1. Field of the Invention
The invention relates to connection establishing management methods of network systems, and more particularly, to connection establishing management methods for traversing network address translation (NAT) routers and firewalls between network terminal devices to establish a connection channel therebetween.
2. Description of the Related Art
Recently, due to the vigorous development and popularity of network applications, bandwidth increase and progress of voice compression technology of network, and rapid development of Voice over IP (VoIP) technology, Internet users can transmit real-time voice and images and other multimedia information. When using VoIP, both ends of the receiver and the speaker must be filled in with the respective computer's IP address to enable the connection between the two parties. However, the real network may have various types of Firewalls and network address translators (hereinafter referred to as NAT). When the network terminal device is located behind the Firewall or NAT, e.g., for the user who uses dial-up or ADSL equipment to access Internet at home or is located behind the Firewall, direct normal communication between network terminal devices is impossible because of the difficulty of finding the external IP address, causing great inconvenience to the user.
In order to solve these problems, the VoIP traverse network address translation router (hereinafter referred to as NAT router) and Firewall-related technologies were then extensively studied. Through VoIP traverses NAT and Firewall technologies, VoIP can still run smoothly even if the user is behind a NAT router and/or Firewall. NAT is a kind of technology that inter-converts the internal IP address and external IP address. The NAT aims to provide function to visit the external network to the computer that was using the intranet IP address, through a few sets of computers that have the public IP address of the public network. The NAT converts the IP address of the IP datagram source that was issued to the external network by the computers of some intranet IP addresses into the IP address of the NAT's own public network. The destination IP address remains unchanged, and the IP datagram is transferred to the router and finally to the external computer. At the same time, the NAT converts the destination IP address of the external computer's returned IP datagram to the intranet IP address, while the source IP address remains unchanged, and is eventually sent to the computer of the internal network. Among them, the best-known and most commonly used VoIP traverses NAT router and Firewall solution was called Simple Traversal of UDP (User datagram protocol) through NAT (referred to as STUN) or Traversal Using Relay NAT (referred to as TURN). STUN uses the server located on the Internet to help network terminal device in the Firewall to obtain their external address transformed by the NAT and to assist VoIP call of other users to traverse through the Firewall to send to the network terminal device in the firewall. Through the STUN server, the client terminal device can determine the public address, the type of NAT blocked in front, and the connection port to connect with a particular local port through the NAT. This information will be used to establish a UDP communication between the client terminal device and the VoIP service providers to achieve the VoIP call.
The STUN server may help the network terminal device within the Firewall see the external address that has been converted. The network terminal device within the Firewall may send a message to the STUN server, and the STUN server may retrieve the external address of this network terminal device from the packet and send back this information to the network terminal device. In addition, the STUN server may also obtain the type of NAT through a series of test packets and provide responsive traversing method. The STUN, however, cannot traverse the symmetric NAT. TURN provides more powerful intermediary function than STUN, sufficient to traverse the symmetric NAT Firewall. The packets sent by the two endpoints of a VoIP session are all first sent to the TURN server and then forwarded to each other by the TURN server. When the TURN server receives a packet, the TURN server will store the IP address and port of the packet source and then forward the request of the proposed address to the other party. The TURN server then acts as a forwarder between the two addresses. Any information received from the first address may be provided to the second address, and any information received from the second address may be provided to the first. Although the aforementioned use of STUN/TURN technology may traverse through the Firewall, the load is concentrated in the STUN/TURN server and the STUN/TURN server is usually set in the remote end and is required to bear a lot of bandwidth. The routing path through the server is usually longer, causing the delay of transmission, packet loss, and failure in a timely process.
It is therefore a desire to provide connection establishing management methods for establishing a connection channel among the network terminal devices that are located behind the NAT router and firewall to solve the aforementioned problems.