一种视频监控系统及媒体穿越网络地址转换设备的方法 Video monitoring system and method for media traversing network address translation device
技术领域Technical field
本发明涉及网络媒体发送技术, 更具体地说, 是一种视频监控系统及媒 体穿越网络地址转换( NAT , Network Address Translation )设备的方法。 The present invention relates to a network media transmission technology, and more particularly to a video surveillance system and a method for media traversing a network address translation (NAT) device.
背景技术Background technique
网络监控系统通过内部互联网 (Intranet )和国际互联网 (Internet ) 实现 媒体的传输从而进行远程的视频监控。 用户无论身在何处, 都可利用电脑或 者电视登录互联网接通远端的监控系统, 实现实时图像和声音传输。 视频监 控以其直观、 方便、 信息内容丰富而广泛应用于许多场合, 例如公安局, 银 行, 学校, 医院, 公路等。 近年来, 随着计算机、 网络以及图像处理、 传输 技术的飞速发展, 视频监控技术也有长足的发展。 The network monitoring system transmits media through the internal Internet (Intranet) and the Internet (Internet) for remote video surveillance. No matter where you are, users can use the computer or TV to log on to the Internet to connect to the remote monitoring system for real-time image and sound transmission. Video surveillance is widely used in many situations, such as public security bureaus, banks, schools, hospitals, and highways, because of its intuitiveness, convenience, and rich information content. In recent years, with the rapid development of computer, network and image processing and transmission technologies, video surveillance technology has also made great progress.
Internet的迅速发展以及 IPv4地址数量的限制使得 NAT设备得到广泛应 用。 NAT设备允许处于同一 NAT后的多台主机共享一个公网(一般处于 NAT 前的网络称为公网) IP地址。 一个私网(一般处于 NAT后的网络称为私网或 内网) IP地址通过 NAT设备与公网的其他主机通信。 由私网内主机主动发 起连接,数据包经过 NAT地址转换后送给公网上的服务器, 连接建立以后可 双向传送数据, NAT设备允许私网内主机主动向公网内主机发送数据,但却禁 止反方向的主动传递, 在视频监控系统中, 需要不同私网内的主机进行互联, 穿越 NAT的问题必须解决。 The rapid development of the Internet and the limitation of the number of IPv4 addresses have made NAT devices widely available. A NAT device allows multiple hosts behind the same NAT to share a public network (usually the network before the NAT is called the public network). A private network (a network that is generally behind a NAT is called a private network or an intranet). An IP address communicates with other hosts on the public network through a NAT device. The host in the private network initiates the connection. The data packet is forwarded to the server on the public network after the NAT address is translated. After the connection is established, the data can be transmitted in both directions. The NAT device allows the host in the private network to send data to the host in the public network. In the video surveillance system, hosts in different private networks need to be interconnected. The problem of traversing NAT must be solved.
随着网络的发展, 许多建筑物已经具备局域网和广域网, 利用现有的公 网和私网承载视频监控的系统可以让用户使用更为方便, 成本也更低廉, 从 而媒体数据如何穿越公网和私网成为需要解决的问题。 With the development of the network, many buildings already have local area networks and wide area networks. The existing public and private networks carrying video surveillance systems can make users more convenient and cheaper, so that media data can traverse the public network and The private network has become a problem that needs to be solved.
现有的专利文献包括:专利申请号为 CN200710195416.3的中国专利申请 The existing patent documents include: Chinese patent application with patent application number CN200710195416.3
"基于视频监控的前端录像点播穿越 NAT 的方法" 、 专利号为 CN200610021989 的中国专利申请 "基于 UDP的流媒体穿越 NAT设备的方 法"及专利号为 CN200810216944.7的中国专利申请 "一种视频监控系统实现 媒体穿越 NAT的方法和系统" 。"Video surveillance-based method for front-end video on demand to traverse NAT", Patent No. CN200610021989, Chinese patent application "Method for UDP-based streaming media traversing NAT device" and Chinese patent application with patent number CN200810216944.7" System implementation The method and system for media to traverse NAT".
第 CN200710195416.3号中国专利申请利用了流媒体服务器进行转发,第 CN200810216944.7 的中国专利申请介绍的方法是从客户端到监控前端直连 的方式, 扩展了 RTSP 信令从而实现媒体信令和媒体的穿越。 第 CN200610021989号中国专利同样也是媒体通过流媒体服务器的中转。 The Chinese patent application No. CN200710195416.3 utilizes a streaming media server for forwarding. The method described in the Chinese patent application of CN200810216944.7 is a method of directly connecting from the client to the monitoring front end, extending RTSP signaling to realize media signaling and The passage of the media. The CN200610021989 Chinese patent is also the transit of the media through the streaming media server.
国外专利第 WO2008003214号, "METHOD, DEVICE AND SYSTEM FOR MEDIA FLOW TRAVERSING NAT" ,该专利介绍了一种媒体穿越 NAT 的系统和方法。 发明内容 Foreign Patent No. WO2008003214, "METHOD, DEVICE AND SYSTEM FOR MEDIA FLOW TRAVERSING NAT", which introduces a system and method for media traversing NAT. Summary of the invention
本发明所要解决的技术问题是, 如何解决监控前端到客户端之间各种情 况下的媒体穿越 NAT的问题, 故提供一种视频监控系统及媒体穿越 NAT设 备的方法。 The technical problem to be solved by the present invention is how to solve the problem that the media traversing the NAT under various conditions between the monitoring front end and the client, so that a video monitoring system and a method for the media to traverse the NAT device are provided.
为了解决上述问题, 本发明公开了一种媒体穿越网络地址转换(NAT ) 设备的方法, 包括: In order to solve the above problem, the present invention discloses a method for media traversing a network address translation (NAT) device, including:
在视频监控系统中建立会话的过程中, 会话双方分别向对方发起携带有 自身网络地址和端口信息的 NAT穿越请求包, 收到所述 NAT穿越请求包的 一方解析该 NAT穿越请求包, 从中获取 NAT请求设备的源网络地址和端口 信息, 通过 NAT穿越响应包将所获取的 NAT请求设备的源网络地址和端口 信息反馈给 NAT穿越请求包发起方, 当所述 NAT穿越请求包发起方根据所 述 NAT穿越响应包中的 NAT请求设备的源网络地址和端口与自身网络地址 和端口信息的比较结果, 确定自身处于私网中, 则周期性向对方发送 NAT穿 越包。 In the process of establishing a session in the video surveillance system, the two parties of the session initiate a NAT traversal request packet carrying the network address and the port information, and the party receiving the NAT traversal request packet parses the NAT traversal request packet, and obtains the NAT traversal request packet. The source network address and port information of the NAT requesting device, and the source network address and port information of the obtained NAT requesting device are fed back to the NAT traversal request packet initiator by using the NAT traversal response packet, when the NAT traversal request packet initiator is The result of comparing the source network address and port of the NAT traversal packet in the NAT traversal packet with the network address and port information of the NAT traversal packet, and determining that it is in the private network, periodically sends a NAT traversal packet to the other party.
较佳地, 上述方法中, 所述 NAT穿越请求包发起方根据所述 NAT穿越 响应包中的网络地址和端口与自身网络地址和端口信息的比较结果, 确定自 身处于私网的过程如下: Preferably, in the above method, the NAT traversal request packet initiator determines that the user is in the private network according to the comparison between the network address and the port in the NAT traversal response packet and the network address and port information.
所述 NAT穿越请求包发起方将所述 NAT穿越响应包中的 NAT请求设备 的源网络地址与自身网络地址比较, 将所述 NAT穿越响应包中的 NAT请求 设备的端口与自身端口比较, 至少一个比较结果为不同时, 确定自身处于私 网中。The NAT traversal request packet initiator compares the source network address of the NAT traversal device in the NAT traversal response packet with its own network address, and traverses the NAT request in the response packet. When the port of the device is compared with its own port, if at least one comparison result is different, it is determined that it is in the private network.
较佳地, 上述方法中, 所述 NAT穿越请求包发起方确定两个比较结果均 为相同时, 停止发送 NAT穿越包。 Preferably, in the foregoing method, when the NAT traversal request packet initiator determines that both comparison results are the same, the NAT traversal packet is stopped.
较佳地, 上述方法中, 当所述 NAT穿越请求包发起方连接发送 NAT穿 越请求包的次数达到设定值, 且均未收到所述 NAT穿越响应包时, 停止发送 所述 NAT穿越请求包。 Preferably, in the foregoing method, when the NAT traversal request packet initiator connection sends the NAT traversal request packet to a set value, and the NAT traversal response packet is not received, the NAT traversal request is stopped. package.
较佳地, 上述方法中, 所述 NAT穿越请求包发起方还在所述 NAT穿越 请求包中携带所述会话的标识信息,收到该 NAT穿越请求包的一方在所反馈 的 NAT穿越响应包中携带该会话的标识信息。 Preferably, in the above method, the NAT traversal request packet initiator further carries the identifier information of the session in the NAT traversal request packet, and the received NAT traversal response packet is received by a party that receives the NAT traversal request packet. The identification information of the session is carried in the middle.
本发明还公开了一种视频监控系统, 包括: The invention also discloses a video monitoring system, comprising:
NAT穿越请求包发起方,设置为:在视频监控系统中建立会话的过程中, 向该会话的对方发起携带有自身网络地址和端口信息的 NAT穿越请求包,并 根据收到的 NAT穿越响应包中的 NAT请求设备的源网络地址和端口与自身 网络地址和端口信息的比较结果, 确定自身处于私网时, 周期性向该会话的 对方发送 NAT穿越包; The NAT traversal request packet initiator is configured to: in the process of establishing a session in the video surveillance system, initiate a NAT traversal request packet carrying its own network address and port information to the other party of the session, and according to the received NAT traversal response packet The result of comparing the source network address and port of the NAT requesting device with the network address and port information of the device, and determining that the user is in the private network, periodically sends a NAT traversal packet to the other party of the session;
NAT穿越请求包接收方, 设置为: 解析该会话的对方发送的 NAT穿越 请求包, 从中获取 NAT请求设备的源网络地址和端口信息, 通过 NAT穿越 响应包将所获取的 NAT请求设备的源网络地址和端口信息反馈给 NAT穿越 请求包发起方。 The NAT traversal request packet receiver is configured to: parse the NAT traversal request packet sent by the peer of the session, obtain the source network address and port information of the NAT requesting device, and obtain the source network of the obtained NAT requesting device by using the NAT traversal response packet. The address and port information is fed back to the NAT traversal request packet initiator.
较佳地, 上述系统中, 所述 NAT穿越请求包发起方是设置为: 根据所述 NAT 穿越响应包中的网络地址和端口与自身网络地址和端口信息的比较结 果, 确定自身处于私网的过程如下: Preferably, in the above system, the NAT traversal request packet initiator is configured to: determine that the user is in the private network according to the comparison between the network address and the port in the NAT traversal response packet and the network address and port information. The process is as follows:
所述 NAT穿越请求包发起方将所述 NAT穿越响应包中的 NAT请求设备 的源网络地址与自身网络地址比较, 将所述 NAT穿越响应包中的 NAT请求 设备的端口与自身端口比较, 至少一个比较结果为不同时, 确定自身处于私 网中。 The NAT traversal request packet initiator compares the source network address of the NAT requesting device in the NAT traversal response packet with its own network address, and compares the port of the NAT traversal packet in the NAT traversal packet with its own port, at least When a comparison result is different, it is determined that it is in the private network.
较佳地, 上述系统中, 所述 NAT穿越请求包发起方确定两个比较结果均 为相同时, 停止发送 NAT穿越包。Preferably, in the above system, the NAT traversal request packet initiator determines that both comparison results are When they are the same, stop sending NAT traversal packets.
较佳地, 上述系统中, 所述 NAT穿越请求包发起方还设置为: 当连接发 送 NAT穿越请求包的次数达到设定值,且均未收到所述 NAT穿越响应包时, 停止发送所述 NAT穿越请求包。 Preferably, in the above system, the NAT traversal request packet initiator is further configured to: when the number of times the connection sends the NAT traversal request packet reaches a set value, and the NAT traversal response packet is not received, the sending of the packet is stopped. The NAT traversal request packet.
较佳地, 上述系统中, 所述 NAT 穿越请求包发起方还设置为: 在所述 Preferably, in the above system, the NAT traversal request packet initiator is further configured to:
NAT穿越请求包中携带所述会话的标识信息;The NAT traversal request packet carries the identification information of the session;
所述 NAT穿越请求包接收方还设置为: 在向所述 NAT穿越请求包发起 方反馈的 NAT穿越响应包中携带该会话的标识信息。 The NAT traversal request packet receiver is further configured to: carry the identifier information of the session in the NAT traversal response packet fed back to the NAT traversal request packet initiator.
与现有技术相比较, 本发明技术方案在视频监控系统中, 利用系统已有 的设备以及业务平台, 借助 SIP及自定义 NAT穿越包, 实现了 NAT的检测, 并有效地解决了监控前端到客户端之间各种情况下的媒体穿越 NAT的问题。 附图概述Compared with the prior art, the technical solution of the present invention realizes the detection of NAT by using the existing equipment and service platform of the system, and the SIP and the custom NAT traversal package, and effectively solves the monitoring front end to the video monitoring system. The problem of media traversing NAT between clients in various situations. BRIEF abstract
图 1是本实施例 1中媒体穿越 NAT的流程示意图; 1 is a schematic flowchart of media traversing NAT in the first embodiment;
图 2是 CU在私网 PU在公网时, 釆用本发明技术方案穿越的流程图; 图 3是 CU在公网 PU在私网时, 釆用本发明技术方案穿越的流程图; 图 4是 CU、 PU在不同私网时, 釆用本发明技术方案穿越的流程图。 本发明的较佳实施方式 2 is a flow chart of the CU traversing with the technical solution of the present invention when the private network PU is on the public network; FIG. 3 is a flow chart of the CU traversing with the technical solution of the present invention when the public network PU is in the private network; When the CU and the PU are in different private networks, the flow chart of the technical solution of the present invention is used. Preferred embodiment of the invention
为了使本发明的目的、 技术方案和优点更加清楚明白, 下文将结合附图 对本发明技术方案作进一步详细说明。 需要说明的是, 在不冲突的前提下, 本申请的实施例和实施例中的特征可以任意相互组合, 均在本发明的保护范 围之内。 另外, 在附图的流程图示出的步骤可以在诸如一组计算机可执行指 令的计算机系统中执行, 并且, 虽然在流程图中示出了逻辑顺序, 但是在某 些情况下, 可以以不同于此处的顺序执行所示出或描述的步骤。 本案申请人发现, 现有媒体穿越 NAT的技术方案中, 需要对客户端和监 控前端进行配置, 以确定各设备的位置, 即各设备是处于公网还是私网, 这 样, 在媒体穿越 NAT时, 才可根据设备的位置, 选择相应的穿越方式。 但这 样的操作不仅繁瑣, 且系统发生更新 (如增加或删除设备) 时, 需要再次进 行配置。 基于此发现, 本案申请人考虑取消配置操作, 而在建立会话的过程 中,会话双方分别向对端发起包括有自身网络地址和端口信息的穿越请求包, 而对于接收方而言,其收到的穿越请求包中的网络地址和端口信息为 NAT请 求设备的源网络地址和端口,只需将该 NAT请求设备的源网络地址和端口反 馈给发起方。发起方比较该 NAT请求设备的源网络地址和端口和自身网络地 址和端口,根据比较结果即可知该穿越请求包是否经过 NAT设备转换, 从而 确定自身的位置 (即确定自身是否处于私网中) , 以进行后续的 NAT穿越。 这样, 就准确地实现了 NAT的检测, 从而解决监控前端到客户端之间各种情 况下的媒体穿越 NAT的问题。In order to make the objects, technical solutions and advantages of the present invention more comprehensible, the technical solutions of the present invention will be further described in detail below with reference to the accompanying drawings. It should be noted that, in the case of no conflict, the features in the embodiments and the embodiments of the present application may be combined with each other arbitrarily, and are all within the protection scope of the present invention. Additionally, the steps illustrated in the flowchart of the figures may be performed in a computer system, such as a set of computer-executable instructions, and, although the logical order is illustrated in the flowchart, in some cases, may be different The steps shown or described are performed in the order herein. The applicant of the present invention found that in the technical solution of the existing media traversing the NAT, the client and the monitoring front end need to be configured to determine the location of each device, that is, whether the devices are on the public network or the private network, so that when the media traverses the NAT , according to the location of the device, select the appropriate way to traverse. However, such an operation is not only cumbersome, but also needs to be configured again when the system is updated (such as adding or removing devices). Based on this finding, the applicant of the present case considers canceling the configuration operation, and in the process of establishing the session, the two parties respectively initiate a traversal request packet including the own network address and port information to the opposite end, and the receiving party receives the traversal request packet. The network address and port information in the traversal request packet is the source network address and port of the NAT requesting device, and only the source network address and port of the NAT requesting device are fed back to the initiator. The initiator compares the source network address and port of the NAT requesting device with its own network address and port, and according to the comparison result, whether the traversal request packet is converted by the NAT device, thereby determining its own location (ie, determining whether it is in the private network) For subsequent NAT traversal. In this way, the detection of NAT is accurately implemented, thereby solving the problem of media traversing NAT in various situations between the monitoring front end and the client.
实施例 1 Example 1
基于上述思想, 本实施例提供一种媒体穿越 NAT设备的方法, 该方法包 括: Based on the above idea, the embodiment provides a method for media to traverse a NAT device, and the method includes:
在视频监控系统中建立会话的过程中, 会话双方分别向对方发起携带有 自身网络地址和端口信息的 NAT穿越请求包, 收到 NAT穿越请求包的一方 解析该 NAT穿越请求包,从中获取 NAT请求设备的源网络地址和端口信息, 通过 NAT穿越响应包将所获取的 NAT请求设备的源网络地址和端口信息反 馈给 NAT穿越请求包发起方,当 NAT穿越请求包发起方根据 NAT穿越响应 包中的 NAT请求设备的源网络地址和端口与自身网络地址和端口信息的比 较结果, 确定自身处于私网中, 则周期性向对方发送 NAT穿越包。 During the establishment of the session in the video surveillance system, the two parties initiate a NAT traversal request packet carrying the network address and port information to the other party, and the party receiving the NAT traversal request packet parses the NAT traversal request packet to obtain a NAT request. The source network address and port information of the device, and the source network address and port information of the obtained NAT requesting device are fed back to the NAT traversal request packet initiator by using the NAT traversal response packet, and the NAT traversal request packet initiator is according to the NAT traversal response packet. The result of comparing the source network address and port of the NAT requesting device with its own network address and port information, and determining that it is in the private network, periodically sends a NAT traversal packet to the other party.
其中, NAT穿越请求包发起方根据 NAT穿越响应包中的网络地址和端 口与自身网络地址和端口信息的比较结果, 确定自身处于私网的过程如下: The process of determining that the NAT traversal request packet initiator is in the private network according to the network address in the NAT traversal packet and the comparison between the port and the network address and port information is as follows:
NAT穿越请求包发起方将 NAT穿越响应包中的 NAT请求设备的源网络 地址与自身网络地址比较, 将 NAT穿越响应包中的 NAT请求设备的端口与 自身端口比较;The NAT traversal request packet initiator compares the source network address of the NAT traversal device in the NAT traversal packet with its own network address, and compares the port of the NAT traversal device in the NAT traversal packet with its own port;
当上述两个比较结果中, 至少一个比较结果为不同时, NAT穿越请求包 发起方确定自身处于私网中, 进而周期性向对方发送 NAT穿越包;When at least one of the above two comparison results is different, the NAT traversing request packet The initiator determines that it is in the private network, and then periodically sends a NAT traversal packet to the other party;
当这两个比较结果均为相同时, NAT穿越请求包发起方认为双方可能位 于同一网络中, 无需进行 NAT穿越, 故停止发送 NAT穿越包, 以节省带宽; 而当 NAT穿越请求包发起方未收到 NAT穿越响应包时, NAT穿越请求 包发起方认为自身可能处于公网中, 而对方位于私网中, 故停止发送 NAT穿 越请求包。 优选的方案中, NAT穿越请求包发起方连接发送 NAT穿越请求 包, 若连接发送的次数达到设定值, 且均未收到 NAT穿越响应包, 才停止发 送 NAT穿越请求包。 When the two comparison results are the same, the NAT traversal request packet initiator considers that the two parties may be in the same network, and does not need NAT traversal, so the NAT traversal packet is stopped to save bandwidth; and when the NAT traversal request packet initiator does not Upon receiving the NAT traversal response packet, the NAT traversal request packet initiator considers that it may be in the public network, and the other party is located in the private network, so the NAT traversal request packet is stopped. In a preferred solution, the NAT traversal request packet initiator sends a NAT traversal request packet. If the number of times the connection is sent reaches the set value, and no NAT traversal response packet is received, the NAT traversal request packet is stopped.
其中, 上述会话双方为监控前端 (Pre Unit, PU )和客户端 (Client Unit, cu ) 。 The two sessions are the front end (Pre Unit, PU) and the client (Client unit, cu).
下面, 以具体流程来描述上述媒体穿越 NAT设备的过程, 该过程如图 1 所示, 包括如下步骤: The following describes the process of traversing a NAT device by using a specific process. The process is as shown in FIG. 1 and includes the following steps:
步骤 A、 客户端与监控前端都注册到业务平台。 Step A: Both the client and the monitoring front end are registered to the service platform.
步骤 B. 在直连播放前, 客户端从业务平台获取监控前端的被叫地址, 信令端口号。 Step B. Before the direct connection is played, the client obtains the called address and signaling port number of the monitoring front end from the service platform.
步骤 C.客户端与监控前端通过信令协议,如 RTSP ( Real Time Streaming Protocol, 实时流传输协议)以及 SIP ( Session Initiation Protocol, 会话初始协 议 ) , 完成 SDP ( Session Description Protocol, 会话描述协议 ) 的协商, 得 到对方的 IP和 RTP( Real-time Transport Protocol,实时传送协议)/RTCP( RTP Control Protocol, RTP控制协议)端口以及会话 ID、穿越包的 URL( Uniform / Universal Resource Locator, 统一资源定位符) 。 Step C. The client and the monitoring front end complete the SDP (Session Description Protocol) through a signaling protocol, such as RTSP (Real Time Streaming Protocol) and SIP (Session Initiation Protocol). Negotiate, get the IP and RTP (Real-time Transport Protocol)/RTCP (RTP Control Protocol) port of the other party, and the session ID and URL of the traversal package (Uniform / Universal Resource Locator, Uniform Resource Locator) ).
步骤 D. 双方根据步骤 C中得到的 IP和端口发送 NAT穿越请求包。 如果 CU在 NAT设备之后, PU在公网设备上, 此时只能由 CU主动发 送 NAT穿越包; 而 PU发送的 NAT穿越包肯定无响应, 在连续三次无响应 之后, 停止发送 NAT穿越包。 Step D. Both parties send a NAT traversal request packet according to the IP and port obtained in step C. If the CU is behind the NAT device and the PU is on the public network device, the UA can only send the NAT traversal packet. The NAT traversal packet sent by the PU is definitely not responding. After three consecutive failures, the NAT traversal packet is stopped.
如果 PU在 NAT设备之后, CU在公网设备上,此时只能由 PU主动发送 NAT穿越包;而 CU发送的 NAT穿越包肯定无响应,在连续三次无响应之后, 停止发送 NAT穿越包。 如果 CU和 PU在同一个网络下, CU和 PU都可能发送 NAT穿越包, CU和 PU收到响应之后 , 判断请求和响应消息中的 NAT穿越包中的 IP地址 和端口号一致, 则停止发送 NAT穿越包。 如果 CU和 PU处于不同的私网下,可以通过中转播放的方式解决视频监 控的问题。 CU和 PU分别与 SS进行 NAT穿越。If the PU is behind the NAT device and the CU is on the public network device, the NAT traversal packet can only be sent by the PU. The NAT traversal packet sent by the CU is definitely not responding. After three consecutive unresponsive responses, the NAT traversal packet is stopped. If the CU and the PU are in the same network, both the CU and the PU may send the NAT traversal packet. After receiving the response, the CU and the PU determine that the IP address and port number in the NAT traversal packet in the request and response message are the same, and then stop sending. NAT traversal package. If the CU and the PU are in different private networks, the problem of video surveillance can be solved by means of relay playback. The CU and the PU perform NAT traversal with the SS, respectively.
步骤 E. 双方根据穿越的结果判断自己是否在私网内, 如果是则周期性 发送 NAT穿越包,以保持 NAT通道的通畅,执行步骤 F;否则停止发送 NAT 穿越包, 以节省带宽。 Step E. The two parties judge whether they are in the private network according to the result of the traversal. If yes, periodically send the NAT traversal packet to keep the NAT channel unblocked, and perform step F; otherwise, stop sending the NAT traversal packet to save bandwidth.
本实施例中, NAT穿越包可完全釆用文本格式, 釆用类 RTSP的 PLAY 和 RECORD格式, 其中 PLAY用于客户端发送 NAT穿越包, 具体格式定义 In this embodiment, the NAT traversal packet can completely adopt the text format, and adopts the PLAY and RECORD formats of the RTSP, wherein the PLAY is used by the client to send the NAT traversal packet, and the specific format is defined.
^口下。^ Under the mouth.
表 1为客户端的 NAT穿越请求包的内容 Table 1 shows the contents of the NAT traversal request packet of the client.
PLAY rtsp://210.6.10.101:554/puid.sdp RTSP/1.0 PLAY rtsp://210.6.10.101:554/puid.sdp RTSP/1.0
CSeq: 1 CSeq: 1
Range: npt=0- Session: 189175229 Range: npt=0- Session: 189175229
x-NAT-Info: type=RTP;local_addr= 10.6.10.102; local_port= 10000 表 2为客户端的 NAT穿越响应包的内容 x-NAT-Info: type=RTP;local_addr= 10.6.10.102; local_port= 10000 Table 2 shows the contents of the NAT traversal response packet of the client
RTSP/1.0 200 OK RTSP/1.0 200 OK
CSeq: 1 CSeq: 1
Session: 189175229 Session: 189175229
x-NAT-Info: type=RTP; local— addr=210.6.10.101; local_port=20000; src_addr=210.6.10.102; src_port= 10000; 表 3为监控前端的 NAT穿越请求包的内容 RECORD rtsp://210.6.10.101/puid.sdp RTSP/1.0x-NAT-Info: type=RTP; local- addr=210.6.10.101; local_port=20000; src_addr=210.6.10.102; src_port= 10000; Table 3 shows the contents of the NAT traversal request packet of the monitoring front end RECORD rtsp://210.6.10.101/puid.sdp RTSP/1.0
CSeq: 1 CSeq: 1
Range: npt=now- Session: 123456789 Range: npt=now- Session: 123456789
Content-length: 0 Content-length: 0
x-NAT-Info: type=RTP;local_addr= 10.6.10.102; local_port= 10000 表 4为监控前端的 NAT穿越响应包的内容 x-NAT-Info: type=RTP;local_addr= 10.6.10.102; local_port= 10000 Table 4 shows the contents of the NAT traversal response packet of the monitoring front end.
RTSP/1.0 200 OK RTSP/1.0 200 OK
CSeq: 1 CSeq: 1
Session: 123456789 Session: 123456789
x-NAT-Info: type=RTP; local— addr=210.6.10.101; local_port=20000; x-NAT-Info: type=RTP; local— addr=210.6.10.101; local_port=20000;
src_addr=210.6.10.102; src_port= 10000; Src_addr=210.6.10.102; src_port= 10000;
在上述表格中:In the above table:
NAT穿越请求包和 NAT穿越响应包之间通过 Session和 CSeq进行配对, 即 NAT穿越请求包和其对应的 NAT穿越响应包的 Session与 CSeq都是相同 的。 The NAT traversal request packet and the NAT traversal response packet are paired by Session and CSeq, that is, the Session and CSeq of the NAT traversal request packet and its corresponding NAT traversal response packet are the same.
其中, 在客户端的 NAT 穿越请求包中 local— addr=10.6.10.102; local_port=10000是指发送 NAT请求包的本地 IP地址和端口号; Wherein, in the NAT traversal request packet of the client, local_addr=10.6.10.102; local_port=10000 refers to the local IP address and port number of the NAT request packet;
在客户端的 NAT穿越响应包中 src— addr=210.6.10.102; src_port= 10000是 对端检测到的 NAT请求设备的源 IP地址和端口号 (也就是 NAT之后的 IP 地址和端口号) , local— addr=210.6.10.101; local_port=20000是本地接收 RTP 包的 IP地址和端口号; In the NAT traversal response packet of the client, src_addr=210.6.10.102; src_port=10000 is the source IP address and port number of the NAT requesting device detected by the peer (that is, the IP address and port number after NAT), local— Addr=210.6.10.101; local_port=20000 is the IP address and port number of the local receiving RTP packet;
而 RTCP的 NAT穿越包和上面的类似, 只是 CSeq、 type和 port内容的 值不同。 The NAT traversal package of RTCP is similar to the above, except that the values of CSeq, type and port contents are different.
从上述表格即可看出, NAT 穿越请求包发送方检测到 local— addr等于 src addr并且 local_port等于 src_port时, 可停止发送 NAT穿越包, 否则定时 发送 NAT穿越包。As can be seen from the above table, when the NAT traversal request packet sender detects that local-addr is equal to src addr and local_port is equal to src_port, it can stop sending NAT traversal packets, otherwise timing Send a NAT traversal package.
NAT包中的 URL和 Session统一釆用 SDP协商中指定的 URL和 Session The URL and Session in the NAT packet are uniformly used in the URL and session specified in the SDP negotiation.
ID。ID.
步骤 F. PU向 CU发送 RTP/RTCP包, CU展示视频画面、 播放声音并 向 PU回复 RR ( Receiver Report RTCP Packet, RTCP包接^:响应) 。 Step F. The PU sends an RTP/RTCP packet to the CU, and the CU displays the video picture, plays the sound, and returns an RR (Receiver Report RTCP Packet, RTCP packet connection: response) to the PU.
如果需要停止播放时, 可继续下面的流程: If you need to stop playing, you can continue with the following process:
步骤 G. 客户端向监控前端发送停止监控请求。 Step G. The client sends a stop monitoring request to the monitoring front end.
步骤 H. 监控前端向客户端发送停止监控响应。 Step H. The monitoring front end sends a stop monitoring response to the client.
步骤 I. 监控前端停止向客户端发送媒体码流。 Step I. The monitoring front end stops sending media stream to the client.
具体地, 结合不同的应用场景分别说明上述媒体穿越 NAT设备的过程。 在图 2所示的应用场景中, 客户端位于私网, 监控前端和平台位于公网。 此时,按照上述方法进行媒体穿越 NAT设备的过程是: 客户端通过平台与监 控前端完成 SIP信令的交互, 得到对方的 IP和 RTP/RTCP端口以及会话 ID、 穿越包的 URL等。 客户端向监控前端发送类 RTSP的 PLAY穿越请求包, 在 其中填上自己的私网地址和端口, 请求包经过 NAT设备之后到达监控前端, 监控前端解析该请求包从网络层得到客户端 NAT之后的公网地址和端口,监 控前端把该地址和端口填在响应包里发向 NAT设备, NAT设备将其转发给 客户端, 客户端解析该响应包, 判断两个地址是否相同以及两个端口是否相 同。 只要其中之一不同就说明客户端在私网, 需要定期发送穿越请求包; 否 则不需继续发送。 同时监控前端向客户端发送类 RTSP的 RECORD穿越请求 包, 由于客户端是私网地址无法在公网上路由, 该请求包无法到达客户端从 而得到响应, 三次无响应监控前端停止发送穿越请求包。 NAT穿越完成后, PU向 NAT设备发送 RTP/RTCP包, NAT设备将其转发给 CU,CU回复 RR 包。 后续流程为一般的挂断流程, 不再赘述。 Specifically, the process of the foregoing media traversing the NAT device is separately described in combination with different application scenarios. In the application scenario shown in Figure 2, the client is on the private network, and the monitoring front-end and platform are on the public network. At this time, the process of media traversing the NAT device according to the above method is: the client completes the SIP signaling interaction through the platform and the monitoring front end, and obtains the IP and RTP/RTCP ports of the other party, the session ID, and the URL of the traversal package. The client sends a PLAY traversal request packet of the RTSP type to the monitoring front end, fills in its own private network address and port, and requests the packet to reach the monitoring front end after passing through the NAT device, and the monitoring front end parses the request packet after obtaining the client NAT from the network layer. The public network address and port, the monitoring front end fills the address and port in the response packet and sends it to the NAT device. The NAT device forwards it to the client, and the client parses the response packet to determine whether the two addresses are the same and the two ports. Is it the same? As long as one of them is different, the client is on the private network and needs to send the traversal request packet periodically; otherwise, it does not need to continue to send. At the same time, the monitoring front end sends the RECORD traversal request packet of the RTSP to the client. Since the client is private network address cannot be routed on the public network, the request packet cannot reach the client and receives a response, and the three unresponsive monitoring front end stops sending the traversal request packet. After the NAT traversal is completed, the PU sends an RTP/RTCP packet to the NAT device, and the NAT device forwards it to the CU, and the CU replies to the RR packet. The subsequent process is a general hang-up process, and will not be described again.
在图 3所示的应用场景中, 监控前端位于私网, 客户端和平台位于公网。 其流程和图 2类似, 不再赘述。 In the application scenario shown in Figure 3, the monitoring front end is located on the private network, and the client and platform are located on the public network. The process is similar to that of Figure 2 and will not be described again.
在图 4所示的应用场景中, , 监控前端和客户端位于不同私网, 这时可 以通过中转播放解决视频监控的问题。 CU 和 PU 分别与流媒体服务器 ( Streaming Server, SS )进行 NAT穿越, 其流程与 CU和 PU之间的穿越类 似, 不再赘述。In the application scenario shown in FIG. 4, the monitoring front end and the client are located in different private networks, and the video monitoring problem can be solved through the relay playing. CU and PU respectively with streaming server (Streaming Server, SS) performs NAT traversal, and its flow is similar to the traversal between CU and PU, and will not be described again.
如果 CU和 PU在同一个网络 (私网或公网)下, CU和 PU都可能发送 NAT 穿越包, CU和 PU收到响应之后, 判断请求和响应消息中的 NAT穿越包中 的 IP地址和端口号一致, 则停止发送 NAT穿越包。 If the CU and the PU are on the same network (private network or public network), both the CU and the PU may send a NAT traversal packet. After receiving the response, the CU and the PU determine the IP address and the NAT traversal packet in the request and response message. If the port number is the same, the NAT traversal packet is stopped.
实施例 2Example 2
本实施例介绍一种视频监控系统, 可实现实施例 1和 2中所提出的媒体 穿越 NAT设备的过程。 该系统至少包括: This embodiment introduces a video monitoring system, which can implement the process of media traversing a NAT device as proposed in Embodiments 1 and 2. The system includes at least:
NAT穿越请求包发起方, 在视频监控系统中建立会话的过程中, 向该会 话的对方发起携带有自身网络地址和端口信息的 NAT穿越请求包,并根据收 到的 NAT穿越响应包中的 NAT请求设备的源网络地址和端口与自身网络地 址和端口信息的比较结果, 确定自身处于私网时, 周期性向该会话的对方发 送 NAT穿越包。其中,会话双方为监控前端( Pre Unit, PU )和客户端( Client Unit, CU )。 监控前端, 连接有摄像头, 对摄像头输入的视频数据编码, 发送 至网络。 客户端, 接收媒体码流, 解码, 显示图像, 可以为终端设备, 也可 以为运行在电脑上的客户端程序。 The NAT traversal request packet initiator initiates a NAT traversal request packet carrying its own network address and port information to the other party in the session in the process of establishing a session in the video surveillance system, and traversing the NAT in the response packet according to the received NAT. When the source network address and port of the requesting device are compared with the network address and port information of the device, it is determined that the NAT traversal packet is periodically sent to the peer of the session when it is in the private network. The two sides of the session are a Pre-Purpose Front End (PU) and a Client (Client Unit, CU). The monitoring front end is connected with a camera, encodes the video data input by the camera, and sends it to the network. The client, receiving the media stream, decoding, displaying the image, can be a terminal device, or can be a client program running on the computer.
具体地, 本实施例中, NAT穿越请求包发起方将 NAT穿越响应包中的 NAT请求设备的源网络地址与自身网络地址比较, 将 NAT穿越响应包中的 NAT请求设备的端口与自身端口比较, 至少一个比较结果为不同时, 确定自 身处于私网中, 此时, 周期性向该会话的对方发送 NAT穿越包。 当两个比较 结果均为相同时, NAT穿越请求包发起方则停止向对方发送 NAT穿越包。 Specifically, in this embodiment, the NAT traversal request packet initiator compares the source network address of the NAT traversal device in the NAT traversal packet with its own network address, and compares the port of the NAT traversal device in the NAT traversal packet with its own port. When at least one of the comparison results is different, it is determined that the user is in the private network. At this time, the NAT traversal packet is periodically sent to the other party of the session. When the two comparison results are the same, the NAT traversal request packet initiator stops sending the NAT traversal packet to the other party.
NAT穿越请求包接收方, 解析该会话的对方发送的 NAT穿越请求包, 从中获取 NAT请求设备的源网络地址和端口信息, 通过 NAT穿越响应包将 所获取的 NAT请求设备的源网络地址和端口信息反馈给 NAT穿越请求包发 起方。 The NAT traversing request packet receiver parses the NAT traversal request packet sent by the peer of the session, obtains the source network address and port information of the NAT requesting device, and obtains the source network address and port of the obtained NAT requesting device through the NAT traversal response packet. Information is fed back to the NAT traversal request packet initiator.
上述, NAT穿越请求包发起方在所述 NAT穿越请求包中携带所述会话 的标识信息, 相应地, NAT穿越请求包接收方在 NAT穿越响应包中也携带 该会话的标识信息。 这样, 双方即可知道所收到的包即为该会话的对方发送 的。In the above, the NAT traversal request packet initiator carries the identifier information of the session in the NAT traversal request packet, and accordingly, the NAT traversal request packet receiver also carries in the NAT traversal response packet. The identification information of the session. In this way, both parties can know that the received packet is sent by the other party to the session.
还有一些优选方案中, NAT穿越请求包发起方连接发送 NAT穿越请求 包的次数达到设定值,且均未收到所述 NAT穿越响应包时,也停止发送 NAT 穿越请求包, 以节省带宽。 In some preferred implementations, when the number of times that the NAT traversal request packet initiator sends the NAT traversal request packet reaches a set value, and the NAT traversal response packet is not received, the NAT traversal request packet is also stopped to save bandwidth. .
其他具体细节,如 NAT穿越请求包以及 NAT穿越响应包的具体格式等, 可参见上述实施例 1中的内容, 在此不赘述。 For details, such as the NAT traversal request packet and the specific format of the NAT traversal response packet, refer to the content in the foregoing Embodiment 1, and details are not described herein.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序 来指令相关硬件完成, 所述程序可以存储于计算机可读存储介质中, 如只读 存储器、 磁盘或光盘等。 可选地, 上述实施例的全部或部分步骤也可以使用 一个或多个集成电路来实现。 相应地, 上述实施例中的各模块 /单元可以釆用 硬件的形式实现, 也可以釆用软件功能模块的形式实现。 本发明不限制于任 何特定形式的硬件和软件的结合。 One of ordinary skill in the art will appreciate that all or a portion of the above steps may be accomplished by a program instructing the associated hardware, such as a read-only memory, a magnetic disk, or an optical disk. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the above embodiment may be implemented in the form of hardware or in the form of a software function module. The invention is not limited to any specific form of combination of hardware and software.
以上所述, 仅为本发明的较佳实例而已, 并非用于限定本发明的保护范 围。 凡在本发明的精神和原则之内, 所做的任何修改、 等同替换、 改进等, 均应包含在本发明的保护范围之内。The above description is only a preferred embodiment of the present invention and is not intended to limit the scope of the present invention. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
工业实用性Industrial applicability
本发明技术方案在视频监控系统中,利用系统已有的设备以及业务平台, 借助 SIP及自定义 NAT穿越包, 实现了 NAT的检测, 并有效地解决了监控 前端到客户端之间各种情况下的媒体穿越 NAT的问题。 The technical solution of the invention realizes the detection of NAT by using the existing equipment and the service platform of the system, and the SIP and the custom NAT traversal package, and effectively solves various situations between the monitoring front end and the client end. The problem of media traversing NAT.