An IP address, which is uniquely determined within the entire network and which enables a one-to-one (peer-to-peer, hereinafter referred to as P2P) interconnection to be established, is called a global IP address. On the other hand, an IP address, which is a non-global IP address uniquely determined only within a particular network and which cannot be used for P2P communication with another network, is called a private IP address. A network made up of such private IP addresses is called a private network.
There is a common method for enabling a communication terminal having a private IP address to communicate with an external communication terminal having a global IP address, in which method a communication terminal (router) having a Network Address Translation (hereinafter, referred to as NAT) function or a Network Address Port Translation (hereinafter, referred to as NAPT) function is placed between a private network and external global network. Note that, the term NAT referred to in the below description contains concepts of both NAT and NAPT.
It is known that there are a plurality of types of NAT. Hereinafter, the types of NAT will be described with reference to FIG. 8. FIG. 8(a) shows a type of NAT called Full Cone NAT. As shown in FIG. 8(a), a router having a Full Cone NAT function always allocates a same port number [Pb] of the router to packets, which are transmitted from same address information [IPa, Pa] of a home terminal A to outside home, and then transmits the packets to an external network. Also, the router transfers all packets, which are transmitted to address information [IPb, Pb] from unspecified external terminals C and D connected to the external network, to the home terminal A [IPa, Pa].
FIG. 8(b) shows a type of NAT called Restricted Cone NAT. As shown in FIG. 8(b), a router having a Restricted Cone NAT function always allocates the same port number [Pb] of the router to packets, which are transmitted from the same address information [IPa, Pa] of the home terminal A to outside home, and then transmits the packets to the external network. Note that, unlike the Full Cone NAT router, the router only transfers a packet, which is transmitted to the address information [IPb, Pb] from an IP address [IPc] of the external terminal C to which the home terminal A has previously transmitted a packet, to the home terminal A [IPa, Pa]. At this point, a port number of the external terminal C may be any number.
FIG. 8(c) shows a type of NAT called Port Restricted Cone NAT. As shown in FIG. 8(c), a router having a Port Restricted Cone NAT function always allocates the same port number [Pb] of the router to packets, which are transmitted from the same address information [IPa, Pa] of the home terminal A to outside home, and then transmits the packets to the external network. Here, unlike the Restricted Cone NAT router, the router only transfers a packet, which is transmitted to the address information [IPb, Pb] from a port number [Pc1] of the external terminal C to which the home terminal A has previously transmitted a packet, to the home terminal A [IPa, Pa]. At this point, the router discards all packets transmitted from any other port number than [Pc1] (e.g., [Pc2]) even if the packets are transmitted from the same external terminal C.
FIG. 8(d) shows a type of NAT called Symmetric NAT. As shown in FIG. 8(d), a router having a Symmetric NAT function allocates a specific port number of the router to packets, which are transmitted from the same address information [IPa, Pa] of the home terminal A to a port number of a specific external terminal, and then transmits the packets to the external network. For example, the router allocates a port number [Pb1] of the router to a packet which is transmitted from the home terminal A [IPa, Pa] to the external terminal C [IPc, Pc]. Further, the router allocates a port number [Pb2] of the router to a packet which is transmitted from the home terminal A [IPa, Pa] to the external terminal D [IPd, Pd]. Similarly to the Port Restricted Cone NAT router, the router only transfers a packet, which is transmitted from a port number of an external terminal to which the home terminal A has previously transmitted a packet, to the home terminal A [IPa, Pa].
By using these NAT functions of router, a home terminal within a private network is able to communicate, using a private IP address, with an external terminal on a global network.
However, just placing a router having a NAT function between the private network and global network does not allow a terminal having a private IP address to perform P2P communication with a terminal existing in a different private network. Here, there is a method, which is disclosed by RFC3489 and in which STUN (Simple Traversal UDP through NAT) is used, for allowing terminals respectively existing in different private networks to realize P2P communication beyond NAT functions of routers thereof. In the description below, the term “packet” always refers to “UDP packet”, and all messages are transmitted and received using UDP packets.
FIG. 9 shows a sequence of operations which are performed between terminals in order to realize P2P communication by using the method in which STUN is used. Here, routers 1 and 2 shown in FIG. 9 are not Symmetric NAT routers. As shown in FIG. 9, a terminal 1 transmits an IP/Port registration request to a server (step S501). The server registers therein source address information (i.e., a source IP address and source port number) about a received packet (step S502). Here, the server registers therein address information [IPG1, GP1] which is a result of conversion, performed by the NAT of the router 1, of address information about the terminal 1 from [IPL1, LP1] to [IPG1, GP1] which is address information about the router 1.
Similarly, a terminal 2 transmits an IP/Port registration request to the server (step S503). The server registers therein source address information (i.e., a source IP address and source port number) about a received packet (step S504). Here, the server registers therein address information [IPG2, GP2] which is a result of conversion, performed by the NAT of the router 2, of address information about the terminal 2 from [IPL2, LP2] to [IPG2, GP2] which is address information about the router 2.
Next, in order to obtain address information for accessing the terminal 1, the terminal 2 transmits an IP/Port obtain request to the server (step S505). In response, the server returns, to the terminal 2, an IP/Port obtain response in which the address information [IPG1, GP1] registered at step S502 is set (step S506).
Upon obtaining the address information [IPG1, GP1] for accessing the terminal 1, the terminal 2 transmits a P2P start request to the obtained address information [IPG1, GP1] (step S507). The router 2 relays, to the router 1, the P2P start request transmitted from the terminal 2. Here, when the router 1 is a Full Cone NAT router, the P2P start request transmitted from the terminal 2 is transferred to the terminal 1, and then a P2P communication path is established between the terminals 1 and 2.
On the other hand, when the router 1 is not a Full Cone NAT router, the P2P start request transmitted from the terminal 2 is discarded by the router 1 without being transferred to the terminal 1 [IPL1, LP1].
However, at the time of relaying the P2P start request transmitted from the terminal 2, the NAT of the router 2 is set so as to transfer a packet, which is directed in the opposite direction to that of the relayed P2P start request, to the terminal 2. To be specific, in the case where the router 2 is a Full Cone NAT router, the NAT of the router 2 is set so as to transfer a packet, which the router 2 [IPG2, GP2] receives from the terminal 1 via the router 1 [IPG1, GP1], to the terminal 2 [IPL2, LP2]. Also, in the case where the router 2 is a Restricted Cone NAT router, the NAT of the router 2 is set so as to transfer a packet, which the router 2 [IPG2, GP2] receives from a source IP address [IPG1], to the terminal 2 [IPL2, LP2]. Further, in the case where the router 2 is a Port Restricted Cone NAT router, the NAT of the router 2 is set so as to transfer a packet, which the router 2 [IPG2, GP2] receives from the terminal 1 via the router 1 [IPG1, GP1], to the terminal 2 [IPL2, LP2].
Next, in order to obtain address information for accessing the terminal 2, the terminal 1 transmits an IP/Port obtain request to the server (step S508). In response, the server returns, to the terminal 1, an IP/Port obtain response in which the address information [IPG2, GP2] registered at step S504 is set (step S509).
Upon obtaining the address information [IPG2, GP2] for accessing the terminal 2, the terminal 1 transmits a P2P start request to the obtained address information [IPG2, GP2] (step S510. The router 1 relays, to the router 2, the P2P start request transmitted from the terminal 1. As described above, the NAT of the router 2 has been set so as to transfer a packet, which the router 2 [IPG2, GP2] receives from the terminal 1 via the router 1, to the terminal 2 [IPL2, LP2]. For this reason, the router 2 is able to transfer, to the terminal 2, the P2P start request transmitted from the terminal 1.
Also, at the time of relaying the P2P start request transmitted from the terminal 1, the NAT of the router 1 is set so as to transfer a packet, which is directed in the opposite direction to that of the relayed P2P start request, to the terminal 1. To be specific, in the case where the router 1 is a Restricted Cone NAT router, the NAT of the router 1 is set so as to transfer a packet, which the router 1 [IPG1, GP1] receives from a source IP address [IPG2], to the terminal 1 [IPL1, LP1]. Further, in the case where the router 1 is a Port Restricted Cone NAT router, the NAT of the router 1 is set so as to transfer a packet, which the router 1 [IPG1, GP1] receives from the terminal 2 via the router 2 [IPG2, GP2], to the terminal 1 [IPL1, LP1].
Upon receiving the P2P start request, the terminal 2 transmits a P2P start response to the terminal 1 (step S511). At this point, as described above, the NAT of the router 1 has been set so as to transfer a packet, which the router 1 [IPG1, GP1] receives from the terminal 2 via the router 2, to the terminal 1 [IPL1, LP1]. For this reason, the router 1 is able to transfer, to the terminal 1, the P2P start response transmitted from the terminal 2. This is the method for, when the routers 1 and 2 are not Symmetric NAT routers, establishing a P2P communication path by using STUN.
In the case where a Symmetric NAT router is present on the path between the terminals land 2, the following problem occurs when a P2P communication path is established using STUN. Hereinafter, the problem will be described with reference to FIGS. 10 and 11. FIG. 10 illustrates a problem occurring when the router 1 is a Symmetric NAT router. FIG. 11 illustrates a problem occurring when the router 2 is a Symmetric NAT router.
As shown in FIG. 10, processes of steps S601 to S604 are the same as those of the steps S501 to S504 in FIG. 9. Therefore, descriptions thereof will be omitted. In the following step, the terminal 2 transmits an IP/Port obtain request to the server in order to obtain address information for accessing the terminal 1 (step S605). In response, the server returns, to the terminal 2, an IP/Port obtain response in which the address information [IPG1, GP1] registered at step S602 is set (step S606).
Upon obtaining the address information [IPG1, GP1] for accessing the terminal 1, the terminal 2 transmits a P2P start request to the obtained address information [IPG1, GP1] (step S607.
The router 2 relays, to the router 1, the P2P start request transmitted from the terminal 2. Here, since the router 1 is a Symmetric NAT router, a packet of the P2P start request transmitted from the terminal 2 is discarded by the router 1 without being transferred to the terminal 1 [IPL1, LP1].
However, at the time of relaying the P2P start request transmitted from the terminal 2, the NAT of the router 2 is set so as to transfer a packet, which is directed in the opposite direction to that of the relayed P2P start request, to the terminal 2. To be specific, in the case where the router 2 is a Full Cone NAT router, the NAT of the router 2 is set so as to transfer a packet, which the router 2 [IPG2, GP2] receives from the terminal 1 via the router 1 [IPG1, GP1], to the terminal 2 [IPL2, LP2]. Also, in the case where the router 2 is a Restricted Cone NAT router, the NAT of the router 2 is set so as to transfer a packet, which the router 2 [IPG2, GP2] receives from the source IP address [IPG1], to the terminal 2 [IPL2, LP2]. Further, in the case where the router 2 is a Port Restricted Cone NAT router, the NAT of the router 2 is set so as to transfer a packet, which the router 2 [IPG2, GP2] receives from the terminal 1 via the router 1 [IPG1, GP1], to the terminal 2 [IPL2, LP2].
Next, in order to obtain address information for accessing the terminal 2, the terminal 1 transmits an IP/Port obtain request to the server (step S608). In response, the server returns, to the terminal 1, an IP/Port obtain response in which the address information [IPG2, GP2] registered at step S604 is set (step S609).
Upon obtaining the address information [IPG2, GP2] for accessing the terminal 2, the terminal 1 transmits a P2P start request to the obtained address information [IPG2, GP2] (step S610.
At this point, since the router 1 is a Symmetric NAT router, the router 1 allocates a port number other than [GP1] (e.g., [GP3]) to the P2P start request transmitted from the terminal 1.
Here, when the router 2 is a Full Cone NAT router or Restricted Cone NAT router, the P2P start request transmitted from the terminal 1 is transferred by the router 2 to the terminal 2 [IPL2, LP2], and then a P2P communication path is established between the terminals 1 and 2. However, when the router 2 is a Port Restricted Cone NAT router or Symmetric NAT router, the P2P start request transmitted from the terminal 1 is discarded by the router 2 without being transferred to the terminal 2. For this reason, a P2P communication path between the terminals 1 and 2 fails to be established.
Also, in the case where the router 2 is a Symmetric NAT router (see FIG. 11), a P2P communication path fails to be established for the same reason.
As described above, in the case where either the router 1 or router 2 is a Symmetric NAT router, probability of successfully establishing a P2P communication path by using STUN is not high. In order to solve such a problem, a conventional method, which allows a P2P communication path to be successfully established even if the routers 1 and 2 are Symmetric NAT routers, has been disclosed (e.g., Patent Document 1).
FIG. 12 is a sequence diagram showing a process, in the conventional method, for establishing a P2P communication path. As shown in FIG. 12, processes of steps S801 to S804 are the same as those of the steps S501 to S504 in FIG. 9. Therefore, descriptions thereof will be omitted. In order to request the terminal 1 to perform P2P communication, the terminal 2 transmits a P2P communication request to the server (step S805). At this point, the terminal 2 changes a source port number, which the terminal 2 uses for the P2P communication request, from the source port number [LP2], which has been used for the IP/Port obtain request, to a source port number [LP2+a]. Here, a is an arbitrary integer.
The reason for the terminal 2 to use the new port number [LP2+a] is to cause the router 2 to use a new source port number [GP2+b] as a source port number of the P2P communication request. Here, b is an indeterminate incremental value of the NAT of the router 2.
Upon receiving the P2P communication request, the server transmits, to the terminal 1, an IP/Port notification in which the address information [IPG2, GP2+b] is set (step S806).
Upon receiving the IP/Port notification, the terminal 1 transmits a P2P start permission to the server in the case where the terminal 1 permits the P2P communication (step S807). At this point, the terminal 1 changes a source port number, which the terminal 1 uses for the P2P start permission, from the source port number [LP1], which has been used for the IP/Port obtain request, to a source port number [LP1+d], and then transmits the P2P start permission. The reason for the terminal 1 to use the new port number [LP1+d] is to cause the router 1 to use a new source port number [GP1+d] as a source port number of the P2P communication permission. Here, d is an arbitrary integer which is an indeterminate incremental value of the NAT of the router 1.
Further, upon obtaining, through the IP/Port notification, the address information [IPG2, GP2+b] for accessing the terminal 2, the terminal 1 transmits a P2P start request to the obtained address information [IPG2, GP+2+b+n] (step S808).
Note that, at steps S807 and S808, the P2P communication permission and P2P start request are successively transmitted within an extremely short time period. For this reason, when the source port number of the P2P communication permission is converted from [LP1+c] to [GP1+d] by the router 1, the source port number of the P2P start request is converted from [LP1+c+1] to [GP1+d+1].
Also, at the time of relaying the P2P start request transmitted from the terminal 1, the NAT of the router 1 is set so as to transfer a packet, which is directed in the opposite direction to that of the relayed P2P start request, to the terminal 1. To be specific, the NAT of the router 1 is set so as to transfer a packet, which the router 1 [IPG1, GP1+d+1] receives from the terminal 2 via the router 2 [IPG2, GP2+b+n], to the terminal 1 [IPL1, LP1+c+1]. Here, n is an arbitrary integer value.
Upon receiving the P2P communication permission transmitted from the terminal 1 at step S807, the server transmits, to the terminal 2, IP/Port obtain response in which the address information [IPG1, GP1+d] of the router 1 is set (step S809).
Next, upon receiving, through the IP/Port obtain response, the address information [IPG1, GP1+d] for accessing the terminal 1 (i.e., the address information about the router 1), the terminal 2 immediately transmits P2P start requests to the terminal 1 (step S810). At this point, the terminal 2 transmits, to a port number [GP1+d+1] of the router 1, n P2P start requests while causing source port numbers thereof to be incremented one by one from [LP2+a+1]. The source port numbers of the P2P start requests are converted by the router 2 to port numbers [GP2+b+m] to [GP2+b+m+n−1].
Since any of the plurality of P2P start requests transmitted from the terminal 2 corresponds to the setting for the router 1 to transfer, to the terminal 1, a packet directed in the opposite direction, said any of the plurality of P2P start requests is transferred to the terminal 1. Upon receiving said any of the plurality of P2P start requests, the terminal 1 transmits a P2P start response as a response (step S811). As a result, a P2P communication path is established between the terminals 1 and 2.
[Patent Document 1] Japanese Laid-Open Patent Publication No. 2004-180003.