技术领域technical field
本申请涉及网络通信技术领域,尤其涉及一种访问视频设备的方法及装置。The present application relates to the technical field of network communication, in particular to a method and device for accessing video equipment.
背景技术Background technique
目前的视频设备大多处于私网中,而要访问视频设备的客户端往往与视频设备不在同一私网中,通常情况下,处于私网中的设备无法直接接入公网,而是通过路由器(Network Address Translation,网络地址转换)接入公网,因此,视频设备与客户端处于不同的路由器内,导致客户端无法访问视频设备。在现有技术中,服务商在公网中架设管理服务器,当客户端需要访问某一视频设备时,先将访问请求发送至管理服务器,管理服务器通过NAT设备向该视频设备请求视频数据,然后再将视频数据转发给客户端。但是由于视频数据量很大,因此,管理服务器在向客户端传输视频数据过程中需要占用大量的带宽,视频数据容易产生较大的网络损伤(例如,丢包、延时、抖动等),导致客户端播放的视频不流畅,降低用户体验。Most of the current video devices are in the private network, and the client that wants to access the video device is often not in the same private network as the video device. Usually, the device in the private network cannot directly access the public network, but through a router ( Network Address Translation, network address translation) to access the public network, therefore, the video device and the client are in different routers, resulting in the client being unable to access the video device. In the prior art, the service provider sets up a management server in the public network. When the client needs to access a certain video device, it first sends the access request to the management server, and the management server requests video data from the video device through the NAT device, and then Then forward the video data to the client. However, due to the large amount of video data, the management server needs to occupy a large amount of bandwidth in the process of transmitting video data to the client, and the video data is prone to large network damage (for example, packet loss, delay, jitter, etc.), resulting in The video played by the client is not smooth, which reduces the user experience.
发明内容Contents of the invention
有鉴于此,本申请提供一种访问视频设备的方法及装置,以解决现有的访问方式会降低用户体验的问题。In view of this, the present application provides a method and device for accessing video equipment, so as to solve the problem that the existing access methods will reduce user experience.
根据本申请实施例的第一方面,提供一种访问视频设备的方法,应用于包括管理服务器、客户端和视频设备的网络中,所述管理服务器处于公网中,所述客户端和所述视频设备处于不同私网中,所述视频设备与第一路由器连接,所述方法应用于所述管理服务器上,所述方法包括:According to the first aspect of the embodiments of the present application, there is provided a method for accessing a video device, which is applied to a network including a management server, a client, and a video device, the management server is in a public network, the client and the The video devices are in different private networks, the video devices are connected to the first router, the method is applied to the management server, and the method includes:
接收来自所述客户端的连接请求报文;其中,所述连接请求报文携带有要访问的视频设备的设备标识;Receive a connection request message from the client; wherein, the connection request message carries the device identifier of the video device to be accessed;
利用所述设备标识获取所述视频设备对应的第一路由器的IP地址,并获取所述第一路由器为所述视频设备分配的第一公网端口;Obtaining the IP address of the first router corresponding to the video device by using the device identification, and obtaining the first public network port allocated by the first router to the video device;
向所述客户端发送所述第一路由器的IP地址和所述第一公网端口,以使所述客户端利用所述第一路由器的IP地址和所述第一公网端口向所述第一路由器发送报文,并由所述第一路由器将所述报文转发到所述视频设备上。sending the IP address of the first router and the first public network port to the client, so that the client uses the IP address of the first router and the first public network port to send the A router sends a message, and the first router forwards the message to the video device.
根据本申请实施例的第二方面,提供一种访问视频设备的装置,应用于包括管理服务器、客户端和视频设备的网络中,所述管理服务器处于公网中,所述客户端和所述视频设备处于不同私网中,所述视频设备与第一路由器连接,所述装置应用于所述管理服务器上,所述装置包括:According to the second aspect of the embodiments of the present application, there is provided an apparatus for accessing video equipment, which is applied to a network including a management server, a client, and a video equipment, the management server is in a public network, the client and the The video equipment is in different private networks, the video equipment is connected to the first router, and the device is applied to the management server, and the device includes:
接收单元,用于接收来自所述客户端的连接请求报文;其中,所述连接请求报文携带有要访问的视频设备的设备标识;A receiving unit, configured to receive a connection request message from the client; wherein the connection request message carries the device identifier of the video device to be accessed;
获取单元,用于利用所述设备标识获取所述视频设备对应的第一路由器的IP地址,并获取所述第一路由器为所述视频设备分配的第一公网端口;An obtaining unit, configured to use the device identifier to obtain the IP address of the first router corresponding to the video device, and obtain the first public network port allocated by the first router to the video device;
发送单元,用于向所述客户端发送所述第一路由器的IP地址和所述第一公网端口,以使所述客户端利用所述第一路由器的IP地址和所述第一公网端口向所述第一路由器发送报文,并由所述第一路由器将所述报文转发到所述视频设备上。a sending unit, configured to send the IP address of the first router and the first public network port to the client, so that the client uses the IP address of the first router and the first public network The port sends a packet to the first router, and the first router forwards the packet to the video device.
应用本申请实施例,管理服务器利用客户端发送的连接请求报文中携带的要访问的视频设备的设备标识,获取视频设备对应的第一路由器的IP地址,并获取该第一路由器为视频设备分配的第一公网端口,然后将第一路由器的IP地址和第一公网端口发送到客户端,客户端可以利用该第一路由器的IP地址和该第一公网端口向第一路由器发送报文,并由第一路由器将该报文转发到视频设备上。基于上述实现方式,管理服务器只需要获取到第一路由器的IP地址和第一公网端口便可使客户端直接访问到视频设备的视频数据,而不需要管理服务器为客户端向视频设备请求视频数据,然后再转发给客户端,而占用大量的带宽,从而,客户端直接从视频设备获取到的视频数据不会出现网络损伤,播放流畅,提高了用户体验。Applying the embodiment of this application, the management server uses the device identifier of the video device to be accessed carried in the connection request message sent by the client to obtain the IP address of the first router corresponding to the video device, and obtains that the first router is the video device The assigned first public network port, and then send the IP address of the first router and the first public network port to the client, and the client can use the IP address of the first router and the first public network port to send to the first router message, and the first router forwards the message to the video device. Based on the above implementation, the management server only needs to obtain the IP address of the first router and the first public network port to allow the client to directly access the video data of the video device, without the need for the management server to request video data from the video device for the client. The data is then forwarded to the client, which takes up a large amount of bandwidth. Therefore, the video data obtained by the client directly from the video device will not suffer from network damage, and the playback will be smooth, which improves the user experience.
附图说明Description of drawings
图1为本申请根据一示例性实施例示出的一种访问视频设备的应用场景图;Fig. 1 is an application scene diagram of accessing a video device according to an exemplary embodiment of the present application;
图2为本申请根据一示例性实施例示出的一种访问视频设备的方法的实施例流程图;FIG. 2 is a flow chart of an embodiment of a method for accessing a video device according to an exemplary embodiment of the present application;
图3为本申请根据一示例性实施例示出的另一种访问视频设备的方法的实施例流程图;FIG. 3 is a flow chart of another method for accessing a video device according to an exemplary embodiment of the present application;
图4为本申请根据一示例性实施例示出的一种管理服务器的硬件结构图;FIG. 4 is a hardware structural diagram of a management server according to an exemplary embodiment of the present application;
图5为本申请根据一示例性实施例示出的一种访问视频设备的装置的实施例结构图。Fig. 5 is a structural diagram of an embodiment of an apparatus for accessing a video device according to an exemplary embodiment of the present application.
具体实施方式detailed description
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本申请相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本申请的一些方面相一致的装置和方法的例子。Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.
在本申请使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本申请。在本申请和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terminology used in this application is for the purpose of describing particular embodiments only, and is not intended to limit the application. As used in this application and the appended claims, the singular forms "a", "the", and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It should also be understood that the term "and/or" as used herein refers to and includes any and all possible combinations of one or more of the associated listed items.
应当理解,尽管在本申请可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本申请范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that although the terms first, second, third, etc. may be used in this application to describe various information, the information should not be limited to these terms. These terms are only used to distinguish information of the same type from one another. For example, without departing from the scope of the present application, first information may also be called second information, and similarly, second information may also be called first information. Depending on the context, the word "if" as used herein may be interpreted as "at" or "when" or "in response to a determination."
图1为本申请根据一示例性实施例示出的一种访问视频设备的应用场景图,如图1所示,该应用场景应用的网络可以是4G网络,场景包括:视频设备(例如,NVR(Network Video Recorder,网络硬盘录像机)、IPC(IP camera,网络摄像机)、DVR(Digital Video Recorder,数码录像机)、模拟摄像机、编码器等)、第一路由器(例如,4G路由器)、管理服务器、第二路由器(例如,4G路由器)、客户端(例如,计算机、平板设备、手机等)。其中,视频设备用于视频监控,处于私网1中;第一路由器启用NAT功能,处于私网1中,用于将私网1中的视频设备接入公网中的管理服务器;管理服务器处于公网中,用于管理视频设备、第一路由器、客户端、第二路由器;客户端用于访问视频设备,处于私网2中;第二路由器也启用NAT功能,处于私网2中,用于将私网2中的客户端接入公网中的管理服务器。FIG. 1 is a diagram of an application scenario for accessing video equipment according to an exemplary embodiment of the present application. As shown in FIG. Network Video Recorder, network hard disk recorder), IPC (IP camera, network camera), DVR (Digital Video Recorder, digital video recorder), analog camera, encoder, etc.), first router (for example, 4G router), management server, second Two routers (for example, 4G routers), clients (for example, computers, tablet devices, mobile phones, etc.). Among them, the video device is used for video surveillance and is in private network 1; the first router is NAT-enabled and is in private network 1, and is used to connect the video device in private network 1 to the management server in the public network; the management server is in In the public network, it is used to manage video equipment, the first router, the client, and the second router; the client is used to access the video equipment, and it is in private network 2; the second router is also enabled with NAT function, and it is in private network 2. To connect the client in the private network 2 to the management server in the public network.
图2为本申请根据一示例性实施例示出的一种访问视频设备的方法的实施例流程图,下面结合图1所示的场景进行详细说明,如图2所示,该实施例应用于管理服务器上,包括以下步骤:Fig. 2 is a flow chart of an embodiment of a method for accessing a video device according to an exemplary embodiment of the present application, which will be described in detail below in conjunction with the scene shown in Fig. 1. As shown in Fig. 2, this embodiment is applied to management server, including the following steps:
步骤201:接收来自客户端的连接请求报文,该连接请求报文中携带有要访问的视频设备的设备标识。Step 201: Receive a connection request message from a client, where the connection request message carries the device identifier of the video device to be accessed.
具体地,客户端在需要访问视频设备时,可以通过第二路由器将连接请求报文发送到管理服务器,该连接请求报文的报文内容中可以携带要访问的视频设备的设备标识。Specifically, when the client needs to access the video device, it can send a connection request message to the management server through the second router, and the message content of the connection request message can carry the device identifier of the video device to be accessed.
其中,该设备标识可以是字符或数字,也可以是字符与数字的组合,例如,NVR1可以代表视频设备1的设备标识。Wherein, the device identifier may be a character or a number, or a combination of characters and numbers, for example, NVR1 may represent the device identifier of the video device 1 .
步骤202:利用该设备标识获取视频设备对应的第一路由器的IP地址,并获取该第一路由器为该视频设备分配的第一公网端口。Step 202: Use the device identifier to obtain the IP address of the first router corresponding to the video device, and obtain the first public network port allocated by the first router to the video device.
在执行步骤201之前,管理服务器可以接收来自该视频设备的第一注册报文,并获取该第一注册报文携带的第一路由器的IP地址、该视频设备的IP地址以及该视频设备的设备标识,并将第一路由器的IP地址、该视频设备的IP地址以及该视频设备的设备标识添加到设备信息表中。Before executing step 201, the management server may receive the first registration message from the video device, and obtain the IP address of the first router carried in the first registration message, the IP address of the video device, and the device information of the video device. ID, and add the IP address of the first router, the IP address of the video device, and the device ID of the video device to the device information table.
其中,由于视频设备是通过第一路由器向管理服务器发送的第一注册报文,因此,管理服务器可以从第一注册报文的IP头的源地址中获取到第一路由器的IP地址,此外,管理服务器还可以从报文内容中获取到该视频设备的IP地址和该视频设备的设备标识。Wherein, since the video device is the first registration message sent to the management server through the first router, the management server can obtain the IP address of the first router from the source address of the IP header of the first registration message. In addition, The management server can also obtain the IP address of the video device and the device identifier of the video device from the contents of the message.
此外,管理服务器也可以接收来自该客户端的第二注册报文,并获取该第二注册报文携带的第二路由器的IP地址、该客户端的IP地址以及该客户端的设备标识,并将第二路由器的IP地址、该客户端的IP地址以及该客户端的设备标识添加到设备信息表中。In addition, the management server may also receive the second registration message from the client, obtain the IP address of the second router carried in the second registration message, the IP address of the client, and the device identifier of the client, and send the second The IP address of the router, the IP address of the client and the device identifier of the client are added to the device information table.
进一步地,设备信息表中还可以记录每个设备所属的路由器的路由器标识,管理服务器可以分别利用第一路由器的IP地址和第二路由器的IP地址查找路由器信息表获取对应的路由器标识,并将路由器标识对应添加到设备信息表中。Further, the router ID of the router to which each device belongs can also be recorded in the device information table, and the management server can use the IP address of the first router and the IP address of the second router to search the router information table to obtain the corresponding router ID, and The router ID is correspondingly added to the device information table.
针对获得路由器信息表的过程,管理服务器可以接收来自第一路由器的第三注册报文和来自第二路由器的第四注册报文,并将第三注册报文携带的第一路由器的路由器标识和第一路由器的IP地址添加到路由器信息表中,以及第四注册报文携带的第二路由器的路由器标识和第二路由器的IP地址添加到路由器信息表中。For the process of obtaining the router information table, the management server may receive the third registration message from the first router and the fourth registration message from the second router, and send the router identifier and the router identifier of the first router carried in the third registration message to The IP address of the first router is added to the router information table, and the router identifier of the second router and the IP address of the second router carried in the fourth registration message are added to the router information table.
其中,第三注册报文的IP头中的源IP地址为第一路由器的IP地址,报文内容中可以携带第一路由器的路由器标识;第四注册报文的IP头中的源IP地址为第二路由器的IP地址,报文内容中可以携带第二路由器的路由器标识。Wherein, the source IP address in the IP header of the third registration message is the IP address of the first router, and the router identifier of the first router can be carried in the message content; the source IP address in the IP header of the fourth registration message is The IP address of the second router, and the router identifier of the second router may be carried in the message content.
因此,针对利用该设备标识获取视频设备对应的第一路由器的IP地址的过程,在一个例子中,管理服务器可以利用连接请求报文携带的要访问的视频设备的设备标识查找设备信息表,获取该设备标识对应的第一路由器的IP地址。在另一个例子中,管理服务器也可以先利用该设备标识查找设备信息表,获取对应的路由器标识,并利用该路由器标识查找路由器信息表,获取对应的第一路由器的IP地址。Therefore, for the process of using the device identifier to obtain the IP address of the first router corresponding to the video device, in an example, the management server can use the device identifier of the video device to be accessed carried in the connection request message to search the device information table, and obtain The device identifies the corresponding IP address of the first router. In another example, the management server may first use the device identifier to search the device information table to obtain the corresponding router identifier, and use the router identifier to search the router information table to obtain the corresponding IP address of the first router.
针对获取该第一路由器为该视频设备分配的第一公网端口的过程,在一个例子中,管理服务器可以获取该设备标识对应的视频设备的IP地址,并利用该视频设备的IP地址向该视频设备发送查询报文,以使该视频设备返回为该客户端分配的第一内网端口,并利用第一路由器的IP地址向第一路由器发送携带该第一内网端口的第一通知报文,以使第一路由器为该第一内网端口分配第一公网端口,然后接收到第一路由器发送的第一公网端口。在另一个例子中,管理服务器也可以直接向第一路由器发送携带该视频设备IP地址的查询报文,以使第一路由器向该视频设备获取第一内网端口,并为该第一内网端口分配第一公网端口,然后再接收第一路由器发送的第一公网端口。For the process of obtaining the first public network port allocated by the first router to the video device, in an example, the management server may obtain the IP address of the video device corresponding to the device identifier, and use the IP address of the video device to send the The video device sends a query message, so that the video device returns the first intranet port allocated for the client, and uses the IP address of the first router to send the first notification message carrying the first intranet port to the first router. file, so that the first router allocates the first public network port to the first internal network port, and then receives the first public network port sent by the first router. In another example, the management server may also directly send a query message carrying the IP address of the video device to the first router, so that the first router obtains the first intranet port from the video device, and provides an IP address for the first intranet. The port allocates the first public network port, and then receives the first public network port sent by the first router.
其中,针对获取该设备标识对应的视频设备的IP地址的过程,管理服务器可以从设备信息表中获取到设备标识对应的视频设备的IP地址。Wherein, for the process of obtaining the IP address of the video device corresponding to the device identifier, the management server may obtain the IP address of the video device corresponding to the device identifier from the device information table.
需要说明的是,为了确保管理服务器中的设备信息表和路由器信息表记录的设备信息是最新信息,例如,设备IP地址有可能变更,视频设备、第一路由器、第二路由器以及客户端都可以按照预设时间周期分别向管理服务器发送保活报文,该保活报文与各设备发起注册时发送的报文携带的内容可以相同。It should be noted that, in order to ensure that the device information recorded in the device information table and router information table in the management server is the latest information, for example, the IP address of the device may change, and the video device, the first router, the second router, and the client can all A keep-alive message is sent to the management server according to a preset time period, and the content carried in the keep-alive message and the message sent when each device initiates registration may be the same.
基于步骤202的描述可知,由于视频设备、第一路由器、第二路由器以及客户端均向管理服务器发起注册,并且每隔一段时间还分别向管理服务器发送保活报文,以更新路由器信息表和设备信息表,因此,可以确保管理服务器中记录的各设备信息均是最新的信息,可以避免设备信息变更导致客户端访问失败的情况。Based on the description of step 202, it can be seen that since the video device, the first router, the second router and the client all initiate registration to the management server, and also send keep-alive messages to the management server at regular intervals to update the router information table and The device information table, therefore, can ensure that each device information recorded in the management server is the latest information, and can avoid the situation that the client access fails due to the change of the device information.
步骤203:向该客户端发送第一路由器的IP地址和第一公网端口,以使该客户端利用该第一路由器的IP地址和该第一公网端口向第一路由器发送报文,并由第一路由器将该报文转发到该视频设备上。Step 203: Send the IP address of the first router and the first public network port to the client, so that the client uses the IP address of the first router and the first public network port to send a message to the first router, and The packet is forwarded to the video device by the first router.
在执行步骤203之前,管理服务器接收到的连接请求报文中还携带有客户端的第二内网端口,即客户端利用第二内网端口访问视频设备,因此,管理服务器还可以向第二路由器发送携带该第二内网端口的第二通知报文,以使第二路由器为该第二内网端口分配第二公网端口,然后管理服务器再利用客户端的IP地址、第二内网端口、第二路由器的IP地址、第二公网端口、第一路由器的IP地址以及第一公网端口生成第一NAT表项,并将该第一NAT表项下发至第二路由器;和,管理服务器利用该视频设备的IP地址、第一内网端口、第一路由器的IP地址、第一公网端口、第二路由器的IP地址以及第二公网端口生成第二NAT表项,并将该第二NAT表项下发至第一路由器。或者,管理服务器在向第二路由器发送携带该第二内网端口的第二通知报文之后,可以直接将客户端的IP地址、第二内网端口、第二路由器的IP地址、第二公网端口、第一路由器的IP地址以及第一公网端口发送至第二路由器,以使第二路由器利用客户端的IP地址、第二内网端口、第二路由器的IP地址、第二公网端口、第一路由器的IP地址以及第一公网端口生成第一NAT表项;和,管理服务器直接将该视频设备的IP地址、第一内网端口、第一路由器的IP地址、第一公网端口、第二路由器的IP地址以及第二公网端口发送至第一路由器,以使第一路由器利用该视频设备的IP地址、第一内网端口、第一路由器的IP地址、第一公网端口、第二路由器的IP地址以及第二公网端口生成第二NAT表项。Before executing step 203, the second intranet port of the client is also carried in the connection request message received by the management server, that is, the client utilizes the second intranet port to access the video device, therefore, the management server can also send a request to the second router sending a second notification message carrying the second internal network port, so that the second router allocates a second public network port for the second internal network port, and then the management server uses the client's IP address, second internal network port, The IP address of the second router, the second public network port, the IP address of the first router, and the first public network port generate a first NAT entry, and issue the first NAT entry to the second router; and, manage The server utilizes the IP address of the video device, the first intranet port, the IP address of the first router, the first public network port, the IP address of the second router and the second public network port to generate a second NAT entry, and the The second NAT entry is issued to the first router. Or, after the management server sends the second notification message carrying the second internal network port to the second router, it may directly send the IP address of the client, the second internal network port, the IP address of the second router, the second public network Port, the IP address of the first router and the first public network port are sent to the second router, so that the second router uses the client's IP address, the second intranet port, the IP address of the second router, the second public network port, The IP address of the first router and the first public network port generate the first NAT entry; and, the management server directly uses the IP address of the video device, the first intranet port, the IP address of the first router, and the first public network port , the IP address of the second router and the second public network port are sent to the first router, so that the first router uses the IP address of the video device, the first intranet port, the IP address of the first router, and the first public network port , the IP address of the second router and the second public network port to generate a second NAT entry.
其中,由于第一NAT表项中记录有客户端的IP地址、第二内网端口(即内网地址和内网端口)、第一路由器的IP地址、第一公网端口(即目的地址和目的端口)与第二路由器的IP地址、第二公网端口(即公网地址和公网端口)的对应关系,因此,第二路由器接收到来自客户端的报文,可以利用报文携带的源地址、源端口、目的地址以及目的端口查找第一NAT表项,将报文中的源地址和源端口(即内网地址和内网端口)转换为第二路由器的IP地址和第二公网端口,再转发到第一路由器,又由于第二NAT表项中记录有视频设备的IP地址、第一内网端口、第一路由器的IP地址、第一公网端口、第二路由器的IP地址以及第二公网端口的对应关系,因此,第一路由器可以利用报文携带的源地址、源端口、目的地址以及目的端口查找第二NAT表项,将报文中的目的地址和目的端口转换为视频设备的IP地址和第一内网端口,再转发到视频设备。Wherein, since the IP address of the client, the second intranet port (i.e. the intranet address and the intranet port), the IP address of the first router, the first public network port (i.e. the destination address and the destination address) of the client are recorded in the first NAT entry. Port) and the IP address of the second router, the second public network port (ie public network address and public network port), therefore, the second router receives the message from the client, can use the source address carried by the message , source port, destination address and destination port to search for the first NAT entry, and convert the source address and source port (that is, intranet address and intranet port) in the message to the IP address and second public network port of the second router , and then forwarded to the first router, and because the IP address of the video device, the first intranet port, the IP address of the first router, the first public network port, the IP address of the second router, and The corresponding relationship of the second public network port, therefore, the first router can use the source address, source port, destination address and destination port carried by the message to search for the second NAT entry, and convert the destination address and destination port in the message into The IP address of the video device and the first intranet port are forwarded to the video device.
针对该客户端利用该第一路由器的IP地址和该第一公网端口向第一路由器发送报文的过程,客户端可以将源地址为客户端的IP地址、源端口为第二内网端口、目的地址为该第一路由器的IP地址、目的端口为该第一公网端口的报文发送至第二路由器;第二路由器利用该客户端的IP地址、该第二内网端口、该第一路由器的IP地址以及该第一公网端口查找第一NAT表项,获取对应的第二路由器的IP地址与第二公网端口;第二路由器将该报文的源地址转换为第二路由器的IP地址、源端口转换为第二公网端口,并将该报文发送至第一路由器。For the process that the client uses the IP address of the first router and the first public network port to send a message to the first router, the client can set the source address as the client's IP address, the source port as the second intranet port, A message whose destination address is the IP address of the first router and whose destination port is the first public network port is sent to the second router; the second router uses the IP address of the client, the second intranet port, and the first router The IP address of the first public network port and the first NAT entry are searched to obtain the corresponding IP address of the second router and the second public network port; the second router converts the source address of the message into the IP address of the second router The address and source port are converted into the second public network port, and the message is sent to the first router.
针对第一路由器将该报文转发到该视频设备上的过程,第一路由器可以利用第二路由器的IP地址、第二公网端口、第一路由器的IP地址以及第一公网端口查找第二NAT表项,获取对应的视频设备的IP地址与第一内网端口,然后再将该报文的目的地址转换为该视频设备的IP地址、目的端口转换为该第一内网端口,并将该报文发送至视频设备。For the process of forwarding the packet to the video device by the first router, the first router can use the IP address of the second router, the second public network port, the IP address of the first router and the first public network port to search for the second NAT entry, obtain the IP address and the first intranet port of the corresponding video equipment, then convert the destination address of the message into the IP address of the video equipment, convert the destination port into the first intranet port, and This message is sent to the video device.
基于步骤203的描述可知,由于管理服务器生成并下发的第一NAT表项和第二NAT表项,与现有普通的NAT表项比较,在查找NAT表项时更为严格,普通的NAT表项只利用报文携带的源地址和源端口查找即可,而在本申请的技术方案中,需要利用报文携带的源地址、源端口、目的地址以及目的端口查找,针对同一个源地址和源端口,访问的目的地址和目的端口不同,那么对应的公网地址和公网端口也就不同,因此,对于视频设备这一侧,强化了来自外部客户端访问请求来源的限制,从而,可以保证访问视频设备的安全性。Based on the description of step 203, it can be seen that the first NAT entry and the second NAT entry generated and delivered by the management server are more strict when looking for NAT entries than the existing common NAT entries. Table items can only be searched using the source address and source port carried in the message, but in the technical solution of this application, it is necessary to use the source address, source port, destination address and destination port carried in the message to search for the same source address Unlike the source port, the destination address and port of the access are different, and the corresponding public network address and public network port are also different. Therefore, for the side of the video device, the restriction on the source of the access request from the external client is strengthened, thus, It can guarantee the safety of accessing video equipment.
由上述实施例可知,管理服务器利用客户端发送的连接请求报文中携带的要访问的视频设备的设备标识,获取视频设备对应的第一路由器的IP地址,并获取该第一路由器为视频设备分配的第一公网端口,然后将第一路由器的IP地址和第一公网端口发送到客户端,客户端可以利用该第一路由器的IP地址和该第一公网端口向第一路由器发送报文,并由第一路由器将该报文转发到视频设备上。基于上述实现方式,管理服务器只需要获取到第一路由器的IP地址和第一公网端口便可使客户端直接访问到视频设备的视频数据,而不需要管理服务器为客户端向视频设备请求视频数据,然后再转发给客户端,而占用大量的带宽,从而,客户端直接从视频设备获取到的视频数据不会出现网络损伤,播放流畅,提高了用户体验。As can be seen from the foregoing embodiments, the management server uses the device identification of the video device to be accessed carried in the connection request message sent by the client to obtain the IP address of the first router corresponding to the video device, and obtains that the first router is the video device. The assigned first public network port, and then send the IP address of the first router and the first public network port to the client, and the client can use the IP address of the first router and the first public network port to send to the first router message, and the first router forwards the message to the video device. Based on the above implementation, the management server only needs to obtain the IP address of the first router and the first public network port to allow the client to directly access the video data of the video device, without the need for the management server to request video data from the video device for the client. The data is then forwarded to the client, which takes up a large amount of bandwidth. Therefore, the video data obtained by the client directly from the video device will not suffer from network damage, and the playback will be smooth, which improves the user experience.
图3为本申请根据一示例性实施例示出的另一种访问视频设备的方法的实施例流程图,如图3所示,该实施例对图1中各设备的交互过程进行详细说明,包括以下步骤:Fig. 3 is a flowchart of an embodiment of another method for accessing a video device according to an exemplary embodiment of the present application. As shown in Fig. 3, this embodiment describes in detail the interaction process of each device in Fig. 1, including The following steps:
步骤301~步骤302:第一路由器和第二路由器均向管理服务器注册,管理服务器建立路由器信息表,并定期保活。Steps 301 to 302: both the first router and the second router register with the management server, and the management server creates a router information table and keeps it alive periodically.
步骤301与步骤302的执行顺序并不做限定。The execution sequence of step 301 and step 302 is not limited.
步骤303~步骤304:视频设备和客户端均向管理服务器注册,管理服务器根据路由器信息表建立设备信息表,并定期保活。Step 303-Step 304: Both the video device and the client register with the management server, and the management server creates a device information table according to the router information table, and keeps alive periodically.
步骤303与步骤304的执行顺序也并不做限定。The execution order of step 303 and step 304 is also not limited.
针对步骤301至步骤304所述的流程,可以参见步骤202的相关描述,不再赘述。For the process described in step 301 to step 304, reference may be made to the relevant description of step 202, and details are not repeated here.
下面以一个例子进行说明,例如,第一路由器的IP地址为202.100.100.11,路由器标识为4G_Router-01,第二路由器的IP地址为202.200.200.22,路由器标识为4G_Router-02,视频设备的IP地址为192.168.1.110,设备标识为NVR1,客户端的IP地址为192.168.2.200,设备标识为Client1,第一路由器向管理服务器发送的第三注册报文携带有202.100.100.11和4G_Router-01,第二路由器向管理服务器发送的第四注册报文携带有202.200.200.22和4G_Router-02,如表1所示,为一种示例性的路由器信息表;视频设备向管理服务器发送的第一注册报文携带有202.100.100.11、192.168.1.110、NVR1,管理服务器利用202.100.100.11查找路由器信息表,可以获取到对应的4G_Router-01,客户端向管理服务器发送的第二注册报文携带有202.200.200.22、192.168.2.200、Client1,管理服务器利用202.200.200.22查找路由器信息表,可以获取到对应的4G_Router-02,如表2所示,为一种示例性的设备信息表。Let's take an example to illustrate, for example, the IP address of the first router is 202.100.100.11, the router ID is 4G_Router-01, the IP address of the second router is 202.200.200.22, the router ID is 4G_Router-02, and the IP address of the video device 192.168.1.110, the device ID is NVR1, the IP address of the client is 192.168.2.200, the device ID is Client1, the third registration message sent by the first router to the management server carries 202.100.100.11 and 4G_Router-01, the second router The fourth registration message sent to the management server carries 202.200.200.22 and 4G_Router-02, as shown in Table 1, which is an exemplary router information table; the first registration message sent by the video device to the management server carries 202.100.100.11, 192.168.1.110, NVR1, the management server uses 202.100.100.11 to search the router information table, and can obtain the corresponding 4G_Router-01, the second registration message sent by the client to the management server carries 202.200.200.22, 192.168. 2.200, Client1, the management server uses 202.200.200.22 to search the router information table, and can obtain the corresponding 4G_Router-02, as shown in Table 2, which is an exemplary device information table.
表1Table 1
表2Table 2
基于步骤301至步骤304描述可知,由于视频设备、第一路由器、第二路由器以及客户端均向管理服务器发起注册,并且每隔一段时间还分别向管理服务器发送保活报文,以更新路由器信息表和设备信息表,因此,管理服务器中记录的各设备信息均是最新的信息,可以避免设备信息变更导致客户端访问失败的情况。Based on the description of steps 301 to 304, it can be seen that since the video device, the first router, the second router, and the client all initiate registration with the management server, and also send keep-alive messages to the management server at regular intervals to update router information table and device information table, therefore, each device information recorded in the management server is the latest information, which can avoid the failure of client access caused by changes in device information.
步骤305:客户端向管理服务器发送携带有要访问的视频设备的设备标识连接请求报文。Step 305: the client sends a device identification connection request message carrying the video device to be accessed to the management server.
针对步骤305所述的流程可以参见步骤201的相关描述,不再赘述。如步骤301至304所述,例如,该连接请求报文携带的要访问的视频设备的设备标识可以是NVR1。For the process described in step 305, reference may be made to the relevant description of step 201, and details are not repeated here. As described in steps 301 to 304, for example, the device identifier of the video device to be accessed carried in the connection request message may be NVR1.
步骤306:管理服务器利用设备标识查找设备信息表,获取对应的视频设备的IP地址和第一路由器的IP地址。Step 306: The management server uses the device identifier to search the device information table, and acquires the IP address of the corresponding video device and the IP address of the first router.
例如,设备标识是NVR1,管理服务器利用NVR1查询表2,得到视频设备的IP地址192.168.1.110,第一路由器的IP地址202.100.100.11。For example, the device identifier is NVR1, and the management server uses NVR1 to look up Table 2 to obtain the IP address of the video device 192.168.1.110 and the IP address of the first router 202.100.100.11.
步骤307:管理服务器利用视频设备的IP地址向视频设备发送查询报文,以使该视频设备返回为该客户端分配的第一内网端口。Step 307: The management server uses the IP address of the video device to send a query message to the video device, so that the video device returns the first intranet port allocated to the client.
其中,视频设备为客户端分配的第一内网端口,可以针对不同的连接使用不同的端口,连接请求报文中可以携带协议特征以区分不同的连接,例如,连接请求报文携带的协议特征为TCP(Transmission Control Protocol,传输控制协议),TCP连接可以用于交互视频数据相关信息,从而,管理服务器发送的查询报文中可以携带协该议特征,视频设备针对TCP连接为客户端分配的第一内网端口为10001。Among them, the first intranet port allocated by the video device to the client can use different ports for different connections, and the connection request message can carry protocol features to distinguish different connections, for example, the protocol feature carried in the connection request message It is TCP (Transmission Control Protocol, Transmission Control Protocol), and the TCP connection can be used to exchange video data-related information. Therefore, the query message sent by the management server can carry the protocol features, and the video device assigns the TCP connection to the client. The first intranet port is 10001.
步骤308:视频设备向管理服务器发送第一内网端口。Step 308: the video device sends the first intranet port to the management server.
步骤309:管理服务器利用第一路由器的IP地址向第一路由器发送携带第一内网端口的第一通知报文,以使该第一路由器为该第一内网端口分配第一公网端口。Step 309: The management server uses the IP address of the first router to send a first notification message carrying the first internal network port to the first router, so that the first router allocates the first public network port to the first internal network port.
其中,第一路由器为第一内网端口分配第一公网端口,可以针对每个连接使用不同的本地端口,其分配方式可以采用现有的分配方式,不再赘述。例如,第一路由器为第一内网端口10001分配的第一公网端口为15001。Wherein, the first router allocates the first public network port to the first internal network port, and may use a different local port for each connection, and the allocation method may adopt an existing allocation method, which will not be repeated here. For example, the first public network port allocated by the first router to the first internal network port 10001 is 15001.
步骤310:第一路由器向管理服务器发送第一公网端口。Step 310: the first router sends the first public network port to the management server.
针对步骤306至步骤310所述的流程可以参见步骤202的相关描述,不再赘述。For the process described in step 306 to step 310, reference may be made to the relevant description of step 202, and details are not repeated here.
步骤311:管理服务器向第二路由器发送第二通知报文,以使该第二路由器为该客户端分配第二公网端口。Step 311: The management server sends a second notification message to the second router, so that the second router allocates a second public network port to the client.
步骤312:第二路由器向管理服务器发送第二公网端口。Step 312: the second router sends the second public network port to the management server.
针对步骤311至步骤312所述,如步骤305所述的连接请求报文中还携带有客户端的第二内网端口,即客户端是要通过第二内网端口访问视频设备,因此,管理服务器可以向第二路由器发送携带该第二内网端口的第二通知报文,以使该第二路由器为该客户端分配第二公网端口,其分配方式如步骤309所述。例如,客户端访问视频设备所使用的第二内网端口为20001,第二路由器为20001分配的第二公网端口为17001。As described in steps 311 to 312, the connection request message as described in step 305 also carries the second intranet port of the client, that is, the client wants to access the video device through the second intranet port. Therefore, the management server A second notification message carrying the second internal network port may be sent to the second router, so that the second router allocates the second public network port to the client, and the allocation method is as described in step 309 . For example, the second private network port used by the client to access the video device is 20001, and the second public network port allocated to 20001 by the second router is 17001.
需要说明的是,步骤306至步骤310与步骤311至步骤312的执行顺序并不做限定。It should be noted that the execution order of steps 306 to 310 and steps 311 to 312 is not limited.
步骤313:管理服务器利用客户端的IP地址、第二内网端口、第二路由器的IP地址、第二公网端口、第一路由器的IP地址、第一个公网端口生成第一NAT表项,并利用视频设备的IP地址、第一内网端口、第一路由器的IP地址、第一公网端口、第二路由器的IP地址以及第二公网端口生成第二NAT表项。Step 313: the management server utilizes the IP address of the client, the second intranet port, the IP address of the second router, the second public network port, the IP address of the first router, and the first public network port to generate a first NAT entry, And use the IP address of the video device, the first intranet port, the IP address of the first router, the first public network port, the IP address of the second router and the second public network port to generate a second NAT entry.
针对步骤313所述的流程可以参见步骤203的相关描述,不再赘述。结合步骤301至步骤312所述的例子,可以得到如表3所示的第一NAT表项,以及如表4所示的第二NAT表项。For the process described in step 313, reference may be made to the relevant description of step 203, and details are not repeated here. Combining the examples described in steps 301 to 312, the first NAT entry shown in Table 3 and the second NAT entry shown in Table 4 can be obtained.
表3table 3
表4Table 4
步骤314:管理服务器向第二路由器和第一路由器分别下发第一NAT表项和第二NAT表项。Step 314: The management server delivers the first NAT entry and the second NAT entry to the second router and the first router respectively.
步骤315:管理服务器将第一路由器的IP地址和第一公网端口发送至客户端。Step 315: the management server sends the IP address of the first router and the first public network port to the client.
步骤316:客户端向第二路由器发送源地址为客户端的IP地址、源端口为第二内网端口、目的地址为第一路由器的IP地址、目的端口为第一公网端口的报文。Step 316: The client sends a message to the second router with the source address being the client's IP address, the source port being the second intranet port, the destination address being the IP address of the first router, and the destination port being the first public network port.
步骤317:第二路由器利用客户端的IP地址、第二内网端口、第一路由器的IP地址以及第一公网端口查找第一NAT表项,获取对应的第二路由器的IP地址和第二公网端口。Step 317: The second router uses the IP address of the client, the second intranet port, the IP address of the first router, and the first public network port to search for the first NAT entry, and obtains the corresponding IP address of the second router and the second public net port.
由于管理服务器生成并下发的第一NAT表项为对称NAT转换模式,即目的地址和目的端口成为对称NAT转换关系的主要考虑因素,只有来自同一个内网地址和内网端口,且针对同一个目的地址和目的端口的报文,才可以将报文的内网地址和内网端口转换为同一个公网地址和公网端口,因此,即使内网地址和内网端口相同,不同的目的地址和目的端口对应的公网地址和公网端口也不同,从而,第二路由器需要利用客户端的IP地址、第二内网端口、第一路由器的IP地址以及第一公网端口查找第一NAT表项。Since the first NAT entry generated and issued by the management server is in the symmetric NAT translation mode, that is, the destination address and destination port become the main considerations for the symmetric NAT translation relationship, only those from the same intranet address and A packet with a destination address and a destination port can convert the packet’s private address and port to the same public address and port. Therefore, even if the private address and port are the same, different destinations The public network address and public network port corresponding to the address and the destination port are also different. Therefore, the second router needs to use the client's IP address, the second intranet port, the IP address of the first router, and the first public network port to find the first NAT entry.
步骤318:第二路由器将报文的源地址转换为第二路由器的IP地址、源端口转换为第二公网端口,并将该报文发送至第一路由器。Step 318: The second router translates the source address of the packet into the IP address of the second router, the source port into the second public network port, and sends the packet to the first router.
步骤319:第一路由器利用第二路由器的IP地址、第二公网端口、第一路由器的IP地址以及第一公网端口查找第二NAT表项,获取对应的视频设备的IP地址和第一内网端口。Step 319: The first router uses the IP address of the second router, the second public network port, the IP address of the first router, and the first public network port to search for the second NAT entry, and obtains the IP address of the corresponding video device and the first Intranet port.
针对步骤319所述的流程如步骤317所述,只是第一路由器需要利用第二路由器的IP地址、第二公网端口、第一路由器的IP地址以及第一公网端口查找第二NAT表项。The process described in step 319 is as described in step 317, except that the first router needs to use the IP address of the second router, the second public network port, the IP address of the first router and the first public network port to find the second NAT entry .
步骤320:第一路由器将报文的目的地址转换为视频设备的IP地址、目的端口转换为第一内网端口,并将该报文发送至视频设备。Step 320: The first router converts the destination address of the message into the IP address of the video device, the destination port into the first intranet port, and sends the message to the video device.
基于步骤313至步骤320描述可知,由于管理服务器生成并下发的第一NAT表项和第二NAT表项,与现有普通的NAT表项比较,在查找NAT表项时更为严格,普通的NAT表项只利用报文携带的源地址和源端口查找即可,而在本申请的技术方案中,需要利用报文携带的源地址、源端口、目的地址以及目的端口查找,针对同一个源地址和源端口,访问的目的地址和目的端口不同,那么对应的公网地址和公网端口也就不同,因此,对于视频设备这一侧,强化了来自外部客户端访问请求来源的限制,从而,可以保证访问视频设备的安全性。Based on the descriptions from step 313 to step 320, it can be seen that the first NAT entry and the second NAT entry generated and delivered by the management server are more stringent when looking for NAT entries than the existing common NAT entries. The NAT entry of the NAT entry can only be searched by using the source address and source port carried by the message, but in the technical solution of this application, it is necessary to use the source address, source port, destination address and destination port carried by the message to search for the same The source address and source port, and the destination address and destination port of the access are different, so the corresponding public network address and public network port are also different. Therefore, for the side of the video device, the restriction on the source of the access request from the external client is strengthened. Thereby, the security of accessing the video equipment can be ensured.
由上述实施例可知,管理服务器利用客户端发送的连接请求报文中携带的要访问的视频设备的设备标识,获取视频设备对应的第一路由器的IP地址,并获取该第一路由器为视频设备分配的第一公网端口,然后将第一路由器的IP地址和第一公网端口发送到客户端,客户端可以利用该第一路由器的IP地址和该第一公网端口向第一路由器发送报文,并由第一路由器将该报文转发到视频设备上。基于上述实现方式,管理服务器只需要获取到第一路由器的IP地址和第一公网端口便可使客户端直接访问到视频设备的视频数据,而不需要管理服务器为客户端向视频设备请求视频数据,然后再转发给客户端,而占用大量的带宽,从而,客户端直接从视频设备获取到的视频数据不会出现网络损伤,播放流畅,提高了用户体验。As can be seen from the foregoing embodiments, the management server uses the device identification of the video device to be accessed carried in the connection request message sent by the client to obtain the IP address of the first router corresponding to the video device, and obtains that the first router is the video device. The assigned first public network port, and then send the IP address of the first router and the first public network port to the client, and the client can use the IP address of the first router and the first public network port to send to the first router message, and the first router forwards the message to the video device. Based on the above implementation, the management server only needs to obtain the IP address of the first router and the first public network port to allow the client to directly access the video data of the video device, without the need for the management server to request video data from the video device for the client. The data is then forwarded to the client, which takes up a large amount of bandwidth. Therefore, the video data obtained by the client directly from the video device will not suffer from network damage, and the playback will be smooth, which improves the user experience.
与前述访问视频设备的方法的实施例相对应,本申请还提供了访问视频设备的装置的实施例。Corresponding to the foregoing embodiments of the method for accessing video equipment, the present application also provides embodiments of an apparatus for accessing video equipment.
本申请访问视频设备的装置的实施例可以应用在管理服务器上。装置实施例可以通过软件实现,也可以通过硬件或者软硬件结合的方式实现。以软件实现为例,作为一个逻辑意义上的装置,是通过其所在设备的处理器将非易失性存储器中对应的计算机程序指令读取到内存中运行形成的。从硬件层面而言,如图4所示,为本申请根据一示例性实施例示出的一种管理服务器的硬件结构图,除了图4所示的处理器、内存、网络接口、以及非易失性存储器之外,实施例中装置所在的设备通常根据该设备的实际功能,还可以包括其他硬件,对此不再赘述。Embodiments of the apparatus for accessing video equipment in this application can be applied to a management server. The device embodiments can be implemented by software, or by hardware or a combination of software and hardware. Taking software implementation as an example, as a device in a logical sense, it is formed by reading the corresponding computer program instructions in the non-volatile memory into the memory for operation by the processor of the device where it is located. From the perspective of hardware, as shown in FIG. 4, it is a hardware structure diagram of a management server according to an exemplary embodiment of the present application, except for the processor, memory, network interface, and non-volatile In addition to the non-volatile memory, the device where the device in the embodiment is located usually may also include other hardware according to the actual function of the device, which will not be repeated here.
图5为本申请根据一示例性实施例示出的一种访问视频设备的装置的实施例结构图,如图5所示,该实施例应用于管理服务器上,该装置包括:接收单元510、获取单元520、发送单元530。Fig. 5 is a structural diagram of an embodiment of a device for accessing video equipment according to an exemplary embodiment of the present application. As shown in Fig. 5, this embodiment is applied to a management server, and the device includes: a receiving unit 510, an The unit 520 and the sending unit 530.
接收单元510,用于接收来自所述客户端的连接请求报文;其中,所述连接请求报文携带有要访问的视频设备的设备标识;The receiving unit 510 is configured to receive a connection request message from the client; wherein, the connection request message carries a device identifier of the video device to be accessed;
获取单元520,用于利用所述设备标识获取所述视频设备对应的第一路由器的IP地址,并获取所述第一路由器为所述视频设备分配的第一公网端口;The obtaining unit 520 is configured to use the device identification to obtain the IP address of the first router corresponding to the video device, and obtain the first public network port allocated by the first router to the video device;
发送单元530,用于向所述客户端发送所述第一路由器的IP地址和所述第一公网端口,以使所述客户端利用所述第一路由器的IP地址和所述第一公网端口向所述第一路由器发送报文,并由所述第一路由器将所述报文转发到所述视频设备上。A sending unit 530, configured to send the IP address of the first router and the first public network port to the client, so that the client uses the IP address of the first router and the first public network port The network port sends a message to the first router, and the first router forwards the message to the video device.
在一个可选的实现方式中,该装置还包括(图5中未示出):获得设备信息表单元;In an optional implementation manner, the apparatus further includes (not shown in FIG. 5 ): obtaining a device information table unit;
所述获得设备信息表单元,具体用于在获取单元520利用所述设备标识获取所述视频设备对应的第一路由器的IP地址之前,接收来自所述视频设备的第一注册报文;获取所述第一注册报文中携带的所述第一路由器的IP地址与所述视频设备的设备标识;将所述视频设备的设备标识与所述第一路由器的IP地址添加到设备信息表中;The obtaining device information table unit is specifically configured to receive the first registration message from the video device before the obtaining unit 520 uses the device identifier to obtain the IP address of the first router corresponding to the video device; obtain the The IP address of the first router and the device identifier of the video device carried in the first registration message; adding the device identifier of the video device and the IP address of the first router to the device information table;
获取单元520,具体用于在利用所述设备标识获取所述视频设备对应的第一路由器的IP地址的过程中,利用所述设备标识查找设备信息表;获取所述设备标识对应的第一路由器的IP地址。The obtaining unit 520 is specifically configured to, in the process of obtaining the IP address of the first router corresponding to the video device by using the device identifier, use the device identifier to search for a device information table; obtain the first router corresponding to the device identifier IP address.
在另一个可选的实现方式中,获取单元520,还具体用于在获取所述第一路由器为所述视频设备分配的第一公网端口的过程中,获取所述设备标识对应的视频设备的IP地址,并利用所述视频设备的IP地址向所述视频设备发送查询报文,以使所述视频设备返回为所述客户端分配的第一内网端口;利用所述第一路由器的IP地址向所述第一路由器发送携带所述第一内网端口的第一通知报文,以使所述第一路由器为所述第一内网端口分配第一公网端口;接收所述第一路由器发送的所述第一公网端口。In another optional implementation manner, the obtaining unit 520 is further specifically configured to obtain the video device corresponding to the device identifier during the process of obtaining the first public network port allocated by the first router to the video device IP address of the video device, and use the IP address of the video device to send a query message to the video device, so that the video device returns the first intranet port allocated for the client; use the IP address of the first router The IP address sends a first notification message carrying the first internal network port to the first router, so that the first router allocates a first public network port to the first internal network port; receiving the first internal network port; The first public network port sent by a router.
在另一个可选的实现方式中,所述连接请求报文中还携带有所述第二内网端口,该装置还包括(图5中未示出):NAT表项生成单元;In another optional implementation manner, the connection request message also carries the second intranet port, and the device further includes (not shown in FIG. 5 ): a NAT entry generation unit;
所述NAT表项生成单元,具体用于向所述第二路由器发送携带所述第二内网端口的第二通知报文,以使所述第二路由器为所述第二内网端口分配第二公网端口;利用所述客户端的IP地址、所述第二内网端口、所述第二路由器的IP地址、所述第二公网端口、所述第一路由器的IP地址以及所述第一公网端口生成第一NAT表项,并将所述第一NAT表项下发至所述第二路由器;和,利用所述视频设备的IP地址、所述第一内网端口、所述第一路由器的IP地址、所述第一公网端口、所述第二路由器的IP地址以及所述第二公网端口生成第二NAT表项,并将所述第二NAT表项下发至所述第一路由器。The NAT entry generating unit is specifically configured to send a second notification message carrying the second internal network port to the second router, so that the second router assigns the second internal network port to the second internal network port. Two public network ports: using the IP address of the client, the second intranet port, the IP address of the second router, the second public network port, the IP address of the first router, and the first router A public network port generates a first NAT entry, and sends the first NAT entry to the second router; and, using the IP address of the video device, the first intranet port, the The IP address of the first router, the first public network port, the IP address of the second router, and the second public network port generate a second NAT entry, and issue the second NAT entry to The first router.
上述装置中各个单元的功能和作用的实现过程具体详见上述方法中对应步骤的实现过程,在此不再赘述。For the implementation process of the functions and effects of each unit in the above-mentioned device, please refer to the implementation process of the corresponding steps in the above-mentioned method for details, and details will not be repeated here.
对于装置实施例而言,由于其基本对应于方法实施例,所以相关之处参见方法实施例的部分说明即可。以上所描述的装置实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本申请方案的目的。本领域普通技术人员在不付出创造性劳动的情况下,即可以理解并实施。As for the device embodiment, since it basically corresponds to the method embodiment, for related parts, please refer to the part description of the method embodiment. The device embodiments described above are only illustrative, and the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in One place, or it can be distributed to multiple network elements. Part or all of the modules can be selected according to actual needs to achieve the purpose of the solution of this application. It can be understood and implemented by those skilled in the art without creative effort.
由上述实施例可知,管理服务器利用客户端发送的连接请求报文中携带的要访问的视频设备的设备标识,获取视频设备对应的第一路由器的IP地址,并获取该第一路由器为视频设备分配的第一公网端口,然后将第一路由器的IP地址和第一公网端口发送到客户端,客户端可以利用该第一路由器的IP地址和该第一公网端口向第一路由器发送报文,并由第一路由器将该报文转发到视频设备上。基于上述实现方式,管理服务器只需要获取到第一路由器的IP地址和第一公网端口便可使客户端直接访问到视频设备的视频数据,而不需要管理服务器为客户端向视频设备请求视频数据,然后再转发给客户端,而占用大量的带宽,从而,客户端直接从视频设备获取到的视频数据不会出现网络损伤,播放流畅,提高了用户体验。As can be seen from the foregoing embodiments, the management server uses the device identification of the video device to be accessed carried in the connection request message sent by the client to obtain the IP address of the first router corresponding to the video device, and obtains that the first router is the video device. The assigned first public network port, and then send the IP address of the first router and the first public network port to the client, and the client can use the IP address of the first router and the first public network port to send to the first router message, and the first router forwards the message to the video device. Based on the above implementation, the management server only needs to obtain the IP address of the first router and the first public network port to allow the client to directly access the video data of the video device, without the need for the management server to request video data from the video device for the client. The data is then forwarded to the client, which occupies a large amount of bandwidth. Therefore, the video data obtained directly by the client from the video device will not suffer from network damage, and the playback is smooth, which improves the user experience.
以上所述仅为本申请的较佳实施例而已,并不用以限制本申请,凡在本申请的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本申请保护的范围之内。The above is only a preferred embodiment of the application, and is not intended to limit the application. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the application should be included in the application. within the scope of protection.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610489681.1ACN105979405A (en) | 2016-06-24 | 2016-06-24 | Method and device for accessing video device |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610489681.1ACN105979405A (en) | 2016-06-24 | 2016-06-24 | Method and device for accessing video device |
| Publication Number | Publication Date |
|---|---|
| CN105979405Atrue CN105979405A (en) | 2016-09-28 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610489681.1APendingCN105979405A (en) | 2016-06-24 | 2016-06-24 | Method and device for accessing video device |
| Country | Link |
|---|---|
| CN (1) | CN105979405A (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107360095A (en)* | 2017-07-13 | 2017-11-17 | 惠州高盛达科技有限公司 | The implementation method of port forwarding in the router based on client host title |
| CN113992492A (en)* | 2021-12-28 | 2022-01-28 | 北京天维信通科技有限公司 | Management method for realizing single-address single-port connection based on extended TCP protocol |
| CN114095691A (en)* | 2020-07-29 | 2022-02-25 | 浙江宇视科技有限公司 | A device access method, apparatus and computer-readable storage medium |
| CN114466249A (en)* | 2022-04-13 | 2022-05-10 | 荣耀终端有限公司 | Data request processing method, device and storage medium |
| CN115865864A (en)* | 2022-11-22 | 2023-03-28 | 珠海豹趣科技有限公司 | Remote network disk access method, device, electronic equipment and storage medium |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20050107891A (en)* | 2004-05-10 | 2005-11-16 | 주식회사 모비스 | Method for communicating between network devices |
| CN101478493A (en)* | 2009-02-10 | 2009-07-08 | 杭州华三通信技术有限公司 | Method and device for NAT through communication |
| CN104253980A (en)* | 2014-09-25 | 2014-12-31 | 浙江宇视科技有限公司 | Method and device for connecting front-end equipment with background media equipment |
| CN104539902A (en)* | 2014-12-29 | 2015-04-22 | 浙江宇视科技有限公司 | IPC remote access method and system |
| CN104883390A (en)* | 2015-04-17 | 2015-09-02 | 浙江宇视科技有限公司 | Method of accessing third-party video monitoring device and device of accessing third-party video monitoring device |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20050107891A (en)* | 2004-05-10 | 2005-11-16 | 주식회사 모비스 | Method for communicating between network devices |
| CN101478493A (en)* | 2009-02-10 | 2009-07-08 | 杭州华三通信技术有限公司 | Method and device for NAT through communication |
| CN104253980A (en)* | 2014-09-25 | 2014-12-31 | 浙江宇视科技有限公司 | Method and device for connecting front-end equipment with background media equipment |
| CN104539902A (en)* | 2014-12-29 | 2015-04-22 | 浙江宇视科技有限公司 | IPC remote access method and system |
| CN104883390A (en)* | 2015-04-17 | 2015-09-02 | 浙江宇视科技有限公司 | Method of accessing third-party video monitoring device and device of accessing third-party video monitoring device |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107360095A (en)* | 2017-07-13 | 2017-11-17 | 惠州高盛达科技有限公司 | The implementation method of port forwarding in the router based on client host title |
| CN107360095B (en)* | 2017-07-13 | 2020-06-23 | 惠州高盛达科技有限公司 | Method for realizing port forwarding in router based on client host name |
| CN114095691A (en)* | 2020-07-29 | 2022-02-25 | 浙江宇视科技有限公司 | A device access method, apparatus and computer-readable storage medium |
| CN113992492A (en)* | 2021-12-28 | 2022-01-28 | 北京天维信通科技有限公司 | Management method for realizing single-address single-port connection based on extended TCP protocol |
| CN113992492B (en)* | 2021-12-28 | 2022-08-09 | 北京天维信通科技有限公司 | Management method for realizing single-address single-port connection based on extended TCP protocol |
| CN114466249A (en)* | 2022-04-13 | 2022-05-10 | 荣耀终端有限公司 | Data request processing method, device and storage medium |
| CN114466249B (en)* | 2022-04-13 | 2022-09-20 | 荣耀终端有限公司 | Data request processing method, device and storage medium |
| CN115865864A (en)* | 2022-11-22 | 2023-03-28 | 珠海豹趣科技有限公司 | Remote network disk access method, device, electronic equipment and storage medium |
| Publication | Publication Date | Title |
|---|---|---|
| US8767737B2 (en) | Data center network system and packet forwarding method thereof | |
| US8837483B2 (en) | Mapping private and public addresses | |
| US9930003B2 (en) | Location-based domain name system service discovery | |
| CN110896371B (en) | Virtual network equipment and related method | |
| US10389628B2 (en) | Exposing a subset of hosts on an overlay network to components external to the overlay network without exposing another subset of hosts on the overlay network | |
| CN104486589B (en) | Access method and device in video monitoring system based on GVRP | |
| US20120162445A1 (en) | Virtual tunnel router, ip camera management server and location-based ip camera service method | |
| US20150188802A1 (en) | System for supporting multi-tenant based on private ip address in virtual private cloud networks and operating method thereof | |
| CN105979405A (en) | Method and device for accessing video device | |
| US20150067033A1 (en) | Relay Server Load Balancing and Placement using In-Band Signaling | |
| US11533275B2 (en) | Method and apparatus for allocating server in wireless communication system | |
| CN107094110B (en) | DHCP message forwarding method and device | |
| US10498836B2 (en) | Network based service discovery via unicast messages | |
| WO2016197787A2 (en) | Access control method and apparatus | |
| CN112583655B (en) | Data transmission method, device, electronic device and readable storage medium | |
| WO2020253631A1 (en) | Configuration method, device, and system for ip address | |
| WO2018214784A1 (en) | Separation of forwarding plane and control plane of cgn | |
| CN105897758A (en) | Container access control method and device | |
| CN108234422A (en) | Resource regulating method and device | |
| CN106534794A (en) | A remote control method and device for a video surveillance system | |
| CN105897542B (en) | A tunnel establishment method and video monitoring system | |
| CN109743585B (en) | Method and device for collecting monitoring videos and cloning favorites | |
| US9705794B2 (en) | Discovery of network address allocations and translations in wireless communication systems | |
| CN106059883A (en) | Message transmission method and device | |
| CN110139119B (en) | P2P audio live broadcast distribution method, device and storage medium of digital broadcast system |
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | Application publication date:20160928 | |
| RJ01 | Rejection of invention patent application after publication |