Recently, with speedy developments of computer and telecommunication technologies, services of transmitting voices, information, images, or other messages via public networks have become a major direction of business development for various Internet service providers (ISP). For example, in Next Generation Networks (NGN), Internet service providers provide voices, data, multi-media, and other comprehensively open network services via telecommunication service networks. Generally, NGN combines networks of voices, information, multi-media, and mobile services, and NGN can be divided into several layers in terms of network level, as follows:
(1) Access layer: It comprises various gateways, intelligent access terminal equipments, and comprehensive access equipments. The access layer uses various access means (such as broadband access, mobile access, etc.) to link various users to networks, and convert information formats into online-transmittable information formats.
(2) Transport layer: It is a loading network of NGN, and used to provide a public transmission platform for various services and media flows. In the transport layer, transmission is generally done in groups, and a core transmission network of the transport layer is a broadband IP network.
(3) Control layer: It is used to substantially carry out processing control of calling, adaptation of access protocol, inter-linkage, inter-communication, and other comprehensive control processing functions and services logics. The control layer determines services received by users, and controls service-flow processing of low-level network elements. A physical embodiment of the control layer is a softswitch equipment.
(4) Service layer: It is used to process service logics, provide comprehensively intelligent services for users, and carry out service customization and service-related management functions (such as service authentication and service charging).
Because a core loading network and a broadband access of the NGN are based on the existing IP network framework, access users must go through an addressing procedure of IP addresses. However, due to rapid inflation of Internet, IP addresses are in a seriously exhausted state. To solve the foregoing problem, many business networks and local networks are installed with a Network Address Transfer (NAT) at network outlets thereof. NAT is an Internet standard defined in RFC1631. Basically, NAT is installed in a router and located in a border area between a private network and a public network, in order to execute a translating procedure of IP address for packets sent by network terminal devices in the private network, so that a plurality of network terminal devices in the private network can share a common IP address for linking to Internet. In other words, when an IP information packet sent from the private network is transmitted to a NAT equipment, NAT is used to translate an internal IP address of the private network into a legal IP address of the public network. When external information is transmitted to the NAT equipment, NAT firstly checks information in a mapping table stored therein, and then translates an IP address of the public network into an IP address of the private network, which will be further transmitted to an internal receiving point. Generally, for normal information packets, the NAT equipment only translates IP addresses and port numbers. But, for applications conforming to the H.323 standard, the SIP (Session Initiation Protocol) standard, and the MGCP (Media Gateway Control Protocol) standard, actual media connection information is stored in packet information for being transmitted. As a result, there will be some problems as follows: Suppose a network terminal device A (such as a computer having a network interface, a network video camera, and a VoIP phone) sends a calling signal to another network terminal device B, a calling information of the network terminal device A will be transmitted to the network terminal device B via protocols such as H.323, SIP, etc. Then, the network terminal device B can obtain a private network IP address of the network terminal device A from a packet information (calling information), and try to establish a RTP (real-time transport protocol) connection with the network terminal device A. However, because the IP address is a private address which can not be recognized on the public network, the network terminal devices A and B can not establish a communication connection therebetween. Therefore, NAT only allows an internal network terminal device to establish outgoing communication connections, but doesn't allow a network terminal device outside the network to establish communication connections with a network terminal device inside the network. As a result, although NAT serves to protect network safety, NAT also blocks communication signals (such as VoIP phone signals) from external networks. Thus, NAT protocol may become a technological barrier for business users to use network communication services (such as VoIP phones).
Additionally, in order to increase the safety of internal networks, most businesses use firewalls at network outlets to limit the types and flow of information packets entering the internal network. Based on the voice and video communication protocols of IP, IP addresses and port numbers must be used between network terminal devices for building up channels of information communication. As a result, it causes a dilemma problem, i.e., each network terminal device of a NGN must detect external calling signals at all times, but the firewalls will not allow uninvited information packets from external networks to pass through. Thus, some mechanism must be used to open a port of the firewalls for transmitting calling signals from external networks to a network terminal device of the internal network. According to the RTP/RTCP (Real-time Transport Control Protocol) in voice and video communications, the sending and receiving of media flows can only be carried out through dynamic allocation of ports. Therefore, the foregoing problem with firewalls becomes another technological barrier for business users to use network communication services (such as VoIP phones).
In view of the problems described above, network and software providers (such as Microsoft and Cisco) are cooperating with each other to develop a new protocol for Interactive Connectivity Establishment (ICE) intended for application software (such as Microsoft application software), so that the application software, when installed in a network system using the NAT protocol, can allow network terminal devices of an internal network and an external network to exchange data in a controlled manner, for the purpose of carrying out network communication services (such as VoIP phones). However, this method only can be applied between network terminal devices of a NGN which are installed with ICE application software. For the majority of network terminal devices that do not have ICE application software, or for the majority of private networks that have not yet install ICE application software, the NAT equipment and firewalls thereof will try to protect the networks by blocking communication signals from external networks. As a result, the network terminal devices still cannot exchange data there between, and the network communication services still can not be carried out.
Therefore, it is important for Internet service providers to figure out how to develop a portable ICE proxy to allow ICE proxies from two private networks to selectively use a plurality of candidate access points provided by an ICE protocol standard in order to pass through respective NAT routers of the private networks and firewalls thereof, and to build up a barrier-free connection channel between the ICE proxies via a public network for linking to each other and for accessing information from network terminal devices in the respective private networks.