As the computer and communication technologies quickly evolve, all network service providers put their efforts on the fields of carrying messages like voice, data and images etc. through public networks. In the next generation network (NGN for short), network service providers provide various integrated and open network services like voice, data, multimedia and so forth through telecommunication networks. Now the construction of the NGN is still changing, and the major goal is to separate services and transmission technologies so as to make all services available no matter what transmission technologies are adopted. In other words, the NGN is a service-oriented network in which service is separated from invocation and invocation is separated from carrying which makes service to be independent and may be provided with more flexibility and users of the NGN to be able to define their own services regardless of the types of the networks carrying the services or the end devices. In the past, none of the existed data networks including telecommunication, computer and cable networks is capable of being the only platform and used for services with different characteristic. However, as the development of IP technology in recent years, now the telecommunication (wired and wireless), computer and cable networks may be integrated or even combined with the mobile communication network to form a mixed network by using advanced IP technology which enable all IP-based services to be implemented on different networks.
Driven by the network services and integration of networks stated above, the NGN will be implemented by using the distributed network structure that effectively carries voice, video and multimedia data and separates application, control and transmission. During the construction, the existed data network may be smoothly transformed into the NGN with the advantages that the network and end devices may still be working in the NGN and various IP-based protocols may still be adopted as well. And one of the most important issues is how to pass through private network.
The NGN is a kind of network that integrates voice, data, multimedia and mobile communication and may be divided into several network layers below:
(1) access layer: this layer is composed of various gateways, intelligent access end devices and integrated access devices, and connects all kinds of users to networks via various means (like broadband access and mobile access etc.) and transforms data into the format which may be transmitted through networks;
(2) transmission layer: this layer indicates the carrying networks of the NGN that provide public transmission platform for all kinds of services and media streams and mostly adopts packet transmission while so far the main transmission network would be the broadband IP network;
(3) control layer: this layer handles control functions like invocation control protocol selection, mutual connection and execution of business logic, and it also decides services received by users and controls the processing of low layer network unit toward the service flow wherein the main body is composed of soft switch devices; and
(4) business layer: this layer handles business logic, provides integrated services facing users, and implements customized services and service-related management like authentication and charging.
The problem for the NGN of passing through private network exists in the access layer of the border of the NGN. The main carrying network of the NGN is constructed on the existed IP network, and to access the network, a user must acquire an IP address which is exhausted due to quick expansion of the Internet. To solve the problem, a large number of intranets and local area networks are equipped with network address translation (NAT for short) devices installed at the border of the networks. The NAT is an Internet standard defined in RFC 1631 and basically is installed in a router at the border between private network and public network for translating IP addresses of packets sent by network terminal devices of a private network thus enabling multiple network terminal devices of the private network to share one IP address. To be more specific, NAT is in charge of translating internal IP addresses of a private network into legal IP addresses of a public network upon receiving IP packets from the private network and translating IP addresses of the public network into IP addresses of the private network through looking up a mapping table maintained in the NAT upon receiving external packets then forward them to the internal destinations. In general, only the translation of IP address and port number is required for an ordinary packet, but this is not the case for applications complying with H.323, session initiation protocol (SIP for short) and media gateway control protocol (MGCP for short) for that the actual media connection information is embedded in the overhead of the packet. Assuming that end device A calls end device B, the calling information of end device A will be transmitted to end device B through soft switch, and after acquiring the IP address of end device A from the overhead embedded in the packet according to H.323 or SIP etc., end device B will try to establish a real-time transport protocol (RTP for short) connection with end device A which will fail due to that the IP address is private and impossible to recognize on public network. Besides, to secure the internal network, most companies will deploy firewalls to control the type and data flow of packets into the internal network, and for IP-based voice, video protocols, IP addresses and port numbers are required to establish a communication tunnel. A dilemma thus arises that each end device of the NGN constantly listens to the external call while passing any uninvited external packet through the port of the firewall by using certain approaches and transferring an external call to an internal end device is prohibited. In the meantime, in voice, video communication, it takes dynamic port allocation to implement transmission and receipt of media stream complying with RTP/RTCP (real-time transport control protocol), thus makes the problem caused by the firewall become an inevitable and major issue during development of the NGN.
Hence, to develop a network system which enables a network terminal device of a private network to connect with a network terminal device of another private network passing through the firewall, thus establishes a free tunnel for communication and data access over the public network has become an important objective to be achieved.