1. Field of the Invention
The present invention relates to a communications relay device, program and method, and a network system, and the present invention is applicable to a network system that includes a session/border controller (hereinafter referred to as “S/BC”), which is a device placed for connection between different networks, for example.
2. Description of the Related Art
One of functions for a media traffic which are required for the S/BC is NA(P)T (Network Address (Port) Translation) control function (cf. “ITU-T Y.2111 9.2, “Procedures for NAPT control and NAT traversal””).
The NA(P)T control function is a function of concealing a network at the other end of connection from each terminal by assigning an end IP address (or port) of media in each network as a virtual IP address (or port) to both of a network inside the S/BC (on the installation side) and a network outside the S/BC (on the counter connection side) when establishing a session by signaling between terminals to be connected, changing a message in signaling to the virtual IP address (or port) and transferring the message to the both terminals to be connected, so that each terminal transmits a media (data) traffic with the virtual IP address (or port) as a designation address.
Hereinafter, an example of a network system is described in the case where the related art disclosed in “ITU-T Y.2012, “Supplement 1, Session/border control (S/BC) functions”, “ITU-T Y.2111 9.2, “Procedures for NAPT control and NAT traversal””, “IETF RFC3022, “Traditional IP Network Address Translator””, “IETF RFC3261, “SIP: Session Initiation Protocol””, “IETF RFC4566, “SDP: Session Description Protocol”” is applied as it is.
FIG. 6 is an explanatory view showing an overall configuration of a network system lA according to related art.
An S/BC 11A is a device that executes the NA(P)T control function between different networks.
A first network N1 is a network on the installation side (inside) of the S/BC 11A, and it is a network employing TCP/IP, in which the S/BC 11A is installed.
A second network N2 is a network on the counter connection side (outside) of the S/BC 11A, and it is a network employing TCP/IP, which is connected through the S/BC 11A.
A signaling I/F 111A is an IP interface for transmission and reception of a signaling traffic which is provided to the first network N1 by the S/BC 11A. A signaling I/F 112A is an IP interface for transmission and reception of a signaling traffic which is provided to the second network N2 by the S/BC 11A. A media I/F 113A is an IP interface for transmission and reception of a media traffic which is provided to the first network N1 by the S/BC 11A. A media I/F 114A is an IP interface for transmission and reception of a media traffic which is provided to the second network N2 by the S/BC 11A. The signaling I/F 111A and the media I/F 113A may be the same interface. Further, the signaling I/F 112A and the media I/F 114A may be the same interface.
A terminal 12-1 and a terminal 12-2 are user interfaces for a service such as VoIP which is connected to the first network N1, and they are terminal devices that control connection or release of a media session by a signaling protocol such as SIP (Session Initiation Protocol; cf. “IETF RFC3261, “SIP: Session Initiation Protocol””). A terminal 12-3 is a terminal which is connected to the second network N2 and has the same structure as the terminal 12-1 and the terminal 12-2.
A signaling processing server 13 is a server that manages the terminals and performs call control by processing or relay of signaling which is required by each terminal.
A signaling traffic ST21 is a flow of a signaling packet which is transmitted and received between the terminal 12-1 and the S/BC 11A. A signaling traffic ST22 is a flow of a signaling packet which is transmitted and received between the S/BC 11A and the signaling processing server 13. A signaling traffic ST23 is a flow of a signaling packet which is transmitted and received between the signaling processing server 13 and the terminal 12-3. A media traffic MT21 is a flow of a media packet which is transmitted and received between the terminal 12-1 and the S/BC 11A. A media traffic MT22 is a flow of a media packet which is transmitted and received between the S/BC 11A and the terminal 12-3.
An example of an operation when making an IP telephone call from the terminal 12-1 (IP address: 10.0.0.10/24, port number: 10000) to the terminal 12-3 (IP address: 20.0.0.10/24, port number: 30000), where SIP and SDP (Session Description Protocol; cf. “IETF RFC4566, “SDP: Session Description Protocol””) are used as signaling protocols, bidirectional NAPT (IETF RFC3022, “Traditional IP Network Address Translator”) is applied to a media traffic, and an IP address of the media I/F 113A is 10.0.0.1/24, a virtual port number range of the media I/F 113A is 40000 to 40009, an IP address of the media I/F 114A is 20.0.0.1/24, and a virtual port number range of the media I/F 114A is 20000 to 20009, is described hereinafter with reference to FIG. 6.
First, it is assumed that an INVITE message (the signaling traffic ST21) designated to the terminal 12-3 is transmitted from the terminal 12-1 to the S/BC 11A.
Next, the S/BC 11A allocates a port number not in use for a media session to the media I/F 114A as a virtual port number, changes the IP address of the terminal 12-1 which is designated by a connection IP address item in a connection data line of SDP in the INVITE message to the IP address of the media I/F 114A as a virtual IP address, changes a port number in a media description line of SDP to the allocated virtual port number, and transmits the INVITE message to the signaling processing server 13.
Then, the signaling processing server 13 identifies the terminal 12-3 from a designation identifier which is described in the INVITE message and transmits the INVITE message to the terminal 12-3.
The terminal 12-3 receives the INVITE message and, if a condition to enable a conversation is fulfilled, the terminal 12-3 transmits a “200 OK” message to the signaling processing server 13.
Then, the signaling processing server 13 determines a transfer route from the “200 OK” message and transmits the “200 OK” message to the S/BC 11A.
The S/BC 11A then allocates a port number not in use for a media session to the media I/F 113A as a virtual port number, changes the IP address of the terminal 12-3 which is designated by a connection IP address item in a connection data line of SDP in the “200 OK” message to the IP address of the media I/F 113A as a virtual IP address, changes a port number of a media description line of SDP to the allocated virtual port number, and transmits the “200 OK” message to the terminal 12-1.
The terminal 12-1 receives the “200 OK” message, and if a condition to enable a conversation is fulfilled, it transmits an ACK message to the terminal 12-3, so that the terminal 12-1 and the terminal 12-3 become the state during a telephone conversation. Transmission of the ACK message is the same as transmission of the INVITE message except that change to the virtual IP address and the virtual port number is not made.
By the above-described operation, a network at the other end of connection can be concealed from each terminal without interfering with the continuity of the media session.