[go: up one dir, main page]

WO2008092340A1 - A keep-alive method, system of address forwarding list item and an agent service device - Google Patents

A keep-alive method, system of address forwarding list item and an agent service device Download PDF

Info

Publication number
WO2008092340A1
WO2008092340A1 PCT/CN2007/070560 CN2007070560W WO2008092340A1 WO 2008092340 A1 WO2008092340 A1 WO 2008092340A1 CN 2007070560 W CN2007070560 W CN 2007070560W WO 2008092340 A1 WO2008092340 A1 WO 2008092340A1
Authority
WO
WIPO (PCT)
Prior art keywords
address
keep
forwarding entry
proxy service
service device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2007/070560
Other languages
French (fr)
Chinese (zh)
Inventor
Lei Wang
Quan Wang
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of WO2008092340A1 publication Critical patent/WO2008092340A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/255Maintenance or indexing of mapping tables
    • H04L61/2553Binding renewal aspects, e.g. using keep-alive messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a keep-alive method, system, and proxy service device for an address forwarding entry.
  • NGN Next Generation Network
  • SoftSwitch softswitch
  • the business management layer includes: iOSS (integrated operation support system), policy server, U-NICA (Universal Network Intelligent Core Architecture) application server, IN (Intelligent Network, Intelligent Network)
  • the network control layer includes a softswitch device;
  • the core switch layer includes a packet core network;
  • the edge access layer includes: a broadband access device, such as an IAD (Integrated Access Device); PSTN (Public Switched Telephone Network) Telephone network) equipment;
  • PLMN Public Land Mobile Network
  • user equipment such as SIP (Session Initiation Protocol)/H.323 telephone, POTS (Plain) Old Telephone Service, plain old telephone service) and user equipment such as 2G/3G terminals.
  • NAT Network Address Translation
  • the NAT is used in the prior art.
  • the NAT is responsible for converting the internal network IP address into the legal IP address of the backbone network.
  • the NAT is in the mapping table saved by referring to the NAT. The information is converted into the IP address of the internal network and forwarded to the internal terminal.
  • the proxy service device stores the registration information of the NAT/firewall user, including the IP address and port number of the NAT/firewall, and also retains the corresponding NAT entry on the NAT/firewall device.
  • the aging time of the address mapping entry in the NAT device/firewall is too long. If the entry is occupied for a long time and the NAT entry is not used, the aging time of the NAT entry is shorter. The entry will age after it times out. Therefore, some entries may be deleted during the session, because the entries on the device with the network address translation function are aged out, which causes the session to exist but the device with the network address translation function does not have the corresponding address forwarding entry. .
  • the proxy service device sends a keep-alive message to the device with the network address translation function
  • the device with the network address translation function is configured to receive the keep-alive message sent by the proxy service device, and re-time the aging time of the address forwarding entry that matches the keep-alive message address.
  • An embodiment of the present invention provides a proxy service device, including:
  • the present invention solves the problem that the call service in the NGN refreshes the corresponding address forwarding entry on the device with the network address translation function by sending the keep-alive message, thereby solving the problem that the session on the proxy service device exists but has the network address translation function. There is no problem with the corresponding address forwarding entry.
  • FIG. 2 is a structural diagram of an NGN network having a NAT device in the prior art
  • FIG. 3 is a structural diagram of an NGN network with a proxy service device in the prior art
  • FIG. 6 is a structural diagram of a keep-alive message in an embodiment of the present invention.
  • Figure 7 is a schematic view of another embodiment of the present invention.
  • Figure 8 is a simplified schematic view of another embodiment of the present invention.
  • FIG. 9 is a structural diagram of a keep-alive system of an address forwarding entry according to an embodiment of the present invention
  • FIG. 10 is a structural diagram of a message generating unit in an embodiment of the present invention.
  • Corresponding software in embodiments of the invention may be stored in a computer readable storage medium.
  • the embodiment of the present invention implements a keep-alive mechanism on the proxy service device, and periodically sends a Keep-Alive message to the NAT device/firewall, so as to periodically refresh the address forwarding entry on the NAT/firewall device to ensure NAT/ When there is a session between the firewall device and the proxy service device, the address forwarding entries on the NAT/firewall will not be aged.
  • the proxy service device sets the keepalive message, and the source port number and the destination port number in the keep-alive packet are respectively the port number of the proxy service device and the device port number with the network address translation function;
  • the source IP address and the destination IP address are the IP addresses of the proxy service device and the device with network address translation function, respectively.
  • FIG. 5 it is a flowchart of setting a keep-alive message by the proxy service device in the embodiment of the present invention.
  • the process of setting up keep-alive 4 is as follows:
  • Step 506 Fill in the content of the message into the content part of the message of the keep-alive message
  • Step 507 fill in the HELLO information
  • Step 508 Construct a UDP header and UDP data of the keep-alive message, where the content of the keep-alive message is in the UDP data; and then complete the setting of the keep-alive message.
  • the keep-alive message includes a 4-byte Ethernet header, a 20-byte IP header, an 8-byte UDP header, and an arbitrary byte of UDP data.
  • the IP header specifically includes: a 1-byte version and length, a 1-byte differential service code point, a 2-byte total length, a 2-byte ID, a 2-byte fragmentation flag, and an offset, 1 Byte lifetime, 1-byte protocol number, 2-byte IP checksum, 4-byte source IP address, and 4-byte destination IP address;
  • UDP header specifically includes: 2-byte source port, 2 Byte destination port, 2 bytes length, and 2 byte checksum.
  • FIG. 7 Another embodiment of the present invention is shown in Fig. 7.
  • I represents the address of the IAD
  • A represents the NAT-transformed address
  • B represents the proxy service device receiving address
  • C represents the proxy service device transmission address
  • D represents the softswitch address. Assume that the middle router is ignored, C and D are on the same network segment, and A and B are on the same network segment.
  • Figure 7 is simplified: I, A, B, C, and D represent the IP addresses of the devices, respectively.
  • Port I, Port A, Port B, Port C, Port D represent the corresponding ports, and reports sent and received from the terminal IAD.
  • the address translation process experienced by the text as shown in Figure 8:
  • the source IP address and source port of the packet are translated on the NAT, and the following entries are created:
  • the source IP address, source port, destination IP address, and destination port of the packet are translated on the proxy service device, and these key values are recorded.
  • the following entries are created:
  • the packet sent back from the softswitch side is returned as follows:
  • the source IP address, source port, destination IP address, and destination port of the packet are converted on the proxy service device, and these key values are recorded and established.
  • the source IP address and source port of the packet are translated on the NAT.
  • the following entries are created:
  • the embodiment of the present invention provides a keep-alive system for an address forwarding entry, as shown in FIG. 9, including a device 100 having a network address translation function and a proxy service device 200.
  • the proxy service device 200 is configured to send a keep-alive message to the device 100 having the network address translation function; and the device 100 having the network address translation function is configured to receive the keep-alive message and match the address of the keep-alive message address.
  • the oldest time of the forwarding entry is re-timed, where the address matches: Source IP address, destination IP address, source port number, and destination port number match.
  • the proxy service device 200 further includes a keep-alive message transmitting unit 201 and a forwarding entry detecting unit 202.
  • the forwarding entry detection unit 202 is configured to detect whether the proxy service device 200 has a source IP address and a destination IP address, respectively, an IP address of the device 100 having the network address translation function and an IP address of the proxy service device 200; the source port number and The destination port number is a forwarding entry of the port number of the device 100 having the network address translation function and the port number of the proxy service device 200, and notifys the keep-alive packet sending unit 201 to send a keep-alive message when it exists;
  • the text sending unit 201 is configured to send a keep-alive message to the device 100 having the network address translation function. The message is sent to the keep-alive message transmitting unit 201 under the trigger of the forwarding entry detecting unit 202 to transmit the keep-alive message.
  • the proxy service device may further include a detection timer unit 204 for triggering the forwarding entry detection unit 202 to detect when the timeout occurs.
  • the keep-alive packet generating unit 203 further includes: an IP header setting sub-unit 2031, an Ethernet header setting sub-unit 2032, a message content adding sub-unit 2033, and a UDP setting sub-unit 2034, as shown in FIG.
  • the IP header setting sub-unit 2031 obtains the IP header of the keep-alive packet by searching the routing table; the Ethernet header setting sub-unit 2032 obtains the Ethernet header of the keep-alive packet by searching the ARP table; the packet content adding sub-unit 2033 adds keep-alive The content of the message, the content of the message is HELLO or pre-configured information; the UDP setting sub-unit 2034 sets the UDP header and UDP data of the keep-alive message, wherein the UDP data stores the content of the keep-alive message.
  • the device 100 having the network address translation function further includes: a matching processing unit 101, an aging timer refresh unit 102, an aging timer 103, and an address forwarding entry deletion unit 104.
  • the matching processing unit 101 is configured to determine an address forwarding entry that matches the received keep-alive message address;
  • the address forwarding entry deletion unit 104 is configured to delete the address forwarding entry when the aging timer 103 times out;
  • the refreshing unit 102 is configured to cause the aging timer 103 to re-clock when the matching processing unit 101 finds an address forwarding entry that matches the received keep-alive address.
  • the call forwarding service in the NGN is configured to refresh the corresponding address forwarding entry on the device with the network address translation function by sending the keep-alive message to ensure the network address translation function.
  • the corresponding address forwarding entry exists on the device with the network address translation function.
  • the device with the network address translation function in the embodiment of the present invention may be a NAT device or a firewall device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A Keep-Alive method of address forwarding list item includes: the agent service device transmits the Keep-Alive message to the device having network address transferring function (s401); after receiving the Keep-Alive message, the device having network address transferring function restarts the time count of the address forwarding list item ageing time matched with the Keep-Alive message address (s402). A Keep-Alive system of the address forwarding list item and an agent service device are also provided. For the calling service in NGN, the present invention refreshes the corresponding address forwarding list item in the device having network address transferring function through transmitting the Keep-Alive message so as to resolve the question that there is a session, but there is not a corresponding address forwarding list item in the device having network address transferring function in the prior art.

Description

地址转发表项的保活方法、 系统、 及代理服务设备 本申请要求于 2007 年 1 月 29 日提交中国专利局、 申请号为 200710006082.0、 发明名称为"地址转发表项的保活方法及系统,,的中国专利申 请的优先权, 其全部内容通过引用结合在本申请中。  The method for reserving the address forwarding entry, the system, and the proxy service device. The application is submitted to the Chinese Patent Office on January 29, 2007, and the application number is 200710006082.0, and the invention name is "the address forwarding entry method and system." The priority of the Chinese Patent Application, the entire contents of which is incorporated herein by reference.

技术领域 Technical field

本发明涉及通信技术领域,尤其涉及一种地址转发表项的保活方法、系统、 及代理服务设备。  The present invention relates to the field of communications technologies, and in particular, to a keep-alive method, system, and proxy service device for an address forwarding entry.

背景技术 Background technique

随着 IP技术的发展, VoIP ( Voice over Internet Protocol, 利用 IP承载语音 业务流)技术逐渐受到青睐, 基于 SoftSwitch (软交换)技术的 NGN ( Next Generation Network, 下一代网络)逐渐受到各大运营商和企业的认可。 NGN 网络结构如图 1所示, 包括: 业务管理层、 网络控制层、 核心交换层和边缘接 入层。 其中, 业务管理层包括: iOSS(integrated Operation Support System, 集 成运营支撑系统)、 策略服务器、 U-NICA ( Universal Network Intelligent Core Architecture, 通用网络智能核心架构)应用服务器、 IN (智能网, Intelligent Network ); 网络控制层包括软交换设备; 核心交换层包括分组核心网; 边缘接 入层包括: 宽带接入设备, 例如 IAD ( Integrated Access Device, 综合接入设 备); PSTN ( Public Switched Telephone Network, 公共交换电话网络)设备; PLMN ( Public Land Mobile Network, 公众陆地移动电话网), 例如 2G/3G接 入设备;用户设备,例如 SIP ( Session Initiation Protocol,会话开始协议)/H.323 电话、 POTS ( Plain Old Telephone Service, 普通老式电话业务)及 2G/3G终 端等用户设备。  With the development of IP technology, VoIP (voice over Internet Protocol) technology is gradually favored. NGN (Next Generation Network) based on SoftSwitch (softswitch) technology is gradually being adopted by major operators. And the recognition of the company. The NGN network structure is shown in Figure 1. It includes: service management layer, network control layer, core switching layer, and edge access layer. Among them, the business management layer includes: iOSS (integrated operation support system), policy server, U-NICA (Universal Network Intelligent Core Architecture) application server, IN (Intelligent Network, Intelligent Network) The network control layer includes a softswitch device; the core switch layer includes a packet core network; the edge access layer includes: a broadband access device, such as an IAD (Integrated Access Device); PSTN (Public Switched Telephone Network) Telephone network) equipment; PLMN (Public Land Mobile Network), such as 2G/3G access equipment; user equipment such as SIP (Session Initiation Protocol)/H.323 telephone, POTS (Plain) Old Telephone Service, plain old telephone service) and user equipment such as 2G/3G terminals.

NGN釆用基于分组的传输模式和统一的协议, 支持多样化的接入方式, 通过将业务与呼叫控制分离、呼叫控制与承载分离,实现相对独立的业务体系, 允许业务和网络分别提供并独立发展。 这种业务独立于网络的灵活性, 满足了 用户不断更新业务的需求, 也使网络具有可持续发展的能力。 NGN业务中进 行信令交互时, 为了保证媒体流报文正常寻址和路由,协议消息净荷中通常会 携带地址信息, 如信令交互过程中动态协商的 RTP ( Real-time Transport Protocol, 实时传输协议 )或 RTCP ( Real-time Transport Control Protocol, 实时 传输控制协议)地址和端口信息。 NGN uses a packet-based transmission mode and a unified protocol to support diverse access modes. By separating services from call control, call control and bearer separation, a relatively independent service system is implemented, allowing services and networks to be separately provided and independent. development of. This kind of business is independent of the flexibility of the network, meets the needs of users to continuously update their business, and makes the network sustainable. In the signaling interaction between NGN services, in order to ensure normal addressing and routing of media stream packets, the protocol message payload usually carries address information, such as RTP (Real-time Transport) dynamically negotiated during signaling interaction. Protocol, Real-Time Transport Protocol) or RTCP (Real-time Transport Control Protocol) address and port information.

为了解决 IP地址耗尽、 网络资源争用等问题, 需要在连接骨干网的路由器 的内部网络边缘增加 NAT ( Net Address Translation, 网络地址转换) , 如图 2 所示, 是现有技术中具有 NAT设备的 NGN网络结构图。 当内部网络发出的 IP 数据分组到达 NAT设备时, NAT负责将内部网络 IP地址转换成骨干网的合法 IP 地址; 当有外部发来的数据分组到达 NAT后, NAT通过查阅 NAT保存的映射 表里的信息,将骨干网的 IP地址转换成内部网络的 IP地址,再转发到内部终端。 同时为了提高内部网络的安全性, 需要在内部网络出口处使用防火墙, 限定进 入内部网络数据包的类型和流量。 而基于 IP的语音、 视频通信协议, 要求终端 之间使用 IP地址和端口号建立数据通信通道, 因此出现了一个两难境地: NGN 各个终端必须随时侦听外来的呼叫,但是防火墙却不允许外网任何不请自到的 数据包通过。  In order to solve the problem of IP address exhaustion and network resource contention, NAT (Net Address Translation) needs to be added to the internal network edge of the router connected to the backbone network. As shown in Figure 2, NAT is used in the prior art. The NGN network structure diagram of the device. When the IP data packet sent by the internal network reaches the NAT device, the NAT is responsible for converting the internal network IP address into the legal IP address of the backbone network. When an externally sent data packet arrives at the NAT, the NAT is in the mapping table saved by referring to the NAT. The information is converted into the IP address of the internal network and forwarded to the internal terminal. At the same time, in order to improve the security of the internal network, it is necessary to use a firewall at the internal network exit to limit the types and traffic entering the internal network packets. The IP-based voice and video communication protocol requires the terminal to establish a data communication channel by using the IP address and port number, so there is a dilemma: NGN terminals must listen to incoming calls at any time, but the firewall does not allow the external network. Any unsolicited packets are passed.

当 NGN业务穿越 NAT设备或防火墙等具有网络地址转换功能的设备时, 由于 NAT/防火墙仅对 IP报文头的地址及端口号进行转换, 而 H.323、 SIP及 MGCP ( Media Gateway Control Protocol, 媒体网关控制协议)等协议的真正 媒体流信息是放在 IP包的净荷中传递, 净荷中的私网地址无法被 NAT/防火墙 映射成公网地址并传送到对端, 因此跨越 NAT/防火墙无法实现通讯。  When the NGN service traverses a device with a network address translation function such as a NAT device or a firewall, the NAT/firewall only translates the address and port number of the IP packet header, and H.323, SIP, and MGCP (Media Gateway Control Protocol, The real media stream information of the protocol such as the media gateway control protocol is transmitted in the payload of the IP packet, and the private network address in the payload cannot be mapped to the public network address by the NAT/firewall and transmitted to the peer end, thus crossing the NAT/ The firewall is unable to communicate.

为了实现 NGN 业务穿越 NAT 设备 /防火墙, 现有技术提供了 ALG ( Application Level Gateway , 应用层网关)技术。 ALG作为 NAT/防火墙的增 强, 在地址转换时对 IP报文头净荷中内嵌的相应地址信息字段也进行转换, 例如重写 SIP协议 Register消息中的 Contact字段。但是此方案要求对 NAT设 备 /防火墙进行升级以便支持 ALG功能, 这对于大多数已经部署完 NAT设备 的企业网络来说是不易实现的, 并且会话存在、 但是没有对应 NAT转发表项 的问题仍然存在。  In order to implement the NGN service traversing the NAT device/firewall, the prior art provides an ALG (Application Level Gateway) technology. As an enhancement of the NAT/firewall, the ALG also translates the corresponding address information field embedded in the IP header payload during address translation, for example, rewriting the Contact field in the SIP protocol Register message. However, this solution requires upgrading the NAT device/firewall to support the ALG function. This is not easy to implement for most enterprise networks that have deployed NAT devices, and the existence of a session but no corresponding NAT forwarding entries still exists. .

NGN业务穿越 NAT/防火墙的另一种方案是 Full Proxy (全代理 ), 此方案 是在 NAT设备 /防火墙外侧增加代理服务设备, 如图 3所示, 是现有技术中具 有代理服务设备的 NGN网络结构图。 所有呼叫的信令流和媒体流均通过代理 服务设备进行转接。 当在 NAT设备 /防火墙外侧增加代理服务设备时, 软交换 侧来的报文经由代理服务设备进行代理,由于在代理服务设备对呼叫的信令流 和媒体流做了代理, 并记录了软交换侧和终端侧的信息, 因此可以穿越 NAT/ 防火墙。 Another scheme for the NGN service to traverse the NAT/firewall is Full Proxy. This solution is to add a proxy service device outside the NAT device/firewall. As shown in Figure 3, it is an NGN with a proxy service device in the prior art. Network structure diagram. The signaling flow and media flow of all calls are transferred through the proxy service device. Softswitch when adding a proxy service device outside the NAT device/firewall The incoming message is proxied by the proxy service device. Since the proxy service device proxyes the signaling flow and the media stream of the call, and records the information on the softswitch side and the terminal side, it can traverse the NAT/firewall.

代理服务设备上保存着 NAT/防火墙用户的注册信息,包括 NAT/防火墙的 IP地址和端口号, 同时在 NAT/防火墙设备上也保留相应的 NAT表项。 但是 NAT设备 /防火墙中的地址映射表项存在一个老化时间, 如果表项长时间被占 用而不使用会使 NAT表项被占满, 出于保证其效率的原因, NAT表项老化时 间较短,表项超时后会老化。 因此在会话进行过程中某些表项可能会因为具有 网络地址转换功能的设备上的表项老化而被删除,从而导致会话存在但是具有 网络地址转换功能的设备上没有对应地址转发表项的问题。  The proxy service device stores the registration information of the NAT/firewall user, including the IP address and port number of the NAT/firewall, and also retains the corresponding NAT entry on the NAT/firewall device. However, the aging time of the address mapping entry in the NAT device/firewall is too long. If the entry is occupied for a long time and the NAT entry is not used, the aging time of the NAT entry is shorter. The entry will age after it times out. Therefore, some entries may be deleted during the session, because the entries on the device with the network address translation function are aged out, which causes the session to exist but the device with the network address translation function does not have the corresponding address forwarding entry. .

发明内容 Summary of the invention

本发明实施例提供一种对网络地址转换设备中地址转发表项的保活方法、 系统、及代理服务设备, 以解决现有技术中代理服务设备会话存在但是具有网 络地址转换功能的设备上没有对应地址转发表项的问题。  The embodiment of the present invention provides a method, a system, and a proxy service device for a message forwarding entry in a network address translation device, so as to solve the problem that the proxy service device session exists in the prior art but has a network address translation function. The problem corresponding to the address forwarding entry.

本发明实施例提供了一种地址转发表项的保活方法, 包括:  An embodiment of the present invention provides a keepalive method for an address forwarding entry, including:

代理服务设备向具有网络地址转换功能的设备发送保活报文;  The proxy service device sends a keep-alive message to the device with the network address translation function;

所述具有网络地址转换功能的设备收到所述保活报文后,将与所述保活报 文地址匹配的地址转发表项的老化时间重新计时。  After receiving the keep-alive message, the device with the network address translation function re-times the aging time of the address forwarding entry that matches the keep-alive message address.

本发明实施例提供了一种地址转发表项的保活系统, 包括:  The embodiment of the invention provides a keep-alive system for an address forwarding entry, including:

代理服务设备, 用于发送保活报文;  a proxy service device, configured to send a keep-alive message;

具有网络地址转换功能的设备,用于接收所述代理服务设备发送的保活报 文, 并将与所述保活报文地址匹配的地址转发表项的老化时间重新计时。  The device with the network address translation function is configured to receive the keep-alive message sent by the proxy service device, and re-time the aging time of the address forwarding entry that matches the keep-alive message address.

本发明实施例提供了一种代理服务设备, 包括:  An embodiment of the present invention provides a proxy service device, including:

转发表项检测单元, 用于检测所述代理服务设备是否存在源 IP地址和目 的 IP地址分别是具有网络地址转换功能的设备 IP地址和代理服务设备 IP地 址;源端口号和目的端口号分别是具有网络地址转换功能的设备端口号和代理 服务设备端口号的转发表项; 时, 向所述具有网络地址转换功能的设备发送保活报文。 与现有技术相比, 本发明实施例具有以下优点: The forwarding entry detecting unit is configured to detect whether the source IP address and the destination IP address of the proxy service device are respectively a device IP address with a network address translation function and a proxy service device IP address; the source port number and the destination port number are respectively A forwarding entry having a device port number of the network address translation function and a proxy service device port number; and sending a keep-alive message to the device having the network address translation function. Compared with the prior art, the embodiment of the invention has the following advantages:

本发明对 NGN中的呼叫业务, 通过发送保活报文, 刷新具有网络地址转 换功能的设备上的对应的地址转发表项 ,进而解决了代理服务设备上会话存在 但是具有网络地址转换功能的设备上没有对应地址转发表项的问题。  The present invention solves the problem that the call service in the NGN refreshes the corresponding address forwarding entry on the device with the network address translation function by sending the keep-alive message, thereby solving the problem that the session on the proxy service device exists but has the network address translation function. There is no problem with the corresponding address forwarding entry.

附图说明 DRAWINGS

图 1 是现有技术中 NGN网络结构图;  1 is a structural diagram of a NGN network in the prior art;

图 2是现有技术中具有 NAT设备的 NGN网络结构图;  2 is a structural diagram of an NGN network having a NAT device in the prior art;

图 3是现有技术中具有代理服务设备的 NGN网络结构图;  3 is a structural diagram of an NGN network with a proxy service device in the prior art;

图 4是本发明实施例提供的一种地址转发表项的保活方法流程图; 图 5是本发明实施例中代理服务设备设置保活报文流程图;  4 is a flowchart of a keep-alive method for an address forwarding entry according to an embodiment of the present invention; FIG. 5 is a flowchart of setting a keep-alive message by a proxy service device according to an embodiment of the present invention;

图 6是本发明实施例中保活报文结构图;  6 is a structural diagram of a keep-alive message in an embodiment of the present invention;

图 7是本发明另一实施例示意图;  Figure 7 is a schematic view of another embodiment of the present invention;

图 8是本发明上述另一实施例的简化示意图;  Figure 8 is a simplified schematic view of another embodiment of the present invention;

图 9是本发明实施例提供的一种地址转发表项的保活系统结构图; 图 10是本发明实施例中报文生成单元结构图。  FIG. 9 is a structural diagram of a keep-alive system of an address forwarding entry according to an embodiment of the present invention; FIG. 10 is a structural diagram of a message generating unit in an embodiment of the present invention.

具体实施方式 detailed description

本发明的实施例中对应的软件可以存储在一个计算机可读取存储介质中。 本发明实施例在代理服务设备上实行保活机制, 定时向 NAT设备 /防火墙 发送 Keep-Alive (保活 )报文, 从而定时去刷新 NAT/防火墙设备上的地址转 发表项, 以保证 NAT/防火墙设备和代理服务设备之间存在会话时, NAT/防火 墙上的地址转发表项不会被老化。  Corresponding software in embodiments of the invention may be stored in a computer readable storage medium. The embodiment of the present invention implements a keep-alive mechanism on the proxy service device, and periodically sends a Keep-Alive message to the NAT device/firewall, so as to periodically refresh the address forwarding entry on the NAT/firewall device to ensure NAT/ When there is a session between the firewall device and the proxy service device, the address forwarding entries on the NAT/firewall will not be aged.

本发明实施例提供一种地址转发表项的保活方法, 如图 4所示, 包括: 步骤 s401 , 代理服务设备向具有网络地址转换功能的设备发送保活报文。 一般情况下, 地址转发表项老化机制的刷新周期为 30秒左右, 保活报文发送 的时间间隔应该小于老化时间的刷新周期。  The embodiment of the present invention provides a keepalive method for an address forwarding entry. As shown in FIG. 4, the method includes the following steps: Step s401: The proxy service device sends a keep-alive message to a device with a network address translation function. Generally, the refresh interval of the aging mechanism of the address forwarding entry is about 30 seconds, and the interval for sending keep-alive packets is smaller than the refresh interval of the aging time.

步骤 s402 , 具有网络地址转换功能的设备收到保活报文后, 通过解析获 得该保活 4艮文的 IP头、 以太头和 UDP ( User Datagram Protocol, 数据 4艮协议 ) 头,判断具有网络地址转换功能的设备中是否有与这些标识信息匹配的地址转 发表项, 其中地址匹配为: 源 IP地址、 目的 IP地址、 源端口号和目的端口号 匹配。 如果有, 则该地址转发表项的老化时间重新计时, 例如, 老化时间已计 时到 2.5秒时收到保活报文, 则老化时间从 0开始重新计时; 如果没有, 则对 该保活报文不做处理。 另外,如果保活报文的内容中携带有代理服务设备发送 给具有网络地址转换功能的设备的消息, 则将该消息提取出, 进行相应处理。 Step s402: After receiving the keep-alive message, the device with the network address translation function obtains the IP header, the Ethernet header, and the UDP (User Datagram Protocol) header of the keep-alive message, and determines that the network has a network. Whether the address translation function matches the address forwarding entry, and the address matches: source IP address, destination IP address, source port number, and destination port number. Match. If yes, the aging time of the address forwarding entry is re-timed. For example, if the aging time has expired to 2.5 seconds, the aging time is re-timed from 0. If not, the aging time is reported. The text does not deal with it. In addition, if the content of the keep-alive message carries a message sent by the proxy service device to the device with the network address translation function, the message is extracted and processed accordingly.

在步骤 s401之前, 代理服务设备设置保活报文, 保活报文中的源端口号 和目的端口号分别是代理服务设备的端口号和具有网络地址转换功能的设备 端口号; 保活报文中的源 IP地址和目的 IP地址分别为代理服务设备和具有网 络地址转换功能的设备的 IP地址。  Before the step s401, the proxy service device sets the keepalive message, and the source port number and the destination port number in the keep-alive packet are respectively the port number of the proxy service device and the device port number with the network address translation function; The source IP address and the destination IP address are the IP addresses of the proxy service device and the device with network address translation function, respectively.

如图 5所示,是本发明实施例中代理服务设备设置保活报文流程图。设置 保活 4艮文的过程如下:  As shown in FIG. 5, it is a flowchart of setting a keep-alive message by the proxy service device in the embodiment of the present invention. The process of setting up keep-alive 4 is as follows:

步骤 501、 查找路由表获得保活报文的目的地址 IP头;  Step 501: Find a destination address IP header of the keep-alive packet by searching the routing table.

步骤 502、 查找地址解析协议 ARP ( Address Resolution Protocol, 地址解 析协议)表获得目的 MAC ( Medium Access Control, 介质访问控制 )地址的 以太头;  Step 502: Find an Address Resolution Protocol (ARP) table to obtain an Ethernet header of a destination MAC (Medium Access Control) address;

步骤 503及步骤 504、根据 IP头和以太头构造保活 文的 IP头和以太头; 步骤 505、 判断是否已预先设置了保活报文的内容, 例如对下级设备的告 警指示信息, 或其它信息, 如果已配置了报文内容, 则转至步骤 506, 如果没 有配置报文内容, 则转至步骤 507;  In step 503 and step 504, the IP header and the Ethernet header of the keepalive text are constructed according to the IP header and the Ethernet header. Step 505: Determine whether the content of the keep-alive message is preset, for example, the alarm indication information of the lower-level device, or other Information, if the message content has been configured, go to step 506, if the message content is not configured, then go to step 507;

步骤 506、 在将该报文内容填入该保活报文的报文内容部分;  Step 506: Fill in the content of the message into the content part of the message of the keep-alive message;

步骤 507、 填入 HELLO信息;  Step 507, fill in the HELLO information;

步骤 508、 构造保活报文的 UDP头和 UDP数据, 其中, 保活报文内容在 UDP数据中; 进而完成保活报文的设置。  Step 508: Construct a UDP header and UDP data of the keep-alive message, where the content of the keep-alive message is in the UDP data; and then complete the setting of the keep-alive message.

图 6是本发明实施例中保活报文结构图, 保活报文包括 4字节的以太头、 20字节的 IP头、 8字节的 UDP头和任意字节的 UDP数据。 其中, IP头具体 包括: 1 字节的版本和长度、 1 字节的差分服务代码点、 2 字节的总长度、 2 字节的 ID、 2字节的分片标志和偏移量、 1字节的存活时间、 1字节的协议号、 2字节的 IP校验和、 4字节的源 IP地址和 4字节的目的 IP地址; UDP头具体 包括: 2字节源端口、 2字节目的端口、 2字节长度和 2字节的校验和。  6 is a structural diagram of a keepalive message according to an embodiment of the present invention. The keep-alive message includes a 4-byte Ethernet header, a 20-byte IP header, an 8-byte UDP header, and an arbitrary byte of UDP data. The IP header specifically includes: a 1-byte version and length, a 1-byte differential service code point, a 2-byte total length, a 2-byte ID, a 2-byte fragmentation flag, and an offset, 1 Byte lifetime, 1-byte protocol number, 2-byte IP checksum, 4-byte source IP address, and 4-byte destination IP address; UDP header specifically includes: 2-byte source port, 2 Byte destination port, 2 bytes length, and 2 byte checksum.

为了防止具有网络地址转换功能的设备与代理服务设备之间不存在会话 时, 设置或发送保活报文带来的资源浪费, 步骤 s401之前还包括: 代理服务 设备检测代理服务设备中是否存在源 IP地址和目的 IP地址分别是具有网络地 址转换功能的设备 IP地址和代理服务设备 IP地址; 源端口号和目的端口号分 别是具有网络地址转换功能的设备端口号和代理服务设备端口号的转发表项, 如果存在该地址转发表项, 则证明有会话存在, 才能进行保活报文的设置或发 送。 In order to prevent there is no session between the device with network address translation and the proxy service device The resource waste caused by setting or sending the keep-alive packet, before step s401, further includes: the proxy service device detects whether the source IP address and the destination IP address are the IP address of the device having the network address translation function, and The proxy service device IP address; the source port number and the destination port number are forwarding entries of the device port number and the proxy service device port number respectively having the network address translation function. If the address forwarding entry exists, it proves that a session exists. Set or send keep-alive messages.

本发明实施例对具有网络地址转换功能的设备中的呼叫业务,通过发送保 活报文,刷新具有网络地址转换功能的设备上的对应的地址转发表项,保证具 有网络地址转换功能的设备上会话存在时 ,具有网络地址转换功能的设备上存 在对应地址转发表项。 另外, 本发明实施例中的具有网络地址转换功能的设备 既可以是 NAT设备, 也可以是防火墙设备。  In the embodiment of the present invention, the call service in the device with the network address translation function is configured to refresh the corresponding address forwarding entry on the device with the network address translation function by sending the keep-alive message to ensure that the device has the network address translation function. When a session exists, the corresponding address forwarding entry exists on the device with the network address translation function. In addition, the device with the network address translation function in the embodiment of the present invention may be a NAT device or a firewall device.

本发明另一实施例如图 7所示, I代表 IAD的地址、 A代表经过 NAT转 换后的地址、 B代表代理服务设备接收地址、 C代表代理服务设备发送地址、 D代表软交换地址。 假设忽略中间的路由器, C和 D在同一网段, 而 A和 B 在同一网段。 将图 7简化: I、 A、 B、 C、 D分别代表各设备的 IP地址, Port I、 Port A, Port B、 Port C、 Port D代表相应的端口, 从终端 IAD发出和收到的报 文所经历的地址转换过程, 如图 8所示:  Another embodiment of the present invention is shown in Fig. 7. I represents the address of the IAD, A represents the NAT-transformed address, B represents the proxy service device receiving address, C represents the proxy service device transmission address, and D represents the softswitch address. Assume that the middle router is ignored, C and D are on the same network segment, and A and B are on the same network segment. Figure 7 is simplified: I, A, B, C, and D represent the IP addresses of the devices, respectively. Port I, Port A, Port B, Port C, Port D represent the corresponding ports, and reports sent and received from the terminal IAD. The address translation process experienced by the text, as shown in Figure 8:

对于从 IAD发出的报文: 在 NAT上将报文的源 IP和源端口做了转换, 建立 了 ¾口下表项:  For the packets sent from the IAD: The source IP address and source port of the packet are translated on the NAT, and the following entries are created:

I: Port I -> B: Port B ==> A: Port A -> B : Port B ( 1 )  I: Port I -> B: Port B ==> A: Port A -> B : Port B ( 1 )

在代理服务设备上将报文的源 IP、源端口、 目的 IP和目的端口都做了转换, 并对这些关键值做了记录, 建立了如下表项:  The source IP address, source port, destination IP address, and destination port of the packet are translated on the proxy service device, and these key values are recorded. The following entries are created:

A: Port A -> B: Port B ==> C: Port C -> D : Port D ( 2 )  A: Port A -> B: Port B ==> C: Port C -> D : Port D ( 2 )

从软交换侧发回去的报文按着来路返回: 在代理服务设备上将报文的源 IP、 源端口、 目的 IP和目的端口都做了转换, 并对这些关键值做了记录, 建立 了 ¾口下表项:  The packet sent back from the softswitch side is returned as follows: The source IP address, source port, destination IP address, and destination port of the packet are converted on the proxy service device, and these key values are recorded and established. 3⁄4 port entry:

D: Port D -> C: Port C ==> B: Port B -> A : Port A ( 3 )  D: Port D -> C: Port C ==> B: Port B -> A : Port A ( 3 )

在 NAT上将报文的源 IP和源端口做了转换, 建立了如下表项:  The source IP address and source port of the packet are translated on the NAT. The following entries are created:

B: Port B -> A: Port A ==> B: Port B -> I : Port I ( 4 ) 由于代理服务设备以地址 B收到经过 NAT的报文 , 记录了 NAT的地址 +端 口号, 经由代理服务设备转换成地址 C转发给软交换 D, 所以, 代理服务设备 可以利用记录的 NAT的地址 +端口号, 即 A和 Port A , 向 NAT设备发送 Keep-Alive报文。 如果上述表项 (2 )存在, 说明信令流存在, 且 B到 A的路由 表有效、 ARP表有效, 则依据该表项建立如下 Keep-Alive报文流: B: Port B -> A: Port A ==> B: Port B -> I : Port I ( 4 ) Since the proxy service device receives the NAT-based message at address B, the NAT address + port number is recorded, and is converted to the address C by the proxy service device and forwarded to the softswitch D. Therefore, the proxy service device can utilize the recorded NAT address. + Port number, A and Port A, sends Keep-Alive messages to the NAT device. If the above-mentioned entry (2) exists, indicating that the signaling flow exists, and the routing table of B to A is valid and the ARP table is valid, the following Keep-Alive packet flow is established according to the entry:

D: Port D -> C: Port C ==> B: Port B -> A : Port A ( 5 ) 实际上是由代理服务设备组装了从 A发到 B的报文。 Keep-Alive报文组装的 依据为: 源是代理服务设备的地址 +端口号, 即: B和 Port B; 目的是 NAT设备 的地址 +端口号, 即: A和 Port A; 其保活的是 D: Port D -> C: Port C这个表项 表项。  D: Port D -> C: Port C ==> B: Port B -> A : Port A ( 5 ) The packets sent from A to B are actually assembled by the proxy service device. The basis for the Keep-Alive message assembly is: The source is the address + port number of the proxy service device, namely: B and Port B; The destination is the address + port number of the NAT device, namely: A and Port A; D: Port D -> C: Port C is an entry.

本发明实施例提供了一种地址转发表项的保活系统,如图 9所示, 包括具 有网络地址转换功能的设备 100和代理服务设备 200。其中,代理服务设备 200 用于发送保活报文给具有网络地址转换功能的设备 100; 具有网络地址转换功 能的设备 100用于接收保活报文,并将与保活报文地址匹配的地址转发表项的 老 4匕时间重新计时, 其中地址匹配为: 源 IP地址、 目的 IP地址、 源端口号和 目的端口号匹配。  The embodiment of the present invention provides a keep-alive system for an address forwarding entry, as shown in FIG. 9, including a device 100 having a network address translation function and a proxy service device 200. The proxy service device 200 is configured to send a keep-alive message to the device 100 having the network address translation function; and the device 100 having the network address translation function is configured to receive the keep-alive message and match the address of the keep-alive message address. The oldest time of the forwarding entry is re-timed, where the address matches: Source IP address, destination IP address, source port number, and destination port number match.

代理服务设备 200进一步包括:保活报文发送单元 201和转发表项检测单 元 202。 其中, 转发表项检测单元 202用于检测代理服务设备 200是否存在源 IP地址和目的 IP地址分别是具有网络地址转换功能的设备 100的 IP地址和代 理服务设备 200的 IP地址; 源端口号和目的端口号分别是具有网络地址转换 功能的设备 100的端口号和代理服务设备 200的端口号的转发表项,并当存在 时通知保活报文发送单元 201发送保活报文;保活报文发送单元 201用于向具 有网络地址转换功能的设备 100发送保活报文。 报文,并在转发表项检测单元 202触发下向保活报文发送单元 201发送保活报 文。  The proxy service device 200 further includes a keep-alive message transmitting unit 201 and a forwarding entry detecting unit 202. The forwarding entry detection unit 202 is configured to detect whether the proxy service device 200 has a source IP address and a destination IP address, respectively, an IP address of the device 100 having the network address translation function and an IP address of the proxy service device 200; the source port number and The destination port number is a forwarding entry of the port number of the device 100 having the network address translation function and the port number of the proxy service device 200, and notifys the keep-alive packet sending unit 201 to send a keep-alive message when it exists; The text sending unit 201 is configured to send a keep-alive message to the device 100 having the network address translation function. The message is sent to the keep-alive message transmitting unit 201 under the trigger of the forwarding entry detecting unit 202 to transmit the keep-alive message.

代理服务设备还可以包括检测定时器单元 204, 用于超时时触发转发表项 检测单元 202进行检测。 其中, 保活报文生成单元 203进一步包括: IP头设置子单元 2031、 以太 头设置子单元 2032、 报文内容加入子单元 2033和 UDP设置子单元 2034, 如 图 10所示。 其中, IP头设置子单元 2031通过查找路由表获得保活报文的 IP 头; 以太头设置子单元 2032通过查找 ARP表获得保活报文的以太头; 报文内 容加入子单元 2033添加保活报文内容, 报文内容为 HELLO或预先配置的信 息; UDP设置子单元 2034设置保活报文的 UDP头和 UDP数据, 其中, UDP 数据中存储保活报文内容。 The proxy service device may further include a detection timer unit 204 for triggering the forwarding entry detection unit 202 to detect when the timeout occurs. The keep-alive packet generating unit 203 further includes: an IP header setting sub-unit 2031, an Ethernet header setting sub-unit 2032, a message content adding sub-unit 2033, and a UDP setting sub-unit 2034, as shown in FIG. The IP header setting sub-unit 2031 obtains the IP header of the keep-alive packet by searching the routing table; the Ethernet header setting sub-unit 2032 obtains the Ethernet header of the keep-alive packet by searching the ARP table; the packet content adding sub-unit 2033 adds keep-alive The content of the message, the content of the message is HELLO or pre-configured information; the UDP setting sub-unit 2034 sets the UDP header and UDP data of the keep-alive message, wherein the UDP data stores the content of the keep-alive message.

具有网络地址转换功能的设备 100进一步包括: 匹配处理单元 101、 老化 定时器刷新单元 102、 老化定时器 103和地址转发表项删除单元 104。 其中, 匹配处理单元 101用于确定与接收保活 4艮文地址匹配的地址转发表项;地址转 发表项删除单元 104用于当老化定时器 103超时时,删除地址转发表项; 老化 定时器刷新单元 102用于匹配处理单元 101发现有与接收保活 ^艮文地址匹配的 地址转发表项时, 使老化定时器 103重新计时。  The device 100 having the network address translation function further includes: a matching processing unit 101, an aging timer refresh unit 102, an aging timer 103, and an address forwarding entry deletion unit 104. The matching processing unit 101 is configured to determine an address forwarding entry that matches the received keep-alive message address; the address forwarding entry deletion unit 104 is configured to delete the address forwarding entry when the aging timer 103 times out; The refreshing unit 102 is configured to cause the aging timer 103 to re-clock when the matching processing unit 101 finds an address forwarding entry that matches the received keep-alive address.

本发明地址转发表项的保活系统实施例中对 NGN中的呼叫业务, 通过发 送保活报文,刷新具有网络地址转换功能的设备上的对应的地址转发表项,保 证具有网络地址转换功能的设备上会话存在时 ,具有网络地址转换功能的设备 上存在对应地址转发表项。 另外, 本发明实施例中的具有网络地址转换功能的 设备既可以是 NAT设备, 也可以是防火墙设备。  In the embodiment of the keep-alive system of the address forwarding entry of the present invention, the call forwarding service in the NGN is configured to refresh the corresponding address forwarding entry on the device with the network address translation function by sending the keep-alive message to ensure the network address translation function. When a session on the device exists, the corresponding address forwarding entry exists on the device with the network address translation function. In addition, the device with the network address translation function in the embodiment of the present invention may be a NAT device or a firewall device.

以上公开的仅为本发明的几个具体实施例, 但是, 本发明并非局限于此, 任何本领域的技术人员能思之的变化都应落入本发明的保护范围。  The above disclosure is only a few specific embodiments of the present invention, but the present invention is not limited thereto, and any changes that can be considered by those skilled in the art should fall within the protection scope of the present invention.

Claims

权 利 要 求 Rights request 1、 一种地址转发表项的保活方法, 其特征在于, 包括:  A keep-alive method for an address forwarding entry, which is characterized by: 代理服务设备向具有网络地址转换功能的设备发送保活报文;  The proxy service device sends a keep-alive message to the device with the network address translation function; 所述具有网络地址转换功能的设备收到所述保活报文后,将与所述保活报 文地址匹配的地址转发表项的老化时间重新计时。  After receiving the keep-alive message, the device with the network address translation function re-times the aging time of the address forwarding entry that matches the keep-alive message address. 2、 如权利要求 1所述地址转发表项的保活方法, 其特征在于, 所述代理 服务设备向具有网络地址转换功能的设备发送保活报文之前还包括:所述代理 服务设备设置所述保活报文。  The method of maintaining the address forwarding entry according to claim 1, wherein the proxy service device further includes: the proxy service device setting office before sending the keep-alive message to the device having the network address translation function The live-keeping message. 3、 如权利要求 2所述地址转发表项的保活方法, 其特征在于, 所述代理 服务设备向具有网络地址转换功能的设备发送保活报文之前还包括: 址分别是具有网络地址转换功能的设备 IP地址和代理服务设备 IP地址; 源端 口号和目的端口号分别是具有网络地址转换功能的设备端口号和代理服务设 备端口号的转发表项。  The method for maintaining the address forwarding entry according to claim 2, wherein before the proxy service device sends the keep-alive message to the device having the network address translation function, the method further includes: The function device IP address and the proxy service device IP address; the source port number and the destination port number are respectively forwarding entry entries of the device port number and the proxy service device port number having the network address translation function. 4、 如权利要求 1所述地址转发表项的保活方法, 其特征在于, 所述保活 报文发送的时间间隔小于所述老化时间。  The method of maintaining the address forwarding entry according to claim 1, wherein the time interval for sending the keep-alive packet is smaller than the aging time. 5、 如权利要求 1所述地址转发表项的保活方法, 其特征在于, 所述保活 报文具体包括: 以太头、 IP头、 数据报协议头和数据报协议数据。  The keepalive method of the address forwarding entry according to claim 1, wherein the keep-alive packet specifically includes: an Ethernet header, an IP header, a datagram protocol header, and datagram protocol data. 6、 如权利要求 5所述地址转发表项的保活方法, 其特征在于, 所述保活 报文的内容在所述数据报协议数据中, 包括 HELLO或预先配置的信息。  The keep-alive method of the address forwarding entry according to claim 5, wherein the content of the keep-alive message includes HELLO or pre-configured information in the datagram protocol data. 7、 如权利要求 5所述地址转发表项的保活方法, 其特征在于, 所述保活 报文中的数据报协议头中的源端口号和目的端口号分别是代理服务设备的端 口号和具有网络地址转换功能的设备端口号; 所述保活报文中的 IP头中的源 IP地址和目的 IP地址分别为代理服务设备和具有网络地址转换功能的设备的 IP地址。  The keepalive method of the address forwarding entry according to claim 5, wherein the source port number and the destination port number in the datagram protocol header in the keep-alive message are respectively port numbers of the proxy service device. And a device port number having a network address translation function; the source IP address and the destination IP address in the IP header in the keep-alive message are respectively an IP address of the proxy service device and the device having the network address translation function. 8、 一种地址转发表项的保活系统, 其特征在于, 包括:  8. A keep-alive system for an address forwarding entry, comprising: 代理服务设备, 用于发送保活报文;  a proxy service device, configured to send a keep-alive message; 具有网络地址转换功能的设备,用于接收所述代理服务设备发送的保活报 文, 并将与所述保活报文地址匹配的地址转发表项的老化时间重新计时。 The device with the network address translation function is configured to receive the keep-alive message sent by the proxy service device, and re-time the aging time of the address forwarding entry that matches the keep-alive message address. 9、 如权利要求 8所述地址转发表项的保活系统, 其特征在于, 所述代理 服务设备包括: 9. The keep-alive system of the address forwarding entry according to claim 8, wherein the proxy service device comprises: 转发表项检测单元, 用于检测所述代理服务设备是否存在源 IP地址和目 的 IP地址分别是具有网络地址转换功能的设备 IP地址和代理服务设备 IP地 址;源端口号和目的端口号分别是具有网络地址转换功能的设备端口号和代理 服务设备端口号的转发表项; 时, 向所述具有网络地址转换功能的设备发送保活报文。  The forwarding entry detecting unit is configured to detect whether the source IP address and the destination IP address of the proxy service device are respectively a device IP address with a network address translation function and a proxy service device IP address; the source port number and the destination port number are respectively A forwarding entry having a device port number of the network address translation function and a proxy service device port number; and sending a keep-alive message to the device having the network address translation function. 10、 如权利要求 8所述地址转发表项的保活系统, 其特征在于, 所述具有 网络地址转换功能的设备包括: 匹配处理单元、 老化定时器、 老化定时器刷新 单元和地址转发表项删除单元;  10. The keep-alive system of the address forwarding entry according to claim 8, wherein the device having the network address translation function comprises: a matching processing unit, an aging timer, an aging timer refreshing unit, and an address forwarding entry. Delete unit; 所述匹配处理单元, 用于确定与接收的保活报文地址匹配的地址转发表 项;  The matching processing unit is configured to determine an address forwarding entry that matches the received keep-alive message address; 所述地址转发表项删除单元, 用于当所述老化定时器超时时,删除所述地 址转发表项;  The address forwarding entry deletion unit is configured to delete the address forwarding entry when the aging timer expires; 所述老化定时器刷新单元,用于所述匹配处理单元确定与接收保活报文地 址匹配的地址转发表项时, 使所述老化定时器重新计时。  And the aging timer refreshing unit is configured to: when the matching processing unit determines an address forwarding entry that matches the address of the keep-alive message, the aging timer is re-timed. 11、 一种代理服务设备, 其特征在于, 包括:  11. A proxy service device, comprising: 转发表项检测单元, 用于检测所述代理服务设备是否存在源 IP地址和目 的 IP地址分别是具有网络地址转换功能的设备 IP地址和代理服务设备 IP地 址;源端口号和目的端口号分别是具有网络地址转换功能的设备端口号和代理 服务设备端口号的转发表项; 时, 向所述具有网络地址转换功能的设备发送保活报文。  The forwarding entry detecting unit is configured to detect whether the source IP address and the destination IP address of the proxy service device are respectively a device IP address with a network address translation function and a proxy service device IP address; the source port number and the destination port number are respectively A forwarding entry having a device port number of the network address translation function and a proxy service device port number; and sending a keep-alive message to the device having the network address translation function. 12、 如权利要求 11所述的代理服务设备, 其特征在于, 还包括: 保活报文生成单元, 用于设置所述保活报文。  The proxy service device according to claim 11, further comprising: a keep-alive message generating unit, configured to set the keep-alive message. 13、 如权利要求 12所述的代理服务设备, 其特征在于, 所述保活报文生 成单元包括:  The proxy service device according to claim 12, wherein the keep-alive message generating unit comprises: IP头设置子单元, 用于通过查找路由表获得保活报文的 IP头; 以太头设置子单元, 用于通过查找 ARP表获得保活报文的以太头; 文内容加入子单元, 用于添加保活才艮文内容; The IP header setting sub-unit is configured to obtain an IP header of the keep-alive message by searching the routing table; The Ethernet header setting sub-unit is configured to obtain the Ethernet header of the keep-alive message by searching the ARP table; the text content is added to the sub-unit, and is used to add the keep-alive message content; 数据报协议设置子单元,用于设置保活报文的数据报协议头和数据报协议 数据。  The datagram protocol setting sub-unit is used to set the datagram protocol header and datagram protocol data of the keep-alive message. 14、 如权利要求 11所述的代理服务设备, 其特征在于, 还包括: 检测定时器单元:用于当定时器超时时触发所述转发表项检测单元进行检  The proxy service device according to claim 11, further comprising: a detection timer unit, configured to trigger the forwarding entry detection unit to perform a check when the timer expires
PCT/CN2007/070560 2007-01-29 2007-08-27 A keep-alive method, system of address forwarding list item and an agent service device Ceased WO2008092340A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200710006082.0A CN100558081C (en) 2007-01-29 2007-01-29 Method and system for keeping alive address forwarding entries
CN200710006082.0 2007-01-29

Publications (1)

Publication Number Publication Date
WO2008092340A1 true WO2008092340A1 (en) 2008-08-07

Family

ID=38744478

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/070560 Ceased WO2008092340A1 (en) 2007-01-29 2007-08-27 A keep-alive method, system of address forwarding list item and an agent service device

Country Status (2)

Country Link
CN (1) CN100558081C (en)
WO (1) WO2008092340A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102307194A (en) * 2011-08-18 2012-01-04 杭州华三通信技术有限公司 Graceful restarting method and device for universal protocol process
CN113645236A (en) * 2021-08-10 2021-11-12 北京天融信网络安全技术有限公司 Message processing method, device and storage medium

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101355570B (en) * 2008-09-19 2011-08-10 杭州华三通信技术有限公司 Control method and control device for reporting aging information
CN101577640B (en) * 2009-06-24 2011-11-16 杭州华三通信技术有限公司 Method and device for reading easily aging data of facilities
WO2011147069A1 (en) * 2010-05-24 2011-12-01 华为技术有限公司 Method and apparatus for implementing traffic offloading
CN102143615A (en) * 2010-08-20 2011-08-03 华为技术有限公司 Short message sending and treating method, related device and system
CN105141710B (en) * 2010-11-15 2019-03-01 华为终端有限公司 A kind of data transmission method, relevant apparatus and its system
CN102035676B (en) * 2010-12-07 2014-08-13 中兴通讯股份有限公司 ARP (Address Resolution Protocol) interaction based method and equipment for detecting and recovering link fault
CN102014176B (en) * 2010-12-13 2013-09-04 迈普通信技术股份有限公司 Network address translator (NAT) mapping keep-alive method and system based on session initiation protocol (SIP)
CN103379027B (en) * 2012-04-16 2016-12-21 中兴通讯股份有限公司 Gateway optimization method and device
US9504026B2 (en) * 2012-12-13 2016-11-22 Nokia Technologies Oy Keep alive periodicity determination for WiFi networks
CN103906037A (en) * 2012-12-25 2014-07-02 中兴通讯股份有限公司 Method and device for completing network address translation keep-alive by adopting port control protocol
CN104821899A (en) * 2015-05-26 2015-08-05 国网智能电网研究院 Intelligent device dynamic identification method
CN107241453B (en) * 2016-03-28 2020-07-24 华为技术有限公司 Network address translation mapping keep-alive method and device
CN106973383B (en) * 2016-08-31 2020-06-09 上海博达通信科技有限公司 Distributed portal authentication method
CN106656615B (en) * 2016-12-29 2020-03-06 杭州迪普科技股份有限公司 Message processing method and device based on TRACERT command
CN109561049B (en) * 2017-09-26 2021-07-20 浙江宇视科技有限公司 A kind of dynamic access method and device based on monitoring service
CN109361561A (en) * 2018-08-23 2019-02-19 中国联合网络通信集团有限公司 Heartbeat mechanism maintaining method, device and storage medium
CN109510882B (en) * 2018-11-19 2022-05-03 网易(杭州)网络有限公司 Communication method and device between game clients, storage medium and electronic device
CN109510878B (en) * 2018-12-24 2021-12-24 杭州迪普科技股份有限公司 Long connection session keeping method and device
CN111163160A (en) * 2019-12-27 2020-05-15 杭州迪普科技股份有限公司 Keep-alive method and system for session table entry

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1561061A (en) * 2004-02-27 2005-01-05 Ut斯达康通讯有限公司 Method for two-way access by NAT
CN1728681A (en) * 2004-07-30 2006-02-01 国家数字交换系统工程技术研究中心 Method for keeping aliver of list item in routing list, and distributing realization system based on multicast protocol of router
US20060029083A1 (en) * 2004-08-04 2006-02-09 Paul Kettlewell Network management across a NAT or firewall
CN1893394A (en) * 2005-07-05 2007-01-10 华为技术有限公司 Method for passing through network address conversion
CN1946062A (en) * 2006-10-10 2007-04-11 华为数字技术有限公司 Method and system for keep-alive conversation table in NAT device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1561061A (en) * 2004-02-27 2005-01-05 Ut斯达康通讯有限公司 Method for two-way access by NAT
CN1728681A (en) * 2004-07-30 2006-02-01 国家数字交换系统工程技术研究中心 Method for keeping aliver of list item in routing list, and distributing realization system based on multicast protocol of router
US20060029083A1 (en) * 2004-08-04 2006-02-09 Paul Kettlewell Network management across a NAT or firewall
CN1893394A (en) * 2005-07-05 2007-01-10 华为技术有限公司 Method for passing through network address conversion
CN1946062A (en) * 2006-10-10 2007-04-11 华为数字技术有限公司 Method and system for keep-alive conversation table in NAT device

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102307194A (en) * 2011-08-18 2012-01-04 杭州华三通信技术有限公司 Graceful restarting method and device for universal protocol process
CN113645236A (en) * 2021-08-10 2021-11-12 北京天融信网络安全技术有限公司 Message processing method, device and storage medium
CN113645236B (en) * 2021-08-10 2022-11-29 北京天融信网络安全技术有限公司 Message processing method, device and storage medium

Also Published As

Publication number Publication date
CN101026567A (en) 2007-08-29
CN100558081C (en) 2009-11-04

Similar Documents

Publication Publication Date Title
CN100558081C (en) Method and system for keeping alive address forwarding entries
US7406043B1 (en) Method for providing voice-over-IP service
KR100728280B1 (en) Network state management method using call release request / response message in communication system using SIP
EP1693998B1 (en) Method and system for a proxy-based network translation
JP4855162B2 (en) Packet transfer apparatus and communication system
US8340089B2 (en) Apparatus and method for managing data transfer in VoIP gateway
US7756120B2 (en) Method for tagging SIP contact headers while preserving the contact header format towards softswitches
WO2008017265A1 (en) Method and system of conducting the media stream and method and system of conducting detection
AU2005201075B2 (en) Apparatus and method for voice processing of voice over internet protocol (VOIP)
CN101257433A (en) Method and system for implementing network address translation traversal
US7411917B1 (en) Method and system for providing registration-based SIP NAT traversal
KR20070094735A (en) Apparatus and method for traversing a firewall
US8646065B2 (en) Method for routing bi-directional connections in a telecommunication network by means of a signalling protocol via an interposed firewall with address transformation device and also a telecommunication network and security and tunnel device for this
WO2003030463A1 (en) A method and system for realizing ip voice service at private network
CN100550882C (en) A method for traversing subnets and a system for traversing subnets
CN1883179B (en) Method and apparatus for enhanced internet telephony
WO2006082576A2 (en) A method and apparatus for server-side nat detection
US8374178B2 (en) Apparatus and method for supporting NAT traversal in voice over internet protocol system
WO2008095430A1 (en) A method and a system for preventing a media agency from hacker attacking
WO2006125383A1 (en) A method for traversing the network address conversion/firewall device
CN101834836A (en) Communication method, device and system based on public IP network
JP5158588B2 (en) SIP telephone, VoIP system, same-network communication method used therefor, and program thereof
JP4080937B2 (en) Packet relay method and system between networks
KR100793346B1 (en) VIPIP terminal and communication method of the terminal
JP4555005B2 (en) Protocol conversion server

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07785457

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07785457

Country of ref document: EP

Kind code of ref document: A1