摘要
在现代网络中,越来越多的主机被部署在NAT和防火墙(FW)之后,这就要求VoIP、P2P等通信软件必须具备穿越NAT/FW的能力,才能实现端到端的数据传输。现有的STUN、TURN、ICE等方案虽然可以穿越大部分NAT/FW,但对有端口或协议限制的防火墙却无能为力。本文提出了将ICE和HTTP Tunnel技术相结合的穿越方案,设计并实现了可跨平台运行的HTTP Tunnel模块来配合ICE进行穿越。实验证明,在防火墙只开放80端口这种苛刻的条件下,该HTTP Tunnel模块也能够成功穿越大部分防火墙,实现数据流的稳定传输。
In modern networks, a growing number of computers are deployed behind the NAT and firewall, which requires communication systems such as VoIP and P2P which want to transmit data from point to point must be able to traverse NAT/ firewall. The existing methods of STUN, TURN and ICE can be helpful in dealing with most kind of NAT/firewall, but helpless when the firewall also restricts the communication port or protocol. The article gives a new solution by syncretizing the ICE and HTTP tunnel technology, and realizes the module of HTTP tunnel. The result of the traversal test shows that the HTTP tunnel module works perfectly with most of firewall.
出处
《电信科学》
北大核心
2008年第12期39-43,共5页
Telecommunications Science
基金
国家自然科学基金资助项目
福建省自然科学基金资助项目
国家人事部留学人员创业基金资助项目