WO2012109865A1 - Nat processing method, device and system for calls between clients of private network and clients out of network - Google Patents

Nat processing method, device and system for calls between clients of private network and clients out of network Download PDF

Info

Publication number
WO2012109865A1
WO2012109865A1 PCT/CN2011/077828 CN2011077828W WO2012109865A1 WO 2012109865 A1 WO2012109865 A1 WO 2012109865A1 CN 2011077828 W CN2011077828 W CN 2011077828W WO 2012109865 A1 WO2012109865 A1 WO 2012109865A1
Authority
WO
WIPO (PCT)
Prior art keywords
private network
port
client
network address
nat
Prior art date
Application number
PCT/CN2011/077828
Other languages
French (fr)
Chinese (zh)
Inventor
简其平
金龙
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2011/077828 priority Critical patent/WO2012109865A1/en
Priority to CN201180001375.4A priority patent/CN102318323B/en
Publication of WO2012109865A1 publication Critical patent/WO2012109865A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2564NAT traversal for a higher-layer protocol, e.g. for session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2585NAT traversal through application level gateway [ALG]

Definitions

  • the present invention belongs to the field of communication technologies, and specifically relates to a NAT processing method, a NAT device, and a calling system for calling between a private network client and an out-of-network client.
  • VoIP Voice over Internet Protocol
  • NAT Network Address Translation
  • FW Fire Wall
  • the proxy server (Proxy Server) is mostly located on the public network, and the client can register with the server on the public network, and the client can only talk to the called client through the proxy server on the public network.
  • the technologies for solving SIP traversal of NAT and FW are mainly classified into two types.
  • the tunnel penetration technology is adopted.
  • the User Datagram Protocol (UDP) of the NAT is simply traversed (Simple Traversal of UDP over NATs, STUN) technology.
  • UDP User Datagram Protocol
  • STUN Simple Traversal of UDP over NATs
  • the embodiment of the invention provides a call between a private network client and an external network client.
  • the NAT processing method, the NAT device, and the call system enable the proxy server and the private network client to traverse NAT and FW on the same private network.
  • a network address translation device processing method for a private network client and an out-of-network client call including:
  • the SIP packet is processed by the network address translation application layer gateway, and according to the mapping relationship, the private network address and port of the SDP part of the SIP packet are converted into a public network address and port.
  • a network address translation device for calling between a private network client and an off-net client comprising a processor and a memory; wherein the processor is configured to: the private network client in the SDP part of the SIP certificate sent by the proxy server The private network address and port of the terminal, the public network address and the port are allocated, and the storage is instructed to store the private network address and the port, and the mapping relationship between the public network address and the port, where the SIP packet is sent to The SIP packet of the out-of-network client; and the network address translation application layer gateway processing of the SIP packet, and converting the private network address and port of the SDP part of the SIP packet into a public network according to the mapping relationship Address and port; the memory is used to save the mapping relationship.
  • a call system between a private network client and an out-of-network client including the network address translation device and the proxy server; and the proxy server, after receiving the SIP message of the private network client, passing through the network
  • the address translation device sends a SIP packet to the client outside the network.
  • the NAT device is a private network client in a Session Description Protocol (SDP) part of a SIP message sent by a proxy server.
  • SDP Session Description Protocol
  • the private network address and port are assigned an idle public network address and port, and the mapping relationship is saved, so that subsequent media streams can traverse NAT and FW according to the mapping relationship, thereby solving the problem that the proxy server and the private network client are in the same private network. , unable to traverse the technical problems of NAT and FW.
  • SDP Session Description Protocol
  • FIG. 1 is a schematic flowchart of a method for processing a NAT device of a private network client calling an out-of-network client according to an embodiment of the present invention
  • FIG. 2 is a schematic flowchart of a method for processing a NAT device for a private network client and an out-of-network client to provide a call according to an embodiment of the present invention
  • FIG. 3 is a schematic diagram of a data flow of a private network client calling an off-net client provided by an embodiment of the present invention
  • FIG. 4 is a schematic flowchart of a method for processing a NAT device of an off-net client calling a private network client according to an embodiment of the present invention
  • FIG. 5 is a schematic diagram of a data flow of an off-network client calling a private network client according to an embodiment of the present invention
  • FIG. 6 is a schematic diagram of a calling system of a private network client and an out-of-network client according to an embodiment of the present invention.
  • Example 1 The method for processing the network address translation device of the private network client and the external network client provided by the embodiment of the present invention implements the traversal of the NAT and the FW when the proxy server and the private network client are on the same private network, as shown in FIG. 1 , including The following steps:
  • the NAT device is a private network address and port of the private network client in the SDP part of the SIP message sent by the proxy server, allocates a public network address and port, and saves the private network address and port, and the public network address and port. , the mapping relationship between .
  • the SIP packet is a SIP packet sent by the proxy server after receiving the SIP packet of the private network client.
  • the SIP message can be a call request message or a response message.
  • the source IP address of the SIP packet is the address of the proxy server, and the address and port in the SDP part are the private network address and port of the private network client.
  • the SIP 4 message is a SIP message sent to the client outside the network.
  • the NAT device cannot perform NAT ALG on the SDP part of the SIP packet according to the application level gateway (ALG). Therefore, the NAT device obtains the private network address and port of the private network client in the SDP part of the SIP 4 file, allocates an idle public network address and port to the private network client, and saves the private network address and port of the private network client. And the mapping relationship between the public network address and the port assigned to the private network client.
  • the NAT device also performs NAT processing on the media stream according to the mapping relationship.
  • S102 performing NAT ALG processing on the SIP packet, and according to the mapping between the private network address and the port, and the public network address and the port, the private network address and port of the SDP part of the SIP packet Convert to public network address and port.
  • the NAT device performs NAT on the SIP packet sent by the proxy server.
  • the private network address and port of the private network client in the SDP part of the SIP 4 are translated into the public network address and port according to the above mapping relationship.
  • the NAT device can also perform ALG processing on the from, to, and other fields in the SIP packet.
  • the NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saves the mapping relationship so that the subsequent media stream can traverse the NAT according to the mapping relationship.
  • FW thus solving When the proxy server and the private network client are on the same private network, the technical problems of NAT and FW cannot be traversed.
  • the embodiment of the present invention is a detailed description of a specific application scenario of the embodiment 1.
  • the SIP 4 message is a call request message.
  • the NAT device processing method includes the following steps:
  • the private network client such as client A
  • the off-net client such as client B
  • the out-of-network client can be a public network client or a private network client behind another NAT device.
  • the data part of the registration message sent by the private network client carries the address and port of the private network client when the call is initiated, so the proxy server can obtain the address and port from the registration message.
  • the data part of the registration message sent by the out-of-network client carries the address and port when the out-of-network client initiates the call, so the proxy server can obtain the address and port from the registration.
  • the NAT device sends a call request to the proxy server, for example, the private network address and port of the private network client in the SDP part of the Invite, and the public network address and port are allocated, and the private network address and port are saved. , and the mapping between public network addresses and ports.
  • the Invite message is sent by the proxy server after receiving the Invite message from the private network client, and the source IP address of the Invite packet is the address of the proxy server, in the SDP part.
  • the address and port are private network addresses and ports of the private network client.
  • the source IP address of the Invite packet is different from the address in the SDP part, and the NAT device cannot perform NAT ALG on the SDP part of the Invite packet according to the normal ALG mode. Therefore, the NAT device obtains the private network address and port of the private network client in the SDP part of the Invite packet, allocates an idle public network address and port to the private network client, and saves the private network address and port of the private network client, and The mapping between the public network address and port assigned to the private network client.
  • the NAT device also pairs the mapping according to the mapping relationship. The media stream is NAT processed.
  • S202 Perform NAT ALG processing on the Invite packet, and convert the private network address and port of the SDP part of the Invite packet to the private network address and the port and the mapping between the public network address and the port. Public network address and port.
  • the NAT device performs NAT on the Invite packet sent by the proxy server. Convert the private network address and port of the private network client in the SDP part of the Invite 4 to the public network address and port according to the above mapping relationship.
  • the NAT device can also perform ALG processing on the from, to, and other fields in the Invite packet.
  • the response message may be a 200 OK message.
  • the NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the Invite packet sent by the proxy server, and saves the mapping relationship so that the subsequent media stream can traverse the NAT according to the mapping relationship.
  • FW which solves the technical problem that the proxy server and the private network client cannot traverse NAT and FW when they are on the same private network.
  • the embodiment of the present invention is a specific description of another specific application scenario of the first embodiment.
  • the SIP 4 message is a response message, and the NAT is used.
  • the device processing method includes the following steps:
  • the private network client such as client A
  • the extranet client such as client B
  • the specific registration process is the same as the registration process described in embodiment 2. .
  • the NAT device performs NAT processing on the call request message sent by the out-of-network client to the proxy server.
  • the call request can be Invite 4.
  • S302 The private network address and port of the private network client in the SDP part of the response packet sent by the proxy server, the public network address and the port are allocated, and the private network address and port, and the public network address and the port are saved. Mapping relations. Where the response is 4 After receiving the response packet from the private network client in response to the call request packet, the proxy server sends a response packet, the source IP address of the response packet is the address of the proxy server, and the address and port in the SDP part are private networks. The private address and port of the client.
  • the response message may be a 200 OK message.
  • the NAT device cannot perform NAT ALG on the SDP part of the 200 OK packet according to the normal ALG mode. Therefore, the NAT device obtains the private network address and port of the private network client in the SDP part of the 200 OK packet, allocates an idle public network address and port to the private network client, and saves the private network address and port of the private network client, and The mapping between the public network address and port assigned to the private network client.
  • the NAT device also performs NAT processing on the media stream according to the mapping relationship.
  • S303 Perform NAT ALG processing on the 200 OK packet, and convert the private network address and port of the SDP part of the 200 OK packet according to the mapping relationship between the private network address and the port and the public network address and the port. It is the public network address and port.
  • the NAT device performs NAT on the 200 OK sent by the proxy server. Convert the private network address and port of the private network client in the SDP part of the 200 OK file to the public network address and port according to the above mapping relationship.
  • the NAT device can also perform ALG processing on the from, to, and other fields in the 200 OK message.
  • the NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the 200 ⁇ ⁇ 3 ⁇ 4 text sent by the proxy server, and saves the mapping relationship so that the subsequent media stream can traverse according to the mapping relationship.
  • NAT and FW solve the technical problem that the proxy server and the private network client cannot traverse NAT and FW when they are on the same private network.
  • a network address translation device for calling between a private network client and an out-of-network client provided by the embodiment of the present invention includes a processor and a memory.
  • the NAT device provided by the embodiment of the present invention is a router or a switch.
  • the processor is a private network address and port of the private network client in the SDP part of the SIP message sent by the proxy server, allocates a public network address and a port, and instructs the memory to save the above The mapping between the private network address and port, and the public network address and port.
  • the processor is further configured to perform NAT processing on the media stream according to a mapping relationship saved by the memory when receiving the media stream between the private network client and the external network client.
  • the SIP packet is a SIP packet sent by the proxy server after receiving the SIP packet of the private network client.
  • the source IP address of the SIP packet is the address of the proxy server, and the address and port in the SDP part are private.
  • the SIP 4 message is a SIP message sent to the client outside the network.
  • the processor performs NAT ALG processing on the SIP packet, and converts the private network address and port of the SDP part of the SIP packet into a public network address and port according to the mapping relationship stored in the memory.
  • the processor of the NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saves the mapping relationship in the memory to make the subsequent media stream.
  • the NAT and FW can be traversed according to the mapping relationship in the memory, thereby solving the technical problem that the proxy server and the private network client cannot traverse NAT and FW when they are on the same private network.
  • the calling system of the private network client and the out-of-network client provided by the embodiment of the present invention includes the NAT device and the proxy server in the foregoing Embodiment 4; and the proxy server is configured to receive the SIP of the private network client. After the packet is sent, the NAT device sends a SIP packet to the client outside the network.
  • the NAT device allocates a public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saves the private network address and port, and the public network address and port. Mapping relations.
  • the SIP 4 message is a SIP message sent by the proxy server after receiving the SIP message of the private network client.
  • the SIP message can be a call request message or a response message.
  • the source IP address of the SIP "3 ⁇ 4" is the address of the proxy server, and the address and port in the SDP part are the private network address and port of the private network client.
  • the NAT device cannot perform the SDP part of the SIP packet according to the normal ALG mode. NAT ALG. Therefore, the NAT device obtains the private network address and port of the private network client in the SDP part of the SIP packet, allocates an idle public network address and port to the private network client, and saves the private network address and port of the private network client, and The mapping between the public network address and port assigned to the private network client.
  • the NAT device also performs NAT processing on the media stream according to the mapping relationship.
  • the NAT device performs NAT ALG processing on the SIP message, and according to the mapping relationship between the private network address and the port, and the public network address and the port, the private network address and port of the SDP part of the SIP message. Convert to public network address and port.
  • the NAT device performs NAT on the SIP packet sent by the proxy server.
  • the private network address and port of the private network client in the SDP part of the SIP 4 are translated into the public network address and port according to the above mapping relationship.
  • the NAT device can also perform ALG processing on the from, to, and other fields in the SIP packet.
  • the NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saves the mapping relationship so that the subsequent media stream can traverse the NAT according to the mapping relationship.
  • FW which solves the technical problem that the proxy server and the private network client cannot traverse NAT and FW when they are on the same private network.

Abstract

The present invention relates to the technical field of communications. Disclosed in an embodiment of the present invention are an NAT processing method, device and system for calls between clients of a private network and clients out of network, solving the technical problem of unable to pass through NAT and FW when a proxy server and a private network client are in the same private network. The processing method for the NAT device comprises: allocating an idle public network address and port for the private network address and port of the private network client in the SDP portion of an SIP packet sent by a server, and storing the mapping relation; performing NAT ALG processing to the SIP packet, and converting the private network address and port in the SDP portion of the SIP packet into the public network address and port according to the mapping relation. The NAT device comprises a processor and a storage device for realizing the above functions. The calling system comprises the NAT device and the proxy server. The present invention is applicable for implementing network telephone call.

Description

私网与网外客户端之间呼叫的 NAT处理方法、 设备和系统 技术领域  NAT processing method, device and system for calling between private network and extra-network client
本发明属于通讯技术领域, 具体涉及一种私网客户端与网外客 户端之间呼叫的 NAT处理方法、 NAT设备和呼叫系统。  The present invention belongs to the field of communication technologies, and specifically relates to a NAT processing method, a NAT device, and a calling system for calling between a private network client and an out-of-network client.
背景技术 Background technique
随着语音和视频业务的蓬勃发展, 互联网协议电话(Voice over Internet Protocol , VoIP)可能建立在私网与公网, 或私网与私网之间。 VoIP的通路上经过了不同类型的网络, 中间可能有一个或多个网络 地址转换器( Network Address Translation , NAT )和防火墙( Fire Wall , FW )。 考虑到安全性, 通常 NAT和 FW是同时存在的, 这些 NAT和 FW对大部分的端口是禁止通信或单向放行的, 而 VoIP数据流是多 通路数据流, VoIP建立的通路的端口往往采用动态端口, 所以在有 NAT的数据流通路上, FW事先无法预知 VoIP需要使用的端口, 除 非将大部分的端口都开放, 这样便失去了防火墙的意义。 因此, 会 话初始协议(Session Initiation Protocol , SIP)中的 NAT和 FW穿越问 题已成为了基于 SIP 的 VoIP技术在布有 NAT和 FW的城域网和企 业网推广应用中的最大障碍。  With the rapid development of voice and video services, Voice over Internet Protocol (VoIP) may be established between the private network and the public network, or between the private network and the private network. There are different types of networks on the VoIP path, and there may be one or more Network Address Translation (NAT) and firewall (Fire Wall, FW) in the middle. Considering security, NAT and FW are common at the same time. These NATs and FWs prohibit communication or one-way release for most ports, while VoIP data streams are multi-path data streams. Dynamic port, so in the flow of data with NAT, FW can't predict the port that VoIP needs to use beforehand, unless most ports are open, thus losing the meaning of firewall. Therefore, the NAT and FW traversal problem in the Session Initiation Protocol (SIP) has become the biggest obstacle for SIP-based VoIP technology to be promoted in metropolitan area networks and enterprise networks with NAT and FW.
通常的 SIP 网络系统中, 代理服务器(Proxy Server)大多位于公 网上, 客户端可以向公网上的服务器进行注册, 同时客户端也只能 通过公网上的代理服务器与被叫客户端通话。  In a typical SIP network system, the proxy server (Proxy Server) is mostly located on the public network, and the client can register with the server on the public network, and the client can only talk to the called client through the proxy server on the public network.
通常解决 SIP穿越 NAT和 FW的技术主要分两类, 对于对称的 NAT采用隧道穿透技术, 对于非对称的 NAT采用 NAT 的用户数据 才艮协议 (User Datagram Protocol , UDP)简单穿越 (Simple Traversal of UDP over NATs , STUN)技术。 但是上述两种方法只能用于代理服务 器在公网的情况, 不能用于代理服务器在 NAT和 FW的私网一侧的 情况。  Generally, the technologies for solving SIP traversal of NAT and FW are mainly classified into two types. For the symmetric NAT, the tunnel penetration technology is adopted. For the asymmetric NAT, the User Datagram Protocol (UDP) of the NAT is simply traversed (Simple Traversal of UDP over NATs, STUN) technology. However, the above two methods can only be used when the proxy server is on the public network, and cannot be used on the private network side of the proxy server on the NAT and FW.
发明内容 本发明实施例提供了一种私网客户端与网外客户端之间呼叫的Summary of the invention The embodiment of the invention provides a call between a private network client and an external network client.
NAT处理方法、 NAT设备和呼叫系统, 能够实现代理服务器与私网 客户端在同一私网时穿越 NAT和 FW。 The NAT processing method, the NAT device, and the call system enable the proxy server and the private network client to traverse NAT and FW on the same private network.
为达到上述目 的, 本发明的实施例采用如下技术方案:  In order to achieve the above objectives, embodiments of the present invention adopt the following technical solutions:
一种私网客户端与网外客户端呼叫的网络地址转换设备处理方 法, 包括:  A network address translation device processing method for a private network client and an out-of-network client call, including:
为代理服务器发出的 SIP报文的 SDP部分中所述私网客户端的 私网地址和端口, 分配公网地址和端口, 并保存该私网地址和端口, 以及公网地址和端口, 之间的映射关系, 其中, 所述 SIP 4艮文为发 往所述网外客户端的 SIP 4艮文;  Assigning a public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saving the private network address and port, and the public network address and port. a mapping relationship, where the SIP message is a SIP message sent to the client outside the network;
对该 SIP报文进行网络地址转换应用层网关处理, 并根据所述 映射关系, 将该 SIP 4艮文的 SDP部分的私网地址和端口转换为公网 地址和端口。  The SIP packet is processed by the network address translation application layer gateway, and according to the mapping relationship, the private network address and port of the SDP part of the SIP packet are converted into a public network address and port.
一种私网客户端与网外客户端之间呼叫的网络地址转换设备, 包括处理器和存储器; 所述处理器用于, 为代理服务器发出的 SIP 才艮文的 SDP部分中所述私网客户端的私网地址和端口 , 分配公网地 址和端口, 并指示所述存储器保存该私网地址和端口, 以及公网地 址和端口, 之间的映射关系, 其中, 所述 SIP 报文为发往所述网外 客户端的 SIP报文; 以及对该 SIP报文进行网络地址转换应用层网 关处理, 并根据所述映射关系, 将该 SIP报文的 SDP部分的私网地 址和端口转换为公网地址和端口; 所述存储器用于, 保存所述映射 关系。  A network address translation device for calling between a private network client and an off-net client, comprising a processor and a memory; wherein the processor is configured to: the private network client in the SDP part of the SIP certificate sent by the proxy server The private network address and port of the terminal, the public network address and the port are allocated, and the storage is instructed to store the private network address and the port, and the mapping relationship between the public network address and the port, where the SIP packet is sent to The SIP packet of the out-of-network client; and the network address translation application layer gateway processing of the SIP packet, and converting the private network address and port of the SDP part of the SIP packet into a public network according to the mapping relationship Address and port; the memory is used to save the mapping relationship.
一种私网客户端与网外客户端之间的呼叫系统, 包括上述网络 地址转换设备和代理服务器; 所述代理服务器, 用于在收到私网客 户端的 SIP 报文后, 经过所述网络地址转换设备向所述网外客户端 发出 SIP报文。  A call system between a private network client and an out-of-network client, including the network address translation device and the proxy server; and the proxy server, after receiving the SIP message of the private network client, passing through the network The address translation device sends a SIP packet to the client outside the network.
与现有技术相比, 本发明所提供上述技术方案中的任一技术方 案具有如下优点: NAT设备为代理服务器发出的 SIP报文的会话描 述协议 ( Session Description Protocol , SDP ) 部分中私网客户端的 私网地址和端口分配一个空闲的公网地址和端口 , 并保存其映射关 系, 使后续媒体流能根据该映射关系穿越 NAT和 FW , 从而解决了 代理服务器与私网客户端在同一私网时, 无法穿越 NAT和 F W的技 术问题。 Compared with the prior art, any technical solution provided by the present invention has the following advantages: The NAT device is a private network client in a Session Description Protocol (SDP) part of a SIP message sent by a proxy server. End The private network address and port are assigned an idle public network address and port, and the mapping relationship is saved, so that subsequent media streams can traverse NAT and FW according to the mapping relationship, thereby solving the problem that the proxy server and the private network client are in the same private network. , unable to traverse the technical problems of NAT and FW.
附图说明 DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案, 下 面将对实施例或现有技术描述中所需要使用的附图作简单地介绍, 显而易见地, 下面描述中的附图仅仅是本发明的一些实施例, 对于 本领域普通技术人员来讲, 在不付出创造性劳动的前提下, 还可以 根据这些附图获得其他的附图。  In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any creative work.
图 1 为本发明的实施例所提供的私网客户端呼叫网外客户端的 NAT设备处理方法流程示意图;  FIG. 1 is a schematic flowchart of a method for processing a NAT device of a private network client calling an out-of-network client according to an embodiment of the present invention;
图 2为本发明的实施例所提供的私网客户端与网外客户端呼叫 的 NAT设备处理方法流程示意图;  2 is a schematic flowchart of a method for processing a NAT device for a private network client and an out-of-network client to provide a call according to an embodiment of the present invention;
图 3 为本发明的实施例所提供的私网客户端呼叫网外客户端的 数据流程示意图;  3 is a schematic diagram of a data flow of a private network client calling an off-net client provided by an embodiment of the present invention;
图 4为本发明的实施例所提供的网外客户端呼叫私网客户端的 NAT设备处理方法流程示意图;  4 is a schematic flowchart of a method for processing a NAT device of an off-net client calling a private network client according to an embodiment of the present invention;
图 5 为本发明的实施例所提供的网外客户端呼叫私网客户端的 数据流程示意图;  FIG. 5 is a schematic diagram of a data flow of an off-network client calling a private network client according to an embodiment of the present invention;
图 6为本发明的实施例所提供的私网客户端与网外客户端的呼 叫系统示意图。  FIG. 6 is a schematic diagram of a calling system of a private network client and an out-of-network client according to an embodiment of the present invention.
具体实施方式 detailed description
下面将结合本发明实施例中的附图, 对本发明实施例中的技术 方案进行清楚、 完整地描述, 显然, 所描述的实施例仅仅是本发明 一部分实施例, 而不是全部的实施例。 基于本发明中的实施例, 本 领域普通技术人员在没有付出创造性劳动的前提下所获得的所有其 他实施例, 都属于本发明保护的范围。  The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without departing from the scope of the invention are within the scope of the present invention.
实施例 1 : 本发明实施例提供的私网客户端与网外客户端呼叫的网络地址 转换设备处理方法, 实现了代理服务器与私网客户端在同一私网时 穿越 NAT和 FW , 如图 1所示, 包括以下步骤: Example 1: The method for processing the network address translation device of the private network client and the external network client provided by the embodiment of the present invention implements the traversal of the NAT and the FW when the proxy server and the private network client are on the same private network, as shown in FIG. 1 , including The following steps:
S 101 : NAT设备为代理服务器发出的 SIP 4艮文的 SDP部分中私 网客户端的私网地址和端口, 分配公网地址和端口, 并保存该私网 地址和端口, 以及公网地址和端口, 之间的映射关系。 其中, 该 SIP 报文是代理服务器在收到私网客户端的 SIP报文后, 发出的 SIP报 文。 该 SIP 文可以是呼叫请求 文也可以是响应^艮文。 该 SIP才艮 文的源 IP地址为代理服务器的地址, SDP部分中的地址和端口为私 网客户端的私网地址和端口。 该 SIP 4艮文为发往网外客户端的 SIP 报文。  S101: The NAT device is a private network address and port of the private network client in the SDP part of the SIP message sent by the proxy server, allocates a public network address and port, and saves the private network address and port, and the public network address and port. , the mapping relationship between . The SIP packet is a SIP packet sent by the proxy server after receiving the SIP packet of the private network client. The SIP message can be a call request message or a response message. The source IP address of the SIP packet is the address of the proxy server, and the address and port in the SDP part are the private network address and port of the private network client. The SIP 4 message is a SIP message sent to the client outside the network.
具体的, 由于该 SIP 4艮文的源 IP地址和 SDP部分中的地址不 同 , NAT 设备不能按照通常的应用层网 关 ( Application Level Gateway , ALG )方式对该 SIP报文 SDP部分做 NAT ALG。所以 NAT 设备获取 SIP 4艮文的 SDP部分中私网客户端的私网地址和端口, 为 私网客户端分配一个空闲的公网地址和端口, 并保存该私网客户端 的私网地址和端口, 以及为该私网客户端分配的公网地址和端口, 之间的映射关系。 后续在私网客户端与网外客户端之间传送媒体流 时, NAT设备也根据该映射关系对上述媒体流做 NAT处理。  Specifically, because the source IP address of the SIP 4 and the address in the SDP part are different, the NAT device cannot perform NAT ALG on the SDP part of the SIP packet according to the application level gateway (ALG). Therefore, the NAT device obtains the private network address and port of the private network client in the SDP part of the SIP 4 file, allocates an idle public network address and port to the private network client, and saves the private network address and port of the private network client. And the mapping relationship between the public network address and the port assigned to the private network client. When the media stream is transmitted between the private network client and the external network client, the NAT device also performs NAT processing on the media stream according to the mapping relationship.
S 102 : 对该 SIP报文进行 NAT ALG处理, 并根据上述私网地址 和端口, 以及公网地址和端口, 之间的映射关系, 将该 SIP 4艮文的 SDP部分的私网地址和端口转换为公网地址和端口。  S102: performing NAT ALG processing on the SIP packet, and according to the mapping between the private network address and the port, and the public network address and the port, the private network address and port of the SDP part of the SIP packet Convert to public network address and port.
具体的, NAT设备对代理服务器发出的 SIP报文做 NAT。 将该 SIP 4艮文的 SDP部分中私网客户端的私网地址和端口按照上述映射 关系转换为公网地址和端口。NAT设备还可以对 SIP报文中的 from、 to等字段进行 ALG处理。  Specifically, the NAT device performs NAT on the SIP packet sent by the proxy server. The private network address and port of the private network client in the SDP part of the SIP 4 are translated into the public network address and port according to the above mapping relationship. The NAT device can also perform ALG processing on the from, to, and other fields in the SIP packet.
NAT设备为代理服务器发出的 SIP报文的 SDP部分中私网客户 端的私网地址和端口分配一个空闲的公网地址和端口, 并保存其映 射关系, 使后续媒体流能根据该映射关系穿越 NAT和 FW , 从而解 决了代理服务器与私网客户端在同一私网时, 无法穿越 NAT和 F W 的技术问题。 The NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saves the mapping relationship so that the subsequent media stream can traverse the NAT according to the mapping relationship. And FW, thus solving When the proxy server and the private network client are on the same private network, the technical problems of NAT and FW cannot be traversed.
实施例 2 :  Example 2:
本发明实施例与是对实施例 1 的一种具体应用场景的具体说 明, 如图 2和图 3所示, 当私网客户端呼叫网外客户端时, SIP 4艮文 为呼叫请求 文, NAT设备处理方法, 包括以下步骤:  The embodiment of the present invention is a detailed description of a specific application scenario of the embodiment 1. As shown in FIG. 2 and FIG. 3, when the private network client calls the out-of-network client, the SIP 4 message is a call request message. The NAT device processing method includes the following steps:
通常在发起呼叫之前, 私网客户端, 例如客户端 A , 和网外客 户端, 例如客户端 B , 要各自先向代理服务器进行注册。 其中, 网 外客户端可以是一个公网客户端, 也可以是另一 NAT设备之后的私 网客户端。  Usually before the call is initiated, the private network client, such as client A, and the off-net client, such as client B, are each registered with the proxy server first. The out-of-network client can be a public network client or a private network client behind another NAT device.
私网客户端发出的注册报文的数据部分中携带有私网客户端在 之后发起呼叫时的地址和端口, 所以代理服务器可以从注册 4艮文中 获取该地址和端口。 网外客户端发出的注册报文的数据部分中携带 有网外客户端在之后发起呼叫时的地址和端口, 所以代理服务器可 以从注册 ^艮文中获取该地址和端口。  The data part of the registration message sent by the private network client carries the address and port of the private network client when the call is initiated, so the proxy server can obtain the address and port from the registration message. The data part of the registration message sent by the out-of-network client carries the address and port when the out-of-network client initiates the call, so the proxy server can obtain the address and port from the registration.
S201: NAT设备为代理服务器发出的呼叫请求 4艮文,例如 Invite 才艮文, 的 SDP部分中私网客户端的私网地址和端口, 分配公网地址 和端口, 并保存该私网地址和端口, 以及公网地址和端口, 之间的 映射关系。 其中, 该 Invite 报文是代理服务器在收到私网客户端的 Invite才艮文后, 发出的 Invite才艮文, 该 Invite才艮文的源 IP地址为代 理月良务器的地址, SDP 部分中的地址和端口为私网客户端的私网地 址和端口。  S201: The NAT device sends a call request to the proxy server, for example, the private network address and port of the private network client in the SDP part of the Invite, and the public network address and port are allocated, and the private network address and port are saved. , and the mapping between public network addresses and ports. The Invite message is sent by the proxy server after receiving the Invite message from the private network client, and the source IP address of the Invite packet is the address of the proxy server, in the SDP part. The address and port are private network addresses and ports of the private network client.
具体的, 由于该 Invite 4艮文的源 IP地址和 SDP部分中的地址 不同, NAT设备不能按照通常的 ALG方式对该 Invite报文 SDP部 分做 NAT ALG。 所以 NAT设备获取 Invite报文的 SDP部分中私网 客户端的私网地址和端口, 为私网客户端分配一个空闲的公网地址 和端口, 并保存该私网客户端的私网地址和端口, 以及为该私网客 户端分配的公网地址和端口, 之间的映射关系。 后续在私网客户端 与网外客户端之间传送媒体流时, NAT设备也根据该映射关系对上 述媒体流做 NAT处理。 Specifically, the source IP address of the Invite packet is different from the address in the SDP part, and the NAT device cannot perform NAT ALG on the SDP part of the Invite packet according to the normal ALG mode. Therefore, the NAT device obtains the private network address and port of the private network client in the SDP part of the Invite packet, allocates an idle public network address and port to the private network client, and saves the private network address and port of the private network client, and The mapping between the public network address and port assigned to the private network client. When the media stream is transmitted between the private network client and the external network client, the NAT device also pairs the mapping according to the mapping relationship. The media stream is NAT processed.
S202 : 对该 Invite报文进行 NAT ALG处理, 并根据上述私网地 址和端口, 以及公网地址和端口, 之间的映射关系, 将该 Invite 报 文的 SDP部分的私网地址和端口转换为公网地址和端口。  S202: Perform NAT ALG processing on the Invite packet, and convert the private network address and port of the SDP part of the Invite packet to the private network address and the port and the mapping between the public network address and the port. Public network address and port.
具体的, NAT设备对代理服务器发出的 Invite报文做 NAT。 将 该 Invite 4艮文的 SDP部分中私网客户端的私网地址和端口按照上述 映射关系转换为公网地址和端口。 NAT设备还可以对 Invite报文中 的 from、 to等字段进行 ALG处理。  Specifically, the NAT device performs NAT on the Invite packet sent by the proxy server. Convert the private network address and port of the private network client in the SDP part of the Invite 4 to the public network address and port according to the above mapping relationship. The NAT device can also perform ALG processing on the from, to, and other fields in the Invite packet.
S203 : 对网外客户端收到 Invite报文后, 发出的响应报文进行 NAT处理。  S203: After the Invite packet is received by the client, the response packet sent by the client is subjected to NAT processing.
具体的, 响应报文可以是 200OK报文。  Specifically, the response message may be a 200 OK message.
NAT设备为代理服务器发出的 Invite报文的 SDP部分中私网客 户端的私网地址和端口分配一个空闲的公网地址和端口, 并保存其 映射关系, 使后续媒体流能根据该映射关系穿越 NAT和 FW , 从而 解决了代理服务器与私网客户端在同一私网时,无法穿越 NAT和 F W 的技术问题。  The NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the Invite packet sent by the proxy server, and saves the mapping relationship so that the subsequent media stream can traverse the NAT according to the mapping relationship. And FW, which solves the technical problem that the proxy server and the private network client cannot traverse NAT and FW when they are on the same private network.
实施例 3 :  Example 3:
本发明实施例是对实施例 1 的另一种具体应用场景的具体说 明, 如图 4和图 5所示, 当网外客户端呼叫私网客户端时, SIP 4艮文 为响应 文, NAT设备处理方法, 包括以下步骤:  The embodiment of the present invention is a specific description of another specific application scenario of the first embodiment. As shown in FIG. 4 and FIG. 5, when the client outside the network calls the private network client, the SIP 4 message is a response message, and the NAT is used. The device processing method includes the following steps:
通常在发起呼叫之前, 私网客户端, 例如客户端 A , 和网外客 户端, 例如客户端 B , 要各自先向代理服务器进行注册, 具体注册 过程与实施例 2 中所描述的注册过程相同。  Usually, before the call is initiated, the private network client, such as client A, and the extranet client, such as client B, are each registered with the proxy server first. The specific registration process is the same as the registration process described in embodiment 2. .
S301 : NAT设备对网外客户端向代理服务器发出的呼叫请求报 文进行 NAT处理。  S301: The NAT device performs NAT processing on the call request message sent by the out-of-network client to the proxy server.
具体的, 呼叫请求 ^艮文可以是 Invite 4艮文。  Specifically, the call request can be Invite 4.
S302 : 为代理服务器发出的响应报文的 SDP部分中私网客户端 的私网地址和端口, 分配公网地址和端口, 并保存该私网地址和端 口, 以及公网地址和端口, 之间的映射关系。 其中, 该响应 4艮文是 代理服务器在收到私网客户端回应呼叫请求报文的响应报文之后, 发出的响应报文,该响应报文的源 IP地址为代理服务器的地址, SDP 部分中的地址和端口为私网客户端的私网地址和端口。 S302: The private network address and port of the private network client in the SDP part of the response packet sent by the proxy server, the public network address and the port are allocated, and the private network address and port, and the public network address and the port are saved. Mapping relations. Where the response is 4 After receiving the response packet from the private network client in response to the call request packet, the proxy server sends a response packet, the source IP address of the response packet is the address of the proxy server, and the address and port in the SDP part are private networks. The private address and port of the client.
具体的, 响应报文可以是 200OK报文。 由于该 200OK报文的 源 IP地址和 SDP部分中的地址不同, NAT设备不能按照通常的 ALG 方式对该 200OK报文 SDP部分做 NAT ALG。 所以 NAT设备获取 200OK报文的 SDP部分中私网客户端的私网地址和端口, 为私网客 户端分配一个空闲的公网地址和端口, 并保存该私网客户端的私网 地址和端口, 以及为该私网客户端分配的公网地址和端口, 之间的 映射关系。后续在私网客户端与网外客户端之间传送媒体流时, NAT 设备也根据该映射关系对上述媒体流做 NAT处理。  Specifically, the response message may be a 200 OK message. Because the source IP address of the 200 OK packet is different from the address in the SDP part, the NAT device cannot perform NAT ALG on the SDP part of the 200 OK packet according to the normal ALG mode. Therefore, the NAT device obtains the private network address and port of the private network client in the SDP part of the 200 OK packet, allocates an idle public network address and port to the private network client, and saves the private network address and port of the private network client, and The mapping between the public network address and port assigned to the private network client. When the media stream is transmitted between the private network client and the external network client, the NAT device also performs NAT processing on the media stream according to the mapping relationship.
S303 : 对该 200OK报文进行 NAT ALG处理, 并根据上述私网 地址和端口 , 以及公网地址和端口, 之间的映射关系, 将该 200OK 才艮文的 SDP部分的私网地址和端口转换为公网地址和端口。  S303: Perform NAT ALG processing on the 200 OK packet, and convert the private network address and port of the SDP part of the 200 OK packet according to the mapping relationship between the private network address and the port and the public network address and the port. It is the public network address and port.
具体的, NAT 设备对代理服务器发出的 200OK 做 NAT。 将 200OK 4艮文的 SDP部分中私网客户端的私网地址和端口按照上述映 射关系转换为公网地址和端口。 NAT设备还可以对 200OK报文中的 from , to等字段进行 ALG处理。  Specifically, the NAT device performs NAT on the 200 OK sent by the proxy server. Convert the private network address and port of the private network client in the SDP part of the 200 OK file to the public network address and port according to the above mapping relationship. The NAT device can also perform ALG processing on the from, to, and other fields in the 200 OK message.
NAT设备为代理服务器发出的 200ΟΚ ·¾文的 SDP部分中私网 客户端的私网地址和端口分配一个空闲的公网地址和端口, 并保存 其映射关系, 使后续媒体流能根据该映射关系穿越 NAT和 FW , 从 而解决了代理服务器与私网客户端在同一私网时, 无法穿越 NAT和 FW的技术问题。  The NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the 200 ΟΚ · 3⁄4 text sent by the proxy server, and saves the mapping relationship so that the subsequent media stream can traverse according to the mapping relationship. NAT and FW solve the technical problem that the proxy server and the private network client cannot traverse NAT and FW when they are on the same private network.
实施例 4:  Example 4:
本发明实施例提供的私网客户端与网外客户端之间呼叫的网络 地址转换设备, 包括处理器和存储器。 作为一个优选方案, 本发明 实施例提供的 NAT设备为路由器或交换机。  A network address translation device for calling between a private network client and an out-of-network client provided by the embodiment of the present invention includes a processor and a memory. As a preferred solution, the NAT device provided by the embodiment of the present invention is a router or a switch.
处理器为代理服务器发出的 SIP报文的 SDP部分中私网客户端 的私网地址和端口, 分配公网地址和端口, 并指示存储器保存上述 私网地址和端口, 以及公网地址和端口, 之间的映射关系。 该处理 器还用于, 在接收到所述私网客户端与所述网外客户端之间传送媒 体流时,根据存储器保存的映射关系对该媒体流做 NAT处理。其中 , 该 SIP报文是代理服务器在收到私网客户端的 SIP报文后, 发出的 SIP报文, 该 SIP报文的源 IP地址为代理服务器的地址, SDP部分 中的地址和端口为私网客户端的私网地址和端口。 该 SIP 4艮文为发 往网外客户端的 SIP报文。 The processor is a private network address and port of the private network client in the SDP part of the SIP message sent by the proxy server, allocates a public network address and a port, and instructs the memory to save the above The mapping between the private network address and port, and the public network address and port. The processor is further configured to perform NAT processing on the media stream according to a mapping relationship saved by the memory when receiving the media stream between the private network client and the external network client. The SIP packet is a SIP packet sent by the proxy server after receiving the SIP packet of the private network client. The source IP address of the SIP packet is the address of the proxy server, and the address and port in the SDP part are private. The private network address and port of the network client. The SIP 4 message is a SIP message sent to the client outside the network.
然后, 处理器对该 SIP报文进行 NAT ALG处理, 并根据存储器 中存储的上述映射关系, 将该 SIP报文的 SDP部分的私网地址和端 口转换为公网地址和端口。  Then, the processor performs NAT ALG processing on the SIP packet, and converts the private network address and port of the SDP part of the SIP packet into a public network address and port according to the mapping relationship stored in the memory.
NAT设备的处理器为代理服务器发出的 SIP报文的 SDP部分中 私网客户端的私网地址和端口分配一个空闲的公网地址和端口, 并 将其映射关系保存在存储器中, 使后续媒体流能根据存储器中的该 映射关系穿越 NAT和 FW , 从而解决了代理服务器与私网客户端在 同一私网时, 无法穿越 NAT和 F W的技术问题。  The processor of the NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saves the mapping relationship in the memory to make the subsequent media stream. The NAT and FW can be traversed according to the mapping relationship in the memory, thereby solving the technical problem that the proxy server and the private network client cannot traverse NAT and FW when they are on the same private network.
实施例 5:  Example 5
如图 6所示, 本发明实施例提供的私网客户端与网外客户端的 呼叫系统, 包括上述实施例 4 中的 NAT设备和代理服务器; 代理服 务器, 用于在收到私网客户端的 SIP报文后, 经过 NAT设备向所述 网外客户端发出 SIP报文。  As shown in FIG. 6, the calling system of the private network client and the out-of-network client provided by the embodiment of the present invention includes the NAT device and the proxy server in the foregoing Embodiment 4; and the proxy server is configured to receive the SIP of the private network client. After the packet is sent, the NAT device sends a SIP packet to the client outside the network.
NAT设备为代理服务器发出的 SIP报文的 SDP部分中私网客户 端的私网地址和端口, 分配公网地址和端口, 并保存该私网地址和 端口, 以及公网地址和端口, 之间的映射关系。 其中, 该 SIP 4艮文 是代理服务器在收到私网客户端的 SIP报文后, 发出的 SIP报文。 该 SIP 文可以是呼叫请求 文也可以是响应^艮文。 该 SIP "¾文的 源 IP地址为代理服务器的地址, SDP部分中的地址和端口为私网客 户端的私网地址和端口。  The NAT device allocates a public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saves the private network address and port, and the public network address and port. Mapping relations. The SIP 4 message is a SIP message sent by the proxy server after receiving the SIP message of the private network client. The SIP message can be a call request message or a response message. The source IP address of the SIP "3⁄4" is the address of the proxy server, and the address and port in the SDP part are the private network address and port of the private network client.
具体的, 由于该 SIP 4艮文的源 IP地址和 SDP部分中的地址不 同, NAT设备不能按照通常的 ALG方式对该 SIP报文 SDP部分做 NAT ALG。所以 NAT设备获取 SIP报文的 SDP部分中私网客户端的 私网地址和端口, 为私网客户端分配一个空闲的公网地址和端口, 并保存该私网客户端的私网地址和端口, 以及为该私网客户端分配 的公网地址和端口, 之间的映射关系。 后续在私网客户端与网外客 户端之间传送媒体流时, NAT设备也根据该映射关系对上述媒体流 做 NAT处理。 Specifically, because the source IP address of the SIP 4 and the address in the SDP part are different, the NAT device cannot perform the SDP part of the SIP packet according to the normal ALG mode. NAT ALG. Therefore, the NAT device obtains the private network address and port of the private network client in the SDP part of the SIP packet, allocates an idle public network address and port to the private network client, and saves the private network address and port of the private network client, and The mapping between the public network address and port assigned to the private network client. When the media stream is transmitted between the private network client and the external network client, the NAT device also performs NAT processing on the media stream according to the mapping relationship.
然后, NAT设备对该 SIP 文进行 NAT ALG处理, 并根据上 述私网地址和端口, 以及公网地址和端口, 之间的映射关系, 将该 SIP 4艮文的 SDP部分的私网地址和端口转换为公网地址和端口。  Then, the NAT device performs NAT ALG processing on the SIP message, and according to the mapping relationship between the private network address and the port, and the public network address and the port, the private network address and port of the SDP part of the SIP message. Convert to public network address and port.
具体的, NAT设备对代理服务器发出的 SIP报文做 NAT。 将该 SIP 4艮文的 SDP部分中私网客户端的私网地址和端口按照上述映射 关系转换为公网地址和端口。NAT设备还可以对 SIP报文中的 from、 to等字段进行 ALG处理。  Specifically, the NAT device performs NAT on the SIP packet sent by the proxy server. The private network address and port of the private network client in the SDP part of the SIP 4 are translated into the public network address and port according to the above mapping relationship. The NAT device can also perform ALG processing on the from, to, and other fields in the SIP packet.
NAT设备为代理服务器发出的 SIP报文的 SDP部分中私网客户 端的私网地址和端口分配一个空闲的公网地址和端口, 并保存其映 射关系, 使后续媒体流能根据该映射关系穿越 NAT和 FW , 从而解 决了代理服务器与私网客户端在同一私网时, 无法穿越 NAT和 F W 的技术问题。  The NAT device allocates an idle public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saves the mapping relationship so that the subsequent media stream can traverse the NAT according to the mapping relationship. And FW, which solves the technical problem that the proxy server and the private network client cannot traverse NAT and FW when they are on the same private network.
以上所述, 仅为本发明的具体实施方式, 但本发明的保护范围 并不局限于此, 任何熟悉本技术领域的技术人员在本发明揭露的技 术范围内, 可轻易想到的变化或替换, 都应涵盖在本发明的保护范 围之内。 因此, 本发明的保护范围应以权利要求的保护范围为准。  The above is only the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any change or replacement that can be easily conceived by those skilled in the art within the technical scope of the present invention is All should be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the claims.

Claims

权 利 要 求 书 Claim
1、 一种私网客户端与网外客户端呼叫的网络地址转换方法, 其 特征在于, 包括:  A network address translation method for a private network client and an out-of-network client call, characterized in that:
为代理服务器发出的 SIP报文的 SDP部分中所述私网客户端的 私网地址和端口, 分配公网地址和端口, 并保存该私网地址和端口, 以及公网地址和端口, 之间的映射关系, 其中, 所述 SIP 4艮文为发往 所述网外客户端的 SIP 4艮文;  Assigning a public network address and port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and saving the private network address and port, and the public network address and port. a mapping relationship, where the SIP message is a SIP message sent to the client outside the network;
对该 SIP报文进行网络地址转换应用层网关处理,并根据所述映 射关系, 将该 SIP 4艮文的 SDP 部分的私网地址和端口转换为公网地 址和端口。  The SIP packet is processed by the network address translation application layer gateway, and according to the mapping relationship, the private network address and port of the SDP part of the SIP packet are converted into a public network address and a port.
2、 根据权利要求 1所述的处理方法, 其特征在于, 还包括: 在接收到所述私网客户端与所述网外客户端之间传送媒体流时, 根据所述映射关系对所述媒体流做 NAT处理。  The processing method according to claim 1, further comprising: when receiving the media stream between the private network client and the external network client, according to the mapping relationship The media stream is NAT processed.
3、 根据权利要求 1或 2所述的处理方法, 其特征在于, 所述 SIP 报文为呼叫请求报文或响应报文。  The processing method according to claim 1 or 2, wherein the SIP message is a call request message or a response message.
4、一种私网客户端与网外客户端之间呼叫的网络地址转换设备, 其特征在于: 包括处理器和存储器;  A network address translation device for calling between a private network client and an external network client, comprising: a processor and a memory;
所述处理器用于, 为代理服务器发出的 SIP报文的 SDP部分中 所述私网客户端的私网地址和端口, 分配公网地址和端口, 并指示所 述存储器保存该私网地址和端口, 以及公网地址和端口, 之间的映射 关系, 其中, 所述 SIP报文为发往所述网外客户端的 SIP报文;  The processor is configured to: assign a public network address and a port to the private network address and port of the private network client in the SDP part of the SIP packet sent by the proxy server, and instruct the memory to save the private network address and port, And the mapping between the public network address and the port, where the SIP packet is a SIP packet sent to the client outside the network;
以及对该 SIP报文进行网络地址转换应用层网关处理,并根据所 述映射关系, 将该 SIP报文的 SDP 部分的私网地址和端口转换为公 网地址和端口;  And performing the network address translation application layer gateway processing on the SIP packet, and converting the private network address and port of the SDP part of the SIP packet into a public network address and a port according to the mapping relationship;
所述存储器用于, 保存所述映射关系。  The memory is configured to save the mapping relationship.
5、 根据权利要求 4所述的网络地址转换设备, 其特征在于: 所 述处理器还用于, 在接收到所述私网客户端与所述网外客户端之间传 送媒体流时, 根据所述存储器保存的所述映射关系对所述媒体流做 NAT处理。 The network address translation device according to claim 4, wherein: the processor is further configured to: when receiving the media stream between the private network client and the external network client, according to The mapping relationship saved by the memory performs NAT processing on the media stream.
6、 一种私网客户端与网外客户端之间的呼叫系统 , 其特征在于: 包括权利要求 4或 5所述的网络地址转换设备和代理服务器; 6. A call system between a private network client and an off-net client, comprising: the network address translation device and the proxy server according to claim 4 or 5;
所述代理服务器, 用于在收到私网客户端的 SIP报文后, 经过所 述网络地址转换设备向所述网外客户端发出 SIP报文。  The proxy server is configured to send a SIP packet to the client outside the network after receiving the SIP packet of the private network client through the network address translation device.
PCT/CN2011/077828 2011-07-30 2011-07-30 Nat processing method, device and system for calls between clients of private network and clients out of network WO2012109865A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2011/077828 WO2012109865A1 (en) 2011-07-30 2011-07-30 Nat processing method, device and system for calls between clients of private network and clients out of network
CN201180001375.4A CN102318323B (en) 2011-07-30 2011-07-30 NAT disposal method, equipment and system of call between private network and off-network clients

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2011/077828 WO2012109865A1 (en) 2011-07-30 2011-07-30 Nat processing method, device and system for calls between clients of private network and clients out of network

Publications (1)

Publication Number Publication Date
WO2012109865A1 true WO2012109865A1 (en) 2012-08-23

Family

ID=45429449

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/077828 WO2012109865A1 (en) 2011-07-30 2011-07-30 Nat processing method, device and system for calls between clients of private network and clients out of network

Country Status (2)

Country Link
CN (1) CN102318323B (en)
WO (1) WO2012109865A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI535247B (en) 2012-04-10 2016-05-21 財團法人資訊工業策進會 Transmission system and method for network address translation traversal
KR102017331B1 (en) * 2012-10-30 2019-10-21 에스케이플래닛 주식회사 Apparatus and method for providing mobile voice over internet protocol call service
CN103023789A (en) * 2012-12-05 2013-04-03 北方工业大学 Method for accessing private network server in internet
CN103561130A (en) * 2013-11-06 2014-02-05 北京神州绿盟信息安全科技股份有限公司 Network address translation device and method suitable for multiple application layer protocols
CN103916382B (en) * 2013-12-25 2018-05-01 三亚中兴软件有限责任公司 NAT through method, proxy server and system based on SIP media ability re-negotiations
TWI565261B (en) 2014-04-17 2017-01-01 財團法人資訊工業策進會 Network address translation traversal system and method for real-time communications
TW201709700A (en) * 2015-08-25 2017-03-01 財團法人資訊工業策進會 Signaling control system and method for use in NAT traversal system
CN107454210B (en) * 2017-09-15 2020-12-01 成都西加云杉科技有限公司 Communication method and system
CN107634954B (en) * 2017-09-25 2020-04-10 中国联合网络通信集团有限公司 Soft switch calling method and system
CN110062056B (en) * 2018-01-19 2021-11-02 中兴通讯股份有限公司 Network address translation method and device
CN109067659B (en) * 2018-08-20 2021-08-06 普联技术有限公司 Session establishing method, router and session system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1516409A (en) * 2003-08-26 2004-07-28 中兴通讯股份有限公司 Method for making medium stream pass through network address converter
CN101094171A (en) * 2006-06-22 2007-12-26 华为技术有限公司 Method and system for implementing interaction of media streams, controller of media gateway, and media gateway
CN102014176A (en) * 2010-12-13 2011-04-13 迈普通信技术股份有限公司 Network address translator (NAT) mapping keep-alive method and system based on session initiation protocol (SIP)

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7899932B2 (en) * 2003-01-15 2011-03-01 Panasonic Corporation Relayed network address translator (NAT) traversal
TWI245192B (en) * 2003-12-11 2005-12-11 Inst Information Industry Method, system and storage medium for passing through network address translation device
US7694127B2 (en) * 2003-12-11 2010-04-06 Tandberg Telecom As Communication systems for traversing firewalls and network address translation (NAT) installations
CN100539504C (en) * 2006-02-28 2009-09-09 诺基亚西门子通信系统技术(北京)有限公司 A kind of network address translation and/or firewall spanning platform, system and method thereof
CN100586104C (en) * 2006-04-17 2010-01-27 中国科学院计算技术研究所 A route-based talk initialization protocol transparent transmission network address conversion method
CN101262478A (en) * 2008-04-10 2008-09-10 杭州华三通信技术有限公司 Method and device for penetrating NAT
CN101552848B (en) * 2009-05-20 2012-02-01 杭州华三通信技术有限公司 Session method and apparatus based on session initiation protocol
CN101605105B (en) * 2009-07-14 2012-05-09 中兴通讯股份有限公司 Method and device for performing network address translation on fragment message

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1516409A (en) * 2003-08-26 2004-07-28 中兴通讯股份有限公司 Method for making medium stream pass through network address converter
CN101094171A (en) * 2006-06-22 2007-12-26 华为技术有限公司 Method and system for implementing interaction of media streams, controller of media gateway, and media gateway
CN102014176A (en) * 2010-12-13 2011-04-13 迈普通信技术股份有限公司 Network address translator (NAT) mapping keep-alive method and system based on session initiation protocol (SIP)

Also Published As

Publication number Publication date
CN102318323B (en) 2013-10-02
CN102318323A (en) 2012-01-11

Similar Documents

Publication Publication Date Title
WO2012109865A1 (en) Nat processing method, device and system for calls between clients of private network and clients out of network
EP1693998B1 (en) Method and system for a proxy-based network translation
US20130308628A1 (en) Nat traversal for voip
US8825822B2 (en) Scalable NAT traversal
US8244876B2 (en) Providing telephony services to terminals behind a firewall and/or a network address translator
US8090845B2 (en) Apparatus and method for firewall traversal
US8694587B2 (en) System and method for transferring a call bridge between communication devices
JP5972398B2 (en) ICE-based NAT traversal
AU2005201075B2 (en) Apparatus and method for voice processing of voice over internet protocol (VOIP)
EP2117190A1 (en) Method, system and device for realizing network address translation passing
EP2410713B1 (en) Adaptive media handling
US8787358B2 (en) System for ad-hoc communication sessions
US20130007291A1 (en) MEDIA INTERWORKING IN IPv4 AND IPv6 SYSTEMS
WO2015096302A1 (en) Nat traversal method based on sip media capability re-negotiation, proxy server and system
JP5988407B1 (en) Communication path control device, communication path control system, communication path control method, and communication path control program
US8374178B2 (en) Apparatus and method for supporting NAT traversal in voice over internet protocol system
WO2008095430A1 (en) A method and a system for preventing a media agency from hacker attacking
KR100899440B1 (en) Method for providing VoIP service in private network and terminal unit thereof
JP2010011120A (en) Nat conversion apparatus and nat conversion program in uni connection
JP5158588B2 (en) SIP telephone, VoIP system, same-network communication method used therefor, and program thereof
JP5782407B2 (en) Network system and NAPT execution frequency reduction method
WO2013097250A1 (en) Call establishment method, device and system for voice over internet protocol
WO2010105547A1 (en) Method, system and device for multi-domain interconnection
Houngue et al. Overcoming NAT traversal issue for SIP-based communication in P2P networks
Ivov et al. Latching: Hosted NAT Traversal (HNT) for Media in Real-Time Communication

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201180001375.4

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11858729

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11858729

Country of ref document: EP

Kind code of ref document: A1