The P2P technology fully utilizes the capabilities of every peer in a system so that the peers provide services for each other. The P2P technology can significantly increase the utilization of the peers and further help improve the efficiency of the network, devices and information services. P2P systems include structured, unstructured and loosely structured systems. In a structured P2P system, the publication of resources is closely related to the network topology and resources are distributed in the network precisely according to the logical addresses in the P2P topology. In the system, every peer has a virtual logical address and all peers compose a relatively stable and close topological structure according to their addresses. In a structured P2P system, a Hash algorithm is applied to a resource to generate a key. Because the name space of keys is mapped to the name space of peers, the resources are distributed in the structured P2P system according to the keys and the mapping and a resource can be found in the P2P network by means of its key.
An important P2P function is the routing of protocol messages between peers during a communication process. In a structured P2P system, when the source peer of a message needs to acquire a resource stored in a destination peer, it is necessary to route the request message to the destination by way of several peers according to the key and the hash algorithm and route the response message back to the source peer. In the routing process, some peers are probably behind a Network Address Translation (NAT) device or a Firewall (FW). Therefore, NAT and FW traversal must also be considered in the routing process.
At present, routing modes in a P2P system include recursive routing, semi-recursive routing and iterative routing.
A recursive routing process is shown in FIG. 1, where peer A sends a message to peer D and receives a response. The principle of recursive routing is as follows: a peer receiving a message checks whether the message is destined for itself and if so, the peer ends the routing or else the peer forwards the message to a peer closer to the destination according to its routing table; the response message is returned in the same route. The major requirement of recursive routing is NAT and FW traversal, which can guarantee that the response message is routed back to the requesting peer.
A semi-recursive routing process is shown in FIG. 2, where peer A sends a message to peer D and receives a response. The principle of semi-recursive routing is as follows: a peer receiving a message checks whether the message is destined for itself and if so, the peer ends the routing or else the peer forwards the message to a peer closer to the destination according to its routing table; the response message is directly returned to the requesting peer.
An iterative routing process is shown in FIG. 3, where peer A sends a message to peer D and receives a response. The routing principle is as follows: a peer receiving a message checks whether the message is destined for itself and if so, the peer ends the routing or else, the peer notifies the requesting peer of a peer closer to the destination according to its routing table and the requesting peer forwards the message to the peer closer to the destination.
The characteristics of the three routing modes are: the speed of recursive routing is high but the response message passes through many intermediate peers if the requesting peer is known; the speed of semi-recursive routing is the highest and the response message is directly routed to the requesting peer with a high efficiency but there is an issue of NAT and FW traversal if the requesting peer is behind an NAT or FW; in iterative routing, NAT and FW traversal is simple but the routing efficiency is low.
For the above routing modes, different implementations are provided in the conventional art. Taking the implementation of recursive routing as an example, a transaction based recursive routing method is provided by the conventional art. The routing principle is shown in FIG. 4.
Each peer maintains a local transaction table. When a peer forwards a request message, the peer adds a record to its transaction table and the transaction ID to the header of the message; when the peer receives a response message, the peer extracts a transaction ID from the message header and checks whether the transaction ID exists in its local transaction table; if the transaction ID exists, the peer forwards the message to the requesting peer according to the transaction record, or else the peer discards the message. With the transaction table, the peer realizes recursive routing.
During the implementation of the present invention, the inventor finds that the conventional art has at least the following weaknesses:
Because the capacity of a transaction table is limited, the number of transactions that a peer can maintain within a certain period of time is limited. If the transaction table is full, new requests will be rejected unconditionally. As a result, the peer is vulnerable to Denial of Service (DoS) attacks. Attackers may send large numbers of request messages to a specific peer so that, when the transaction table of the peer is full, the peer will no longer be able to forward messages to other peers.