet carrying the REGISTER message as a system terminal device access point;
步骤 120 )、 当 REGISTER消息中的 Contact项用于标识系统终端 设备且所述 REGISTER消息通过 NAT设备时, 将所述呼叫代理服务器 的网络地址和端口作为用户登录点, 将携带所述 REGISTER消息的数 据分组的源地址和源端口作为系统终端设备访问点;  Step 120), when the Contact item in the REGISTER message is used to identify the system terminal device and the REGISTER message passes through the NAT device, the network address and port of the call proxy server are used as a user login point, and the REGISTER message is carried. The source address and source port of the data packet are used as system terminal device access points;
步骤 130 )、 当 REGISTER消息中的 Contact项用于标识系统终端 设备且所述 REGI STER消息通过没有 NAT设备时, 将所述 Contact内 容作为用户登录点;  Step 130), when the Contact item in the REGISTER message is used to identify the system terminal device, and the REGI STER message passes through the NAT device, the Contact content is used as the user login point;
步骤 140 )、 当 REGISTER消息中的 Contact项不是呼叫代理服务 器, 也不用于标识系统终端设备, 将所述 Contact内容作为用户登录 点。  Step 140): When the Contact item in the REGISTER message is not a call proxy server, nor is it used to identify the system terminal device, the Contact content is used as a user login point.
其中,步骤 20 )进一步包括:如果所述 REGISTER消息中的 Contact 项是呼叫代理服务器或者标识系统终端设备,则用所述呼叫代理服务 器的网络地址和端口代理所述 Contac t项中的网络地址和端口。 Wherein, step 20) further comprises: if the Contact in the REGISTER message The item is a call proxy server or an identification system terminal device, and the network address and port in the Contac t item are proxied by the network address and port of the call proxy server.
其中, 步骤 30 )进一步包括: 当所述 "呼叫代理用户登录消息" 经过 NAT设备,将本地用户信息存储表中的相对登录位置设定为跨层 登录, 将携带所述 "呼叫代理用户登录消息" 的源地址和端口作为新 纪录的映射地址。  The step 30) further includes: when the "call agent user login message" passes through the NAT device, setting the relative login location in the local user information storage table to cross-layer login, and carrying the "call proxy user login message" The source address and port are the mapped addresses of the new record.
其中, 步骤 40 )进一步包括:  Wherein, step 40) further comprises:
步骤 410 )、如果所述呼叫代理服务器为顶级呼叫代理服务器, 根 据所述应答消息中的随机序号,按照所述 REG I STER消息发送者和消息 的对应关系, 向所述 REGI STER消息发送者发送成功、 失败应答消息, 删除所述消息发送者和消息的对应关系;  Step 410) If the call proxy server is a top-level call proxy server, according to the random sequence number in the response message, send the message to the sender of the REGI STER message according to the correspondence between the sender and the message of the REG STER message. a success, failure response message, deleting the correspondence between the message sender and the message;
步骤 420 )、 如果所述呼叫代理服务器不是顶级呼叫代理服务器 并且所述注册服务装置发送的应答消息为登录成功消息,根据所述应 答消息中的随机序号,将所述消息发送者和消息的对应关系设为已登 录状态。  Step 420), if the call proxy server is not a top-level call proxy server and the response message sent by the registration service device is a login success message, corresponding to the message sender and the message according to the random sequence number in the response message The relationship is set to the logged in status.
其中, 步骤 50 )进一步包括:  Wherein, step 50) further comprises:
步骤 510 )、 当所述消息发送者和消息的对应关系为已登录状态 时, 向所述 REGI STER消息发送者返回所述消息的应答消息, 删除所 述消息发送者和消息的对应关系;  Step 510), when the correspondence between the sender of the message and the message is the logged in state, returning a response message of the message to the sender of the REGI STER message, and deleting the correspondence between the sender of the message and the message;
步骤 520 )、 当所述消息发送者和消息的对应关系为未登录状态 时, 向所述 REGI STER消息发送者返回所述消息的失败应答消息, 删 除所述消息发送者和消息的对应关系。  Step 520): When the correspondence between the sender of the message and the message is an unregistered state, return a failure response message of the message to the sender of the REGI STER message, and delete the correspondence between the sender of the message and the message.
根据本发明的第三方面,本发明提供了一种利用所述名字注册系 统进行用户登录点查询方法, 包括:  According to a third aspect of the present invention, the present invention provides a method for querying a user login point by using the name registration system, including:
步骤 10 )、 呼叫代理服务器向所述名字注册系统的服务入口发送 "呼叫代理用户登录点查找请求消息",所述消息包括目标用户标识; 步骤 20 )、 注册服务单元收到所述 "呼叫代理用户登录点查找请 求消息" 后, 提取消息中的目标用户标识;  Step 10), the call proxy server sends a "Call Agent User Login Point Lookup Request message" to the service portal of the name registration system, the message includes a target user identifier; Step 20), the registration service unit receives the "Call Agent" After the user login point finds the request message, the target user identifier in the message is extracted;
步骤 30 )、 当所述目标用户标识不存在时, 如果所述注册服务单 元为顶级注册服务器, 向请求消息发送者返回失败消息, 如果所述注 册服务单元不是顶级注册服务器,向请求消息发送者返回目标用户不 存在消息;  Step 30), when the target user identifier does not exist, if the registration service unit is a top-level registration server, return a failure message to the request message sender, if the registration service unit is not a top-level registration server, to the request message sender Return to the target user does not exist message;
步骤 40 )、 当所述目标用户标识存在时, 判别目标用户的用户登 录点对应的网络地址是否和 "呼叫代理用户登录点查找请求消息"发 送者的网络地址属于同一 NAT设备控制的网络或公有网络, 如果不 是, 向请求消息发送者返回目标用户不存在消息; Step 40), when the target user identifier exists, determine whether the network address corresponding to the user login point of the target user and the "call agent user login point lookup request message" are sent. The network address of the sender belongs to the network controlled by the same NAT device or the public network. If not, the target message does not exist to the sender of the request message;
步骤 50 )、 当目标用户的用户登录点对应的网络地址和 "呼叫代 理用户登录点查找请求消息"发送者的网络地址属于同一 NAT设备控 制的网络或公有网络时 ,如果目标用户的用户登录点对应的网络地址 属于请求消息发送者,则向请求消息发送者返回目标用户的系统终端 设备访问点;如果目标用户的用户登录点对应的网络地址不属于请求 消息发送者, 向请求消息发送者返回目标用户的用户登录点;  Step 50), when the network address corresponding to the user login point of the target user and the network address of the sender of the "Call Agent User Login Point Lookup Request message" belong to the network controlled by the same NAT device or the public network, if the user login point of the target user If the corresponding network address belongs to the sender of the request message, the system terminal device access point of the target user is returned to the sender of the request message; if the network address corresponding to the user login point of the target user does not belong to the sender of the request message, the sender of the request message is returned. User login point of the target user;
所述方法进一步包括: 步骤 60 )、 呼叫代理服务器收到 "呼叫代 理用户登录点查找请求消息" 的应答消息后, 如果为失败, 所述呼叫 代理服务器按呼叫消息传递路径的反向,向系统终端设备返回失败消 息; 如果为目标用户不存在消息, 则根据目标呼叫代理记录转发呼叫 消息; 如果收到应答消息中包含可转化为网络地址和端口的信息, 向 所述可转化的网络地址和端口转发 S IP呼叫请求。  The method further includes: Step 60) After the call proxy server receives the response message of the "Call Agent User Login Point Lookup Request Message", if it is a failure, the call proxy server reverses the call message delivery path to the system. The terminal device returns a failure message; if there is no message for the target user, the call message is forwarded according to the target call agent record; if the response message includes information that can be converted into a network address and port, the converted network address and The port forwards the SIP call request.
其中, 步骤 40 ) 中, 根据相对登录位置和映射地址, 判别目标 用户的用户登录点对应的网络地址是否和呼叫代理用户登录点查找 请求消息发送者的网络地址属于同一 NAT设备控制的网络或公有网 络。  In step 40), according to the relative login location and the mapped address, it is determined whether the network address corresponding to the user login point of the target user and the network address of the sender of the call proxy user login point lookup request message belong to the same NAT device controlled network or public The internet.
利用系统中保存的用户登录信息, 在 NAT设备控制的网络中, 指 导呼叫消息的传递。 从而达到传递系统终端设备间连接请求的目的。 通过应用本发明, 在多层 NAT网络环境中, 使应用、 服务、 用户可以 通过标识被定位。 附图说明  The user's login information saved in the system is used to guide the delivery of the call message in the network controlled by the NAT device. Thereby achieving the purpose of transmitting a connection request between terminal devices of the system. By applying the present invention, in a multi-layer NAT network environment, applications, services, and users can be located by identification. DRAWINGS
图 1为同根多层 NAT网络结构图;  Figure 1 is a structural diagram of the same-root multi-layer NAT network;
图 2为面向应用的名字注册系统结构图;  Figure 2 is a structural diagram of an application-oriented name registration system;
图 3示出 NAT设备联接矩阵 1 001的联接方式;  Figure 3 shows the connection mode of the NAT device connection matrix 1 001;
图 4为注册服务装置的结构示意图;  4 is a schematic structural diagram of a registration service device;
图 5为注册服务装置组建流程示意图;  FIG. 5 is a schematic diagram of a process of establishing a registration service device;
图 6为注册服务装置组建流程示意图;  Figure 6 is a schematic diagram of a process of establishing a registration service device;
图 7为注册服务装置组建流程示意图;  Figure 7 is a schematic diagram of a process of establishing a registration service device;
图 8为系统终端设备获得注册服务装置服务入口流程图; 图 9为系统终端设备获得注册服务装置服务入口流程图; 图 10为系统终端设备获得注册服务装置服务入口流程图; 图 11用户使用的系统终端设备向注册服务装置发用户注册信息 (用户开户信息) 的过程; 8 is a flow chart of a system terminal device obtaining a registration service device service entry; 9 is a flowchart of a system terminal device obtaining a registration service device service portal; FIG. 10 is a system terminal device obtaining a registration service device service portal flow chart; FIG. 11 is a system terminal device used by a user to send a user registration information to a registration service device (user account opening information) ) the process of;
图 12用户使用的系统终端设备向注册服务装置发用户登录信息 的过程;  Figure 12 is a process in which a system terminal device used by a user sends user login information to a registration service device;
图 1 3为主动请求用户通过注册服务系统获取被请求用户的用户 登录点示意图;  Figure 13 is a schematic diagram of a user login request point for actively requesting a user to obtain a requested user through a registration service system;
图 14为注册服务单元收到 "服务单元注册消息" 后的处理流程 图;  Figure 14 is a process flow diagram after the registration service unit receives the "service unit registration message";
图 15为注册服务单元向注册服务装置注册流程图;  Figure 15 is a flow chart of registration of a registration service unit to a registration service device;
图 16 为注册服务单元收到 "服务入口查询消息" 后的处理流程 图;  Figure 16 is a process flow diagram after the registration service unit receives the "service entry query message";
图 17 系统终端设备获取注册服务装置网络地址和端口的流程 图;  Figure 17 Flow chart of the system terminal device obtaining the network address and port of the registration service device;
图 18为注册服务单元收到 "用户登录消息" 后的处理流程图; 图 19用户通过系统终端设备向注册服务装置发用户登录信息流 程图;  18 is a flowchart of processing after the registration service unit receives the "user login message"; FIG. 19 is a flow chart of the user login information sent by the user to the registration service device through the system terminal device;
图 20为注册服务单元收到 "用户登录点查找请求消息" 后的处 理流程图;  20 is a flowchart of processing after the registration service unit receives the "user login point lookup request message";
图 21用户通过系统终端设备向注册服务装置查询用户登录点流 程图;  Figure 21: The user queries the registration service device for the user login point flow chart through the system terminal device;
图 22为注册服务单元中数据存储表;  Figure 22 is a data storage table in the registration service unit;
图 23为 Proxy中用户登录信息转发对应表;  Figure 23 is a correspondence table of user login information forwarding in the Proxy;
图 24为 Proxy向注册服务装置发呼叫代理用户登录消息流程图; 图 25为注册服务单元中用户信息存储表的结构图;  24 is a flow chart of the proxy agent login message sent by the Proxy to the registration service device; FIG. 25 is a structural diagram of the user information storage table in the registration service unit;
图 26为注册服务装置处理 "呼叫代理用户登录消息"的流程图; 图 27为 Proxy处理注册服务装置和 REG I STER消息的应答消息的 流程图;  26 is a flow chart of the "call agent user login message" processed by the registration service device; FIG. 27 is a flowchart of the response message of the proxy processing the registration service device and the REG STER message;
图 28为注册服务单元处理 "呼叫代理用户登录点查找请求消息" 流程图。 Figure 28 is a registration service unit processing "call agent user login point lookup request message" flow chart.
具体实施方式 detailed description
下面结合附图和具体实施例,对本发明提供的一种多层 NAT网络 中面向应用的名字注册系统及方法作进一步说明。  The application-oriented name registration system and method in a multi-layer NAT network provided by the present invention will be further described below with reference to the accompanying drawings and specific embodiments.
1、 同才艮多层 NAT网络  1, the same multi-layer NAT network
图 1所示为同根多层 NAT网络结构示意图,一个私有网络 4-1通 过 NAT设备 1 001接入公有网络 3 , 一个私有网络 4-2通过另一 NAT 设备 1 002接入私有网络 4-1。 通过 NAT设备 1 001接入公有网络 3的 私有网络为该 NAT设备控制的网络, 通过 NAT设备 1 002接入私有网 络 4-1的私有网络 4-2为该 NAT设备控制的网络。 直接同公有网络 3 相连的 NAT设备为根 NAT设备。 各 NAT设备控制的网络到公有网络 3 经过的最少 NAT设备的个数为该 NAT设备控制的网络的层数,该路径 为 NAT设备控制的网络到公有网络 3的最短路径。 NAT设备控制的网 络到公有网络 3的层数越少,表示层级越高。 如果两个 NAT设备控制 的网络各自到公有网络的最短 NAT路径中至少有一个 NAT设备相同, 则这两个 NAT设备控制的网络有共同的根 NAT设备。多层 NAT网络可 以被看作是多个同根多层 NAT网络的组合。  FIG. 1 is a schematic diagram showing the structure of a multi-layer multi-layer NAT network. A private network 4-1 accesses the public network 3 through the NAT device 1 001, and a private network 4-2 accesses the private network through another NAT device 1 002 4-1. . The private network connected to the public network 3 through the NAT device 1 001 is the network controlled by the NAT device, and the private network 4-2 accessing the private network 4-1 through the NAT device 1 002 is the network controlled by the NAT device. The NAT device directly connected to the public network 3 is the root NAT device. The network controlled by each NAT device to the public network 3 The number of minimum NAT devices passed is the number of layers controlled by the NAT device, and the path is the shortest path from the network controlled by the NAT device to the public network 3. The fewer the number of layers of the network controlled by the NAT device to the public network 3, the higher the level. If the networks controlled by the two NAT devices are each identical to at least one of the shortest NAT paths of the public network, the networks controlled by the two NAT devices have a common root NAT device. A multi-layer NAT network can be thought of as a combination of multiple multi-rooted NAT networks.
多层 NAT网络在扩大用户的接入数量的同时,也使通信双方的相 对位置变得更为复杂。多层 NAT网络将公有网络扁平化通信模式变成 了层次化通信模式。多层 NAT网络环境下,通信双方典型关系为:(1 ) 通信双方在公有网络; ( 2 )通信一方在 NAT设备控制的网络中, 另一 方在公有网络中; ( 3 )通信双方在同一 NAT设备控制的网络中; (4 ) 通信双方在不同 NAT设备控制的网络中,且这两个 NAT设备通过不同 的根 NAT与公有网络的相连; ( 5 )通信双方在不同 NAT设备控制的网 络中, 且这两个 NAT设备通过相同的根 NAT与公有网络的相连。  Multi-layer NAT networks increase the number of users' accesses and make the relative positions of the two parties more complicated. The multi-layer NAT network turns the public network flat communication mode into a hierarchical communication mode. In a multi-layer NAT network environment, the typical relationship between the two parties is: (1) the two communicating parties are in the public network; (2) the communicating party is in the network controlled by the NAT device, and the other party is in the public network; (3) the communicating parties are in the same NAT. In the network controlled by the device; (4) the two communicating parties are in the network controlled by different NAT devices, and the two NAT devices are connected to the public network through different root NATs; (5) the two communicating parties are in the network controlled by different NAT devices. And the two NAT devices are connected to the public network through the same root NAT.
NAT设备的网络地址指同 NAT设备的外网界面绑定的网络地址。 对于规模较大的私有网络, NAT设备外网界面可以同多个网络地址进 行绑定。在网络管理中, 可以通过枚举地址或枚举网段的方式将多个 网络地址映射为一个 NAT设备。普通用户可以通过低端(有基本功能) NAT设备自行接入网络, 该 NAT设备外网界面一般与一个网络地址绑 定。 在下面对 NAT设备的描述中, 一个 NAT设备外网界面只与一个网 络地址绑定。 由于, 一个 NAT设备可以用一个同该 NAT设备的外网界 面绑定的网络地址代表。 开发设计人员不难发现, 下面描述的方法也 适用于外网界面同多个网络地址绑定的 NAT路由器。 The network address of the NAT device refers to the network address bound to the external network interface of the NAT device. For a large private network, the NAT device external network interface can be bound to multiple network addresses. In network management, multiple network addresses can be mapped to one NAT device by enumerating addresses or enumerating network segments. Ordinary users can access the network through the low-end (with basic functions) NAT device. The NAT device external network interface is generally bound to a network address. In the following description of the NAT device, a NAT device external network interface is only associated with one network. Network address binding. Because a NAT device can be represented by a network address bound to the external network interface of the NAT device. Development designers can easily find that the method described below is also applicable to NAT routers with external network interfaces bound to multiple network addresses.
为了方便对多层 NAT网络的描述, 现定义如下名词:  To facilitate the description of a multi-layer NAT network, the following nouns are defined:
NAT设备的网络地址指该 NAT设备的外网界面上绑定的网络地 址, 或称为 NAT路由器地址, 该地址可以是公有地址, 也可以是私有 地址。  The network address of the NAT device refers to the network address bound to the NAT device's external network interface, or the NAT router address. The address can be either a public address or a private address.
NAT设备控制的网络范围: 由该 NAT设备内网界面启, 沿该界面 联接的网络延展, 到另一个 NAT外网界面止, 之间的网络, 上述两个 NAT设备间不存在另一个 NAT设备。 该网络筒称 NAT控制的网络, 或 NAT路由器控制的网络。 该 NAT为该网络的控制 NAT设备。  The network range controlled by the NAT device: The NAT device is connected to the internal network interface, the network connected along the interface is extended, and the other NAT external network interface is terminated. There is no other NAT device between the two NAT devices. . The network cartridge is called a NAT-controlled network, or a network controlled by a NAT router. The NAT is the controlling NAT device of the network.
直接上层网络:如果 NAT设备 A的外网界面同 NAT设备 B控制的 网络直接相连, NAT设备 B控制的网络为 NAT设备 A控制的网络的直 接上层网络; 公有网络是根 NAT设备控制的网络的直接上层网络。  Direct upper layer network: If the external network interface of NAT device A is directly connected to the network controlled by NAT device B, the network controlled by NAT device B is the direct upper layer network of the network controlled by NAT device A; the public network is the network controlled by the root NAT device. Direct upper network.
直接下层网络:如果 NAT设备 A的外网界面同 NAT设备 B控制的 网络直接相连, NAT设备 A控制的网络为 NAT设备 B控制的网络的直 接下层网络; 根 NAT设备控制的网络是公有网络的直接下层网络。  Direct lower layer network: If the external network interface of NAT device A is directly connected to the network controlled by NAT device B, the network controlled by NAT device A is the direct lower layer network of the network controlled by NAT device B; the network controlled by the root NAT device is the public network. Directly underlying network.
NAT路径长度: NAT环境下, 主机 A到 B的可达路径中经过 NAT 设备的个数为该 NAT路径的长度。  NAT path length: The number of NAT devices passing through the reachable path from host A to B is the length of the NAT path.
最短 NAT路径: NAT环境下,主机 A到 B的所有 NAT路径中, NAT 路径长度最小的一条称为 A到 B的最短 NAT路径,所经过的 NAT个数 为最短 NAT路径长度。  The shortest NAT path: In the NAT environment, among the NAT paths of hosts A to B, the shortest NAT path with the smallest length of the NAT path is called the shortest NAT path from A to B. The number of NATs passing through is the shortest NAT path length.
上层网络:从当前 NAT设备控制的网络的直接上层网络起到公有 网络止的各 NAT设备控制的网络及公有网络,为当前 NAT设备控制的 网络的上层网络。  Upper-layer network: The network from the direct upper-layer network of the network controlled by the current NAT device to the network controlled by each NAT device and the public network, which is the upper-layer network of the network controlled by the current NAT device.
下层网络:从公有网络或当前 NAT设备控制的网络的直接下层网 络起的各 NAT设备控制的网络,为公有网络或当前 NAT设备控制的网 络的下层网络  Lower layer network: The network controlled by each NAT device from the direct network of the public network or the network directly controlled by the current NAT device is the lower network of the public network or the network controlled by the current NAT device.
所属网络: 部署于公有网络的设备的所属网络为公有网络, 部署 在 NAT设备控制的网络的设备的所属网络为 NAT设备控制的网络。  Network to which the device is deployed: The network to which the device is deployed on the public network is the public network. The network to which the device is deployed on the network controlled by the NAT device is the network controlled by the NAT device.
NAT之后: 设备所属网络为公有网络或当前 NAT设备控制的网络 的下层网络, 则该设备在 NAT之后。 父服务器:位于当前 NAT控制的网络的直接上层网络中的服务器 是当前 NAT设备控制的网络中服务器的父服务器。 After NAT: The network to which the device belongs is the public network or the lower layer network of the network controlled by the current NAT device, then the device is behind the NAT. Parent Server: The server in the direct upper-layer network of the current NAT-controlled network is the parent server of the server in the network controlled by the current NAT device.
子服务器:位于公有网络或当前 NAT控制的网络的直接下层网络 中的服务器是公有网络或当前 NAT控制的网络中服务器的 子服务器。  Subserver: A server in a direct lower layer network of a public network or a network controlled by the current NAT is a subserver of a server in a public network or a network controlled by the current NAT.
祖先服务器: 当前服务器及当前服务器的父服务器为当前服务器 的子服务器的祖先服务器。  Ancestor server: The current server and the parent server of the current server are the ancestor servers of the child servers of the current server.
2 多层 NAT网络下面向应用的名字注册系统 2 Multi-layer NAT network below to register the name of the application
多层 NAT网络下, 面向应用的名字注册系统 1 0是一种新型注册 系统,如图 2所示。该系统包括注册服务装置 2001、呼叫代理( PROXY ) 服务器和服务器系统终端设备 6001。 注册服务装置 2001用于记录用 户注册(开户 )信息、 用户登录信息, 提供用户注册信息及用户登录 信息查询;用户使用系统终端设备 6001向注册服务装置 2001注册用 户信息, 登录系统、 查询用户注册信息、 查询用户登录信息。 本发明 不仅可用于 NAT设备组建的网络环境,还可以用于有地址转换功能的 其它设备组建的网络换环境。  Under the multi-layer NAT network, the application-oriented name registration system 10 is a new registration system, as shown in Figure 2. The system includes a registration service device 2001, a Call Agent (PROXY) server, and a server system terminal device 6001. The registration service device 2001 is configured to record user registration (opening account) information, user login information, provide user registration information and user login information query; the user uses the system terminal device 6001 to register user information with the registration service device 2001, log in to the system, and query user registration information. Query user login information. The invention can be used not only in the network environment in which the NAT device is built, but also in the network changing environment formed by other devices having the address translation function.
系统终端设备至少包括如下: 终端设备控制单元、基本配置信息 记录表、 目标注册服务装置记录表、 消息緩存区、 通信单元等功能模 块。 终端设备控制单元用于控制终端设备的执行; 基本配置信息记录 表用于记录用户标识、 本终端设备的网络地址、 端口等信息; 目标注 册服务装置记录表用于记录注册服务装置的网络地址和端口;消息緩 存区用于暂时存储收到或发出的消息;通信单元用于公有网络或私有 网络连接。  The system terminal device includes at least the following: a terminal device control unit, a basic configuration information record table, a target registration service device record table, a message buffer area, a communication unit, and the like. The terminal device control unit is configured to control the execution of the terminal device; the basic configuration information record table is used to record the user identifier, the network address of the terminal device, the port, and the like; the target registration service device record table is used to record the network address of the registration service device and Port; the message buffer is used to temporarily store received or sent messages; the communication unit is used for public or private network connections.
系统终端设备至少用于同注册服务装置交互信息:从注册服务装 置获取服务入口; 向注册服务装置发送用户注册消息。 在系统终端设 备中, 终端设备控制单元从基本配置信息记录表、 目标注册服务装置 记录、 消息緩存区读写信息。 终端设备控制单元通过通信单元等功能 模块从网络收发数据。  The system terminal device is at least for interacting with the registration service device: obtaining a service entry from the registration service device; and transmitting a user registration message to the registration service device. In the system terminal device, the terminal device control unit reads and writes information from the basic configuration information record table, the target registration service device record, and the message buffer area. The terminal device control unit transmits and receives data from the network through a function module such as a communication unit.
根据多层 NAT网络的特点, 注册服务装置 2001记录用户登录信 息内容为: 用户标识、用户在或映射到公有网络及相关私有网络中的 用户登录点、用户映射到公有网络及相关私有网络中的系统终端设备 访问点。 同时, 注册服务装置 2001可以根据系统记录的用户登录信 息,帮助主动请求用户在被请求用户的所有用户登录点中确定到请求 用户当前通讯设备 NAT路径最短的用户登录点。 用户登录点: 当用户 位于公有网络或 NAT设备控制的网络中时,用户在该网络中的用户登 录点为用户使用的系统终端设备的网络地址和端口; 当用户位于 NAT 设备控制的网络中时,用户在该 NAT设备控制的网络的上层网络中的 用户登录点为接入公有网络或 NAT设备控制的网络的服务单元用于 接收用户登录请求消息的网络地址和端口,或可以转化为接收用户登 录请求消息的网络地址和端口的服务单元的标识。系统终端设备访问 点:该访问点位于 NAT设备上,当用户登录消息穿过 NAT设备时产生。 该访问点有两种表示方式: 1 ) NAT设备的网络地址和端口; 2 ) 可以 计算得到或被转换为 NAT设备的网络地址和端口的标识。 According to the characteristics of the multi-layer NAT network, the registration service device 2001 records the content of the user login information as: the user identifier, the user login point mapped to the public network and the related private network, and the user mapping to the public network and the related private network. System terminal access point. At the same time, the registration service device 2001 can record the user login information according to the system. Information, help to actively request the user to determine the user login point of the user's current communication device with the shortest NAT path among all the user login points of the requested user. User login point: When the user is in the network controlled by the public network or NAT device, the user login point in the network is the network address and port of the system terminal device used by the user; when the user is in the network controlled by the NAT device The user login point in the upper layer network of the network controlled by the NAT device is a network address and port for receiving the user login request message by the service unit of the network controlled by the access public network or the NAT device, or may be converted into a receiving user. The network address of the login request message and the identity of the service unit of the port. System Terminal Access Point: This access point is located on the NAT device and is generated when a user login message passes through the NAT device. The access point can be represented in two ways: 1) the network address and port of the NAT device; 2) the network address and port identifier that can be calculated or converted to the NAT device.
根据 RFC 3261及相关协议的规定, Proxy实体首先用于接收、 转 发协议中规定的各种消息, 例如 INVITE, ACK等;其次 Proxy在转发 消息的过程中需要根据注册服务实体、或其它功能实体的指导转发消 息。 在实践中, 为了提供 Proxy转发消息的效率, 可以为 Proxy定义 缺省转发消息对象。我们可以将实际系统中提供 Proxy功能的装置称 为 Proxy服务器、 或呼叫服务器。根据需要 Proxy服务器部署于公有 网络和 NAT设备控制的网络。  According to the provisions of RFC 3261 and related protocols, the Proxy entity is first used to receive and forward various messages specified in the protocol, such as INVITE, ACK, etc.; secondly, the Proxy needs to be based on the registered service entity or other functional entity in the process of forwarding the message. Guide the forwarding of messages. In practice, in order to provide the efficiency of the Proxy forwarding message, a default forwarding message object can be defined for the Proxy. We can refer to a device that provides Proxy functionality in an actual system as a Proxy server, or a call server. The Proxy server is deployed on a network controlled by a public network and a NAT device as needed.
为了使便于注册服务装置同 Proxy服务器交互信息, Proxy服务 器除实现 RFC3261定义的功能外, 还需要实现以下功能:  In order to facilitate the exchange of information between the registration service device and the Proxy server, the Proxy server needs to implement the following functions in addition to the functions defined in RFC3261:
1 ) Proxy (呼叫代理)服务器可以参照系统终端设备获取注册服务 装置的网络地址和端口的方式获取注册服务装置的网络地址和端口。 Proxy在获取注册服务装置的网络地址和端口时, 需要保证该 Proxy 和注册服务单元属于同一个 NAT设备控制的网络,或注册服务单元位 于 Proxy的直接上层。注册服务装置的服务入口保存在 Proxy服务器 本地目标注册服务器记录中。  1) The Proxy server can obtain the network address and port of the registration service device by referring to the system terminal device acquiring the network address and port of the registration service device. When obtaining the network address and port of the registration service device, the Proxy needs to ensure that the Proxy and the registration service unit belong to the same NAT device controlled network, or the registration service unit is directly on the Proxy. The service portal of the registration service device is stored in the Proxy server local target registration server record.
2 )作为 Proxy转发消息的缺省目标, Proxy需要知道上层网络 中的 Proxy, 并在本地保存为目标 Proxy记录中,保存内容包括: 网 络地址、 端口;同时上层 Proxy需要知道直接下层网络中的 Proxy, 并保存在子 Proxy记录中, 保存内容为: Proxy标识、 网络地址、 端 口、 对应的 NAT设备的网络地址和端口。 部署在公有网络上的 Proxy 服务器为顶级 Proxy服务器。  2) As the default destination of the Proxy forwarding message, the Proxy needs to know the Proxy in the upper layer network and save it locally as the target Proxy record. The saved content includes: network address and port; at the same time, the upper Proxy needs to know the Proxy in the direct lower layer network. And saved in the child Proxy record, the content is saved as: Proxy ID, network address, port, network address and port of the corresponding NAT device. The Proxy server deployed on the public network is the top-level Proxy server.
3 )、 下表为 Proxy服务器中用户登录信息转发对应表, 随机序号 网络地址 端口 应答状态 位 3), the following table shows the user login information forwarding correspondence table in the proxy server. Random serial number network address port response status bit
Dhlka ld88899 5000 0  Dhlka ld88899 5000 0
该表包括随机序号、 网络地址、 端口、 应答状态位, 随机序号用 于区别 REGI STER消息, 应答状态位用于表示收到注册服务装置的答 复, 当该位为 0时表示没有收到答复; 当该位非 0时表示收到答复, 例如设为 1 , 应答状态位缺省为 0。 The table includes a random sequence number, a network address, a port, and a response status bit. The random sequence number is used to distinguish the REGI STER message, and the response status bit is used to indicate that the reply of the registration service device is received. When the bit is 0, the response is not received. When the bit is non-zero, it indicates that a reply is received, for example, set to 1, and the response status bit defaults to 0.
为了使系统终端设备可以识别 S IP消息,系统终端设备需要添加 S IP协议处理单元, 该单元可以和终端设备控制单元交互信息。 系统 终端设备需要添加目标 Proxy服务器记录用于记录呼叫代理服务器。 终端设备控制单元可以读写目标 Proxy服务器记录。  In order for the system terminal device to recognize the S IP message, the system terminal device needs to add an S IP protocol processing unit, and the unit can exchange information with the terminal device control unit. The system terminal device needs to add a target Proxy server record for recording the call proxy server. The terminal device control unit can read and write the target Proxy server record.
为了方便注册及登录流程的叙说, 首先忽略 Proxy服务器, 主要 描述名字注册服装置的基本组成,名字注册服装置如何同系统终端设 备交互信息, 完成用户注册和登录等基本任务, 及相关方法。 其次, 在名字注册服装置的基础上加入 Proxy服务器,使该系统不仅用于完 成用户注册和登录,还可以为呼叫系统提供服务;以及 Proxy服务器、 名字注册服装置、 系统终端设备等的相应调整。  In order to facilitate the description of the registration and login process, the Proxy server is first ignored, mainly describing the basic composition of the name registration service device, how the name registration service device interacts with the system terminal device, completes basic tasks such as user registration and login, and related methods. Secondly, the Proxy server is added to the name registration service device, so that the system can be used not only for user registration and login, but also for the call system; and the corresponding adjustment of the Proxy server, name registration service device, system terminal device, etc. .
如图 2所示, 注册服务装置 2001至少用于记录用户注册信息、 用户登录信息,提供用户注册信息及用户登录信息查询, 注册服务装 置服务入口查询等;顶级服务总线 1用于将注册服务装置接入公有网 络 3; 服务总线 2用于将注册服务装置接入私有网络 4。 注册服务装 置 2001通过顶级服务总线 1同公有网络 3相连; 通过服务总线 2同 私有网络 4相连。  As shown in FIG. 2, the registration service device 2001 is configured to record at least user registration information, user login information, user registration information and user login information query, registration service device service portal query, etc.; top service bus 1 is used to register the service device. Access to the public network 3; the service bus 2 is used to access the registration service device to the private network 4. The registration service device 2001 is connected to the public network 3 via the top service bus 1; it is connected to the private network 4 via the service bus 2.
公有网络 3和私有网络 4通过 NAT设备联接矩阵 1001联接在一 起。 用户终端设备 6001和服务装置 2001同公有网络 3、 私有网络 4 相连。  The public network 3 and the private network 4 are connected together through a NAT device connection matrix 1001. The user terminal device 6001 and the service device 2001 are connected to the public network 3 and the private network 4.
图 3所示 NAT设备联接矩阵 1 001的联接方式。 NAT设备联接矩 阵 1001内 NAT设备间的关系由与 NAT设备联接矩阵 1001联接的私有 网络和公有网络决定。 私有网络和公有网络同 NAT设备的联接规则 为: NAT设备联接矩阵 1001至少有一条接入公有网络的线路 5 ; 每个 私有网络至少有一条接入 NAT设备联接矩阵 1001的线路 6 ; 每个私 有网络可以没有, 也可以有多条由 NAT设备联接矩阵 1001向该私有 网络接入的线路 7。 以图 3的 a所示该的三级 NAT网络结构为例, 图 3的 b所示为 a的 NAT设备联接矩阵 1001联接示意图。 其中包括公 有网络 3、 私有网络 4; NAT设备联接矩阵 1001接入公有网络的线路 5 , 私有网络接入 NAT设备联接矩阵 1001的线路 6; 由 NAT设备联接 矩阵 1001接入私有网络的线路 7。 在部署多层 NAT网络时需要考虑 网段间重叠问题。 系统要有判别、 处理网段间重叠问题的能力。 Figure 3 shows the connection mode of the NAT device connection matrix 1 001. The relationship between NAT devices within the NAT device connection matrix 1001 is determined by the private network and the public network coupled to the NAT device connection matrix 1001. The connection rules between the private network and the public network and the NAT device are: The NAT device connection matrix 1001 has at least one line 5 accessing the public network; each private network has at least one line 6 that accesses the NAT device connection matrix 1001; There may be no network, and there may be multiple lines 7 connected to the private network by the NAT device connection matrix 1001. Taking the three-level NAT network structure shown in a of FIG. 3 as an example, b of FIG. 3 shows a connection diagram of the NAT device connection matrix 1001 of a. The public network 3 and the private network 4 are included; the NAT device connection matrix 1001 accesses the line 5 of the public network, the private network accesses the line 6 of the NAT device connection matrix 1001; and the line 7 of the private network is accessed by the NAT device connection matrix 1001. When deploying a multi-layer NAT network, you need to consider the overlap between network segments. The system must have the ability to discriminate and deal with overlapping problems between network segments.
图 4所示为注册服务装置的结构示意图。 如图 4a所示, 注册服务 装置 2001由顶级注册服务单元 2011和多个基本注册服务单元 2021组 成。顶级注册服务单元 2011通过顶级服务总线装置 1同公有网络 3相联 接,使用公有网络的网络地址进行编址; 基本注册服务单元 2021通过 服务总线装置 2同私有网络 4相联接,使用相连的私有网络的网络地址 进行编址。注册服务单元为顶级注册服务单元 2011和基本注册服务单 元 2021的统称。注册服务单元 2801为顶级注册服务单元 2011和基本注 册服务单元 2021的基本功能结构。如图 4b所示注册服务单元 2801至少 包括: 注册服务逻辑控制单元 2100、 基本配置信息记录表 2101、 层级 信息记录表 2102、 目标注册服务器记录表 2103、子注册服务单元记录 表 2104、 用户登录信息记录表 2105、 用户注册信息记录表 2106、 消息 緩存区 2109、 通信单元 2110等功能模块。  Figure 4 shows the structure of the registration service device. As shown in Fig. 4a, the registration service device 2001 is composed of a top-level registration service unit 2011 and a plurality of basic registration service units 2021. The top-level registration service unit 2011 is connected to the public network 3 through the top-level service bus device 1, and is addressed using the network address of the public network; the basic registration service unit 2021 is connected to the private network 4 through the service bus device 2, and uses the connected private network. The network address is addressed. The registration service unit is the collective name of the top-level registration service unit 2011 and the basic registration service unit 2021. The registration service unit 2801 is the basic functional structure of the top-level registration service unit 2011 and the basic registration service unit 2021. The registration service unit 2801 as shown in FIG. 4b at least includes: a registration service logic control unit 2100, a basic configuration information record table 2101, a hierarchy information record table 2102, a target registration server record table 2103, a child registration service unit record table 2104, and user login information. A function module such as a record table 2105, a user registration information record table 2106, a message buffer area 2109, and a communication unit 2110.
注册服务逻辑控制单元 2100用于控制注册服务的执行; 基本配 置信息记录表 2101用于记录本单元标识、 本单元主机地址、 本单元 服务端口; 层级信息记录 2102用于记录层级信息; 目标注册服务器 记录 2103用于记录祖先注册服务器的网络地址、 端口; 子注册服务 器记录表 2104用于记录子注册服务单元的网络地址、 端口、 标识及 对应的 NAT设备的网络地址和端口, 见图 22表 a; 用户登录信息纪 录表 2105用于记录用户标识、 用户登录点、 系统终端设备访问点, 见图 22表 b; 用户注册信息记录表 2106至少记录开户用户的用户标 识等开户信息; 消息緩存区 2109用于暂时保存接收到的数据分组中 的信息及转发关系纪录表, 见图 22表 c, 通信单元 2110同顶级服务 总线装置或服务总线装置联接、 负责收发数据。  The registration service logic control unit 2100 is configured to control the execution of the registration service; the basic configuration information record table 2101 is used to record the identity of the unit, the host address of the unit, and the service port of the unit; the hierarchical information record 2102 is used to record hierarchical information; the target registration server The record 2103 is used to record the network address and port of the ancestor registration server; the sub-registration server record table 2104 is used to record the network address, port, identifier, and network address and port of the corresponding NAT device of the sub-registration service unit, as shown in FIG. 22, table a The user login information record table 2105 is used to record the user identifier, the user login point, and the system terminal device access point, as shown in FIG. 22, the table b; the user registration information record table 2106 records at least the account identifier of the account user, and the account opening information; the message buffer 2109 For temporarily storing the information in the received data packet and the forwarding relationship record table, as shown in FIG. 22, the communication unit 2110 is connected to the top-level service bus device or the service bus device, and is responsible for transmitting and receiving data.
注册服务逻辑控制单元 2100根据执行需要从基本配置信息记录 表 2101读取本单元标识、 本单元主机地址、 本单元服务端口, 从层 级信息记录 2102读取记录层级信息,从目标注册服务器记录 2103读 取注册服务装置的网络地址、 端口, 从子注册服务器记录表 2104读 取记录子注册服务单元的网络地址、端口、标识及对应的 NAT设备的 网络地址和端口, 从用户登录信息纪录表 21 05读取用户标识、 用户 登录点、 系统终端设备访问点, 从用户注册信息记录表 21 06读取用 户标识, 从消息緩存区 21 09读取暂时保存的接收到的数据分组中的 信息及转发关系, 从通信单元 21 1 0读取收到的数据; 同时, 注册服 务逻辑控制单元根据执行需要向基本配置信息记录表 21 01写入本单 元标识、 本单元主机地址、 本单元服务端口, 向目标注册服务器记录 21 03 写入注册服务装置的网络地址、 端口, 向子注册服务器记录表 21 04写入记录子注册服务单元的网络地址、 端口、 标识及对应的 NAT 设备的网络地址和端口, 向用户信息记录表 21 05写入用户标识、 用 户登录点、 系统终端设备访问点, 向用户注册信息记录表 21 06写入 用户标识, 向消息緩存区 21 09写入暂时保存接收到的数据分组中的 信息, 及转发关系, 向通信单元 21 1 0写入需要发出的数据。 The registration service logic control unit 2100 reads the unit identifier, the unit unit address, and the unit service port from the basic configuration information record table 2101 according to the execution requirement, reads the record level information from the hierarchical information record 2102, and reads from the target registration server record 2103. Take the network address and port of the registration service device, read from the sub-registration server record table 2104 Take the network address, port, ID, and network address and port of the corresponding NAT device of the record registration service unit, and read the user ID, user login point, system terminal device access point from the user login information record table 21 05, and register from the user. The information record table 21 06 reads the user identifier, reads the information and the forwarding relationship in the temporarily stored received data packet from the message buffer 21 09, and reads the received data from the communication unit 21 1 0; The logic control unit writes the unit identifier, the unit host address, and the unit service port to the target registration server record 21 03 according to the execution requirement, and writes the network address, port, and sub-register of the registration service device to the target registration server. The registration server record table 21 04 writes the network address, port, identifier, and network address and port of the corresponding NAT device of the record sub-registration service unit, and writes the user ID, user login point, system terminal device to the user information record table 21 05 The access point, the user registration information record table 21 06 writes the user ID, to the message Writing information memory area 2109 temporarily stores the received data packet, and forwarding relationship, writes the data to be sent to the communication unit 2110.
服务单元代理, 一种特殊的服务单元。 主要用于扩大被代理的服 务单元的覆盖范围、 或用于向系统终端设备提供统一的服务入口。根 据需要,服务单元代理可以与被代理者部署于同一 NAT设备控制的网 络或公有网络,也可以部署在被代理者所属 NAT设备控制的网络的直 接下层网络中。服务单元代理可以广播被代理者的服务入口, 或在服 务装置的请求者和被代理服务装置间转发消息。 为了方便描述, 下面 将服务单元中接收各种消息的网络地址和端口称为服务入口。  Service unit agent, a special service unit. It is mainly used to expand the coverage of the service unit being served, or to provide a unified service portal to the system terminal equipment. The service unit agent can be deployed on the network or public network controlled by the same NAT device as the agent, or in the direct lower layer network of the network controlled by the NAT device to which the agent belongs. The service unit agent may broadcast the service entry of the agent or forward the message between the requester of the service device and the proxy service device. For convenience of description, the network address and port in the service unit that receives various messages are hereinafter referred to as service entries.
在多级 NAT网络中数据或消息发送关系复杂,最筒单的数据或消 息传递形式有:不经过 NAT设备,系统终端设备和服务单元直接通讯; 经过 NAT设备, 系统终端设备和服务单元通讯; 不经过 NAT设备, 服 务单元和服务单元直接通讯; 经过 NAT设备, 服务单元和服务单元通 讯等。 在上述数据或消息传递形式下, 从数据接收者的角度看, 如果 数据在系统终端设备和服务单元、 服务单元和服务单元间直接传递, 系统终端设备、服务单元为数据发送者或叫消息发送者, 如果数据通 过 NAT设备, 该 NAT设备为数据发送者或叫消息发送者, NAT设备从 系统终端设备、 服务单元接收数据。 由于 NAT设备中有数据收发关 系对映表, 可以自动转发应答消息。  In a multi-level NAT network, the data or message transmission relationship is complex, and the most single data or message delivery form is: without the NAT device, the system terminal device and the service unit directly communicate; after the NAT device, the system terminal device and the service unit communicate; The service unit and the service unit communicate directly without going through the NAT device; through the NAT device, the service unit and the service unit communicate. In the above data or message delivery form, from the perspective of the data receiver, if the data is directly transferred between the system terminal device and the service unit, the service unit, and the service unit, the system terminal device and the service unit are data senders or message transmissions. If the data passes through the NAT device, the NAT device is a data sender or a message sender, and the NAT device receives data from the system terminal device and the service unit. Since the NAT device has a data transmission and reception relationship mapping table, the response message can be automatically forwarded.
3 多层 NAT网络环境下注册服务装置构建流程及方法 3 Multi-layer NAT network environment registration service device construction process and method
多层 NAT网络环境中, 注册服务装置存储用户注册及登录信息, 同时为用户信息查询者返回用户注册及登录信息。注册服务单元加入 注册服务装置的过程: 由顶级注册服务单元启动, 完成注册服务装置 初识化, 即可以提供用户信息注册、 用户登录、 用户注册及登录信息 查询服务、 服务入口点查询服务; 其次、 根 NAT设备控制的网络中的 基本注册服务单元向注册服务装置注册加入系统; 再次、 第二层 NAT 基本注册服务单元向注册服务装置注册加入系统; 再次、 第三层 NAT 基本注册服务单元向注册服务装置注册加入系统。按上述方式,根据 需要,基本注册服务单元顺序加入注册服务装置, 为名字注册服务系 统 1 0提供服务。 公有网络中只有一个顶级注册服务单元; 每个私有 网络中只有一个基本注册服务单元。 下面对注册服务单元的描述中, 每个注册服务单元运行于一台服务器。当注册服务单元由多台服务器 构成时, 至少需要现有用户注册信息及用户登录信息的内容, 同时需 要在现有信息内容的的基础上, 针对分布式系统的特征进行扩展, 维 持多服务入口与 NAT设备间的映射关系, 及注册单元间的访问关系。 当注册服务单元由多台服务器构成时, 开发人员, 不难以本发方法的 精神实质, 针对分布式系统的特征在注册、 登录、 查询等方法上进行 扩展。 In a multi-layer NAT network environment, the registration service device stores user registration and login information. At the same time, the user registration and login information is returned for the user information finder. The process of registering the service unit to join the registration service device: Starting by the top-level registration service unit, the registration service device is initially recognized, that is, the user information registration, the user login, the user registration and the login information inquiry service, and the service entry point inquiry service can be provided; The basic registration service unit in the network controlled by the root NAT device registers with the registration service device to join the system; again, the second layer NAT basic registration service unit registers with the registration service device to join the system; again, the third layer NAT basic registration service unit The registration service device is registered to join the system. In the above manner, the basic registration service unit sequentially joins the registration service device to provide services for the name registration service system 10 as needed. There is only one top-level registration service unit in the public network; there is only one basic registration service unit in each private network. In the following description of the registration service unit, each registration service unit runs on a server. When the registration service unit is composed of multiple servers, at least the existing user registration information and the content of the user login information are required, and the characteristics of the distributed system need to be expanded based on the existing information content to maintain the multi-service portal. The mapping relationship with the NAT device and the access relationship between the registered units. When the registration service unit is composed of multiple servers, the developer is not difficult to extend the spirit of the method, and the features of the distributed system are extended in registration, login, query, and the like.
图 5为注册服务装置组建流程,该过程是注册服务单元加入注册 服务装置的例子。 注册服务装置 2001通过架设在公有网络中的顶级 注册服务器 201 1进行初识化。该顶级注册服务单元 201 1配有公有网 络的网络地址, 该地址及提供服务的端口在系统内为公知服务入口, 或可通过系统定义的方法获得。 NAT设备 1 01 0直接接入公有网络, 为根 NAT设备。注册服务单元 2021部署在根 NAT设备控制的网络中。 NAT设备对经过的数据分组的源或目的地址进行修改, 图中忽略 NAT 设备对数据分组修改的描述。  Figure 5 is a registration service device building process, which is an example of a registration service unit joining a registration service device. The registration service device 2001 performs initial recognition by the top-level registration server 201 1 installed in the public network. The top level registration service unit 201 1 is provided with a network address of the public network, which is a well-known service portal within the system, or can be obtained by a system defined method. The NAT device 1 01 0 directly accesses the public network and is the root NAT device. The registration service unit 2021 is deployed in a network controlled by the root NAT device. The NAT device modifies the source or destination address of the traversed data packet. The description of the modification of the data packet by the NAT device is ignored in the figure.
•根 NAT设备控制的网络中的注册服务单元 2021向顶级注册服 务单元 201 1 发 "服务单元注册消息"; 该消息中包括注册服务单元 2021的网络地址、 端口、 标识、 预设层级信息为 1 , 表明该注册服务 单元 2021为第一层注册服务单元, 及所属 NAT设备控制的网络到公 有网络的最短距离为 1。  The registration service unit 2021 in the network controlled by the root NAT device sends a "service unit registration message" to the top-level registration service unit 201 1; the message includes the network address, port, identity, and preset hierarchy information of the registration service unit 2021. , indicating that the registration service unit 2021 is the first layer registration service unit, and the shortest distance from the network controlled by the NAT device to the public network is 1.
*顶级注册服务单元 201 1收到 "服务单元注册消息,, 后, 根据 携带该消息的数据分组的网络地址及该消息中携带的注册服务单元 网络地址是否相同, 判断该消息是否经过 NAT设备转换; 如果经过 NAT设备转换, 提取该注册请求中的层级信息, 如果层级比当前注册 服务单元大 1 , 则在子注册服务单元记录表中记录该注册服务单元的 网络地址、 端口、 标识及对应的 NAT设备的网络地址和端口, 并向发 送该消息的服务单元返回注册成功消息;如果层级与当前注册服务单 元的层级的级差比 1大,同时子注册服务单元记录表中没有该 NAT设 备对应的注册服务单元的记录, 返回注册失败消息; 如果未经过 NAT 设备转换, 返回注册失败消息。 * The top-level registration service unit 201 1 receives the "service unit registration message, and then determines whether the message is converted by the NAT device according to whether the network address of the data packet carrying the message and the network address of the registration service unit carried in the message are the same. ; If the NAT device converts, extract the hierarchical information in the registration request, if the level is more than the current registration If the service unit is greater than 1, the network address, the port, the identifier, and the network address and port of the corresponding NAT device are recorded in the sub-registration service unit record table, and a registration success message is returned to the service unit that sent the message; If the level difference between the level and the current registered service unit level is greater than 1, and the record of the registered service unit corresponding to the NAT device is not in the child registration service unit record table, a registration failure message is returned; if the NAT device is not converted, the registration failure is returned. Message.
图 6为注册服务装置组建流程,该过程是注册服务单元加入注册 服务装置的例子。 该顶级注册服务单元 201 1配有公有网络的网络地 址, 该地址及提供服务的端口在系统内为公知服务入口, 或可通过系 统定义的方法获得。第一 NAT设备 1 01 0直接接入公有网络,为根 NAT 设备。第一注册服务单元 2021部署在根 NAT设备 1 01 0控制的网络中。 第二 NAT设备 1 020直接接入根 NAT设备 1 01 0控制的网络,第二注册 服务单元 2031部署在第二 NAT设备 1 020控制的网络中。第二 NAT设 备 1 020控制的网络中的联网主机、 联网设备可以访问根 NAT设备控 制的网络中的联网主机、 联网设备。 NAT设备对经过的数据分组源或 目的地址进行修改, 该图中忽略 NAT设备对数据分组修改的描述。  Figure 6 is a registration service device building process, which is an example of a registration service unit joining a registration service device. The top level registration service unit 201 1 is provided with a network address of the public network, the address and the port providing the service being a well-known service portal within the system, or may be obtained by a system defined method. The first NAT device 1 01 0 directly accesses the public network and is the root NAT device. The first registration service unit 2021 is deployed in a network controlled by the root NAT device 1000-1. The second NAT device 1 020 directly accesses the root NAT device 1 01 0 controlled network, and the second registration service unit 2031 is deployed in the network controlled by the second NAT device 1 020. The networked host and the networked device in the network controlled by the second NAT device 1 020 can access the networked host and the networked device in the network controlled by the root NAT device. The NAT device modifies the passed data packet source or destination address. The description of the data packet modification by the NAT device is ignored in the figure.
•第二 NAT设备 1 020控制的网络中的第二注册服务单元 2031向 顶级注册服务单元 201 1发 "服务单元注册消息 ", 该消息中包括本注 册服务单元 2031 的网络地址、 端口、 标识、 预设层级信息为 2 , 表 明该注册服务单元 2031所属 NAT设备 1 020控制的网络到公有网络的 最短距离 2。  The second registration service unit 2031 in the network controlled by the second NAT device 1 020 sends a "service unit registration message" to the top-level registration service unit 201 1 , the message including the network address, port, identity of the registration service unit 2031, The preset level information is 2, indicating that the registration service unit 2031 belongs to the shortest distance 2 of the network controlled by the NAT device 1 020 to the public network.
*顶级注册服务单元 201 1收到 "服务单元注册消息,, 后, 根据 携带该消息的数据分组的网络地址及该注册申请消息中携带的注册 服务器网络地址是否相同, 判断该消息是否经过 NAT设备转换; 如果 经过 NAT设备转换,提取该注册请求中的层级信息, 如果层级与当前 注册服务单元的层级的级差比 1大,则在子注册服务单元记录表查找 同 NAT设备对应的注册服务单元, 如果该注册服务单元存在, 向第二 注册服务单元 2031返回包含 NAT设备 1 01 0对应的注册服务单元的网 络地址和端口的重定向应答消息。  * The top-level registration service unit 201 1 receives the "service unit registration message, and then determines whether the message passes through the NAT device according to whether the network address of the data packet carrying the message and the registration server network address carried in the registration application message are the same. Converting; if the NAT device converts, extracts the hierarchical information in the registration request, if the level difference between the level and the current registered service unit is greater than 1, the sub-registration service unit record table searches for the registration service unit corresponding to the NAT device, If the registration service unit exists, a redirect response message including the network address and port of the registration service unit corresponding to the NAT device 101 is returned to the second registration service unit 2031.
*第二注册服务单元 2031收到注册服务装置的重定向应答消息 后, 根据消息中包括的注册服务单元的网络地址、 端口信息, 向注册 服务装置发 "服务单元注册消息"; 该消息中包括第二注册服务单元 2031 的网络地址、 端口、 预设层级信息为 2 , 表明该注册服务单元 2031所属 NAT设备 1 020控制的网络到公有网络的最短距离。 After receiving the redirect response message of the registration service device, the second registration service unit 2031 sends a "service unit registration message" to the registration service device according to the network address and port information of the registration service unit included in the message; The network address, port, and preset level information of the second registration service unit 2031 is 2, indicating that the registration service unit 2031 The shortest distance from the network controlled by the NAT device 1 020 to the public network.
*第一注册服务单元 2021收到 "服务单元注册消息" 后, 根据 携带该消息的数据分组的网络地址及该注册申请消息中携带的注册 服务器网络地址是否相同, 判断该消息是否经过 NAT设备转换; 如果 经过 NAT设备转换,提取该注册请求中的层级信息, 如果层级比当前 注册服务单元大 1 , 则在子注册服务单元记录表中记录该注册服务单 元 2031的网络地址、端口及对应的 NAT设备 1 020的网络地址和端口, 向第二注册服务单元 2031返回注册成功消息; 如果层级与当前注册 服务单元的层级的级差比 1大,同时子注册服务单元记录表中没有该 NAT设备对应的注册服务单元的记录, 返回注册失败消息; 如果未经 过 NAT设备转换, 返回注册失败消息。  After receiving the "service unit registration message", the first registration service unit 2021 determines whether the message is converted by the NAT device according to whether the network address of the data packet carrying the message and the network address of the registration server carried in the registration application message are the same. If the NAT device converts the hierarchical information in the registration request, if the hierarchy is greater than the current registered service unit, the network address, port, and corresponding NAT of the registration service unit 2031 are recorded in the sub-registration service unit record table. The network address and port of the device 1 020 return a registration success message to the second registration service unit 2031; if the level difference between the level and the current registration service unit is greater than 1, the sub-registration service unit record table does not have the corresponding NAT device. Register the record of the service unit and return the registration failure message; if the NAT device has not been converted, return the registration failure message.
图 7为注册服务装置组建流程,该过程是注册服务单元加入注册 服务装置的例子。顶级注册服务单元 201 1配有公有网络的网络地址, 该地址及提供服务的端口在系统内为公知服务入口,或可通过系统定 义的方法获得。 第一 NAT设备 1 01 0直接接入公有网络, 为根 NAT设 备。 第一注册服务单元 2021部署在根 NAT设备 1 01 0控制的网络中; 第二 NAT设备 1 020直接接入根 NAT设备 1 01 0控制的网络,第一注册 服务单元代理 2032和第二注册服务单元 2031部署在第二 NAT设备 1 020控制的网络中。 第二 NAT设备 1 020控制的网络中的联网主机、 联网设备可以访问根 NAT设备控制的网络中的联网主机、 联网设备。 NAT设备对经过的数据分组源或目的地址进行修改, 图中忽略 NAT设 备对数据分组修改的描述。  Figure 7 is a registration service device building process, which is an example of a registration service unit joining a registration service device. The top-level registration service unit 201 1 is provided with a network address of the public network, which is a well-known service portal within the system, or can be obtained by a system-defined method. The first NAT device 1 01 0 directly accesses the public network and is the root NAT device. The first registration service unit 2021 is deployed in the network controlled by the root NAT device 101. The second NAT device 1 020 directly accesses the network controlled by the root NAT device 101, the first registration service unit agent 2032 and the second registration service. The unit 2031 is deployed in a network controlled by the second NAT device 1 020. The networked host and the networked device in the network controlled by the second NAT device 1 020 can access the networked host and the networked device in the network controlled by the root NAT device. The NAT device modifies the source or destination address of the data packet that has passed, and the description of the modification of the data packet by the NAT device is ignored.
•第一注册服务单元代理 2032在第二 NAT设备 1 020控制的网络 中广播包含第一注册服务装置网络地址和端口的消息。  • The first registration service unit agent 2032 broadcasts a message containing the first registration service device network address and port in the network controlled by the second NAT device 1 020.
•第二注册服务单元 2031监听第二 NAT设备 1 020控制的网络中 广播的包含第一注册服务装置网络地址和端口的消息。  • The second registration service unit 2031 listens for a message containing the first registration service device network address and port broadcast in the network controlled by the second NAT device 1 020.
*第二注册服务单元 2031收到包含注册服务装置网络地址和端 口的消息后,根据消息中提供的注册服务装置的网络地址和端口向注 册服务装置发 "服务单元注册消息", 该消息中包括第二注册服务单 元 2031 的网络地址、 端口、 预设层级信息 2 , 表明该注册服务单元 2031所属 NAT设备 1 020控制的网络到公有网络的最短距离。  * After receiving the message including the registration service device network address and port, the second registration service unit 2031 sends a "service unit registration message" to the registration service device according to the network address and port of the registration service device provided in the message, and the message includes The network address, port, and preset level information 2 of the second registration service unit 2031 indicate the shortest distance from the network controlled by the NAT device 1 020 to the public network to which the registration service unit 2031 belongs.
*第一注册服务单元 2021收到 "服务单元注册消息" 后, 根据 携带该消息的数据分组的网络地址及该注册申请消息中携带的注册 服务器网络地址是否相同, 判断该消息是否经过 NAT设备; 如果经过 NAT设备, 提取该注册请求中的层级信息, 如果层级比当前注册服务 单元大 1, 则在子注册服务单元记录表中记录该注册服务单元 2031 的网络地址、 端口及对应的 NAT设备 1020的网络地址和端口, 向第 二注册服务单元 2031返回注册成功消息; 如果层级与当前注册服务 单元的层级的级差比 1大, 同时子注册服务单元记录表中没有该 NAT 设备对应的注册服务单元的记录, 返回注册失败消息; 如果未经过 NAT设备, 返回注册失败消息。 * After receiving the "service unit registration message", the first registration service unit 2021, based on the network address of the data packet carrying the message and the registration carried in the registration application message Whether the server network address is the same, determining whether the message passes through the NAT device; if the NAT device extracts the hierarchical information in the registration request, if the level is greater than the current registered service unit, the registration is recorded in the sub-registration service unit record table. The network address of the service unit 2031, the port and the network address and port of the corresponding NAT device 1020, return a registration success message to the second registration service unit 2031; if the level difference between the level and the current registration service unit is greater than 1, the sub-registration The service unit record table does not have a record of the registration service unit corresponding to the NAT device, and returns a registration failure message; if the NAT device is not passed, a registration failure message is returned.
图 7 所示第二注册服务单元代理不提供消息转发功能。 如果必 要, 开发人员不难开发出有消息转发功能的注册服务器代理。  The second registration service unit agent shown in Figure 7 does not provide message forwarding. If necessary, it is not difficult for developers to develop a registration server proxy with message forwarding capabilities.
另外, 该广播方式可以根据各种服务代理所处网络环境使用有 线、 无线或有线和无线等。  In addition, the broadcast mode can use wired, wireless or wired and wireless, etc. depending on the network environment in which the various service agents are located.
此外, 开发人员不难参考图 5—图 7的实例, 在多层 NAT网络中 实现注册服务装置。 此外, 考虑安全性问题, 可以对注册消息进行全 部加密或局部加密。  In addition, it is not difficult for developers to implement the registration service device in a multi-layer NAT network with reference to the examples in Figures 5-7. In addition, registration messages can be fully encrypted or partially encrypted, taking into account security issues.
图 14为注册服务装置中注册服务单元收到 "服务单元注册消息" 后的处理方法。  Figure 14 is a flowchart of the processing method after the registration service unit receives the "service unit registration message" in the registration service device.
S1000:开始;  S1000: Start;
S1001:等待接收数据分组;  S1001: waiting to receive a data packet;
S1002:是否收到数据分组,如没有收到数据分组, 转 S1001,如收 到数据分组, 转 S1003;  S1002: Whether the data packet is received, if no data packet is received, go to S1001, if the data packet is received, go to S1003;
S1003:提取数据分组中的消息;  S1003: extract a message in a data packet;
S1004:判别是否为 "服务单元注册消息", 如果不是, 转 S1200, 如果是, 转 S1100;  S1004: Determine whether it is "service unit registration message", if not, go to S1200, if yes, go to S1100;
S1100:根据携带消息的数据分组的源地址和消息中的服务单元 的网络地址判定该消息是否经过 NAT设备, 如果不是, 转 S1130, 如 果是, 转 S1120;  S1100: determining, according to the source address of the data packet carrying the message and the network address of the service unit in the message, whether the message passes through the NAT device, if not, to S1130, if yes, go to S1120;
S1120:提取消息中的层级信息;  S1120: Extract hierarchical information in the message;
S 1121:判别该层级与当前服务单元的层级信息的差是否等于 1 , 如果不是, 转 S1140, 如果是, 转 S1122;  S 1121: determining whether the difference between the level information of the layer and the current service unit is equal to 1, if not, transferring to S1140, if yes, to S1122;
S1122:将消息中的服务单元标识、 网络地址、 端口、 对应的 NAT 的网络地址和端口记录在子注册服务器记录表中; S1122: The service unit identifier, network address, port, and corresponding NAT in the message Network address and port are recorded in the sub-registration server record table;
S1123:向消息发送者返回注册成功的消息,并返回 S1001;  S1123: Returning the message of successful registration to the sender of the message, and returning to S1001;
S1130:向消息发送者返回注册失败的消息,并返回 S1001;  S1130: Returning the message that the registration failed to the message sender, and returning to S1001;
S1140:判别在子注册服务器记录中找和数据分组源地址相对应 的 NAT设备控制的网络中是否有子注册服务器,如果没有,转 S1130, 如果有, 转 S1141;  S1140: discriminate whether there is a sub-registration server in the network controlled by the NAT device corresponding to the source address of the data packet in the sub-registration server record, if not, transfer to S1130, if yes, go to S1141;
S1141:向消息发送者返回包含该子注册服务器的网络地址和端 口的重定向消息,并返回 S1001;  S1141: Return a redirect message containing the network address and port of the sub-registration server to the sender of the message, and return to S1001;
S1200:判别是否为系统应答消息, 如果不是, 转 S1300,如果是, 转 S1201;  S1200: discriminate whether it is a system response message, if not, go to S1300, if yes, go to S1201;
S1201:是否为失败消息,如果不是,转 S1210, 如果是,转 S1202; S1202:结束;  S1201: Whether it is a failure message, if not, go to S1210, if yes, go to S1202; S1202: end;
S1210:判别是否为重定向消息, 如果不是, 转 S1220, 如果是, 转 S1211;  S1210: Determine whether it is a redirect message, if not, go to S1220, if yes, go to S1211;
S1211:触发与 "服务单元注册消息 "对应的重定向消息处理流程, 并返回 S1001;  S1211: trigger a redirect message processing process corresponding to the "service unit registration message", and return to S1001;
S1220: 是否为成功消息,如果是,转 S1221,如果不是,转 S1001; S1220: Whether it is a success message, if yes, go to S1221, if not, go to S1001;
S1221: 触发与 "服务单元注册消息"对应的成功消息处理流程, 并返回 S100L S1221: Trigger a successful message processing flow corresponding to the "service unit registration message", and return to S100L
图 15为注册服务单元向注册服务装置注册的方法。为了维持 NAT 设备中的数据收发对映关系, 注册服务单元需定期执行本方法。  Figure 15 is a method of registering a registration service unit with a registration service device. In order to maintain the data transmission and reception mapping relationship in the NAT device, the registration service unit needs to perform this method periodically.
S1800:开始;  S1800: Start;
S1801:将目标注册服务器记录初始化为公有网络上的顶级注册 服务单元服务入口, 向部署在公有网络上的顶级注册服 务单元发 "服务单元注册消息";  S1801: Initializing the target registration server record as a top-level registration service unit service entry on the public network, and issuing a "service unit registration message" to the top-level registration service unit deployed on the public network;
S1802:等待反馈消息的触发回复;  S1802: Waiting for a trigger reply of the feedback message;
S1803:判断收到的信息是否为失败, 如果是, 转 S1804, 如果不 是, 转 S1810;  S1803: Determine whether the received information is a failure, if yes, go to S1804, if not, go to S1810;
S1810:判断收到的信息是否为成功, 如果是, 转 S1804, 如果不 是, 转 S1820; S 1820:判断收到的信息是否为重定向, 如果不是, 转 S 1802 , 如 果是, 转 S 1821 ; S1810: Determine whether the received information is successful, if yes, go to S1804, if not, go to S1820; S 1820: Determine whether the received information is a redirect, if not, go to S 1802, and if yes, go to S 1821;
S 1821:提取重定向消息中的服务入口,并存储在目标注册服务器 记录中;  S 1821: extracting the service entry in the redirect message and storing it in the target registration server record;
S 1822:根据重定向消息中的网络地址和端口向注册服务装置发 "服务单元注册消息" , 并返回 S 18 02;  S 1822: Send a "service unit registration message" to the registration service device according to the network address and port in the redirect message, and return to S 18 02;
S 1804:结束。  S 1804: End.
4、 注册服务系统 4, registration service system
4. 1、 获取注册服务装置网络地址和端口的工作流程及处理方法 注册服务装置 2001的网络地址和端口作为注册服务装置 2001的 服务入口。 在多层 NAT网络环境下, 对应公有网络和私有网络, 名字 注册服务装置 2001有不同服务入口。 在公有网络的服务入口, 如无 特殊限制,可以被公有网络和各 NAT设备控制的网络中的系统终端设 备访问, 该类端口为全局服务入口; 反之, 只能被部分系统终端设备 访问的端口为局部服务入口。 终端系统 6001获得服务入口后, 才能 向注册服务装置 2001提出注册、 登录和查询请求。  4. 1. Workflow and processing method for obtaining the network address and port of the registration service device The network address and port of the registration service device 2001 are used as service entries of the registration service device 2001. In a multi-layer NAT network environment, the name registration service device 2001 has different service entries for the public network and the private network. The service portal of the public network can be accessed by the system terminal device in the network controlled by the public network and each NAT device without special restrictions. This type of port is a global service entry; otherwise, the port can only be accessed by some system terminal devices. For local service entrances. After the terminal system 6001 obtains the service entry, the registration, login, and inquiry request can be submitted to the registration service device 2001.
图 8为以公有网络中注册服务装置全局服务入口为基础,系统终 端设备 6001向注册服务装置 1 0请求局部服务入口的流程图。该流程 图是系统终端设备获得注册服务装置服务入口的例子。顶级注册服务 单元 201 1配有公有网络的网络地址, 该地址及提供服务的端口在系 统内为公知服务入口, 或可通过系统定义的方法获得。 第一 NAT设备 1 01 0直接接入公有网络,为根 NAT设备。第二基本注册服务单元 2021 部署在根 NAT设备 1 01 0控制的网络中;第二 NAT设备 1 020直接接入 根 NAT设备 1 01 0控制的网络,第三基本注册服务单元 2022部署在第 二 NAT设备 1 020控制的网络中, 系统终端设备 6001部署在第二 NAT 设备 1 020控制的网络中。第二 NAT设备 1 020控制的网络中的联网主 机、联网设备可以访问根 NAT设备控制的网络中的联网主机、联网设 备。 NAT设备对经过的数据分组源或目的地址进行修改,图中忽略 NAT 设备对数据分组修改的描述。  Figure 8 is a flow diagram of the system terminal device 6001 requesting a local service entry from the registration service device 10 based on the registration service device global service entry in the public network. The flowchart is an example of a system terminal device obtaining a registration service device service entry. The top-level registration service unit 201 1 is provided with a network address of the public network, which is a well-known service portal within the system, or can be obtained by a system-defined method. The first NAT device 1 01 0 directly accesses the public network and is the root NAT device. The second basic registration service unit 2021 is deployed in the network controlled by the root NAT device 101. The second NAT device 1 020 directly accesses the network controlled by the root NAT device 101, and the third basic registration service unit 2022 is deployed in the second. In the network controlled by the NAT device 1 020, the system terminal device 6001 is deployed in the network controlled by the second NAT device 1 020. The networked host and networked device in the network controlled by the second NAT device 1 020 can access the networked host and the networked device in the network controlled by the root NAT device. The NAT device modifies the source or destination address of the data packet that has passed, and the description of the modification of the data packet by the NAT device is ignored in the figure.
•系统终端设备 6001向注册服务装置的全局服务入口发送 "服务 入口查询消息"; *顶级注册服务单元 201 1收到 "服务入口查询消息"后, 根据逻 辑判断是否能够执行(见图 16 ), 如果能够执行返回成功消息, 如果 不能执行, 判断是否可以重定向到子注册服务单元, 如果可以返回重 定向消息;本实施例中返回包括第一基本注册服务单元 2021网络地址 和端口的重定向消息; • The system terminal device 6001 sends a "service portal query message" to the global service portal of the registration service device; * After receiving the "Service Entry Query Message", the top-level registration service unit 201 1 judges whether it can be executed according to logic (see FIG. 16). If the return success message can be executed, if it cannot be executed, it is determined whether it can be redirected to the sub-registration service unit. If the redirect message can be returned; in this embodiment, a redirect message including the network address and port of the first basic registration service unit 2021 is returned;
•系统终端设备 6001收到重定向应答消息后,根据消息中包含的 注册服务装置的服务入口, 向注册服务装置发 "服务入口查询消息"; After receiving the redirect response message, the system terminal device 6001 sends a "service portal query message" to the registration service device according to the service entry of the registration service device included in the message;
*第一基本注册服务单元 2021收到 "服务入口查询消息"后, 根 据逻辑判断是否能够执行, 如果能够执行返回成功消息, 如果不能执 行, 判断是否可以重定向到子注册服务单元, 如果可以, 则返回重定 向消息;本实施例中返回包含第二基本注册服务单元 2022网络地址和 端口的重定向消息。 * After receiving the "service entry query message", the first basic registration service unit 2021 determines whether it can be executed according to logic. If the return success message can be executed, if it cannot be executed, it is determined whether it can be redirected to the sub-registration service unit, if possible, Then, a redirect message is returned; in this embodiment, a redirect message containing the network address and port of the second basic registration service unit 2022 is returned.
•系统终端设备 6001收到重定向应答消息后,根据消息中包含的 注册服务装置的服务入口, 向注册服务装置发 "服务入口查询消息"; After receiving the redirect response message, the system terminal device 6001 sends a "service portal query message" to the registration service device according to the service entry of the registration service device included in the message;
*第二基本注册服务单元 2021收到 "服务入口查询消息"后, 根 据逻辑判断是否能够执行, 如果能够执行返回成功消息, 如果不能执 行, 判断是否可以重定向到子注册服务单元, 如果可以, 返回重定向 消息, 本实施例中返回成功应答消息。 * After receiving the "service entry query message", the second basic registration service unit 2021 determines whether it can be executed according to logic. If the return success message can be executed, if it cannot be executed, it is determined whether it can be redirected to the sub-registration service unit, if possible, Returning the redirect message, in this embodiment, a success response message is returned.
•系统终端设备 6001收到成功应答消息后,将消息中包含的注册 服务装置的服务入口存储在本地目标注册服务装置记录中。  • After receiving the success response message, the system terminal device 6001 stores the service entry of the registration service device included in the message in the local target registration service device record.
图 8中的请求消息可以通过有线或 /和无线收发。  The request message in Figure 8 can be sent or received by wire or / and wireless.
图 9为通过监听包含注册服务装置服务入口、 系统终端设备 6001 获取局部服务入口的流程图。该流程图是系统终端设备获得注册服务 装置服务入口的例子。顶级注册服务单元 201 1配有公有网络的网络地 址, 该地址及提供服务的端口在系统内为公知服务入口, 或可通过系 统定义的方法获得。 第一 NAT设备 1 01 0直接接入公有网络, 为根 NAT 设备。 第一基本注册服务单元 2021部署在根 NAT设备 1 01 0控制的网络 中; 第二 NAT设备 1 020直接接入根 NAT设备 1 01 0控制的网络, 第二基本 注册服务单元 2022部署在第二 NAT设备 1 020控制的网络中, 系统终端 设备 6001部署在第二 NAT设备 1 020控制的网络中。 第二 NAT设备 1 020 控制的网络中的联网主机、 联网设备可以访问根 NAT设备控制的网络 中的联网主机、 联网设备。 NAT设备对经过的数据分组源或目的地址 进行修改, 图中忽略 NAT设备对数据分组修改的描述。 •第二基本注册服务单元 2022在所属 NAT控制的网络中广播包 含注册服务装置网络地址和端口的消息; FIG. 9 is a flow chart for obtaining a local service entry by monitoring a service entry including a registration service device and a system terminal device 6001. The flowchart is an example in which the system terminal device obtains a registration service device service entry. The top-level registration service unit 201 1 is provided with a network address of the public network, which is a well-known service portal within the system, or can be obtained by a system-defined method. The first NAT device 101 0 directly accesses the public network and is a root NAT device. The first basic registration service unit 2021 is deployed in the network controlled by the root NAT device 101. The second NAT device 1 020 directly accesses the network controlled by the root NAT device 101, and the second basic registration service unit 2022 is deployed in the second. In the network controlled by the NAT device 1 020, the system terminal device 6001 is deployed in the network controlled by the second NAT device 1 020. The networked host and the networked device in the network controlled by the second NAT device 1 020 can access the networked host and the networked device in the network controlled by the root NAT device. The NAT device modifies the source or destination address of the data packet that has passed, and the description of the modification of the data packet by the NAT device is ignored in the figure. • The second basic registration service unit 2022 broadcasts a message containing the registration service device network address and port in the network to which the NAT is controlled;
•系统终端设备 6001在监听包含注册服务装置网络地址和端口 的消息的广播消息;  • The system terminal device 6001 is listening for a broadcast message containing a message of the registered service device network address and port;
•系统终端设备 6001收到广播消息后,将消息中包含的注册服务 装置的服务入口存储在本地目标注册服务装置的记录中。  • After receiving the broadcast message, the system terminal device 6001 stores the service entry of the registration service device included in the message in the record of the local target registration service device.
此外,图 9中所述通过广播形式发布服务入口的方式可以使用公 示、预先告知用户等方式代替, 由用户通过人工的方式对系统终端设 备 6001进行配置。  In addition, the manner in which the service portal is published in the form of a broadcast as described in FIG. 9 can be replaced by means of publicity, pre-notification of the user, etc., and the system terminal device 6001 is manually configured by the user.
图 1 0示出当通过监听包含注册服务装置服务入口时系统终端设 备 6001获取局部服务入口的流程。该流程图是系统终端设备获得注册 服务装置服务入口的例子。顶级注册服务单元 201 1配有公有网络的网 络地址, 该地址及提供服务的端口在系统内为公知服务入口, 或可通 过系统定义的方法获得。 第一 NAT设备 1 01 0直接接入公有网络, 为根 NAT设备。第一基本注册服务单元 2021部署在根 NAT设备 1 01 0控制的网 络中; 第二 NAT设备 1 020直接接入根 NAT设备 1 01 0控制的网络, 第一基 本注册服务单元代理 2023部署在第二 NAT设备 1 020控制的网络中, 系 统终端设备 6001部署在第二 NAT设备 1 020控制的网络中。第二 NAT设备 1 020控制的网络中的联网主机、 联网设备可以访问根 NAT设备控制的 网络中的联网主机、 联网设备。 NAT设备对经过的数据分组源或目的 地址进行修改, 图中忽略 NAT设备对数据分组修改的描述。 服务单元 代理和被代理服务单元间可以有私有通信接口,用于服务单元代理和 被代理服务单元间的信息交互。  Figure 10 shows the flow of the system terminal device 6001 to obtain a partial service entry when listening to the service entry including the registration service device. The flow chart is an example of a system terminal device obtaining a registration service device service entry. The top-level registration service unit 201 1 is provided with a network address of the public network, which is a well-known service portal within the system, or can be obtained by a system-defined method. The first NAT device 1 01 0 directly accesses the public network and is the root NAT device. The first basic registration service unit 2021 is deployed in the network controlled by the root NAT device 101. The second NAT device 1 020 directly accesses the network controlled by the root NAT device 101. The first basic registration service unit agent 2023 is deployed in the first In the network controlled by the NAT device 1 020, the system terminal device 6001 is deployed in the network controlled by the second NAT device 1 020. The networked host and the networked device in the network controlled by the second NAT device 1 020 can access the networked host and the networked device in the network controlled by the root NAT device. The NAT device modifies the source or destination address of the data packet that has passed, and the description of the modification of the data packet by the NAT device is ignored in the figure. Service Units There may be a private communication interface between the agent and the agent service unit for information exchange between the service unit agent and the agent service unit.
•第一基本注册服务单元代理 2023在所述 NAT控制的网络中广播 包含注册服务装置网络地址和端口的消息;  • The first basic registration service unit agent 2023 broadcasts a message containing the registration service device network address and port in the NAT controlled network;
•系统终端设备 6001在监听包含注册服务装置网络地址和端口 的消息的广播消息;  • The system terminal device 6001 is listening for a broadcast message containing a message of the registered service device network address and port;
•系统终端设备 6001收到广播消息后,将消息中包含的注册服务 装置的服务入口存储在本地目标注册服务装置的记录中。  • After receiving the broadcast message, the system terminal device 6001 stores the service entry of the registration service device included in the message in the record of the local target registration service device.
图 1 0中的第一注册服务单元代理不提供消息转发功能, 如果必 要, 开发人员不难开发出有消息转发功能的注册服务器代理。  The first registration service unit agent in Figure 10 does not provide message forwarding. If necessary, it is not difficult for developers to develop a registration server agent with message forwarding.
另外, 在多层 NAT网络中, 开发人员不难根据本流程提出其他相 关流程, 流程的执行过程可以是有线或 /和无线。 In addition, in a multi-layer NAT network, it is not difficult for developers to propose other phases according to this process. The process of executing the process can be wired or/and wireless.
此外,图 10为通过广播形式发布服务入口的方式可以使用公示、 预先告知用户等方式代替,由用户通过人工的方式对服务客户端进行 配置。  In addition, FIG. 10 shows that the manner of publishing the service portal through the broadcast form can be replaced by means of publicity, pre-notifying the user, etc., and the user configures the service client manually.
图 16示出注册服务装置中的注册服务单元收到 "服务入口查询消 息" 后的处理流程图。  Figure 16 is a flow chart showing the processing after the registration service unit in the registration service device receives the "service entry inquiry message".
S2000:开始;  S2000: Start;
S2001 :等待接收数据分组;  S2001: waiting to receive a data packet;
S2002:是否收到数据分组,如没有收到数据分组, 转 S2001, 如 收到数据分组, 转 S2003;  S2002: Whether the data packet is received, if no data packet is received, go to S2001, if the data packet is received, go to S2003;
S2003:提取数据分组中的消息;  S2003: extracting a message in a data packet;
S2004:判别是否为 "服务入口查询消息", 如果不是, 转 S2005, 如果是, 转 S2100;  S2004: Determine whether it is "service entry query message", if not, go to S2005, if yes, go to S2100;
S2100:根据携带消息的数据分组的源地址和消息中的用户终端 的网络地址判别该用户终端是否在 NAT之后,如果不是,转 S2101, 如 果是, 转 S2200;  S2100: determining, according to the source address of the data packet carrying the message and the network address of the user terminal in the message, whether the user terminal is after the NAT, if not, then transferring to S2101, if yes, to S2200;
S2200:在子注册服务器记录表中,查找和数据分组源地址所对应 的 NAT设备控制的网络中是否有子注册服务器,如果没有,转 S2101, 如果有, 转 S2201;  S2200: In the sub-registration server record table, if there is a sub-registration server in the network controlled by the NAT device corresponding to the source address of the data packet, if not, go to S2101, if yes, go to S2201;
S2201:向消息发送者返回包含该子注册服务器的网络地址和端 口的重定向消息,并返回 S2001 ;  S2201: Return, to the message sender, a redirect message including the network address and port of the sub-registration server, and return to S2001;
S2101 :向消息发送者返回成功应答消息,消息中包括可用注册服 务单元的网络地址和端口,并返回 S2001 ;  S2101: returning a success response message to the sender of the message, including the network address and port of the available registration service unit, and returning to S2001;
S2005 : 进行其它处理, 并返回 S2001。  S2005: Perform other processing and return to S2001.
图 17示出系统终端设备获取注册服务装置网络地址和端口的流 程图。 为了维持 NAT设备中的数据收发对映关系, 系统终端设备需定 期执行本方法。  Figure 17 is a flow chart showing the system terminal device acquiring the registration service device network address and port. In order to maintain the data transmission and reception mapping relationship in the NAT device, the system terminal device needs to perform the method periodically.
S2800:开始;  S2800: Start;
S2801:监听广播消息;  S2801: Listening to broadcast messages;
S2802:是否收到包含注册服务装置服务入口的广播消息,如果 是, 转 S2806,如果不是, 转 S2803; S2806:在本地目标注册服务装置记录中记录广播消息中的网络 地址和端口; S2802: Whether a broadcast message containing the service entry of the registration service device is received, if yes, go to S2806, if not, go to S2803; S2806: Record a network address and a port in the broadcast message in the local target registration service device record;
S2807:结束;  S2807: End;
S2803:向部署在公有网络上的顶级注册服务单元发 "服务入口查 询消息", 并用部署在公有网络上的顶级注册服务单元的服务入口初 始化本地目标注册服务装置记录;  S2803: Send a "Service Portal Inquiry Message" to a top-level registration service unit deployed on the public network, and initialize the local target registration service device record with a service entry of a top-level registration service unit deployed on the public network;
S2804:等待回复;  S2804: waiting for a reply;
S2805:判断收到的信息是否为成功消息, 如果是, 转 S2807,如 果不是, 转 S2810;  S2805: Determine whether the received information is a success message. If yes, go to S2807. If not, go to S2810.
S2810:判断收到的信息是否为重定向消息,如果不是,转 S2804 , 如果是, 转 S2811;  S2810: Determine whether the received information is a redirect message, if not, go to S2804, and if yes, go to S2811;
S2811:将重定向消息中注册服务装置的网络地址和端口存入本 地目标注册服务装置记录表中,并根据重定向消息中的网络地址和端 口向注册服务装置发 "服务入口查询消息", 返回 S2804。  S2811: The network address and port of the registration service device in the redirect message are stored in the local target registration service device record table, and the service entry query message is sent to the registration service device according to the network address and port in the redirect message. S2804.
4. 2、 用户信息注册流程及方法 图 11用户使用的系统终端设备向注册服务装置发用户注册信息 (用户开户信息)的过程。 该流程图是用户使用的系统终端设备向注 册服务装置发用户注册信息的例子。 顶级注册服务单元 2011配有公 有网络网络地址, 该地址及提供服务的端口在系统内为公知服务入 口, 或可通过系统定义的方法获得。 第一 NAT设备 1010直接接入公 有网络, 为根 NAT设备。 第一基本注册服务单元 2021部署在根 NAT 设备 1010控制的网络中; 第二 NAT设备 1020直接接入根 NAT设备 1010控制的网络, 第二基本注册服务单元 2031部署在第二 NAT设备 1020控制的网络中, 系统终端设备 6001部署在第二 NAT设备 1020 控制的网络中; 系统终端设备 6001 已经获得了注册服务装置的服务 入口。 第二 NAT设备 1020控制的网络中的联网主机、 联网设备可以 访问根 NAT设备控制的网络中的联网主机、 联网设备。 NAT设备对经 过的数据分组地源或目的地址进行修改,该图中忽略 NAT设备对数据 分组修改的描述 4. 2. User Information Registration Process and Method FIG. 11 shows the process in which the system terminal device used by the user sends user registration information (user account opening information) to the registration service device. This flowchart is an example in which the system terminal device used by the user transmits user registration information to the registration service device. The top-level registration service unit 2011 is equipped with a public network network address, which is a well-known service portal within the system, or can be obtained by a system-defined method. The first NAT device 1010 directly accesses the public network and is a root NAT device. The first basic registration service unit 2021 is deployed in the network controlled by the root NAT device 1010; the second NAT device 1020 directly accesses the network controlled by the root NAT device 1010, and the second basic registration service unit 2031 is deployed in the second NAT device 1020. In the network, the system terminal device 6001 is deployed in the network controlled by the second NAT device 1020; the system terminal device 6001 has obtained the service portal of the registration service device. The networked host and the networked device in the network controlled by the second NAT device 1020 may Access networked hosts and networked devices in the network controlled by the root NAT device. The NAT device modifies the source or destination address of the passed data packet. The description of the modification of the data packet by the NAT device is ignored in the figure.
• 系统终端设备 6001向顶级注册服务单元 201 1发"用户注册消 息", 消息中至少包括用户标识、 用户使用终端的网络地址; • 顶级注册服务单元 201 1收到用户注册消息后, 在用户注册信 息记录表中查找是否有相同用户标识,如果没有相同用户标识 将该用户用户标识及相关信息加入用户注册信息记录表,判断 该 "用户注册消息"是否经过 NAT设备(例如,根据携带该 "用 户注册消息"的数据分组的源地址和消息中的用户使用终端的 网络地址判断该消息是否经过 NAT设备 ),如果经过 NAT设备, 则在子注册服务器记录中查找与该 NAT设备相关的注册服务 单元, 如果子注册服务单元存在, 则返回重定向应答消息, 消 息中包括该注册服务单元的服务入口; 如果不经过 NAT设备, 或该 NAT设备没有相关的子注册服务单元, 则返回成功消息; 如果用户标识存在则返回失败应答消息。  • The system terminal device 6001 sends a “user registration message” to the top-level registration service unit 201 1 , where the message includes at least the user identifier and the network address of the user-used terminal; • the top-level registration service unit 201 1 registers with the user after receiving the user registration message. If the same user identifier is not found in the information record table, if the user identifier and related information are not added to the user registration information record table, it is determined whether the "user registration message" passes through the NAT device (for example, according to the user) The source address of the data packet of the registration message and the user in the message use the network address of the terminal to determine whether the message passes through the NAT device. If the NAT device passes, look up the registration service unit related to the NAT device in the sub-registration server record. If the sub-registration service unit exists, returning a redirect response message, where the message includes the service entry of the registration service unit; if the NAT device is not passed, or the NAT device does not have an associated sub-registration service unit, a success message is returned; User ID exists Back failure response message.
• 系统终端设备收到应答消息后,如果为失败应答消息或成功应 答消息则结束注册,如果为重定向应答消息则根据消息中的注 册服务单元服务入口发 "用户注册消息", 消息中至少包括用 户标识、 用户使用终端的网络地址;  • After receiving the response message, the system terminal device ends the registration if it is a failure response message or a success response message. If it is a redirect response message, it sends a "user registration message" according to the registration service unit service entry in the message. The message includes at least User ID, the network address of the user using the terminal;
• 第一注册服务单元 2021收到用户注册消息后, 在用户注册信 息记录表中查找是否有相同用户标识,如果没有相同用户标识 将该用户用户标识及相关信息加入用户注册信息记录表,判断 该 "用户注册消息"是否经过 NAT设备(例如,根据携带该 "用 户注册消息"的数据分组的源地址和消息中的用户使用终端的 网络地址判断该消息是否经过 NAT设备 ),如果经过 NAT设备, 则在子注册服务器记录中查找与该 NAT设备相关的注册服务 单元, 如果子注册服务单元存在, 则返回重定向应答消息, 消 息中包括该注册服务单元的服务入口; 如果不经过 NAT设备, 或该 NAT设备没有相关的子注册服务单元,则返回成功注册消 息; 如果用户标识存在则返回失败应答消息。 After the first registration service unit 2021 receives the user registration message, it searches for the same user identifier in the user registration information record table, if there is no same user identifier. Adding the user user identifier and related information to the user registration information record table, and determining whether the "user registration message" passes through the NAT device (for example, according to the source address of the data packet carrying the "user registration message" and the user using the terminal in the message The network address determines whether the message passes through the NAT device. If the NAT device passes, the registration service unit related to the NAT device is searched in the sub-registration server record. If the sub-registration service unit exists, the redirect response message is returned. The service entry of the registration service unit is included; if the NAT device is not passed, or the NAT device does not have an associated sub-registration service unit, a successful registration message is returned; if the user identification exists, a failure response message is returned.
• 系统终端设备收到应答消息后,如果为失败应答消息或成功应 答消息则结束注册,如果为重定向应答消息则根据消息中的注 册服务单元服务入口发 "用户注册消息", 消息中至少包括用 户标识、 用户使用终端的网络地址;  • After receiving the response message, the system terminal device ends the registration if it is a failure response message or a success response message. If it is a redirect response message, it sends a "user registration message" according to the registration service unit service entry in the message. The message includes at least User ID, the network address of the user using the terminal;
• 第二注册服务单元 2031收到用户注册消息后, 在用户注册信 息记录表中查找是否有相同用户标识,如果没有相同用户标识 将该用户用户标识及相关信息加入用户注册信息记录表,判断 该 "用户注册消息"是否经过 NAT设备(例如,根据携带该 "用 户注册消息"的数据分组的源地址和消息中的用户使用终端的 网络地址判断该消息是否经过 NAT设备 ),如果经过 NAT设备, 则在子注册服务器记录中查找与该 NAT设备相关的注册服务 单元, 如果子注册服务单元存在, 则返回重定向应答消息, 消 息中包括该注册服务单元的服务入口; 如果不经过 NAT设备, 或该 NAT设备没有相关的子注册服务单元,则返回成功注册消 息; 如果用户标识存在则返回失败应答消息。 • 系统终端设备收到应答消息后,如果为失败应答消息或成功应 答消息则结束注册,如果为重定向应答消息则根据消息中的注 册服务单元服务入口发 "用户注册消息", 消息中至少包括用 户标识、 用户使用终端的网络地址; 由于用户注册信息在多级 NAT网络中按层级存在, 当注册服务 单元收到 "用户注册信息查询消息"的时候可以采用多种策略进行查 询。 例如首先在本地用户注册记录表中查寻, 如果用户存在, 则向查 询请求者返回成功消息;如果用户不存在,向顶级注册服务单元查询, 如果收到顶级注册服务单元返回的成功消息,则向查询请求者返回成 功消息; 如果收到顶级注册服务单元返回的失败消息, 则向查询请求 者返回失败消息。 After the second registration service unit 2031 receives the user registration message, it searches for the same user identifier in the user registration information record table. If the user identifier and related information are not added to the user registration information record table, the same is determined. Whether the "user registration message" passes through the NAT device (for example, according to the source address of the data packet carrying the "user registration message" and the network address of the user using the terminal in the message to determine whether the message passes through the NAT device), if it passes through the NAT device, Then, in the sub-registration server record, look up the registration service unit related to the NAT device, and if the sub-registration service unit exists, return a redirect response message, where the message includes the service entry of the registration service unit; if not through the NAT device, Or the NAT device does not have an associated sub-registration service unit, then returns a successful registration message; if the user ID exists, a failure response message is returned. • After receiving the response message, the system terminal device ends the registration if it is a failure response message or a success response message. If it is a redirect response message, it sends a "user registration message" according to the registration service unit service entry in the message. The message includes at least User ID, network address of the user's use terminal; Since the user registration information exists in a hierarchical manner in a multi-level NAT network, when the registration service unit receives the "user registration information query message", it can use multiple policies to query. For example, first search in the local user registration record table, if the user exists, return a success message to the query requester; if the user does not exist, query the top-level registration service unit, if receiving the success message returned by the top-level registration service unit, The query requester returns a success message; if a failure message returned by the top-level registration service unit is received, a failure message is returned to the query requester.
4. 3 用户登录流程及方法 4. 3 User Login Process and Method
图 12示出用户使用的系统终端设备向注册服务装置发送用户登 录信息的流程,该流程图是用户使用的系统终端设备向注册服务装置 发送用户登录信息的例子。 顶级注册服务单元 201 1配有公有网络的 网络地址, 该地址及提供服务的端口在系统内为公知服务入口, 或可 通过系统定义的方法获得。 第一 NAT设备 1 01 0直接接入公有网络, 为根 NAT设备。 第一基本注册服务单元 2021部署在根 NAT设备 1 01 0 控制的网络中;第二 NAT设备 1 020直接接入根 NAT设备 1 01 0控制的 网络,第二基本注册服务单元 2031部署在第二 NAT设备 1 020控制的 网络中,系统终端设备 6001部署在第二 NAT设备 1 020控制的网络中; 系统终端设备 6001 已经获得了注册服务装置的服务入口。 第二 NAT 设备 1 020控制的网络中的联网主机、 联网设备可以访问根 NAT设备 控制的网络中的联网主机、 联网设备。 NAT设备对经过的数据分组的 源或目的地址进行修改, 图中忽略 NAT设备对数据分组修改的描述。 • 系统终端设备 6001将用户登录状态设为未登录,根据本地存 储的注册服务装置的服务入口向注册服务装置发 "用户登录 消息", 消息中至少包括用户标识、 用户登录点, 该用户登录 点为用户使用的系统终端设备的网络地址和端口;FIG. 12 shows a flow of transmitting user login information to a registration service device by a system terminal device used by a user, which is an example in which a system terminal device used by a user transmits user login information to a registration service device. The top-level registration service unit 201 1 is provided with a network address of the public network, which is a well-known service portal within the system, or can be obtained by a system-defined method. The first NAT device 101 0 directly accesses the public network and is a root NAT device. The first basic registration service unit 2021 is deployed in the network controlled by the root NAT device 1010-1; the second NAT device 1 020 directly accesses the network controlled by the root NAT device 101, and the second basic registration service unit 2031 is deployed in the second In the network controlled by the NAT device 1 020, the system terminal device 6001 is deployed in the network controlled by the second NAT device 1 020; the system terminal device 6001 has obtained the service portal of the registration service device. The networked host and the networked device in the network controlled by the second NAT device 1 020 can access the networked host and the networked device in the network controlled by the root NAT device. The NAT device modifies the source or destination address of the traversed data packet, and the description of the modification of the data packet by the NAT device is ignored in the figure. • The system terminal device 6001 sets the user login status to not registered, and sends a “user login message” to the registration service device according to the service entry of the locally stored registration service device, where the message includes at least a user identifier, a user login point, and the user login point. The network address and port of the system terminal device used by the user;
• 第二注册服务单元 2031收到用户登录消息后,根据逻辑决定 是否纪录用户标认识及相关信息, 并决定是否返回应答消息 及返回何种应答消息; 在记录用户登录信息后, 如果本单元 不是顶级注册服务单元, 根据本地目标注册服务器记录向注 册服务装置转发的用户登录消息; After receiving the user login message, the second registration service unit 2031 determines whether to record the user identification and related information according to logic, and determines whether to return the response message and return the response message; after recording the user login information, if the unit is not a top-level registration service unit that records a user login message forwarded to the registration service device according to the local target registration server;
• 系统终端设备收到成功应答消息后, 将用户登录状态设为登 录;  • After receiving the success response message, the system terminal device sets the user login status to login;
• 第一注册服务单元 2021收到用户登录消息后,根据逻辑决定 是否纪录用户标认识及相关信息, 并决定是否返回应答消息 及返回何种应答消息; 在记录用户登录信息后, 如果本单元 不是顶级注册服务单元, 根据本地目标注册服务器记录向注 册服务装置转发的用户登录消息;  After receiving the user login message, the first registration service unit 2021 determines whether to record the user identification and related information according to logic, and determines whether to return the response message and return the response message; after recording the user login information, if the unit is not a top-level registration service unit that records a user login message forwarded to the registration service device according to the local target registration server;
• 顶级注册服务单元 2011用户注册消息后,根据逻辑决定是否 纪录用户标认识及相关信息, 并决定是否返回应答消息及返 回何种应答消息; 在记录用户登录信息后, 如果本单元不是 顶级注册服务单元, 根据本地目标注册服务器记录向注册服 务装置转发的用户登录消息。  • After the top-level registration service unit 2011 user registration message, it is logically determined whether to record the user's identification and related information, and decide whether to return the response message and return the response message; after recording the user login information, if the unit is not the top registration service The unit records the user login message forwarded to the registration service device according to the local target registration server.
另外, 用户需要定期向注册服务装置发用户登录消息, 以保证注 册服务装置中的用户状态为在线状态。如果注册服务装置在特定期限 内没有收到某个用户的用户登录消息,注册服务装置将该用户的状态 设为非在线。 如果系统终端设备移动, 系统终端设备需要重新发用户 登录消息。 图 18为注册服务装置中的注册服务单元收到 "用户登录消息" 后的处理方法。 S3000:开始;  In addition, the user needs to periodically send a user login message to the registration service device to ensure that the user status in the registration service device is online. If the registration service device does not receive a user login message for a certain user within a certain period of time, the registration service device sets the user's status to offline. If the system terminal device moves, the system terminal device needs to resend the user login message. 18 is a processing method after the registration service unit in the registration service device receives the "user login message". S3000: Start;
S3001 :等待接收数据分组; S3001: waiting to receive a data packet;
S3002:是否收到数据分组,如没有收到数据分组, 转 S3001, 如 收到数据分组, 转 S3003; S3002: Whether to receive the data packet, if no data packet is received, go to S3001, such as Receive the data packet, go to S3003;
S3003:提取数据分组中的消息;  S3003: extracting a message in a data packet;
S3004:判别是否为 "用户登录消息", 如果不是, 转 S3005, 如 果是, 转 S 3100;  S3004: Determine whether it is "user login message", if not, go to S3005, if yes, go to S 3100;
S3100:根据消息中的用户登录点判别该消息发送者是否为子注册 服务器, 如果是, 转 S3101, 如果不是, 转 S3200;  S3100: According to the user login point in the message, it is determined whether the sender of the message is a child registration server, and if so, to S3101, if not, to S3200;
S3101:以消息中的用户标识作为用户标识、 以携带该消息的数据 分组源地址和源端口为系统终端设备访问点、 以本单元标 识作为用户登录点,存储在用户登录信息记录表中,顺序执 行 S 3300;  S3101: The user identifier in the message is used as the user identifier, the data packet source address and the source port carrying the message are the system terminal device access point, and the unit identifier is used as the user login point, and is stored in the user login information record table, and the sequence is Execute S 3300;
S3200:查找该用户是否在系统中注册,如没有注册,转 S 3290, 如 已经注册, 转 S3201 ;  S3200: Find whether the user is registered in the system. If there is no registration, go to S 3290. If it is already registered, go to S3201.
S 3201:根据携带消息的数据分组的源地址和消息中的用户使用的 系统终端设备的网络地址判别该系统终端设备是否在 NAT 之后, 如果不是, 转 S3202 , 如果是, 转 S3203; S 3201: determining, according to the source address of the data packet carrying the message and the network address of the system terminal device used by the user in the message, whether the system terminal device is behind the NAT, if not, going to S3202, if yes, going to S3203;
S 3202:将消息中的用户标识作为用户标识、将用户登录点作为用 户登录点, 存储在用户登录信息记录表中;  S 3202: the user identifier in the message is used as the user identifier, and the user login point is used as the user login point, and is stored in the user login information record table;
S 3203:将消息中的用户标识作为用户标识、以携带该消息的数据 分组源地址和源端口为系统终端设备访问点、以本单元标 识作为用户登录点, 存储在用户登录信息记录表中; S3204:向消息发送者返回成功应答消息;  S 3203: the user identifier in the message is used as the user identifier, the data packet source address and the source port carrying the message are the system terminal device access point, and the unit identifier is used as the user login point, and is stored in the user login information record table; S3204: return a success response message to the message sender;
S3300:判别本单元是否为顶级注册服务器, 如果是, 转 S 3001, 如果不是, 转 S3301; S3300: Determine whether the unit is a top-level registration server. If yes, go to S 3001. If not, go to S3301;
S 3301:使用本单元的标识代替收到消息的用户登录点生成新的 用户登录消息;  S 3301: Generate a new user login message by using the identifier of the unit instead of the user login point of the received message;
S3302:根据本地目标注册服务器记录向注册服务装置发送新的用 户登录消息, 返回 S3001 ; S3302: Send a new user login message to the registration service device according to the local target registration server record, and return to S3001;
S3290:向消息发送者返回失败应答消息,返回 S3001;  S3290: Returning a failure response message to the sender of the message, and returning to S3001;
S3005:进行其它处理。  S3005: Perform other processing.
此外, 当用户登录消息在注册服务单元间转发, 本注册服务单元 的子注册服务单元记录中存有下级网络中注册服务单元标识及 NAT 设备相关信息,因此在使用注册服务单元标识作为系统终端设备访问 点时, 可以映射到 NAT设备上的网络地址和端口。 图 19 为用户通过系统终端设备向注册服务装置发用户登录信 息。  In addition, when the user login message is forwarded between the registration service units, the sub-registration service unit record of the registration service unit stores the registration service unit identifier and the NAT device-related information in the subordinate network, and therefore uses the registration service unit identifier as the system terminal device. When accessing a point, it can be mapped to a network address and port on the NAT device. Figure 19 shows the user sending user login information to the registration service device through the system terminal device.
S3800:开始; S3800: Start;
S 3802:设定超时时间,设定终端为未登录状态; S 3802: setting a timeout period, setting the terminal to an unregistered state;
S3803:根据本地目标注册服务装置的记录向注册服务装置发 "用 户登录消息"; S3804:等待回复; S3803: Send a "user login message" to the registration service device according to the record of the local target registration service device; S3804: Waiting for a reply;
S3805:判断是否超时; 如果是, 转 S3809, 如果不是, 转 S 3806; S3806:判断是否为成功消息, 如果不是, 转 S3808 , 如果是, 转 S3807; S3805: Determine whether it times out; if yes, go to S3809, if not, go to S 3806; S3806: judge whether it is a success message, if not, go to S3808, if yes, go to S3807;
S3807:将终端状态设定为登陆; S3809:结束;  S3807: Set the terminal status to login; S3809: End;
S3808:判断是否为失败消息, 如果是, 转 S3809, 如果不是, 转 S 3804。 开发人员不难根据上述用户登录方式, 结合用户注册的需要 进行改进, 用于完成用户注册、 开户任务。 S3808: Determine whether it is a failure message. If yes, go to S3809, if not, turn S 3804. It is not difficult for developers to improve according to the above-mentioned user login method and the needs of user registration, which is used to complete user registration and account opening tasks.
4. 4、 被请求用户的用户登录点获取流程及方法  4. The user login point acquisition process and method of the requested user
图 1 3为主动请求用户通过注册服务系统获取被请求用户的用户 登录点的流程图,该过程是获取被请求用户的用户登录点的过程的例 子。 顶级注册服务单元 201 1配有公有网络的网络地址, 该地址及提 供服务的端口在系统内为公知服务入口,或可通过系统定义的方法获 得。 第一 NAT设备 1 01 0直接接入公有网络, 为根 NAT设备。 第一基 本注册服务单元 2021部署在根 NAT设备 1 01 0控制的网络中; 第二 NAT设备 1 020直接接入根 NAT设备 1 01 0控制的网络, 第二基本注册 服务单元 2031部署在第二 NAT设备 1 020控制的网络中,系统终端设 备 6001部署在第二 NAT设备 1 020控制的网络中;系统终端设备 6001 已经获得了注册服务装置的服务入口。 第二 NAT设备 1 020控制的网 络中的联网主机、联网设备可以访问根 NAT设备控制的网络中的联网 主机、 联网设备。 NAT设备对经过的数据分组的源或目的地址进行修 改, 图中忽略 NAT设备对数据分组修改的描述。  FIG. 13 is a flowchart of actively requesting a user to obtain a user login point of a requested user through a registration service system, and the process is an example of a process of acquiring a user login point of the requested user. The top-level registration service unit 201 1 is provided with a network address of the public network, which is a well-known service portal within the system or can be obtained by a system defined method. The first NAT device 1 01 0 directly accesses the public network and is the root NAT device. The first basic registration service unit 2021 is deployed in the network controlled by the root NAT device 101. The second NAT device 1 020 directly accesses the network controlled by the root NAT device 101, and the second basic registration service unit 2031 is deployed in the second. In the network controlled by the NAT device 1 020, the system terminal device 6001 is deployed in the network controlled by the second NAT device 1 020; the system terminal device 6001 has obtained the service portal of the registration service device. The networked host and the networked device in the network controlled by the second NAT device 1 020 can access the networked host and the networked device in the network controlled by the root NAT device. The NAT device modifies the source or destination address of the traversed data packet, and the description of the modification of the data packet by the NAT device is ignored in the figure.
•系统终端设备 6001根据本地存储的目标注册服务装器纪录口 向注册服务装置发 "用户登录点查找请求消息", 消息中至少包括被 请求用户标识、 随机序号。  The system terminal device 6001 sends a "user login point lookup request message" to the registration service device according to the locally stored target registration service device record port, and the message includes at least the requested user identifier and the random serial number.
•第二注册服务单元 2031收到 "用户登录点查找请求消息"后, 提取消息中的被请求用户标识, 在用户登录信息记录表中查找, 如果 被请求用户标识在用户登录信息记录表中存在,向消息发送者返回包 含被请求用户当前用户登录点的成功消息,消息中包括对应的原请求 消息中的随机序号;如果被请求用户标识在用户登录信息记录表中不 存在, 且本服务节点不是顶级注册服务单元,根据消息中的随机序号 建立消息和消息发送者的映射关系,将该映射关系保存在消息緩存区 中, 根据本地注册服务器纪录, 向注册服务装置转发该 "用户登录点 查找请求消息";  After receiving the "user login point lookup request message", the second registration service unit 2031 extracts the requested user identifier in the message, and searches in the user login information record table, if the requested user identifier exists in the user login information record table. Returning a success message including the current user login point of the requested user to the message sender, where the message includes a random sequence number in the corresponding original request message; if the requested user identifier does not exist in the user login information record table, and the service node It is not a top-level registration service unit. The mapping relationship between the message and the sender of the message is established according to the random sequence number in the message, the mapping relationship is saved in the message buffer area, and the "user login point lookup is forwarded to the registration service device according to the local registration server record. Request message";
•第一注册服务单元 2021收到 "用户登录点查找请求消息"后, 提取消息中的被请求用户标识, 在用户登录信息记录表中查找, 如果 被请求用户标识在用户登录信息记录表中存在,向消息发送者返回包 含被请求用户当前用户登录点的成功消息,消息中包括对应的原请求 消息中的随机序号;如果被请求用户标识不在用户登录信息记录表中 不存在, 且本服务节点不是顶级注册服务单元,根据消息中的随机序 号建立消息和消息发送者的映射关系,将该映射关系保存在消息緩存 区中, 根据本地注册服务器纪录, 向注册服务装置转发该 "用户登录 点查找请求消息"; After receiving the "user login point lookup request message", the first registration service unit 2021 extracts the requested user identifier in the message, and searches in the user login information record table, if the requested user identifier exists in the user login information record table. Returning a success message containing the current user login point of the requested user to the message sender, where the message includes a random sequence number in the corresponding original request message; if the requested user identifier does not exist in the user login information record table, and the service node Not a top-level registration service unit, according to the random order in the message Establishing a mapping relationship between the message and the sender of the message, saving the mapping relationship in the message buffer, and forwarding the "user login point lookup request message" to the registration service device according to the local registration server record;
•顶级注册服务单元 2011收到 "用户登录点查找请求消息"后, 提取消息中的被请求用户标识, 在用户登录信息记录表中查找, 如果 被请求用户标识在用户登录信息记录表中存在,向消息发送者返回包 含被请求用户当前用户登录点的成功消息,消息中包括对应的原请求 消息中的随机序号;如果被请求用户标识不在用户登录信息记录表中 不存在, 且本服务节点是顶级注册服务单元, 向消息发送者返回失败 消息, 消息中包括对应的原请求消息中的随机序号;  • After receiving the "user login point lookup request message", the top-level registration service unit 2011 extracts the requested user identifier in the message, and searches in the user login information record table. If the requested user identifier exists in the user login information record table, Returning a success message containing the current user login point of the requested user to the message sender, where the message includes a random sequence number in the corresponding original request message; if the requested user identifier does not exist in the user login information record table, and the service node is The top-level registration service unit returns a failure message to the message sender, where the message includes a random sequence number in the corresponding original request message;
*第一注册服务单元 2021收到应答消息后, 根据应答消息中的 随机序号找到对应的联接节点查找请求消息发送者,并向该发送者转 发应答消息。  * After receiving the response message, the first registration service unit 2021 finds the corresponding sender node lookup request message sender according to the random sequence number in the response message, and forwards the response message to the sender.
*第二注册服务单元 2022收到应答消息后, 根据应答消息中的 随机序号找到对应的联接节点查找请求消息发送者,并向该发送者转 发应答消息。  * After receiving the response message, the second registration service unit 2022 finds the corresponding sender node lookup request message sender according to the random sequence number in the response message, and forwards the response message to the sender.
•系统终端设备 6001收到应答消息后, 如果为成功应答消息, 则记录消息中的被请求用户的用户登录点; 如果为失败应答消息, 结 束。  • After receiving the response message, the system terminal device 6001 records the user login point of the requested user in the message if it is a success response message; if it is a failure response message, it ends.
上述过程是查找满足条件的用户登录点的基本流程。开发人员不 难根据具体应用中的需求, 对上述流程进行扩展、 变化, 并在找到用 户登录点后对后续执行流程进行改变。但不影响根据被请求用户标识 查询用户登录点过程的本质。  The above process is the basic process of finding a user login point that satisfies the condition. It is not difficult for developers to extend and change the above processes according to the needs of specific applications, and to change the subsequent execution process after finding the user login point. It does not affect the nature of the process of querying the user's logon point based on the requested user ID.
图 20为注册服务装置中的注册服务单元收到 "用户登录点查找 请求消息" 后的处理流程图。  Figure 20 is a flow chart showing the processing after the registration service unit in the registration service device receives the "user login point lookup request message".
S4000:开始;  S4000: Start;
S4001 :等待接收数据分组;  S4001: waiting to receive a data packet;
S4002:是否收到数据分组,如没有收到数据分组, 转 S4001 , 如 收到数据分组, 转 S4003;  S4002: Whether to receive the data packet, if no data packet is received, go to S4001, if the data packet is received, go to S4003;
S4003:提取数据分组中的消息;  S4003: extracting a message in a data packet;
S4004:判别是否为 "用户登录点查找请求消息", 如果不是, 转 S4005 , 如果是, 转 S4100;  S4004: Determine whether it is "user login point lookup request message", if not, go to S4005, if yes, go to S4100;
S4100: 提取消息中的随机序列; S4101 :在转发关系列表中查找相应的发送者,如果有,转 S4106 , 如果没有, 转 S4102; S4100: extracting a random sequence in the message; S4101: Find the corresponding sender in the forwarding relationship list, if yes, go to S4106, if not, go to S4102;
S4102:提出消息中用户标识和被请求用户标识;  S4102: present a user identifier and a requested user identifier in the message;
S4103: 在用户登录信息记录表中查找被请求用户标识是否存 在, 如果是, 转 S4200 , 如果不是, 转 S4104;  S4103: Query whether the requested user identifier exists in the user login information record table, if yes, go to S4200, if not, go to S4104;
S4104:判断本单元是否为顶级注册服务器, 如果是, 转 S4107 , 如果不是, 转 S4105;  S4104: Determine whether the unit is a top-level registration server, if yes, go to S4107, if not, go to S4105;
S4105:根据消息中的随机序列建立消息发送者同该消息的对应 关系, 并存储在转发关系表中;  S4105: Establish a correspondence between the sender of the message and the message according to the random sequence in the message, and store the information in the forwarding relationship table.
S4106:根据本地目标注册服务器记录向注册服务装置转发 "用户 登录点查找请求消息" ,并返回 S4001;  S4106: forwarding a "user login point lookup request message" to the registration service device according to the local target registration server record, and returning to S4001;
S4107:向消息发送者返回失败消息, 并返回 S4001;  S4107: returning a failure message to the sender of the message, and returning to S4001;
S4200:向消息发送者返回成功消息,该消息中包括用户登录信息 记录表中被请求用户的用户登录点, 并返回 S4001 ;  S4200: returning a success message to the sender of the message, where the message includes the user login point of the requested user in the user login information record table, and returns to S4001;
S4005:判别是否为 "用户登录点查找请求消息" 的应答消息, 如 果不是, 转 S4006, 如果是, 转 S4300;  S4005: Determine whether it is a response message of "user login point lookup request message", if not, go to S4006, if yes, go to S4300;
S4300:提取消息中的随机序列;  S4300: extracting a random sequence in the message;
S4301 :在转发关系列表中查找相应的发送者,如果有,转 S4302, 如果没有, 转 S4001;  S4301: Find the corresponding sender in the forwarding relationship list, if any, go to S4302, if not, go to S4001;
S4302:向随机序列对应的消息发送者转发该应答消息,并删除转 发关系列表中的相关项, 并返回 S4001。  S4302: Forward the response message to the sender corresponding to the random sequence, delete the related item in the forwarding relationship list, and return to S4001.
图 21为用户通过用户终端向注册服务装置查询用户登录点的流 程图。  Figure 21 is a flow diagram of a user querying a registration service device for a user login point through a user terminal.
S4800:开始;  S4800: Start;
S4801:设定超时时间;  S4801: setting a timeout period;
S4802:生成随机序号;  S4802: generate a random serial number;
S4803:根据本地目标注册服务器的记录向注册服务装置发 "用户 登录点查找请求消息", 消息中包括随机序号;  S4803: Send a “user login point lookup request message” to the registration service device according to the record of the local target registration server, where the message includes a random serial number;
S4804:等待回复;  S4804: Waiting for a reply;
S4805:判断是否超时, 如果是, 转 S4806 , 如果不是, 转 S4810; S4810: 判断消息中的随机序号是否相同, 如果不同, 转 S4804; S4820:是否为成功消息,如果不是,转 S4830 ,如果是,转 S4821; S4821 :提取消息中的网络地址和端口; S4805: Determine whether it times out, if yes, go to S4806, if not, go to S4810; S4810: Determine whether the random serial numbers in the message are the same, if different, go to S4804; S4820: whether it is a success message, if not, go to S4830, if yes, go to S4821; S4821: extract the network address and port in the message;
S4822:结束;  S4822: End;
S4830:是否为失败, 如果是, 转 S4822, 如果不是, 转 S4804; S4830: Is it a failure, if yes, go to S4822, if not, go to S4804;
S4806: 根据本地目标注册服务器的记录向注册服务装置发 "用 户登录点查找请求消息", 消息中包括随机序号, 返回 S4804。 S4806: Send a "user login point lookup request message" to the registration service device according to the record of the local target registration server, and the message includes a random serial number, and returns to S4804.
5、 基本消息格式 消息名称 目的 消息基本内容 附加说明 服务单元注姻 h 向注册服劣 -装 消息类型、 网络  5, the basic message format message name purpose message basic content additional description service unit note marriage h to the registration service - install message type, network
消息 置注册 地址、 端口、 标 Message registration address, port, standard
识、 预制层级信  Knowledge, prefabricated level letter
 Interest
广播消息 向注册服劣 -单 消息类型、 播注 Broadcast message to the registration service - single message type, broadcast
元广播注姻「服 册服务装置的服  Yuan broadcasts the marriage service of the service device
务装置的朋务 务入口  Service portal
入口  Entrance
服务入口查 J 查询注册朋 Λ 消息类型、 Service entry check J query registration Λ message type,
消息 装置的服劣 -入 Message device
 mouth
用户注册消應 - 添加用户 消息类型 、 用户 在系统中加入一 标识 个新用户 用户注册消, 查找用户 _否 消息类型 、 用户 User registration acknowledgment - Add user Message type, User Add a logo to the system New user User registration, Find user _ No Message type, User
查询消息 在系统中开户 标识 用户登录消應 - 用户登录 消息类型、 用户 用户登录点可以 标识、 用户登录 . 是网络地址和端 点, 口, 或是可以转 Query message Open account in the system Identification User login response - User login Message type, user User login point can be identified, user login. Is the network address and endpoint, port, or can be transferred
4匕为网络地址和 端口的标只 用户登录点 : 查询被请求 -用 消息类型、 用户  4匕 is the network address and port of the user only login point: query is requested - with message type, user
找请求消息 户的用户壁录 标识、 被请求用 Find the user's wall record of the request message, and request it.
占 户标识、 随机序 号 Accountant identity, random order number
成功应答消息 向消息发出者 消息类型标识, 对于 "用户登录 返回成功信 该应答消息对应 点查找请求消 息, 的请求消息类 息" 包括用户登 型。 录点、随机序号。 Success Reply Message To the message sender, the message type identifier, for "user login returns a success message, the response message corresponding to the point lookup request message, request message information" includes user login. Recorded points, random serial numbers.
对于 "服务入口 查询消息" 包括 网络地址和端 口。  For "service entry query messages" include network addresses and ports.
其它请求的应 答, 见相关算法 要求  For other requests, see related algorithm requirements.
失败应答消息 向消息发出者 消息类型标识, Failure response message to the message sender, the message type identifier,
返回失败信息 该应答消息对应  Return failure information
的请求消息类  Request message class
型。  type.
重定向消息 向消息发出者 消息类型标识, 重定向消息为应 返回包括注册 对应答复的请求 答消息的一种。 服务装置的网 消息类型、 对于查询注册装 给地址和端口 置服务入口的消 息, 返回相应的 网给地址和端口 其它请求的应 答, 见相关算法 要求 Redirect message To the message sender, the message type is identified, and the redirect message is a type that should return a request A message including the registration corresponding response. The message type of the service device, the message for querying the registration address and port setting service entry, return the corresponding network address and port for the response of other requests, see related algorithm requirements.
6、 基于会话协议对注册服务系统的改进 6. Improvement of registration service system based on session protocol
在多层 NAT网络中, 由于 NAT设备的存在, 终端间不能直接相互 访问, 以会话启动协议 /会话初始化协议(Ses s ion Ini t iat ion Protocol, SIP)为代表的呼叫系统, 使用信令的方式在终端间传递通 讯请求。 这种呼叫和数据传输相分离的通讯模式, 可以有效的解决了 多层 NAT网络中终端间数据通讯的问题。 下面以 SIP协议为基础, 说 明注册服务装置如何为呼叫系统提供服务。  In a multi-layer NAT network, because of the existence of a NAT device, the terminals cannot directly access each other. The call system represented by the Session Initiation Protocol (SES) uses signaling. The way to pass communication requests between terminals. The communication mode in which the call and the data transmission are separated can effectively solve the problem of data communication between terminals in the multi-layer NAT network. The following is based on the SIP protocol and describes how the registrar provides services to the calling system.
为了便于呼叫系统在系统终端设备间传递呼叫请求,系统终端设 备使用 SIP 协议中定义的消息和实体传递用户登录消息, 如使用 REGISTER 消息代替用户登录消息。 根据用户登录信息及注册服务装 置的需求, Proxy 负责提取 REGISTER消息中的相关信息, 并向注册 服务装置发送相关信息, 同时负责更新 REGISTER消息的内容。 注册 服务装置仅负责存储用户登录信息,不再直接接收系统终端设备发的 用户登录消息、用户登录点查找请求消息,也不再转发用户登录消息、 用户登录点查找请求消息。 原 "用户登录消息" 的: 用户标识、 用户 登录点等, 对应于 REGISTER消息中的 From, Contact。 系统终端设 备获取 Proxy网络地址和端口的方式由 Proxy月良务器构成的呼叫系统 决定, 可以参考系统终端设备获取注册服务装置的方法。在以 SIP协 议为基础的系统中, 与用户登录点相关的服务单元为 Proxy服务器。 In order to facilitate the call system to transfer call requests between system terminal devices, the system terminal is set. The user is required to pass user login messages using messages and entities defined in the SIP protocol, such as using REGISTER messages instead of user login messages. According to the user login information and the requirements of the registration service device, the Proxy is responsible for extracting relevant information in the REGISTER message, and transmitting relevant information to the registration service device, and is also responsible for updating the content of the REGISTER message. The registration service device is only responsible for storing the user login information, and no longer directly receives the user login message, the user login point lookup request message sent by the system terminal device, and does not forward the user login message or the user login point lookup request message. The original "user login message": user ID, user login point, etc., corresponding to From, Contact in the REGISTER message. The manner in which the system terminal device obtains the Proxy network address and port is determined by the calling system formed by the Proxy server, and the method for obtaining the registration service device by the system terminal device can be referred to. In a SIP-based system, the service unit associated with the user's logon point is the Proxy server.
具有 SIP模块的系统终端设备获得 Proxy服务器的网络地址和端 口的方法由由 Proxy服务器组成的呼叫系统决定。 Proxy服务器的网 络地址和端口存储在系统终端设备的目标 Proxy服务器记录中。系统 终端设备的目标注册服务器记录用于记录顶级注册服务装置的全局 服务入口, 用于按上述注册流程完成注册。根据全局服务入口系统终 端设备按上述注册流程完成注册。 系统终端设备定期向 Proxy发送 REGISTER消息。  The method in which the system terminal device having the SIP module obtains the network address and port of the Proxy server is determined by the calling system composed of the Proxy server. The network address and port of the Proxy server are stored in the target Proxy server record of the system terminal device. The target registration server of the system terminal device records the global service entry for recording the top-level registration service device, and is used to complete the registration according to the above registration process. According to the global service portal system terminal device, registration is completed according to the above registration process. The system terminal periodically sends a REGISTER message to the Proxy.
图 23为 Proxy中用户登录注册信息转发对应表。 该表包括随机 序号、 网络地址、 端口、 应答状态位。 随机序号用于区别 REGISTER 消息。应答状态位用于表示收到注册服务装置的答复。 当该位为 0时 表示没有收到答复; 当该位非 0时表示收到答复, 例如设为 1 , 应答 状态位缺省为 0。  Figure 23 shows the user login registration information forwarding correspondence table in the Proxy. The table includes random sequence numbers, network addresses, ports, and acknowledgment status bits. Random serial numbers are used to distinguish REGISTER messages. The acknowledge status bit is used to indicate the reply received by the registration service device. When the bit is 0, it indicates that no reply has been received; when the bit is non-zero, it indicates that a reply is received, for example, it is set to 1 and the response status bit defaults to 0.
收到 REGISTER消息的 Proxy服务器按图 24的流程生成"呼叫代 理用户登录消息"、 更新 REGISTER消息, 并向注册服务装置提交登录 信息。 注册服务装置收到 "呼叫代理用户登录消息"将注册消息中的 内容存入用户信息记录表中。 "呼叫代理用户登录消息" 包括用户标 识、 用户登录点、 系统终端设备访问点等信息。  The Proxy server receiving the REGISTER message generates a "Call Agent User Login Message" according to the flow of Fig. 24, updates the REGISTER message, and submits the login information to the registration service device. The registration service device receives the "Call Agent User Login Message" and stores the contents of the registration message in the user information record table. The "Call Agent User Login Message" includes information such as user identification, user login point, system terminal device access point, and so on.
S6000:开始;  S6000: Start;
S6001: 等待消息;  S6001: Waiting for a message;
S6002: 是否为 REGI STER消息,如果是, 转 S6100,如果不是, 转 S6003;  S6002: Whether it is a REGI STER message, if yes, go to S6100, if not, go to S6003;
S6003: 其它处理,并返回 S6001 ; S6100: 判别消息中的 Contact项是否为子 Proxy服务器,如果是, 转 S6101, 如果不是, 转 S6200; S6003: Other processing, and return to S6001; S6100: Determine whether the Contact item in the message is a child Proxy server, if yes, go to S6101, if not, go to S6200;
S6101: 以 REGSITER消息中的 From的内容作为用户标识, 并以本 Proxy的网络地址和端口作为用户登录点; 以携带 REGISTER消息的数 据分组的源地址和源端口作为系统终端设备访问点生成 "呼叫代理用 户登录消息", 顺序执行 S6304;  S6101: using the content of the From in the REGSITER message as the user identifier, and using the network address and port of the Proxy as the user login point; generating the "call" as the system terminal device access point by using the source address and the source port of the data packet carrying the REGISTER message Proxy user login message", sequentially executing S6304;
S 6200:判别消息中的 Con t a c t项是否用于标识系统终端设备的网 络地址和端口,如果是, 转 S6300,如果不是, 转 S6303;  S 6200: determining whether the Con t a c t item in the message is used to identify the network address and port of the system terminal device, and if so, to the S6300, if not, to S6303;
S6300:判断该 REGISTER注册消息是否通过 NAT设备,如果是转 S6301,如果不是, 转 S6303;  S6300: Determine whether the REGISTER registration message passes through the NAT device, if it is to S6301, if not, go to S6303;
S6301:提取携带该消息的数据分组的源地址和端口;  S6301: Extract a source address and a port of a data packet carrying the message;
S6302: 以 REGISTER消息中的 From的内容作为用户标识, 并以本 Proxy的网络地址和端口作为用户登录点; 以得到的源地址和源端口 作为系统终端设备访问点生成 "呼叫代理用户登录消息", 顺序执行 S6304;  S6302: The content of the From in the REGISTER message is used as the user identifier, and the network address and port of the Proxy are used as the user login point; and the obtained source address and source port are used as the system terminal device access point to generate a "Call Agent User Login Message". , executing S6304 in sequence;
S6303: 以 REGISTER消息中的 From的内容作为用户标识, 并以 Contact内容作为用户登录点生成 "呼叫代理用户登录消息" , 顺序 执行 S6304;  S6303: The content of the From in the REGISTER message is used as the user identifier, and the "call agent user login message" is generated by using the Contact content as the user login point, and sequentially executing S6304;
S6304:根据消息中的随机序号建立发送者和消息的对应关系,并 存入 "用户登录信息转发对应表", 将应答状态位为 "0" ,暂存该 REGISTER消息;  S6304: The correspondence between the sender and the message is established according to the random sequence number in the message, and is stored in the "user login information forwarding correspondence table", and the response status bit is "0", and the REGISTER message is temporarily stored;
S6305:根据本地保存注册服务装置的服务入口,向注册服务发送 "呼叫代理用户注册消息";  S6305: Send a "Call Agent User Registration Message" to the registration service according to the service entry of the locally stored registration service device;
S6400:判断本服务器是否为顶级 Proxy服务器,如果是,转 S6001, 如果不是, 转 S6306;  S6400: Determine whether the server is a top-level proxy server. If yes, go to S6001. If not, go to S6306.
S6306:判断消息中的 Contact项是否用于标识系统终端设备或为 子 Proxy服务器,如果是, 转 S6307, 如果不是, 转 S6308;  S6306: Determine whether the Contact item in the message is used to identify the system terminal device or the child Proxy server. If yes, go to S6307, if not, go to S6308;
S6307: 用本 Proxy的标识或网络地址和端口替代 Con tact中的内 容生成新 REGISTER;  S6307: Use the identifier of the Proxy or the network address and port to replace the content in Con tact to generate a new REGISTER;
S6308: 向上级 Proxy转发新生成的 REGISTER消息,并返回 S6001。 由于 REGISTER消息在 Proxy间转发, 本 Proxy的子 Proxy记录 中存有下级网络中 Proxy标识及 NAT设备相关信息,因此在使用 Proxy 标识作为系统终端设备访问点时,可以映射到 NAT设备上的网络地址 和端口。 S6308: Forward the newly generated REGISTER message to the superior Proxy and return to S6001. Since the REGISTER message is forwarded between Proxy, the sub-Proxy record of this Proxy There are information about the Proxy ID and the NAT device in the subordinate network. Therefore, when the Proxy ID is used as the system terminal access point, it can be mapped to the network address and port on the NAT device.
图 25示出注册服务单元中用户登录信息存储表的结构。 为了适 应 Proxy服务器, 该结构在原有结构上进行了扩展。 该结构包括用户 标识、 用户登录点、 系统终端设备访问点、 相对登录位置、 映射地址 等信息。相对登录位置表示用户登录点和注册服务单元的网络地址是 否属于同一 NAT设备控制的网络或公有网络,跨层注册可以用 1表示、 同层注册可以用 0表示, 缺省值为 0; 映射地址: 为 "呼叫代理用户 登录消息" 消息穿过 NAT设备时, NAT设备的网络地址和端口。 当同 层注册时映射地址为空。 系统终端设备访问点也可以为空。 图 26为 注册服务装置处理 "呼叫代理用户登录消息" 的流程图。  Fig. 25 shows the structure of a user login information storage table in the registration service unit. In order to adapt to the Proxy server, the structure has been extended in the original structure. The structure includes information such as user identification, user login point, system terminal device access point, relative login location, mapped address, and the like. The relative login location indicates whether the network address of the user login point and the registration service unit belong to the network controlled by the same NAT device or the public network. The cross-layer registration can be represented by 1, and the same layer registration can be represented by 0. The default value is 0; : The network address and port of the NAT device when the "Call Agent User Login Message" message traverses the NAT device. The mapping address is empty when the peer is registered. The system terminal access point can also be empty. Figure 26 is a flow chart of the registration service device processing the "Call Agent User Login Message".
S7000: 开始;  S7000: Start;
S7001: 等待接收数据分组;  S7001: Waiting to receive a data packet;
S7002: 是否收到数据分组,如果是, 转 S7003,如果不是, 转 S7001 ;  S7002: Whether to receive the data packet, if yes, transfer to S7003, if not, switch to S7001;
S7003: 提取数据分组中的消息;  S7003: Extracting a message in a data packet;
S7004: 判别是否为 "呼叫代理用户登录消息 ",如果是,转 S 7006, 如果不是, 转 S7005 ;  S7004: Determine whether it is "Call Agent User Login Message". If yes, go to S 7006. If not, go to S7005.
S7006: 在用户信息存储表中创建一个新记录;  S7006: Create a new record in the user information storage table;
S7010: 判断该消息是否经过 NAT设备,(如通过用户登录点的网 络地址和携带请求消息的数据分组的源地址是否相等,判断是否经过 NAT设备), 如果是, 转 S7011,如果不是, 转 S7013;  S7010: Determine whether the message passes through the NAT device. (If the network address of the user login point and the source address of the data packet carrying the request message are equal, determine whether the NAT device is passed.) If yes, go to S7011, if not, go to S7013. ;
S7011 : 将该记录的相对登录位置设为跨层登录;  S7011: Set the relative login location of the record to cross-layer login;
S7012: 用携带消息的数据分组的源地址和端口填写该记录的映 射地址,顺序执行 S7013;  S7012: Fill in the mapping address of the record by using the source address and port of the data packet carrying the message, and sequentially execute S7013;
S7013: 根据消息中的用户标识、 用户登录点、 系统终端设备访 问点等信息填写该记录的相关项,同时返回成功消息,表示登录成功, 并返回 S7001;  S7013: Fill in the related items of the record according to the user identifier, the user login point, the system terminal access point, and the like in the message, and return a success message, indicating that the login is successful, and returning to S7001;
S7005:进行其它处理,并返回 S7001;  S7005: Perform other processing and return to S7001.
从逻辑上注册服务单元收到 "呼叫代理用户登录消息"将相关信 息存入用户登录信息记录表, 不存在失败问题。但在实际中有引起失 败的各种原因, 如记录介质满、 并发数量大等系统问题。 所以在处理 应答消息的一方要处理注册服务单元可能返回的错误应答消息。 Receive a "Call Agent User Login Message" from the logically registered service unit. The information is stored in the user login information record table, and there is no failure problem. However, in practice, there are various causes of failure, such as system problems such as full recording medium and large number of concurrent. Therefore, the party that processes the response message is to process the error response message that the registration service unit may return.
Proxy服务器按图 27的流程处理注册服务装置返回的应答消息 和 REGISTER消息的应答消息。  The Proxy server processes the response message returned by the registration service device and the response message of the REGISTER message in accordance with the flow of FIG.
S6500: 开始;  S6500: Start;
S6501 : 等待消息;  S6501: Waiting for the message;
S6600: 是否为 "呼叫代理用户登录消息" 应答消息, 如果是, 转 S6610,如果不是, 转 S6800;  S6600: Is the "Call Agent User Login Message" response message, if yes, go to S6610, if not, go to S6800;
S6610: 判断本 Proxy服务器是否为顶级 Proxy服务器(或应答消 息发出者是否为顶级注册服务单元,例如可以通过公有网络地址判 断), 如果是, 转 S6620,如果不是, 转 S6611;  S6610: Determine whether the Proxy server is a top-level proxy server (or whether the response message sender is a top-level registration service unit, for example, can be judged by a public network address), if yes, go to S6620, if not, go to S6611;
S6620: 判别是否为成功消息, 如果是, 转 S6621 ,如果不是, 转 S6622;  S6620: Determine whether it is a success message, if yes, go to S6621, if not, go to S6622;
S6621 : 根据消息中的随机序号, 找到 "用户登录消息转发对应 表" 中的相关项, 并根据相关 REGI STER消息内容生成相关 REGISTER 消息的成功应答消息 ,顺序执行 S 6623;  S6621: According to the random sequence number in the message, find the related item in the "user login message forwarding correspondence table", and generate a success response message of the relevant REGISTER message according to the content of the related REGI STER message, sequentially executing S 6623;
S6622: 根据消息中的随机序号, 找到 "用户登录消息转发对应 表" 中的相关项, 并根据相关 REGI STER消息内容生成相关 REGISTER 消息的失败应答消息, 顺序执行 S 6623;  S6622: According to the random sequence number in the message, find the related item in the "user login message forwarding correspondence table", and generate a failure response message of the related REGISTER message according to the content of the related REGI STER message, sequentially executing S 6623;
S 6623; 向该 REG I STER消息发送者返回该 REG I STER消息的应答消 息;  S 6623; returning a response message of the REG STER message to the sender of the REG STER message;
S6624; 从 "用户登录消息转发对应表" 中删除相关项及暂存的 相应 REGISTER消息, 返回 S6501;  S6624; Delete the relevant item and the corresponding REGISTER message from the "user login message forwarding correspondence table", and return to S6501;
S6611 : 判别是否为成功应答消息。 如果是, 转 S6612,如果不是, 转 S6501;  S6611: Determine whether it is a success response message. If yes, go to S6612, if not, go to S6501;
S6612 : 根据消息中的随机序号, 找到 "用户登录消息转发对应 表" 中的相关项, 并将应答状态位设为已收到注册服务装置的应答消 息, 例如为 1,返回 S6501;  S6612: According to the random sequence number in the message, find the related item in the "user login message forwarding correspondence table", and set the response status bit to the response message of the registered service device, for example, 1, return to S6501;
S6800: 是否为 REGI STER消息的应答消息, 如果是, 转 S6801,如 果不是, 转 S6900; S6801 : 根据消息中的随机序号, 找到 "用户登录消息转发对应 表" 中的相关项; S6800: Is the response message of the REGI STER message, if yes, go to S6801, if not, go to S6900; S6801: According to the random serial number in the message, find the related item in the "user login message forwarding correspondence table";
S6802: 判别 "用户登录消息转发对应表" 中的相关项的应答状 态位是否表示已收到注册服务装置的成功应答,如果不是, 转 S6803, 如果是, 转 S6805;  S6802: Determine whether the response status bit of the related item in the "User Login Message Forwarding Correspondence Table" indicates that the registration service device has received a successful response, if not, go to S6803, if yes, go to S6805;
S6803: 根据消息中的随机序号, 找到 "用户登录消息转发对应 表" 中的相关项, 并根据相关内容生成相关 REGI STER消息的失败应答 消息;  S6803: According to the random sequence number in the message, find a related item in the “user login message forwarding correspondence table”, and generate a failure response message of the related REGI STER message according to the related content;
S 6804: 向该 REG I STER消息发送者返回该 REG I STER消息的应答消 息,顺序执行 S6806;  S 6804: returning the response message of the REG I STER message to the sender of the REG I STER message, and executing S6806 in sequence;
S 6805: 向该 REG I STER消息发送者返回该 REG I STER消息的应答消 息, 顺序执行 S6806;  S 6805: returning the response message of the REG I STER message to the sender of the REG STER message, and executing S6806 in sequence;
S6806: 从 "用户登录消息转发对应表" 中删除相关项, 及相关 暂存的 REGI STER消息, 返回 S6501 ;  S6806: Delete the related item from the "User Login Message Forwarding Correspondence Table", and the related temporary REGI STER message, and return to S6501;
S6900: 进行其它处理后, 返回 S6501。  S6900: After other processing, return to S6501.
Proxy向注册服务装置请求如何转发呼叫消息(例如: S IP协议的 INVI TE消息)。 Proxy向注册服务装置发 "呼叫代理用户登录点查找请 求消息"。 Proxy根据收到注册服务装置答复信息转发呼叫消息。 在 Proxy间转发呼叫消息时, 要强迫相应的反馈消息按转发请求消息的 原路径返回。 "呼叫代理用户登录点查找请求消息" 至少包括目标用 户标识、 Proxy的网络地址。 当 Proxy间传递请求消息 (例如: S IP协 议的 INVITE消息) 时, 该目标用户标识为被叫方用户标识, 当 Proxy 间传递反馈消息时(例如: S IP协议的 200消息), 该目标用户标识为 主叫方用户标识。  The Proxy requests the registration service device to forward the call message (for example: INVI TE message of the SIP protocol). The Proxy sends a "Call Agent User Login Point Lookup Request Message" to the registration service device. The Proxy forwards the call message according to the reply message received by the registration service device. When forwarding a call message between Proxy, the corresponding feedback message is forced to return according to the original path of the forwarding request message. The "Call Agent User Login Point Lookup Request Message" includes at least the target user ID and the proxy's network address. When the request message is transmitted between the Proxy (for example, the INVITE message of the S IP protocol), the target user identifier is the called party user identifier, and when the feedback message is transmitted between the Proxy (for example: 200 messages of the SIP protocol), the target user Identifies the calling party user ID.
图 28为注册服务单元处理 "呼叫代理用户登录点查找请求消息" 的流程。  Figure 28 is a flow diagram of the registration service unit processing the "call agent user login point lookup request message".
S8000: 开始  S8000: Getting started
S8001 : 等待接收数据分组;  S8001: waiting to receive a data packet;
S8002: 是否收到数据分组,如果收到, 转 S8 QQ 3,如果没有收到, 转 S8001 ;  S8002: Whether to receive the data packet, if received, transfer to S8 QQ 3, if not received, transfer to S8001;
S8003: 提取数据分组中的消息; S8004: 判别是否为 "呼叫代理用户登录点查找请求消息",如果 是, 转 S8102 , 如果不是, 转 S8006; S8003: extracting a message in a data packet; S8004: Determine whether it is "Call Agent User Login Point Lookup Request Message", if yes, go to S8102, if not, go to S8006;
S8102 : 提出消息中目标用户标识;  S8102: the target user identifier in the proposed message;
S8103: 在用户信息表中查找判断目标用户标识是否存在, 如果 存在, 转 S8200 , 如果不存在, 转 S8104;  S8103: Find in the user information table whether the target user identifier exists, if yes, go to S8200, if it does not exist, go to S8104;
S8104: 判断本服务器是否为顶级注册服务器,如果是,转 S8107 , 如果不是, 转 S8105 ;  S8104: Determine whether the server is a top-level registration server. If yes, go to S8107. If not, go to S8105.
S8105: 向请求消息发送者返回目标用户标识不存在的消息 ,并 返回 S8001 ;  S8105: Return a message that the target user identifier does not exist to the sender of the request message, and return to S8001;
S8107: 向请求消息发送者返回失败消息 , 并返回 S8001;  S8107: returning a failure message to the sender of the request message, and returning to S8001;
S8200: 根据相对注册位置和映射地址, 判别目标用户的用户登 录点对应的网络地址是否和 "呼叫代理用户登录点查找请求消息"发 送者的网络地址属于同一 NAT设备控制的网络或公有网络, 如果是, 转 S8201 , 如果不是, 转 S8202;  S8200: determining, according to the relative registration location and the mapping address, whether the network address corresponding to the user login point of the target user and the network address of the sender of the "Call Agent User Login Point Lookup Request message" belong to a network or public network controlled by the same NAT device, if Yes, go to S8201, if not, go to S8202;
S8201 :判别目标用户的用户登录点 对应的网络地址是否属于请 求消息发送者, 如果是, 转 S8203,如果不是, 转 S8204;  S8201: discriminate whether the user login point of the target user belongs to the request message sender, if yes, go to S8203, if not, go to S8204;
S8203:向请求消息发送者返回目标用户的系统终端设备访问点, 并返回 S8001;  S8203: returning the target user's system terminal device access point to the request message sender, and returning to S8001;
S8204 : 向请求消息发送者返回目标用户的用户登录点 , 并返回 S8001;  S8204: returning the user login point of the target user to the sender of the request message, and returning to S8001;
S8202: 向请求消息发送者返回目标用户标识不存在的消息 ,并 返回 S8001 ;  S8202: Return a message that the target user identifier does not exist to the sender of the request message, and return to S8001;
Proxy收到 "呼叫代理用户登录点查找请求消息"的应答消息后, 如果为失败, Proxy按呼叫消息传递路径的反向, 向系统终端设备返 回失败消息; 如果为目标用户不存在, 则根据目标 Proxy转发呼叫消 息; 如果收到应答消息中包含可转化为网络地址和端口的信息, 向该 网络地址和端口转发呼叫消息。  After the Proxy receives the response message of the "Call Agent User Login Point Lookup Request Message", if it fails, the Proxy returns a failure message to the system terminal device according to the reverse direction of the call message delivery path; if the target user does not exist, the target is The Proxy forwards the call message; if the received response message contains information that can be translated into a network address and port, the call message is forwarded to the network address and port.
最后应说明的是,以上实施例仅用以说明本发明的技术方案而非 对其限制, 并且在应用上可以延伸到其他的修改、 变化、 应用和实施 例, 同时认为所有这样的修改、 变化、 应用、 实施例都在本发明的精 申和范围内。  It should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and are not limited thereto, and may be extended to other modifications, changes, applications, and embodiments, and all such modifications and changes are considered. The application, the embodiments are all within the spirit and scope of the invention.

Claims

权 利 要 求 Rights request
1、 一种多层 NAT环境下面向应用的名字注册系统, 所述多层 NAT 环境包括公有网络和至少一个私有网络,所述私有网络通过地址转换 单元接入公有网络或其它私有网络;所述名字注册系统包括系统终端 设备、呼叫代理服务器以及接入公有网络和至少一个私有网络的注册 服务装置;  1. A multi-layer NAT environment, wherein the multi-layer NAT environment includes a public network and at least one private network, and the private network accesses a public network or other private network through an address translation unit; The name registration system includes a system terminal device, a call proxy server, and a registration service device that accesses the public network and at least one private network;
其中,所述注册服务装置由接入公有网络和各私有网络的注册服 务单元组成;所述注册服务单元用于接受系统终端设备的注册和登录 请求, 并记录所述系统终端设备的用户注册、 登录信息,所述用户登 录信息包括用户标识、用户使用的系统终端设备在所述注册服务单元 接入的网络中的用户登录点和用户使用的系统终端设备在所述注册 服务单元接入的网络中的系统终端设备访问点;  The registration service device is composed of a registration service unit that accesses the public network and each private network; the registration service unit is configured to accept a registration and login request of the system terminal device, and record a user registration of the system terminal device, Login information, the user login information includes a user identifier, a user login point used by the system terminal device used by the user in the network accessed by the registration service unit, and a network accessed by the system terminal device used by the user in the registration service unit System terminal access point in the system;
所述系统终端设备用于同注册服务装置、呼叫代理服务器交互信 息, 通过呼叫代理服务器向注册服务装置发送用户登录信息; 所述系 统终端设备用于识别 SIP协议,使用 SIP协议中定义的消息和实体传递 用户登录消息;  The system terminal device is configured to exchange information with the registration service device and the call proxy server, and send the user login information to the registration service device by using the call proxy server; the system terminal device is configured to identify the SIP protocol, use the message defined in the SIP protocol, and The entity passes the user login message;
所述呼叫代理服务器,包括与公网相连接的顶级呼叫代理服务器 和与各私有网络相连接的呼叫代理服务器, 用于转发 S I P协议中规定 的消息,根据注册服务实体或其它功能实体的指示转发消息, 所述呼 叫代理服务器从注册服务装置获取服务入口、用于向注册服务装置发 送用户登录信息、 向注册服务装置查询用户登录点。  The call proxy server includes a top-level call proxy server connected to the public network and a call proxy server connected to each private network, used to forward the message specified in the SIP protocol, and forwarded according to the indication of the registration service entity or other functional entity. The message, the call proxy server acquires a service portal from the registration service device, transmits user login information to the registration service device, and queries the registration service device for the user login point.
2、 根据权利要求 1所述的名字注册系统, 其中, 所述注册服务单 元还用于根据记录的所述用户登录信息进行查询。  2. The name registration system according to claim 1, wherein the registration service unit is further configured to perform an inquiry according to the recorded user login information.
3、 根据权利要求 1所述的名字注册系统, 其中, 所述用户登录点 为注册月良务单元或系统终端设备的网络地址和端口,或被转化为注册 服务单元或系统终端设备的网络地址和端口的标识;所述系统终端设 备访问点为 NAT设备的网络地址和端口,或被转化为 NAT设备的网络地 址和端口的标识。  3. The name registration system according to claim 1, wherein the user login point is a network address and port of a registered monthly service unit or a system terminal device, or is converted into a network address of a registration service unit or a system terminal device. And the identifier of the port; the system terminal access point is the network address and port of the NAT device, or the identifier of the network address and port that is converted into the NAT device.
4、 根据权利要求 2所述的名字注册系统, 其中, 所述查询是根据 用户登录信息在被叫方所有用户登录点中查找出被叫方到主叫方 NAT 距离最短的用户登录点。  4. The name registration system according to claim 2, wherein the query is to find a user login point with the shortest distance from the called party to the calling party NAT in all the user login points of the called party according to the user login information.
5、 根据权利要求 1所述的名字注册系统, 其中, 所述注册服务单 元包括接入公有网络的顶层注册服务单元和接入私有网络的基本注 册服务单元。 5. The name registration system according to claim 1, wherein the registration service unit comprises a top-level registration service unit accessing a public network and a basic registration service unit accessing a private network.
6、 根据权利要求 5所述的名字注册系统, 其中, 所述顶层注册服 务单元通过顶级服务总线接入公有网络,所述基本注册服务单元通过 服务总线接入私有网络,所述通过顶级服务总线接入公有网络的顶层 注册服务单元使用公有网络的网络地址进行编址,所述通过服务总线 接入私有网络的基本注册服务单元使用相连的私有网络的网络地址 进行编址。 6. The name registration system according to claim 5, wherein the top-level registration service unit accesses a public network through a top-level service bus, and the basic registration service unit accesses a private network through a service bus, and the top-level service bus The top-level registration service unit accessing the public network is addressed using the network address of the public network, and the basic registration service unit accessing the private network through the service bus is addressed using the network address of the connected private network.
7、 根据权利要求 1所述的名字注册系统, 其中, 所述注册服务单 元包括: 注册服务逻辑控制单元、 基本配置信息记录表、 层级信息记 录表、 目标注册服务器记录表、 子注册服务单元记录表、 用户注册信 息记录表、 用户登录信息记录表、 消息緩存区和通信单元。  7. The name registration system according to claim 1, wherein the registration service unit comprises: a registration service logic control unit, a basic configuration information record table, a hierarchical information record table, a target registration server record table, and a sub-registration service unit record. Table, user registration information record table, user login information record table, message buffer, and communication unit.
8、 根据权利要求 7所述的名字注册系统, 其中, 所述注册服务逻 辑控制单元用于控制注册服务的执行;所述基本配置信息记录表用于 记录本单元标识、 本单元主机地址和本单元服务端口; 所述层级信息 记录表用于记录层级信息;所述目标注册服务器记录表用于记录祖先 注册服务器的网络地址和端口;所述子注册服务器记录表用于记录子 注册服务单元的网络地址、 端口、 标识及对应的 NAT设备的网络地址 和端口; 所述用户注册信息记录表用于记录用户标识、 用户注册表和 系统终端设备访问点; 所述用户登录信息记录表用于记录用户标识、 用户登录表和系统终端设备访问点;所述消息緩存区用于暂时保存接 收到的数据分组中的信息, 转发关系记录表; 所述通信单元同顶级服 务总线装置或服务总线装置联接, 负责收发数据;  8. The name registration system according to claim 7, wherein the registration service logic control unit is configured to control execution of a registration service; the basic configuration information record table is used to record the identity of the unit, the host address of the unit, and the present a unit service port; the hierarchical information record table is used to record hierarchical information; the target registration server record table is used to record a network address and a port of an ancestry registration server; and the sub-registration server record table is used to record a sub-registration service unit a network address, a port, an identifier, and a network address and a port of the corresponding NAT device; the user registration information record table is used to record a user identifier, a user registry, and a system terminal device access point; and the user login information record table is used for recording a user identifier, a user login table, and a system terminal device access point; the message buffer area is configured to temporarily save information in the received data packet, and forward a relationship record table; the communication unit is coupled to the top-level service bus device or the service bus device , responsible for sending and receiving data;
其中,所述注册服务逻辑控制单元用于实现与所述基本配置信息 记录表、 所述层级信息记录表、 所述目标注册服务器记录表、 所述子 注册服务器记录表、 所述用户注册信息记录表、所述用户登录信息记 录表、 所述消息緩存区和所述通信单元的数据双向交互。  The registration service logic control unit is configured to implement the basic configuration information record table, the hierarchical information record table, the target registration server record table, the sub-registration server record table, and the user registration information record. The table, the user login information record table, the message buffer area, and the data of the communication unit are bidirectionally exchanged.
9、 根据权利要求 1所述的名字注册系统, 其中, 所述注册服务单 元包括服务单元代理,所述服务单元代理用于扩大被代理的注册服务 单元的覆盖范围或用于向系统终端设备提供统一的服务入口;所述服 务单元代理可以与被代理者部署于同一 NAT设备控制的网络或公有网 络, 也可以部署在被代理者所属网络的直接下层网络中。  9. The name registration system according to claim 1, wherein said registration service unit comprises a service unit agent for expanding coverage of a registered registration service unit or for providing to a system terminal device A unified service portal; the service unit proxy may be deployed on the network or public network controlled by the same NAT device as the agent, or may be deployed in the direct lower layer network of the network to which the agent belongs.
10、 根据权利要求 9所述的名字注册系统, 其中, 所述服务单元 代理用于广播被代理者的服务入口或在注册服务装置的请求者和被 代理注册服务装置间转发消息。  10. The name registration system according to claim 9, wherein the service unit agent is for broadcasting a service entry of the agent or forwarding the message between the requester of the registration service device and the proxy registration service device.
11、 根据权利要求 1所述的名字注册系统, 其中, 所述系统终端 设备包括终端设备控制单元、基本配置信息记录表、 目标注册服务器 记录表、 目标呼叫代理服务器记录表、 消息緩存区和通信单元, 基本 配置信息记录表用于记录用户标识、本终端设备的网络地址、 端口等 信息;所述目标呼叫代理服务器记录表用于记录呼叫代理服务器的网 络地址和端口, 所述目标注册服务器记录表、记录顶级注册服务器的 全局服务入口; 消息緩存区用于暂时存储收到或发出的消息; 通信单 元用于公有网络或私有网络连接,所述终端设备控制单元从基本配置 信息记录表、 目标注册服务器记录表、 目标呼叫代理服务器记录表、 消息緩存区读写信息,所述终端设备控制单元通过通信单元从网络收 发数据。 11. The name registration system according to claim 1, wherein said system terminal The device includes a terminal device control unit, a basic configuration information record table, a target registration server record table, a target call proxy server record table, a message buffer area, and a communication unit, and the basic configuration information record table is used to record the user identifier and the network address of the terminal device. Information such as a port; the target call proxy server record table is used to record a network address and port of the call proxy server, the target registration server record table, a global service entry for recording a top-level registration server; and a message buffer for temporarily storing a message to or from the communication unit; the communication unit is used for a public network or a private network connection, and the terminal device control unit reads and writes information from the basic configuration information record table, the target registration server record table, the target call proxy server record table, the message buffer area, The terminal device control unit transmits and receives data from the network through the communication unit.
12、 根据权利要求 11所述的名字注册系统, 其中, 所述系统终端 设备包括 SIP协议处理单元, 与所述终端设备控制单元交互信息, 识 别 S IP消息。  The name registration system according to claim 11, wherein the system terminal device comprises a SIP protocol processing unit, and interacts with the terminal device control unit to identify an S IP message.
13、 根据权利要求 1所述的名字注册系统, 其中, 所述呼叫代理 服务器用于参照所述系统终端设备获取所述注册服务装置的网络地 址和端口的方式获取注册服务装置的网络地址和端口。  The name registration system according to claim 1, wherein the call proxy server is configured to acquire a network address and a port of the registration service device by referring to the manner in which the system terminal device acquires the network address and port of the registration service device. .
14、 根据权利要求 1所述的名字注册系统, 其中, 所述呼叫代理 服务器在获取注册服务装置的服务入口时,需要保证所述呼叫代理服 务器和注册服务装置的服务入口对应的注册服务单元部署于同一个 NAT设备控制的网络, 或者注册服务装置的服务入口对应的注册服务 单元位于所述呼叫代理服务器的直接上层。  14. The name registration system according to claim 1, wherein the call proxy server needs to ensure that the registration service unit corresponding to the service portal of the call proxy server and the registration service device is deployed when acquiring the service portal of the registration service device. The registration service unit corresponding to the service controlled by the same NAT device or the service entry of the registration service device is located directly above the call proxy server.
15、 根据权利要求 14所述的名字注册系统, 其中, 上层网络中的 呼叫代理服务器作为本地呼叫代理服务器转发 SIP消息的缺省目标, 需要在本地呼叫代理服务器目标呼叫代理记录中保存上层网络中的 呼叫代理服务器的网络地址、端口; 同时在上层网络中的呼叫代理服 务器在子呼叫代理记录中保存所述呼叫代理服务器的标识、 网络地 址、 端口以及对应的 NAT设备的网络地址和端口。  15. The name registration system according to claim 14, wherein the call proxy server in the upper layer network serves as a default destination for forwarding the SIP message by the local call proxy server, and needs to be saved in the upper layer network in the local call proxy server target call proxy record. The network address and port of the call proxy server; at the same time, the call proxy server in the upper network saves the identity of the call proxy server, the network address, the port, and the network address and port of the corresponding NAT device in the sub-call proxy record.
16、 一种利用权利要求 1 - 15之一的所述的名字注册系统进行名 字登录的方法, 包括:  16. A method of using a name registration system according to any one of claims 1 to 15 for name registration, comprising:
步骤 10 )、 呼叫代理服务器获取用户登录点和系统终端设备访问 点, 生成 "呼叫代理用户登录消息", 所述 "呼叫代理用户登录消息" 包括用户标识、用户登录点和系统终端设备访问点, 所述呼叫代理服 务器建立消息发送者和消息的对应关系;  Step 10), the call proxy server acquires the user login point and the system terminal device access point, and generates a "call proxy user login message", where the "call proxy user login message" includes the user identifier, the user login point, and the system terminal device access point. The call proxy server establishes a correspondence between a message sender and a message;
步骤 20 )、 根据本地保存的注册服务装置的服务入口, 所述呼叫 代理服务器向所述注册服务装置发送 "呼叫代理用户登录消息", 并 向上级呼叫代理服务器转发 REGISTER消息,所述 REGISTER消息包括用 户标识;所述月良务入口是网络地址和端口或者用于转化为网络地址和 端口的标 、; Step 20), according to the service entry of the locally stored registration service device, the call The proxy server sends a "Call Agent User Login Message" to the registration service device, and forwards a REGISTER message to the upper call proxy server, the REGISTER message includes a user identifier; the monthly service portal is a network address and port or is used for conversion The label for the network address and port;
步骤 30 )、 所述注册服务装置接收到所述 "呼叫代理用户登录消 息"后, 在本地用户信息存储表中创建新纪录, 记录所述 "呼叫代理 用户登录消息" 中的用户标识、 用户登录点和系统终端设备访问点, 返回成功注册消息;  Step 30) After the "registration agent user login message" is received by the registration service device, a new record is created in the local user information storage table, and the user identifier and user login in the "call agent user login message" are recorded. Points and system terminal access points, returning a successful registration message;
步骤 40 )、 所述呼叫代理服务器接收所述注册服务装置的应答消 息, 根据所述消息发送者和消息的对应关系, 向所述消息发送者发送 成功或者失败应答消息;  Step 40) The call proxy server receives a response message of the registration service device, and sends a success or failure response message to the message sender according to the correspondence between the message sender and the message;
步骤 50 )、 所述上级呼叫代理服务器收到所述 REGISTER消息后, 根据所述消息发送者和消息的对应关系,向消息发送者返回所述消息 的成功或者失败应答消息, 删除所述消息发送者和消息的对应关系。  Step 50) After receiving the REGISTER message, the upper-level call proxy server returns a success or failure response message of the message to the message sender according to the correspondence between the message sender and the message, and deletes the message sending. Correspondence between the person and the message.
17、 根据权利要求 16所述的名字登录的方法, 其中, 所述用户登 录点为网络地址和端口, 或被转化为网络地址和端口的标识; 所述系 统终端设备访问点为网络地址和端口,或被转化为网络地址和端口的 标识。  The method for registering a name according to claim 16, wherein the user login point is a network address and a port, or is converted into an identifier of a network address and a port; and the system terminal device access point is a network address and a port. , or an identifier that is translated into a network address and port.
18、 根据权利要求 16所述的名字登录的方法, 其中, 在步骤 10 ) 执行之前启动接入公有网络的顶层注册服务单元,然后接入私有网络 的基本注册服务单元逐层启动,并向所述名字注册系统注册以加入名 字注册系统。  The method for registering a name according to claim 16, wherein, before the step 10), the top-level registration service unit of the access public network is started, and then the basic registration service unit of the access private network is started layer by layer, and The name registration system is registered to join the name registration system.
19、 根据权利要求 16所述的名字登录的方法, 其中, 步骤 10 ) 进一步包括:  The method for naming a name according to claim 16, wherein the step 10) further comprises:
步骤 110 )、 SIP协议中, 当 REGISTER消息中的 Contac t项为呼 叫代理服务器时, 本地呼叫代理服务器根据 REGISTER消息中的用户 标识, 将所述本地呼叫代理服务器的网络地址和端口作为用户登录 点, 将携带所述 REGISTER消息的数据分组的源地址和源端口作为系 统终端设备访问点;  Step 110), in the SIP protocol, when the Contac t item in the REGISTER message is a call proxy server, the local call proxy server uses the network address and port of the local call proxy server as a user login point according to the user identifier in the REGISTER message. And using a source address and a source port of the data packet carrying the REGISTER message as a system terminal device access point;
步骤 120 )、 当 REGISTER消息中的 Contact项用于标识系统终端 设备且所述 REGISTER消息通过 NAT设备时, 将所述呼叫代理服务器 的网络地址和端口作为用户登录点, 将携带所述 REGISTER消息的数 据分组的源地址和源端口作为系统终端设备访问点;  Step 120), when the Contact item in the REGISTER message is used to identify the system terminal device and the REGISTER message passes through the NAT device, the network address and port of the call proxy server are used as a user login point, and the REGISTER message is carried. The source address and source port of the data packet are used as system terminal device access points;
步骤 130 )、 当 REGISTER消息中的 Contact项用于标识系统终端设备 且所述 REGI STER消息通过没有 NAT设备时, 将所述 Contac t内容作 为用户登录点; Step 130), when the Contact item in the REGISTER message is used to identify the system terminal device And the REGI STER message passes the Contac t content as a user login point when there is no NAT device;
步骤 140 )、 当 REGI STER消息中的 Contac t项不是呼叫代理服务 器, 也不用于标识系统终端设备, 将所述 Contac t内容作为用户登录 点。  Step 140), when the Contac t item in the REGI STER message is not a call proxy server, nor is it used to identify the system terminal device, the Contac t content is used as a user login point.
20、 根据权利要求 16所述的名字登录的方法, 其中, 步骤 20 ) 进一步包括: 如果所述 REGI STER消息中的 Contac t项是呼叫代理服 务器或者标识系统终端设备,则用所述呼叫代理服务器的网络地址和 端口代理所述 Contac t项中的网络地址和端口。  The method for registering a name according to claim 16, wherein the step 20) further comprises: if the Contac t item in the REGI STER message is a call proxy server or an identification system terminal device, using the call proxy server The network address and port proxy the network address and port in the Contac item.
21、 根据权利要求 16所述的名字登录的方法, 其中, 步骤 30 ) 进一步包括: 当所述 "呼叫代理用户登录消息" 经过 NAT设备, 将本 地用户信息存储表中的相对登录位置设定为跨层登录, 将携带所述 The method for registering a name according to claim 16, wherein the step 30) further comprises: when the "call agent user login message" passes through the NAT device, setting a relative login location in the local user information storage table to Cross-layer login, will carry the
"呼叫代理用户登录消息" 的源地址和端口作为新纪录的映射地址。 The source address and port of the "Call Agent User Login Message" are the mapped addresses of the new record.
22、 根据权利要求 16所述的名字登录的方法, 其中, 步骤 40 )进 一步包括:  22. The method of name registration according to claim 16, wherein the step 40) further comprises:
步骤 410 )、如果所述呼叫代理服务器为顶级呼叫代理服务器, 根 据所述应答消息中的随机序号,按照所述 REG I STER消息发送者和消息 的对应关系, 向所述 REGI STER消息发送者发送成功、 失败应答消息, 删除所述消息发送者和消息的对应关系;  Step 410) If the call proxy server is a top-level call proxy server, according to the random sequence number in the response message, send the message to the sender of the REGI STER message according to the correspondence between the sender and the message of the REG STER message. a success, failure response message, deleting the correspondence between the message sender and the message;
步骤 420 )、 如果所述呼叫代理服务器不是顶级呼叫代理服务器 并且所述注册服务装置发送的应答消息为登录成功消息,根据所述应 答消息中的随机序号,将所述消息发送者和消息的对应关系设为已登 录状态。  Step 420), if the call proxy server is not a top-level call proxy server and the response message sent by the registration service device is a login success message, corresponding to the message sender and the message according to the random sequence number in the response message The relationship is set to the logged in status.
23、 根据权利要求 16所述的名字登录的方法, 其中, 步骤 50 ) 进一步包括:  The method for naming a name according to claim 16, wherein the step 50) further comprises:
步骤 510 )、 当所述消息发送者和消息的对应关系为已登录状态 时, 向所述 REGI STER消息发送者返回所述消息的应答消息, 删除所 述消息发送者和消息的对应关系;  Step 510), when the correspondence between the sender of the message and the message is the logged in state, returning a response message of the message to the sender of the REGI STER message, and deleting the correspondence between the sender of the message and the message;
步骤 520 )、 当所述消息发送者和消息的对应关系为未登录状态 时, 向所述 REGI STER消息发送者返回所述消息的失败应答消息, 删 除所述消息发送者和消息的对应关系。  Step 520): When the correspondence between the sender of the message and the message is an unregistered state, return a failure response message of the message to the sender of the REGI STER message, and delete the correspondence between the sender of the message and the message.
24、一种利用权利要求 1 - 15之一的所述的名字注册系统进行用 户登录点查询方法, 包括:  24. A method of querying a user login point using the name registration system of one of claims 1 to 15, comprising:
步骤 10 )、 呼叫代理服务器向所述名字注册系统的服务入口发送 "呼叫代理用户登录点查找请求消息",所述消息包括目标用户标识; 步骤 20 )、 注册服务单元收到所述 "呼叫代理用户登录点查找请 求消息" 后, 提取消息中的目标用户标识; Step 10), the call proxy server sends the service portal of the name registration system a "call agent user login point lookup request message", the message includes a target user identifier; step 20), after receiving the "call agent user login point lookup request message", the registration service unit extracts the target user identifier in the message;
步骤 30 )、 当所述目标用户标识不存在时, 如果所述注册服务单 元为顶级注册服务器, 向请求消息发送者返回失败消息, 如果所述注 册服务单元不是顶级注册服务器,向请求消息发送者返回目标用户不 存在消息;  Step 30), when the target user identifier does not exist, if the registration service unit is a top-level registration server, return a failure message to the request message sender, if the registration service unit is not a top-level registration server, to the request message sender Return to the target user does not exist message;
步骤 40 )、 当所述目标用户标识存在时, 判别目标用户的用户登 录点对应的网络地址是否和 "呼叫代理用户登录点查找请求消息"发 送者的网络地址属于同一 NAT设备控制的网络或公有网络, 如果不 是, 向请求消息发送者返回目标用户不存在消息;  Step 40), when the target user identifier exists, determine whether the network address corresponding to the user login point of the target user and the network address of the sender of the "Call Agent User Login Point Lookup Request message" belong to the same NAT device controlled network or public The network, if not, returns a target user non-existent message to the request message sender;
步骤 50 )、 当目标用户的用户登录点对应的网络地址和 "呼叫代 理用户登录点查找请求消息"发送者的网络地址属于同一 NAT设备控 制的网络或公有网络时 ,如果目标用户的用户登录点对应的网络地址 属于请求消息发送者,则向请求消息发送者返回目标用户的系统终端 设备访问点;如果目标用户的用户登录点对应的网络地址不属于请求 消息发送者, 向请求消息发送者返回目标用户的用户登录点;  Step 50), when the network address corresponding to the user login point of the target user and the network address of the sender of the "Call Agent User Login Point Lookup Request message" belong to the network controlled by the same NAT device or the public network, if the user login point of the target user If the corresponding network address belongs to the sender of the request message, the system terminal device access point of the target user is returned to the sender of the request message; if the network address corresponding to the user login point of the target user does not belong to the sender of the request message, the sender of the request message is returned. User login point of the target user;
25、 根据权利要求 24所述的名字登录点查询方法, 其中, 所述 方法进一步包括:  The name registration point query method according to claim 24, wherein the method further comprises:
步骤 60 )、 呼叫代理服务器收到 "呼叫代理用户登录点查找请求 消息" 的应答消息后, 如果为失败, 所述呼叫代理服务器按呼叫消息 传递路径的反向, 向系统终端设备返回失败消息; 如果为目标用户不 存在消息, 则根据目标呼叫代理记录转发呼叫消息; 如果收到应答消 息中包含可转化为网络地址和端口的信息,向所述可转化的网络地址 和端口转发 SIP呼叫请求。  Step 60) After the call proxy server receives the response message of the "Call Agent User Login Point Lookup Request Message", if it is a failure, the call proxy server returns a failure message to the system terminal device according to the reverse of the call message delivery path; If there is no message for the target user, the call message is forwarded according to the target call agent record; if the received response message contains information that can be converted into a network address and port, the SIP call request is forwarded to the convertible network address and port.
26、 根据权利要求 24所述的名字登录点查询方法, 其中, 步骤 40 )中, 根据相对登录位置和映射地址, 判别目标用户的用户登录点 对应的网络地址是否和呼叫代理用户登录点查找请求消息发送者的 网络地址属于同一 NAT设备控制的网络或公有网络。  The method for querying a name registration point according to claim 24, wherein, in step 40), determining whether the network address corresponding to the user login point of the target user and the call agent user login point lookup request are based on the relative login location and the mapped address The sender's network address belongs to the network controlled by the same NAT device or the public network.
PCT/CN2009/000305 2008-03-20 2009-03-20 Application-oriented name registration system for used in multi-layer network address translator environment and the method thereof WO2009114997A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200810102343.3 2008-03-20
CN2008101023433A CN101247408B (en) 2008-03-20 2008-03-20 Name registration system and method facing application in multi-layer NAT network

Publications (1)

Publication Number Publication Date
WO2009114997A1 true WO2009114997A1 (en) 2009-09-24

Family

ID=39947606

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/000305 WO2009114997A1 (en) 2008-03-20 2009-03-20 Application-oriented name registration system for used in multi-layer network address translator environment and the method thereof

Country Status (2)

Country Link
CN (1) CN101247408B (en)
WO (1) WO2009114997A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114089711A (en) * 2022-01-21 2022-02-25 深圳艾灵网络有限公司 Industrial equipment control management method, electronic equipment and storage medium

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101247408B (en) * 2008-03-20 2010-11-03 中国科学院计算技术研究所 Name registration system and method facing application in multi-layer NAT network
US9614905B2 (en) * 2009-10-20 2017-04-04 Avaya Inc. Determination of persona information availability and delivery on peer-to-peer networks
CN108989221B (en) * 2018-09-21 2021-01-01 北京东土科技股份有限公司 SIP message transmission method and device, computer equipment and storage medium
CN111431956B (en) * 2019-01-10 2022-07-05 阿里巴巴集团控股有限公司 Cross-network service access method, device, system and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101047548A (en) * 2006-03-31 2007-10-03 株式会社日立制作所 Communication in multiple NAT private network
CN101064642A (en) * 2006-04-29 2007-10-31 华为技术有限公司 Method for improving IP multimedia subsystem register flow
CN101242421A (en) * 2008-03-19 2008-08-13 中国科学院计算技术研究所 Application-oriented name registration system and its service method under multi-layer NAT environment
CN101247408A (en) * 2008-03-20 2008-08-20 中国科学院计算技术研究所 Name registration system and method facing application in multi-layer NAT network

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100583814C (en) * 2005-05-12 2010-01-20 中兴通讯股份有限公司 Method for implementing multimedia service NAT transition
CN101064712B (en) * 2006-04-24 2013-04-24 上海信息安全基础设施研究中心 System and method for realizing Linux inner core based dual-channel through multistage NAT and fireproof wall

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101047548A (en) * 2006-03-31 2007-10-03 株式会社日立制作所 Communication in multiple NAT private network
CN101064642A (en) * 2006-04-29 2007-10-31 华为技术有限公司 Method for improving IP multimedia subsystem register flow
CN101242421A (en) * 2008-03-19 2008-08-13 中国科学院计算技术研究所 Application-oriented name registration system and its service method under multi-layer NAT environment
CN101247408A (en) * 2008-03-20 2008-08-20 中国科学院计算技术研究所 Name registration system and method facing application in multi-layer NAT network

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114089711A (en) * 2022-01-21 2022-02-25 深圳艾灵网络有限公司 Industrial equipment control management method, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN101247408A (en) 2008-08-20
CN101247408B (en) 2010-11-03

Similar Documents

Publication Publication Date Title
KR100782266B1 (en) Packet network interfacing
JP5167225B2 (en) Technology that allows multiple virtual filers on one filer to participate in multiple address spaces with overlapping network addresses
US7792995B2 (en) Accessing data processing systems behind a NAT enabled network
TWI234969B (en) Dynamic network address translation system and method of transparent private network device
WO2016119747A1 (en) System and method for communicating in an ssl vpn
US7779158B2 (en) Network device
US6101552A (en) Virtual internet protocol gate and the network constructed with the same
US20040044778A1 (en) Accessing an entity inside a private network
US20050066041A1 (en) Setting up a name resolution system for home-to-home communications
CN101262447B (en) A method for system terminal to establish NAT channel penetration
US8612557B2 (en) Method for establishing connection between user-network of other technology and domain name system proxy server for controlling the same
WO2009114995A1 (en) Application-oriented name registration system and service method in multi-layer nat environment
JP2006148902A (en) IPv4-IPv6 CONVERSION SYSTEM USING DUAL STACK CONVERSION MECHANISM AND ITS METHOD
TW200924462A (en) System and method for connection of hosts behind NATs
WO2009114997A1 (en) Application-oriented name registration system for used in multi-layer network address translator environment and the method thereof
JP2007527068A (en) Address and port number abstraction when setting up a connection between at least two computing devices
TW200412763A (en) Router and packet transmission method
JP2009538023A (en) Mobile phone used in client-server system
KR20010088233A (en) Application-based interworking system and method for interworking between networks using different protocol versions
US8073957B2 (en) Communication control system
CN105939398B (en) IPv6 transition method and device
KR102666587B1 (en) Peer-to-peer communication device and method for peer-to-peer communication thereof
KR20030075237A (en) Method and system for communicating with host having applications using heterogeneous internet protocols and target platform
TW414879B (en) Address translation system among virtual address networks
Fu et al. A P4-Based Identifier Mapping Network System

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09722340

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2010141489

Country of ref document: RU

Kind code of ref document: A

122 Ep: pct application non-entry in european phase

Ref document number: 09722340

Country of ref document: EP

Kind code of ref document: A1