1. Field of the Invention
The present invention relates to a communication apparatus, a communication system and a communication method, and more specifically to a communication apparatus, a communication system and a communication method capable of establishing a P2P communication path between two different private networks.
2. Description of the Background Art
In general, communication terminals connected to a network are each assigned an IP address to be identifiable. An IP address which is uniquely determined in the entirety of all the connectable networks and enables pier-to-pier communication (hereinafter, referred to as “P2P communication”) is referred to as a “global IP address”. An IP address uniquely determined in a specific network and cannot be directly used for P2P communication with a different network is referred to as a “local IP address”. A network in which communication terminals are mutually identified by local IP addresses is referred to as a “private network”.
In order to enable a communication terminal connected to a private network (a communication terminal having a local IP address) to communicate with a communication terminal connected to a global network (a communication terminal having a global network), a communication apparatus (router) having a network address translation (hereinafter, referred to as “NAT”) function or a network address port translation (hereinafter, referred to as “NAPT”) function is generally connected between the private network and the global network. Hereinafter, “NAT” and “NAPT” will collectively be referred to as “NAT” for the simplicity of description.
However, due to the NAT functions of the routers, two communication terminals connected to different private networks cannot exchange packets for P2P communication by merely relaying the private networks and the global network using a communication apparatus such as a router or the like.
As a technique for allowing two communication terminals connected to different private networks via a router to establish a P2P communication path despite the different NAT types of the routers, a method using STUN (Simple Traversal UDP through NAT: RFC3489) is known. Hereinafter, the term “packet” refers to a “UDP packet”.
Before describing a P2P communication path establishment technique using STUN, different types of NAT will be described with reference to FIG. 18A through FIG. 18E. A private network is not limited to being constructed as a home, i.e., an in-house network, and may be constructed as an in-company network. In the following description, a private network is assumed to be an in-house network for the simplicity of description, but the following description is applicable to a large scale network constructed for a company. Where the description is made from the viewpoint of a certain in-house network, a network which is different from that in-house network will be referred to as an “out-of-house network” or an “external network”. For the simplicity of description, a combination of an IP address “IP” and a port number “P” will be represented as (IP, P).
FIG. 18A illustrates a NAT referred to as a “Full Cone NAT”.
A Full Cone NAT router always assigns an identical port number to a packet which is transmitted from a specific port number of a certain in-house terminal having a private address to a certain out-of-house terminal. For example, the router always assigns a port number [Pb] to a packet transmitted from an in-house terminal A (IPa, Pa), and forwards the packet to an out-of-house terminal C connected to an external network. The Full Cone NAT router forwards all the packets, transmitted from an out-of-house terminal connected to an external network toward (IPb, Pb), to the in-house terminal A (IPa, Pa). Accordingly, the router forwards a packet, transmitted from an out-of-house terminal D (IPd, Pd) toward (IPb, Pb), to the in-house terminal A (IPa, Pa).
FIG. 18B illustrates a NAT referred to as a “Restricted Cone NAT (hereinafter, referred to as an “R NAT”).
An R NAT router always assigns an identical port number [Pb] to a packet which is transmitted from a certain in-house terminal A (IPa, Pa) having a private address to a certain out-of-house terminal. Unlike the Full Cone NAT router, the R NAT router forwards only a packet transmitted toward (IPb, Pb) from the out-of-house terminal C (having an IP address IPc), which is a destination of the packet transmitted from the in-house terminal A, to the in-house terminal A (IPa, Pa). Accordingly, the router does not forward a packet transmitted toward (IPb, Pb) from the out-of-house terminal D, which is not a destination of the packet transmitted from the in-house terminal A, to the in-house terminal A. The R NAT router forwards a received packet having any source port number to the in-house terminal A, as long as the packet has the source IP address of [IPc]. Accordingly, the router forwards a packet transmitted, from a port [Pc2] of the out-of-house terminal C toward (IPb, Pb), to the in-house terminal A.
FIG. 18C illustrates a NAT referred to as a “Port Restricted Cone NAT (hereinafter, referred to as a “PR NAT”).
A PR NAT router always assigns an identical port number [Pb] to a packet transmitted from a certain in-house terminal A (IPa, Pa) to an out-of-house network. Unlike the R NAT router, the PR NAT router forwards only a packet, transmitted toward (IPb, Pb) from (IPc1, Pc1), which is the destination of the packet transmitted from the in-house terminal A, to the in-house terminal A (IPa, Pa). Accordingly, the router discards a packet transmitted from a source (IPd, Pd) of the out-of-house terminal D and also a packet transmitted from a source (IPc2, Pc2) of the out-of-house terminal C.
Hereinafter, the Full Cone NAT, the R Cone NAT and the PR Cone NAT will collectively be referred to as a “Cone NAT”.
FIG. 18D illustrates a NAT referred to as an “Address Sensitive Symmetric NAT” (hereinafter, referred to as an “AS NAT”).
A router having an AS NAT assigns a different port number to each destination IP address of a packet transmitted from the in-house terminal A. For example, a packet transmitted from the in-house terminal A (IPa, Pa) to the out-of-house terminal C (IPc, Pc) is assigned a port number [Pb1]. A packet transmitted from the in-house terminal A (IPa, Pa) to the out-of-house terminal D (IPd, Pd), having a different IP address from that of the out-of-house terminal C, is assigned a port number [Pb2]. The AS NAT router forwards only a packet transmitted from an out-of-house terminal assigned a certain port number to the in-house terminal A (IPa, Pa), and discards all the packets transmitted from an out-of-house terminal which is not assigned that certain port number. For example, the router forwards a packet, transmitted from the out-of-house terminal C having an IP address [IPc] toward (IPb, Pb), to the in-house terminal A (IPa, Pa), but discards a packet transmitted from the out-of-house terminal D having an IP address [IPd] toward (IPb, Pb). The AS NAT router forwards a packet which is transmitted toward (IPb, Pb) and has any source port number to the in-house terminal A to the in-house terminal A, as long as the packet has the source IP address of [IPc].
FIG. 18E illustrates a NAT referred to as a “Port Sensitive Symmetric NAT” (hereinafter, referred to as a “PS NAT”).
A PS NAT router assigns a different port number to a packet which is transmitted from the in-house terminal A and has a different combination of destination IP address and destination port number, and transmits the packet to the external network. For example, the router assigns a port number [Pb0] to a destination (IPc, Pc0) of a packet transmitted from the in-house terminal A (IPa, Pa), a port number [Pb1] to a destination (IPc, Pc1) of a packet transmitted from the in-house terminal A (IPa, Pa), and a port number [Pb2] to a destination (IPc, Pc2) of a packet transmitted from the in-house terminal A (IPa, Pa). The router forwards a packet transmitted from an out-of-house terminal assigned a certain port number to the in-house terminal A, but discards all the packets transmitted from an out-of-house terminal which is not assigned that certain port number. For example, the router forwards a packet, transmitted from the source (IPc, Pc) toward the port number [Pb1], to the in-house terminal A, but discards all the packets transmitted from the sources (IPc, Pc) and (IPd, Pd1) toward the port number [Pb1].
Hereinafter, the AS NAT and the PS NAT will collectively be referred to as a “Symmetric NAT”.
Aside from the Cone NAT and the Symmetric NAT described above, a router having a characteristic of setting a NAT using a port number which is the same as the source port number of an in-house terminal is known.
FIG. 19A illustrates an overview of a Port Reuse characteristic.
As shown in FIG. 19A, a router assigns a port number [Pa] to a packet having a port number [Pa] of the in-house terminal A as the source, a port number [Pb] to a packet having a port number [Pb] of the in-house terminal A as the source, and a port number [Pc] to a packet having a port number [Pc] of the in-house terminal A as the source. The characteristic of a communication apparatus of providing a packet having a certain source port number with a port number which is the same as that certain source port number is referred to as “Port Reuse”.
Port Reuse is different from the NAT types. Accordingly, a Port Reuse NAT communication apparatus necessarily have one of the above-described NAT types.
FIG. 19B illustrates a function of a Port Reuse NAT router.
In the case where the router shown in FIG. 19B is the Port Reuse-Full Cone NAT router, the router always assigns a port number [Pa] to a packet having (IPa, Pa) set as the source IP address and the source port number, and transmits the packet to an external network. The router forwards all the packets, transmitted from an out-of-house terminal connected to the external network toward (IPb, Pb), to the in-house terminal A.
Next, a method using STUN for establishing a P2P communication path despite the different NAT types of the routers will be described.
In order to establish a P2P communication path between two communication terminals connected to different private networks via a router, each of the terminals needs to set a destination IP address and a destination port number to the packet. However, since the address translation method is different in accordance with the NAT type of the router as described above, the communication terminal needs to set the destination of the packet in consideration of the NAT type of the router.
In order to establish a P2P communication path, first, the NAT type of the router to which each communication terminal is connected is examined in accordance with the method defined by STUN. In more detail, with STUN, the communication terminal transmits a test packet to each of two servers having different IP addresses. By determining whether or not the port numbers assigned to the test packets by the router match each other, it is determined whether the router is a Cone NAT router or a Symmetric NAT router.
Hereinafter, with reference to FIG. 20A through FIG. 20C and FIG. 21, a method for examining the NAT type by STUN will be described.
FIG. 20A shows an overview of STUN-Test I.
In Test I, the in-house terminal A transmits a packet having (IPa, Pa) as the source to a server 1 (IPc, Pc1). The server 1 refers to the packet transmitted from the in-house terminal A to transmit a packet having [Pc1] set as the source port number and [Pb] assigned by the router as the destination port number.
FIG. 20B shows an overview of STUN-Test II.
In Test II, the in-house terminal A transmits a packet having (IPa, Pa) as the source and (IPc, Pc1) of the server 1 as the destination. By contrast, a sever 2 transmits a packet having (IPd, Pd) set as the source and [Pb] assigned by the router as the destination port number.
FIG. 20C shows an overview of STUN-Test III.
In Test III, the in-house terminal A transmits a packet having (IPa, Pa) set as the source and (IPc, Pc1) of the server 1 set as the destination. The server 1 transmits a packet having [Pc2], which is different from [Pc1], as the source port number and [Pb] assigned by the router as the destination port number.
FIG. 21 is a flowchart illustrating a method for examining the NAT type of the router by STUN.
First, the in-house terminal A performs Test I (step S2501) to determine whether or not a response from the server 1 has been received (step S2502). When a response from the server 1 has been received, the in-house terminal A advances to step S2504, and otherwise determines that the UDP communication with the server 1 is impossible (step S2503).
When the in-house terminal A has received a response from the server 1 (Yes in step S2502), the in-house terminal A determines whether or not the translated IP address [IPb] included in the received response packet matches the IP address [IPa] of the in-house terminal A (step S2504). When the IP address [IPb] included in the response packet matches the IP address [IPa] of the in-house terminal A, the in-house terminal A advances to step S2505, and otherwise advances to step S2509. When the IP addresses [IPb] and [IPa] match each other, this means that the in-house terminal A is connected to an external network without using a router and NAT is not performed between the in-house terminal A and the server 1.
When the determination result in step S2504 is Yes, the in-house terminal A performs Test II (step S2505) to determines whether or not a response from the server 2 has been received (step S2506). When the in-house terminal A has received a response from the server 2 (Yes in step S2506), the in-house terminal A determines that it is possible to receive a packet also from a communication terminal other than the terminal to which the in-house terminal A transmits packets (server 1), i.e., that the in-house terminal A is open to the network (step S2508). When the in-house terminal A has not received a response from the server 2 (No in step S2506), the in-house terminal A determines that transmission/receiving of packets is restricted by a UDP firewall (step S2507).
When the IP addresses [IPb] and [IPa] do not match each other as a result of Test I (No in step S2504), the in-house terminal A performs Test II (step S2509) to determine whether or not a response from the server 2, which is different from the destination of the packet, has been received (step S2510) When the in-house terminal A has received a response from the server 2 (Yes in step S2510), the in-house terminal A determines that the router connected thereto is the Full Cone NAT router (step S2511). When the in-house terminal A has not received a response from the server 2 (No in step S2510), the in-house terminal A performs Test I on the server 2 (step S2512). Here, the port number assigned by the router to the packet transmitted from the in-house terminal A is [Pb′]. The in-house terminal A determines whether or not an IP address/port number combination (IPb, Pb′) included in the response packet received from the server 2 in step S2512 and set by the NAT match an IP address/port number combination (IPb, Pb) included in the response packet received from the server 1 in step S2501 and set by the NAT (step S2513). When it is determined that (IPb, Pb′) matches (IPb, Pb) (Yes in step S2513), the in-house terminal A advances to step S2515. When it is determined that (IPb, Pb′) does not match (IPb, Pb) (No in step S2513), the in-house terminal A determines that the router connected thereto is a Symmetric NAT router (step S2514).
When the determination result in step S2513 is Yes, the in-house terminal A performs Test III (in step S2515) to determine whether or not a response from the server 1 has been received (step S2516). When the in-house terminal A has received a response from the server 1 (Yes in step S2516), the in-house terminal A determines that the router connected thereto is the R NAT router (step S2517), and otherwise determines that the router connected thereto is the PR NAT router (step S2518).
As described above, with the method defined by STUN, the type of NAT is examined by performing three types of tests shown in FIG. 20A through FIG. 20C in accordance with the processing flow shown in FIG. 21.
Also known is a technique for establishing a P2P communication path between the two communication terminals using STUN in the case where the two communication terminals are both connected to a Cone NAT router as a result of the examination of the NAT type described above. Hereinafter, with reference to FIG. 22, the P2P communication path establishment technique using STUN will be described.
FIG. 22 is a sequence diagram illustrating a P2P communication path establishment method using STUN.
First, a terminal 1 transmits an IP/port registration request packet for requesting the registration of an IP address and a port number to a server via a router 1 (step S201). The router 1 performs address translation of a source of the packet received from the terminal 1 from (IPL1, LP1) to (IPG1, GP1), and transmits the translated packet to the server. The server registers the source IP address IPG1 and the source port number GP1 included in the packet received from the router 1 (step S202).
Similarly, a terminal 2 transmits an IP/port registration request packet to the server via a router 2 (step S203). The router 2 performs address translation of a source of the packet received from the terminal 2 from (IPL2, LP2) to (IPG2, GP2), and transmits the translated packet to the server. The server registers the source IP address IPG2 and the source port number GP2 included in the packet received from the router 2 (step S204).
Next, the terminal 2 transmits an IP/port acquisition request to the server for accessing the terminal 1 in order to perform P2P communication with the terminal 1 (step S205). In response to the IP/port acquisition request from the terminal 2, the server returns an IP/port acquisition response packet, including an IP address/port number combination (IPG1, PG1) assigned by the router 1 to the source (IPL1, LP1) of the terminal 1, to the terminal 2 (step S206).
The terminal 2 refers to the packet received from the server to acquire the IP address and the port number (IPG1, PG1) for accessing the terminal 1. The terminal 2 then transmits a P2P start request packet having (IPG1, PG1) as the destination (step S207).
The response of the router 1 to the P2P start request packet transmitted from the terminal 2 varies in accordance with the NAT type of the router 1.
In the case where the router 1 is the Full Cone NAT router (FIG. 18A), the router 1 forwards the P2P start request packet transmitted from the terminal 2 to the terminal 1, and thus a P2P communication path is established between the terminal 1 and the terminal 2.
In the case where the router 1 is the R NAT router (FIG. 18B) or the PR NAT router (FIG. 18C), the router 1 discards the P2P start request packet transmitted from the terminal 2. Therefore, the P2P start request packet is not forwarded to the terminal 1 (IPL1, LP1).
Attention should be paid to that the router 2, which is a Cone NAT router, sets the NAT so as to be able to receive a response packet from the router 1 by forwarding a packet having (IPL1, LP2) set as the source and (IPG1, GP1) set as the destination to the router 1. Namely, in the case where the router 2 is the Full Cone NAT router, the router 2 sets the NAT so as to forward a packet, transmitted from any out-of-house terminal to the router 2 (IPG2, GP2), to the router 2 (IPL2, LP2). In the case where the router 2 is the R NAT router, the router 2 sets the NAT so as to forward a packet having [IPG1] as the source IP address to the terminal 2 (IPL2, LP2). In the case where the router 2 is the PR NAT router, the router 2 sets the NAT so as to forward a packet having (IPG1, GP1) as the source IP address and a source port number to the terminal 2 (IPL2, LP2). As a result, the next time that the router 2 receives a packet having (IPG1, GP1) as the source IP address and the source port number, the router 2 can forward the received packet to the terminal 2, and thus a P2P communication path is established between the terminal 1 and the terminal 2.
Thus, the terminal 1 transmits a packet for accessing the terminal 2 to the server as an IP/port acquisition request (step S208). In response to the IP/port acquisition request from the terminal 1, the server returns a packet, having an IP address and a port number (IPG2, GP2) assigned by the router 2 to the source (IPL1, LP1) of the terminal 1, to the terminal 2 as an IP/port acquisition response (step S209).
The terminal 1 refers to the IP/port acquisition response received from the server to acquire the IP address and the port number (IPG2, GP2) of the router 2 assigned to the IP address and the port number (IPL2, LP2) of the terminal 2.
Next, the terminal 1 transmits a P2P start request packet having (IPL1, LP1) set as the source to the terminal 2 (step S210). As described above, at this stage, the router 2 forwards the packet having (IPL1, LP1) as the source IP address and the source port number to the terminal 2 without discarding the same. The router 1 can set the NAT so as to be able to receive a response packet from the router 2 by forwarding a packet having (IPL1, LP1) as the source to the router 2. Namely, in the case where the router 1 is the R NAT router, the router 1 sets the NAT so as to forward a packet having [ IPG2] as the source IP address to the terminal 1 (IPL1, LP1). In the case where the router 1 is the PR NAT router, the router 1 sets the NAT so as to forward a packet having (IPG2, GP2) as the source IP address and the source port number to the terminal 2 (IPL2, LP2).
Accordingly, when the terminal 2 transmits a P2P start response packet to the terminal 1 in response to the P2P start request packet from the terminal 1 (step S211), a P2P communication path is established between the terminal 1 and the terminal 2.
According to the above-described technique using STUN, in the case where two communication terminals connected to different private networks are each connected to a Cone NAT router, a P2P communication path can be established between the two communication terminals.
However, in the case where the two communication terminals are connected via a Symmetric NAT router, a P2P communication path cannot be established by the technique using STUN. The reasons will be described.
FIG. 23 is a sequence diagram illustrating a processing procedure in the case where the P2P communication path establishment method using STUN is applied to two communication terminals connected via a Symmetric NAT router. More specifically, in the example shown in FIG. 23, the terminal 1 connected to a certain private network is connected to an external network via a Symmetric NAT router.
First, in steps S301 through S304, like in steps S201 through S204 shown in FIG. 22, the terminal 1 and the terminal 2 each transmit an IP/port registration request packet to the server, and thus register the IP address and the port number in the server.
Next, the terminal 2 transmits an IP/port acquisition request packet to the server in order to acquire an IP address and a port number to be used for performing P2P communication with the terminal 1 (step S305). In response to the IP/port acquisition request from the terminal 2, the server returns an IP/port acquisition response packet, including an IP address and a port number (IPG1, GP1) assigned by the router 1 to the source IP address and the source port number (IPL1, LP1), to the terminal 2 (step S306).
The terminal 2 refers to the packet received from the server to acquire the IP address and the port number (IPG1, GP1) for accessing the terminal 1. Then, the terminal 2 transmits a packet having (IPG1, PG1) as the destination, as a P2P start request (step S307).
In the case where the router 1 is a Symmetric NAT router, the router 1 discards the P2P start request without forwarding the same to the terminal 1 (IPL1, LP1). As described above, the router 2, which is a Cone NAT router, sets the NAT so as to be able to receive a response packet from the router 1 by forwarding the packet having (IPL2, LP2) set as the source and (IPG1, GP1) set as the destination to the router 1.
Next, the terminal 1 transmits a packet for accessing the terminal 2 to the server as an IP/port acquisition request (step S308). In response to the IP/port acquisition request from the terminal 1, the server returns a packet, including an IP address and a port (IPG2, GP2) assigned by the router 2 to the source IP address and the source port number (IPL2, LP2) of the router 2, to the terminal 2 as an IP/port acquisition response (step S309).
The terminal 1 refers to the IP/port acquisition request received from the server to acquire the IP address and the port number [IPG2, GP2] of the router 2 assigned to the IP address and the port number (IPL2, LP2) of the terminal 2.
Next, the terminal 1 transmits a packet having (IPL1, LP1) as the source to the terminal 2 as a P2P start request (step S310). However, the router 1 is a Symmetric NAT router and therefore assigns a different port number to a different destination of the packet. Accordingly, the router 1 assigns a port number [PG3], which is different from [PG1], to the P2P start request packet received from the terminal 1 and forwards the packet to the router 2.
In the case where the router 2 is the Full Cone NAT router or the R NAT router, the router 2 forwards the received P2P start request packet to the terminal (IPL2, LP2). Therefore, a P2P communication path is established between the terminal 1 and the terminal 2.
However, in the case where the router 2 is the PR NAT router or a Symmetric NAT router, the router 2 discards the received P2P start request packet without forwarding the same to the terminal 2. Therefore, the establishment of a P2P communication path between the terminal 1 and the terminal 2 results in a failure.
FIG. 24 is a sequence diagram illustrating a processing procedure in the case where the P2P communication path establishment method using STUN is applied to two communication terminals connected via a Symmetric NAT router. More specifically, in the example shown in FIG. 24, the terminal 2 connected to a certain private network is connected to an external network via a Symmetric NAT router.
First, in steps S401 through S404, like in steps S201 through S204 shown in FIG. 22, the terminal 1 and the terminal 2 each transmit an IP/port registration request packet to the server, and thus register the IP address and the port number in the server.
Next, the terminal 2 transmits an IP/port acquisition request packet to the server in order to acquire an IP address and a port number to be used for performing P2P communication with the terminal 1 (step S405). In response to the IP/port acquisition request from the terminal 2, the server returns an IP/port acquisition response packet, including an IP address and a port number (IPG1, GP1) assigned by the router 1 to the source IP address and the source port number (IPL1, LP1), to the terminal 2 (step S406).
The terminal 2 refers to the packet received from the server to acquire the IP address and the port number (IPG1, GP1) for accessing the terminal 1. Then, the terminal 2 transmits a packet having (IPG1, PG1) as the destination, as a P2P start request (step S407).
The destination of the P2P start request packet transmitted from the terminal 2 in step S407 is different from the destination of the IP/port registration request packet transmitted from the terminal 2 in step S403. Accordingly, the router 2, which is a Symmetric NAT router, assigns a port number [PG3], which is different from the port number [GP2], to the P2P start request packet. Namely, the router 2 sets the NAT so as to forward the packet, transmitted from the terminal 1 toward a destination of the router 2 (IPG2, PG3), to the terminal 2 (IPL2, LP2).
Therefore, even if the P2P start request packet having (IPG2, PG2) as the destination IP address and the destination port number is transmitted after the terminal 1 acquires, from the server, the IP address and the IP port number (IPG2, GP2) for accessing the terminal 2 (steps S408 and S409), the router 2 discards the P2P start request packet. Accordingly, the establishment of a P2P communication path between the terminal 1 and the terminal 2 results in a failure.
As described above, in the case where at least one of the router 1 and the router 2 is a Symmetric NAT router, the probability that the P2P communication path establishment method using STUN brings a successful result cannot be considered to be high.
In an attempt to solve the above-described problem of STUN, a method for establishing a P2P communication path for a combination of arbitrary two NATs among all the NATs including a Symmetric NAT is conventionally known (for example, Japanese Laid-Open Publication No. 2004-180003).
The P2P communication path establishment method described in Japanese Laid-Open Publication No. 2004-180003 is as follows. A communication terminal estimates a plurality of port numbers of the router used by a communication terminal, with which the first communication terminal is to perform P2P communication, for transmitting a P2P start request packet. The first communication terminal transmits a plurality of packets respectively having the estimated port numbers as the destination port. The router connected to the first communication terminal sets a plurality of port numbers for receiving the packets transmitted from the communication terminal to which the first communication terminal is to perform P2P communication. Therefore, the probability that a P2P communication path is successfully established can be increased. Hereinafter, this will be described in more detail.
FIG. 25 is a sequence diagram illustrating a P2P communication path establishment method described in Japanese Laid-Open Publication No. 2004-180003. In the example shown in FIG. 25, each of the router 1 and the router 2 is a Symmetric NAT router.
First, in steps S501 through S504, like in steps S201 through S204 shown in FIG. 22, the terminal 1 and the terminal 2 each transmit an IP/port registration request packet to the server, and thus register the IP address and the port number in the server.
Next, the terminal 2 transmits a P2P communication request packet to the server in order to communicate with the terminal 1 (step S505). In step S505, the terminal 2 changes the source port number from the port number [LP2] used for transmitting the IP/port registration request packet in step S503 to a port number [LP2+a] (where “a” is an arbitrary integer). The reason why the terminal 2 uses the new port number [LP2+a] as the source port is that the router 2 is estimated to assign a new port number [GP2+b] to the source (IPL2, LP2+a) in accordance with the change of the source port number. Here, “b” is an arbitrary integer and is an increment amount defined by the router 2.
Upon receipt of the P2P communication request packet, the server refers to the received packet to transmit a packet, including the IP address and the port number (IPG2, GP2+b) assigned by the router 2 to the source (IPL2, LP2+a), to the terminal 1 as an IP/port notification (step S506).
Upon receipt of the IP/port notification packet transmitted from the server, the terminal 1 determines whether or not to permit the terminal 2 to perform P2P communication, and notifies the server of the determination result (step S507). In step S507, the terminal 1 changes the source port number from [LP1] used for transmitting the IP/port registration request packet in step S501 to [LP1+c] (where “c” is an arbitrary integer). The reason why the terminal 1 uses the new port number [LP1+c] as the source port is that the router 1 is estimated to assign a new port number [GP1+d] to the source (IPL, LP1+c). Here, “d” is an arbitrary integer and is an increment amount defined by the router 1.
Next, the terminal 1 transmits a P2P start request packet having (IPG2, GP2+b+n) as the destination to the server, based on the IP address and the port number (IPG2, GP2+b) acquired from the received IP/port number notification packet (step S508). Here, “n” is an arbitrary integer.
In steps S507 and S508, the terminal 1 transmits the packets consecutively in a very short period of time. Accordingly, when the source port number [LP1+c] of the packet transmitted in step S507 is translated into [GP1+d], the source port number [LP1+c+1] of the packet transmitted in step S508 is translated into [GP1+d+1] in accordance with the setting of the NAT by router 1.
As a result of the transmission of the packet by the terminal 1 in step S508, the router 1 changes the NAT setting so as to be able to receive a response packet. Therefore, after the router 2 translates the source (IPL1, LP1+c+1) of the packet transmitted from the terminal 1 into (IPG1, GP1+d+1) and forwards the packet to the router 2 (IPG2, GP2+b+n), the router 1 can forward a packet having (IPG2, GP2+b+n) as the source to the terminal 1 (IPL1, LP1+c+1). The reason why the terminal 1 transmits a packet to a port number incremented by an arbitrary integer n from the acquired destination port number will be described later.
Upon receipt of a P2P communication permission packet transmitted from the terminal 1 in step S507, the server transmits a communication permission packet including an IP address and a port number (IPG1, GP1+d) of the router 1 to the terminal 2 (step S509).
Immediately after receiving an IP address and a port number (IPG1, GP1+d) for accessing the terminal 1, the terminal 2 transmits a P2P start request packet from the terminal 1 to the terminal 2 (step S510). In step S510, the terminal 2 transmits n number of P2P start request packets having source port numbers incremented one by one from [LP1+a+1] and the port number [GP1+d+1] of the router 1 as the destination port. The n number of P2P start request packets have. The router 2 translates the source port numbers of the n number of P2P start request packets transmitted from the terminal 2 into [GP2+b+m] through [GP2+m+n−1] respectively. Here, “n” is a value determined in consideration of the possibility that the setting of the NAT is changed by a packet transmitted from another terminal (not shown) connected to the router 1 in a short time period during which the processing in steps S508 through S510 is executed. “m” is an integer equal to or less than n.
As a result, the destination port number [GP2+b+n] of the packet transmitted from the terminal 1 in step S508 matches one of [GP2+b+m] through [GP2+m+n−1]. Therefore, the router 1 forwards one of the received n number of P2P start request packets to the terminal 1 (step S510-2) In the example shown in FIG. 25, the port numbers [GP2+b+n] and [GP2+b+m+2] match each other.
Upon receipt of the P2P start request packet transmitted from the router 1, the terminal 1 returns a P2P start response packet (step S511). The router 2, the NAT setting of which has been adjusted in step S510-2, forwards the P2P start response packet transmitted from the terminal 1 to the terminal 2. Then, a P2P communication path is established between the terminal 1 and the terminal 2.
As described above, the method using STUN and the method disclosed by Japanese Laid-Open Publication No. 2004-180003 are known as a method for establishing a P2P communication path between two communication terminals connected to different private networks.
However, these conventional methods have the following problems.
The method using STUN has the following problems. First, two servers having different IP addresses are required in order to examine the NAT type of the router connected to each communication terminal. Accordingly, in reality, this method has a problem in terms of costs for administering and maintaining the servers. Second, a P2P communication path cannot be established with this method in the case where one of the two communication terminals is connected to a router other than a Cone NAT router.
With the method disclosed by Japanese Laid-Open Publication No. 2004-180003, the probability that a P2P communication path is established is increased regardless of the NAT type of the router connected to each communication terminal (regardless of whether each router is a Cone NAT router or a Symmetric NAT router). In more detail, the terminal 1 estimates the port number possibly assigned in the router 1 the next time that the terminal 2 transmits a packet, based on the WAN-side port number of the router 2 notified by the server. The terminal 2 transmits a plurality of packets in order to increase the possibility that the port number assigned by the router 2 matches the port number estimated by the terminal 1.
However, in the case where the two communication terminals are both connected to a Full Cone NAT router, the port number can be easily estimated. Therefore, it is not necessary for one communication terminal to transmit a plurality of packets. Rather, the following problems occur by the transmission of a plurality of packets. First, the time required for establishing a communication path is extended by transmitting a plurality of unnecessary packets. Second, in the case where a router connected to either communication terminal has an invasion detection function, when the router receives a plurality of packets addressed to port numbers which are not used for communication, the router may incorrectly detect those packets as attempting illegal access. A router having an invasion detection function discards all the received packets when detecting illegal access. Therefore, the communication terminal connected to such a router may become incommunicable, which results in lower connectability.