CN120091002B - Channel negotiation method, device and storage medium based on relay agent - Google Patents

Channel negotiation method, device and storage medium based on relay agent

Info

Publication number
CN120091002B
CN120091002B CN202510543326.7A CN202510543326A CN120091002B CN 120091002 B CN120091002 B CN 120091002B CN 202510543326 A CN202510543326 A CN 202510543326A CN 120091002 B CN120091002 B CN 120091002B
Authority
CN
China
Prior art keywords
relay
address
network address
called terminal
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202510543326.7A
Other languages
Chinese (zh)
Other versions
CN120091002A (en
Inventor
王守军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Dinstar Co ltd
Original Assignee
Shenzhen Dinstar Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Dinstar Co ltd filed Critical Shenzhen Dinstar Co ltd
Priority to CN202510543326.7A priority Critical patent/CN120091002B/en
Publication of CN120091002A publication Critical patent/CN120091002A/en
Application granted granted Critical
Publication of CN120091002B publication Critical patent/CN120091002B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2589NAT traversal over a relay server, e.g. traversal using relay for network address translation [TURN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/59Network arrangements, protocols or services for addressing or naming using proxies for addressing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a channel negotiation method, equipment and storage medium based on relay agent, the application relates to the technical field of electric communication, the method comprises obtaining relay agent address by requesting to a relay server, packaging the relay agent address into candidate address of session description protocol, transmitting to a called terminal through the relay server, then resolving private network address in response information fed back by the called terminal, and initiating a binding request to a private network address of the called terminal, if the binding request is not connected with the called terminal, sending a penetration request to a designated port of the relay server, and then establishing a bidirectional network address channel with the called terminal through the penetration request forwarded by the relay server and the binding request initiated by the called terminal to the relay proxy address. The application establishes the channels of the calling end and the called end through the relay proxy address and the penetration request of the relay server, thereby improving the flexibility of the media stream transmission.

Description

Channel negotiation method, device and storage medium based on relay agent
Technical Field
The present application relates to the field of telecommunications technologies, and in particular, to a method, an apparatus, and a storage medium for channel negotiation based on a relay agent.
Background
In a cross-network communication scene, the media stream transmission of the mobile terminal and the enterprise intranet voice communication equipment is realized, and the penetration problem in a complex NAT (network address translation) environment needs to be solved.
Currently, a static port mapping scheme is generally adopted, a fixed public network port is manually configured on an outlet router, and the port is mapped to a corresponding port of an intranet, so that media stream transmission of a mobile terminal and communication equipment is realized. However, the above solution relies on manual predefined port rules and requires that the egress router public network IP is guaranteed to be fixed. When the public network IP or the port changes, the mapping rule needs to be readjusted, the dynamic public network environment cannot be adapted, and when a multi-layer NAT exists between the mobile terminal and other communication equipment, the port mapping rule cannot penetrate. This results in a lower flexibility in implementing the media streaming of the conventional scheme.
The foregoing is provided merely for the purpose of facilitating understanding of the technical solutions of the present application and is not intended to represent an admission that the foregoing is prior art.
Disclosure of Invention
The application provides a channel negotiation method, device and storage medium based on a relay agent, which aim to solve the problem of lower flexibility of a traditional scheme in realizing media stream transmission.
In order to achieve the above object, the present application provides a channel negotiation method based on a relay agent, which is applied to a calling terminal, and the channel negotiation method based on the relay agent includes the following steps:
Requesting a relay server to acquire a relay proxy address, encapsulating the relay proxy address into a candidate address of a session description protocol, and transmitting the relay proxy address to a called terminal through the relay server;
Resolving a private network address in response information fed back by the called terminal, and initiating a binding request to the private network address of the called terminal;
if the binding request does not establish connection with the called end, sending a penetration request to a designated port of the relay server, wherein the penetration request comprises a public network address of the called end, so that the relay server forwards the penetration request to the called end based on the public network address;
and establishing a bidirectional network address channel with the called terminal through the penetration request forwarded by the relay server and the binding request initiated by the called terminal to the relay proxy address.
In an embodiment, the step of requesting to obtain the relay proxy address from the relay server, encapsulating the relay proxy address into a candidate address of the session description protocol, and sending the candidate address to the called end through the relay server includes:
sending an address query request to a STUN server, wherein the relay server comprises the STUN server and a TURN server;
applying for a relay agent port and the relay agent address from the TURN server;
and encapsulating the relay agent port and the relay agent address into a candidate address list of the session description protocol, and transmitting the candidate address list to the called terminal based on the relay agent port.
In an embodiment, the step of resolving a private network address in response information fed back by the called terminal and initiating a binding request to the private network address of the called terminal includes:
analyzing the response information fed back by the called terminal, and extracting the public network address and the private network address of the called terminal;
According to a preset strategy, preferentially sending the binding request to the private network address of the called terminal;
And if no response is received within a preset timeout threshold, sending the binding request to the public network address of the called terminal.
In an embodiment, after the step of resolving the private network address in the response information fed back by the called terminal and initiating the binding request to the private network address of the called terminal, the method further includes:
when the binding request is not fed back, switching the private network address to the public network address of the called terminal;
and initiating a secondary binding request to the called terminal based on the public network address.
In an embodiment, before the step of switching the private network address to the public network address of the called end when the binding request is not fed back, the method further includes:
if the called end response is not received within the preset timeout threshold, judging that the binding request is not fed back;
recording the detection failure times of the current network address, and prohibiting the follow-up initiation of the binding request to the current network address if the failure times exceed a preset threshold value.
In an embodiment, after the step of establishing a bidirectional network address channel with the called end, the step of forwarding, by the relay server, the penetration request and a binding request initiated by the called end to the relay proxy address further includes:
After the bidirectional network address channel is established, exchanging a digital certificate with the called terminal based on a preset protocol and negotiating an encryption key;
End-to-end encryption is carried out on the media stream through the encryption key, and the encrypted media stream is transmitted to the called end based on the bidirectional network address channel;
If the NAT type of the called terminal is detected to be the complete cone, skipping the relay server, and directly transmitting the RTP message to the called terminal through the public network address.
In an embodiment, before the step of requesting to obtain the relay proxy address from the relay server, and encapsulating the relay proxy address into the candidate address of the session description protocol and sending the candidate address to the called end, the method further includes:
Sending a port allocation request to the relay server so that the relay server allocates corresponding port information according to the port request;
receiving an allocated mapping port returned by the relay server;
And establishing a connection channel with the relay server according to the mapping port so as to request the relay server to acquire the relay proxy address based on the connection channel.
In an embodiment, before the step of sending the pass-through request to the designated port of the relay server if the binding request does not establish a connection with the called end, the method further includes:
Detecting a local network firewall policy, and if the firewall limits the outbound port, initiating port detection to a preset port range of the relay server;
And selecting an available target port according to a port detection result to send the penetration request.
In addition, in order to achieve the above object, the present application also provides a channel negotiation device based on a relay agent, which comprises a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the computer program is configured to implement the steps of the channel negotiation method based on the relay agent.
In addition, to achieve the above object, the present application also provides a storage medium, which is a computer-readable storage medium having stored thereon a computer program that, when executed by a processor, implements the steps of the relay agent-based channel negotiation method as described above.
The application provides a channel negotiation method based on a relay agent, a channel negotiation device based on the relay agent and a storage medium, wherein a relay server is requested to acquire a relay agent address, the relay agent address is encapsulated into a candidate address of a session description protocol and is sent to a called terminal through the relay server, then network address information in response information fed back by the called terminal is analyzed, and initiating a binding request to a private network address of the called terminal, if the binding request is not connected with the called terminal, sending a penetration request to a designated port of the relay server, and then establishing a bidirectional network address channel with the called terminal through the penetration request forwarded by the relay server and the binding request initiated by the called terminal to the relay proxy address. The application establishes the communication channels of the calling end and the called end through the relay proxy address and the penetration request of the relay server, thereby improving the flexibility of the media stream transmission.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
In order to more clearly illustrate the embodiments of the application or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, and it will be obvious to a person skilled in the art that other drawings can be obtained from these drawings without inventive effort.
FIG. 1 is a flowchart of a first embodiment of a relay agent-based channel negotiation method according to the present application;
FIG. 2 is a schematic overall flow diagram of an embodiment of the present application;
FIG. 3 is a flowchart of a second embodiment of a relay agent-based channel negotiation method according to the present application;
FIG. 4 is a flowchart of a third embodiment of a relay agent-based channel negotiation method according to the present application;
Fig. 5 is a schematic architecture diagram of a hardware running environment of a channel negotiation device based on a relay agent according to an embodiment of the present application.
The achievement of the objects, functional features and advantages of the present application will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
In order that the above-described aspects may be better understood, exemplary embodiments of the present application will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present application are shown in the drawings, it should be understood that the present application may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the application to those skilled in the art.
In order to better understand the above technical solutions, the following detailed description will refer to the accompanying drawings and specific embodiments.
The method mainly comprises the steps of requesting a relay server to obtain a relay proxy address, packaging the relay proxy address into a candidate address of a session description protocol, sending the relay proxy address to a called terminal through the relay server, analyzing a private network address in response information fed back by the called terminal, and initiating a binding request to the private network address of the called terminal, wherein the network address information comprises the private network address and a public network address of the called terminal, if the binding request is not connected with the called terminal, sending a penetration request to a designated port of the relay server, wherein the penetration request comprises the public network address of the called terminal, so that the relay server forwards the penetration request to the called terminal based on the public network address, and establishing a bidirectional network address channel with the called terminal through the penetration request forwarded by the relay server and the binding request initiated by the called terminal to the relay proxy address.
In a cross-network communication scene, the media stream transmission of the mobile terminal and the enterprise intranet voice communication equipment is realized, and the penetration problem in a complex NAT (network address translation) environment needs to be solved. Currently, a static port mapping scheme is generally adopted, a fixed public network port is manually configured on an outlet router, and the port is mapped to a corresponding port of an intranet, so that media stream transmission of a mobile terminal and communication equipment is realized. However, the above solution relies on manual predefined port rules and requires that the egress router public network IP is guaranteed to be fixed. When the public network IP or the port changes, the mapping rule needs to be readjusted, the dynamic public network environment cannot be adapted, and when a multi-layer NAT exists between the mobile terminal and other communication equipment, the port mapping rule cannot penetrate. This results in a lower flexibility in implementing the media streaming of the conventional scheme.
The method comprises the steps of obtaining a relay proxy address through a request of a relay server, packaging the relay proxy address into a candidate address of a session description protocol, sending the candidate address to a called terminal through the relay server, analyzing network address information in response information fed back by the called terminal, initiating a binding request to a private network address of the called terminal, sending a penetration request to a designated port of the relay server if the binding request is not connected with the called terminal, and then establishing a bidirectional network address channel with the called terminal through the penetration request forwarded by the relay server and the binding request initiated by the called terminal to the relay proxy address. The application establishes the communication channels of the calling end and the called end through the relay proxy address and the penetration request of the relay server, thereby improving the flexibility of the media stream transmission.
Example 1
Based on this, the embodiment of the present application provides a channel negotiation method based on a relay agent, referring to fig. 1, fig. 1 is a flow chart of a first embodiment of the channel negotiation method based on a relay agent, where the channel negotiation method based on a relay agent includes steps S10 to S40:
and step S10, requesting to acquire a relay proxy address from a relay server, packaging the relay proxy address into a candidate address of a session description protocol, and transmitting the relay proxy address to a called terminal through the relay server.
In this embodiment, the processing action is performed by a calling terminal, which may be a mobile terminal, such as a mobile phone or a tablet, and a media interaction system is deployed in the calling terminal. The relay server is a server located in the public network and is used for forwarding data packets between the calling end and the called end, so as to solve the NAT (network address translation ) penetration problem. The relay proxy address is a virtual address provided by the relay server that identifies a particular port or channel on the relay server. The session description protocol (SDP, session Description Protocol) is a protocol for describing multimedia sessions.
The calling end obtains a relay proxy address by sending a request (such as an HTTP or WebSocket request) to the relay server. And then the calling terminal takes the acquired relay proxy address as one of candidate addresses and encapsulates the relay proxy address into a candidate address list of a Session Description Protocol (SDP). And then the SDP containing the relay proxy address is sent to the called terminal, and the called terminal can identify the relay proxy address after analyzing the SDP.
In this embodiment, the calling end is in an extranet environment, the called end is in an intranet environment, the called end is connected with an IP private exchange, frpc (FAST REVERSE Proxy) services are installed on the IP private exchange, and a signaling port (such as a WSS port 7443) needing Proxy can be mapped onto a frps server (such as a 7200 port), so that the calling end initiates a WSS connection to the 7200 port of frps, performs SIP registration, and can be successfully registered onto the IP private exchange through Proxy.
Specifically, WSS (WebSocket Secure) is an encrypted version of WebSocket, enabling secure WebSocket communications by combining SSL/TLS protocols. The specific establishment process is that the calling end requests to establish connection, and frps server responds and negotiates encryption mode, thereby establishing connection. After the connection is established, the two parties establish a secure channel through a TLS/SSL protocol, so that the encryption and decryption of subsequent communication data are ensured. After the encryption channel is established, the calling end and frps server can communicate through WebSocket data frames.
SIP (Session Initiation Protocol) registration is a key step in the establishment of an identity by a terminal device in a communication network. The main process of SIP registration is that firstly, the calling end sends a REGISTER request to the registration server, and the request includes the identity (e.g. SIP address) of the user and the current network location information (e.g. IP address and port). If the server needs authentication, a response is returned 401 Unauthorized, asking the client to provide authentication information. The client encrypts the user information using a Digest authentication mechanism and resends the REGISTER request according to the server's challenge. Finally, the server verifies the authentication information provided by the client, and if verification is successful, a 200 OK response is returned to indicate that registration is successful.
After the called terminal receives the SDP sent by the relay server, the session description protocol is analyzed, and the relay proxy address is obtained from the session description protocol. And then the called terminal acquires the private network address and the public network address of the called terminal, generates response information according to the private network address and the public network address, and sends the response information to the relay server through the relay proxy address. After receiving the response information, the relay server feeds back the response information to the calling terminal.
Optionally, in this embodiment, the step S10 includes:
The method comprises the steps of sending an address inquiry request to a STUN server, wherein the relay server comprises the STUN server and a TURN server, applying a relay proxy port and the relay proxy address to the TURN server, packaging the relay proxy port and the relay proxy address into a candidate address list of a session description protocol, and sending the candidate address list to a called terminal based on the relay proxy port.
Specifically, the STUN server is a server for discovering a public network IP address and a port in a NAT environment, which is generally used for NAT traversal, and the address query request is a request sent by a calling end to the STUN server, for acquiring the public network IP address and the port. The TURN server is used to forward packets when a P2P connection cannot be established directly. The relay proxy address and relay proxy port are IP addresses and ports allocated by the TURN server for relay communications, and the candidate address list is a list listing all network addresses and ports in the SDP. The calling end first sends an address query request (e.g., STUN binding request) to the STUN server. After the STUN server processes the request, it returns response information containing the public network IP address and the relay proxy port, and then the calling end sends the request to the TURN server, applying for the relay proxy address and the relay proxy port. The TURN server allocates a relay agent address and relay agent port and returns a response message. The calling terminal takes the relay proxy address and the relay proxy port as one of candidate addresses, encapsulates the relay proxy address and the relay proxy port into a candidate address list of the SDP and generates the SDP containing the relay proxy address. And finally, the calling end sends the SDP containing the relay proxy address to the called end through the signaling server, and the called end identifies the relay proxy address and the relay proxy port after analyzing the SDP.
Through the cooperative work of the STUN server and the TURN server, the NAT penetration problem in the complex network environment is solved. Firstly, the public network address is obtained through the STUN server to ensure that the calling terminal can find the public network communication address in the NAT environment, and secondly, the TURN server applies for the relay proxy address to ensure that communication can still be realized through the relay server when the P2P connection cannot be directly established. The scheme not only improves the success rate of communication, but also reduces the dependence on the network environment.
Further, in this embodiment, before the step of requesting to obtain the relay proxy address from the relay server, and encapsulating the relay proxy address into the candidate address of the session description protocol and sending the candidate address to the called end, the method further includes:
The method comprises the steps of sending a port allocation request to a relay server to enable the relay server to allocate corresponding port information according to the port request, receiving an allocated mapping port returned by the relay server, establishing a connection channel with the relay server according to the mapping port, and requesting the relay server to acquire the relay proxy address based on the connection channel.
Specifically, the port allocation request is used to apply for allocation of a specific port to the relay server. The request contains a device identifier, such as IMEI or a custom device ID, of the calling end and a proxy protocol type, which designates a required proxy protocol type, such as UDP, TCP, etc. The mapping port is a port allocated to the calling end by the relay server and is used for establishing a connection channel.
First, the calling end obtains the equipment identification, determines the required proxy protocol type, and constructs the port allocation request according to the equipment identification and the proxy protocol type. And sending a port allocation request to the relay server through a network. The calling terminal receives the response returned by the relay server, and the response contains the allocated mapping port. The response is then parsed to extract the mapped port information. And establishing a connection channel with the relay server by using the mapping port, so that the calling end requests the relay server to acquire the relay proxy address through the established connection channel. By sending a port allocation request to the relay server and receiving the mapped port, it is ensured that the calling terminal can establish a connection channel with the relay server through the correct port. The method not only improves the flexibility of port allocation, but also ensures the communication reliability in complex network environments (such as firewall or port limitation).
And step S20, analyzing a private network address in response information fed back by the called terminal, and initiating a binding request to the private network address of the called terminal.
In this embodiment, the response information is the SDP including the own network address information returned after the called terminal receives the SDP of the calling terminal. The private network address is the IP address of the called end in the private network. The public network address is a public network IP address converted by the called end through NAT. The binding request is a request for verifying whether the called end is directly connectable, typically implemented by the STUN protocol. After receiving SDP returned by the called end, the calling end analyzes network address information in the SDP, and extracts private network address and public network address of the called end. The calling end then initiates a binding request (e.g., STUN binding request) to the private network address of the called end.
For example, assume that the private network address of the called end is 10.0.0.1:3456 and the public network address is 203.0.113.20:7890. After resolving the SDP, the calling end sends a STUN binding request to 10.0.0.1:3456 to try direct connection. If the NAT type of the called end allows direct connection (such as full cone NAT), the connection is successful, otherwise, the next step is entered.
Optionally, in this embodiment, the step S20 includes:
The response information fed back by the called terminal is analyzed, the public network address and the private network address of the called terminal are extracted, the binding request is preferentially sent to the private network address of the called terminal according to a preset strategy, and if no response is received within a preset timeout threshold, the binding request is sent to the public network address of the called terminal.
Specifically, the preset policy is a predefined rule for deciding to which address to send the binding request preferentially. Private network addresses are often preferred because of the low connection latency of private network addresses. An interactive connection establishment (INTERACTIVE CONNECTIVITY ESTABLISHMENT, ICE) policy, which may specifically be WebRTC, is a framework for establishing a communication session between two endpoints, aiming to solve the problem of NAT (network address translation) traversal, enabling devices located behind different NATs to communicate directly. ICE policies primarily relate to how to discover and select optimal paths to establish such communications. The preset timeout threshold is a predefined time value for determining whether the binding request has timed out, and may be typically set to several seconds to several tens of seconds.
When the calling end receives the SDP returned by the called end, the calling end analyzes the candidate address list in the SDP and extracts the public network address and the private network address of the called end. And then, preferentially sending a binding request to the private network address of the called terminal according to the ICE strategy. And judging that the connection attempt fails when no response of the called terminal is received within a preset timeout threshold. And switching the call address into a public network address and sending a binding request to the public network address of the called terminal. By preferentially trying private network address connection and then switching to public network address after overtime, the success rate and efficiency of communication are improved. The method not only reduces unnecessary relay forwarding and communication delay, but also ensures the communication reliability under complex network environment (such as symmetric NAT). Through a flexible strategy and a timeout mechanism, the scheme can adapt to various network environments and provide stable and efficient communication services.
And step S30, if the binding request does not establish connection with the called terminal, sending a penetration request to a designated port of the relay server, wherein the penetration request comprises a public network address of the called terminal, so that the relay server forwards the penetration request to the called terminal based on the public network address.
In this embodiment, the pass-through request is a request forwarded by the relay server for establishing a communication channel when direct connection is not possible. The designated port is a specific port on the relay server for receiving the pass-through request. The calling end detects that the binding request is unsuccessful (such as overtime or refused), and judges that NAT traversal is needed through the relay server. And then the calling end sends a penetration request to the appointed port of the relay server, wherein the request comprises the public network address of the called end. After receiving the penetration request, the relay server forwards the request to the called terminal according to the public network address of the called terminal.
In addition, if the calling end establishes communication connection with the called end through the initiated binding request, the subsequent establishment of a bidirectional network address channel between the calling end and the called end through sending a penetration request to the relay server is not needed. The media stream and signaling transmission between the called end and the calling end can be realized directly through the communication connection established between the binding request and the called end.
Further, in this embodiment, before the step of sending the pass-through request to the designated port of the relay server if the binding request does not establish a connection with the called end, the method further includes:
Detecting a firewall strategy of a local network, if the firewall limits the outbound port, initiating port detection to a preset port range of the relay server, and selecting an available target port according to a port detection result to send the penetration request.
Specifically, the local network firewall policy is a firewall rule configured in the local network to control network traffic going in and out. The preset port range is a set of ports predefined by the relay server for receiving and processing the penetration request. The port probe results are the results returned by the probe request to indicate which ports are available. The target port is an available port selected from a preset port range of the relay server for transmitting the pass-through request.
The calling end detects the firewall strategy of the local network through the system API or the network tool and judges whether the outbound port limit exists or not. If it is detected that the firewall restricts the outbound port, the calling end sends a probe request to a preset port range of the relay server to determine which ports are available. The calling end analyzes the port detection result to determine which ports are open. One of the open ports is selected as a target port for transmitting the pass-through request.
By detecting the local network firewall policy and performing port detection, the penetration request can be sent through an open port, and the success rate and efficiency of communication are improved. The method not only adapts to complex network environment, but also avoids communication failure caused by port limited by firewall. By means of a flexible port selection mechanism, the scheme can ensure stable and efficient communication under various network limitations.
And step S40, establishing a bidirectional network address channel with the called terminal through the penetration request forwarded by the relay server and the binding request initiated by the called terminal to the relay proxy address.
In this embodiment, the bidirectional network address channel is a network channel that allows bidirectional communication between the calling and called terminals. After the called terminal receives the penetration request forwarded by the relay server, a binding request is initiated to the relay proxy address. At this time, the relay server has both the address message from the called terminal to the calling terminal and the address message from the relay proxy address to the called terminal, and this NAT channel is successfully opened, so that the calling terminal and the called terminal establish a bidirectional communication channel through the relay server, and the data packet is forwarded through the relay server.
Exemplary, as shown in fig. 2, fig. 2 is an overall flow diagram related to an embodiment of the present application. Assuming that the calling end is a mobile phone, the called end is an IP private exchange, an app responsible for signaling interaction and media stream transmission is arranged on the mobile phone, a frps client is deployed on the IP private exchange, and the relay server comprises STUN and TURN services and is deployed with a proxy management server. Referring to fig. 2, when a mobile phone APP initiates a call, firstly, the stun server is queried for its own public network address and port, and meanwhile, a relay proxy address and port are applied, and after successful, are put into an SDP OFFER and sent to an ip pbx. And then, when the IPPBX receives the invite call, inquiring the public network address and the port of the IPPBX from the stun server, and after the success, putting the public network address and the private network address of the IPPBX into SDP ANSWER together to reply to the mobile phone APP. When the APP receives the SDP, according to the ICE policy of the WebRTC, the stun binding request is preferentially sent to the private network address of the IPPBX. If no reply is received from the private network, a stun binding request is sent to the public network address of the IPPBX, and the IPPBX also sends the stun binding request to the relay address of the APP. If the APP does not receive the reply in the two modes, the APP continues to send a request to the 3478 port of the stun server, meanwhile tells the stun server to transmit the request message to the public network address of the IPPBX, and finally the stun server transmits the APP message to the 3478 port and sends the message to the public network address of the IPPBX after receiving the message. At this time, stun has both the message from ip pbx to APP Relay address and the message from Relay address to ip pbx, and this NAT channel is successfully opened. Subsequent DTLS negotiations and RTP forwarding communicate along the channel.
In addition, the ip pbx may carry its own SN commit agent configuration to the relay server and specify which ports need to be allocated, e.g., TCP, WSS, TLS, and then the relay server allocates a free port from the port pool and returns to the ip pbx. After the IPPBX receives the response message, the address of FRPS and the allocated port are filled in the configuration file of the FRPC, and the FRPC process is started. The FRPC will automatically connect FRPS and map the private network ports of the ip pbx to the public network. Finally, the IPPBX refreshes the server with the assigned FRPS address and port timing. If the IPPBX is overtime offline for a long time, the port automatically retrieves and updates the database. When the mobile phone APP is successfully connected with the IPPBX, the proxy information is directly pulled. Instead, upon failure, proxy information is requested from the relay server through the SN.
In the technical scheme provided by the embodiment, a relay proxy address is requested to be acquired from a relay server, the relay proxy address is encapsulated into a candidate address of a session description protocol, the candidate address is sent to a called terminal through the relay server, network address information in response information fed back by the called terminal is analyzed, a binding request is initiated to a private network address of the called terminal, if the binding request is not connected with the called terminal, a penetration request is sent to a designated port of the relay server, and then a bidirectional network address channel with the called terminal is established through the penetration request forwarded by the relay server and the binding request initiated by the called terminal to the relay proxy address. In the embodiment, the communication channels of the calling end and the called end are established through the relay proxy address and the penetration request of the relay server, so that the flexibility of the media stream transmission is improved.
In addition, the embodiment solves the NAT penetration problem through the relay proxy address and penetration request of the relay server, and ensures that the calling end and the called end can successfully establish a bidirectional communication channel in a complex network environment. The method not only improves the success rate of communication, but also reduces the dependence on the network environment of the called terminal, and is suitable for various NAT types and firewall configurations. Through the forwarding mechanism of the relay server, efficient and stable communication can be realized even under a symmetrical NAT environment. Unified management of signaling (frps) and media (STUN/TURN) penetration is achieved through a collaborative proxy architecture.
Example two
Based on the same inventive concept, the present application also provides a second embodiment, referring to fig. 3, fig. 3 is a schematic flow chart of a second embodiment of the relay agent-based channel negotiation method of the present application. In this embodiment, the channel negotiation method based on the relay agent includes steps S50 to S60:
And S50, switching the private network address to the public network address of the called terminal when the binding request is not fed back.
And step 60, initiating a secondary binding request to the called terminal based on the public network address.
In this embodiment, the fact that the binding request is not fed back means that the response of the called terminal to the binding request is not received within a preset time, which generally indicates that the connection attempt fails. Private network address switching refers to changing a communication destination address from a private network address to a public network address. The secondary binding request is a binding request reinitiated based on the public network address after the first binding request fails.
And when the calling terminal does not receive the response of the called terminal within the preset timeout time, judging that the binding request is not fed back. And then switching the communication target address from the private network address to the public network address of the called terminal, and resending the binding request based on the public network address of the called terminal. The called terminal receives the request and verifies the connection, and if the verification is successful, a response is returned.
Optionally, in this embodiment, before the step of switching the private network address to the public network address of the called end when the binding request is not fed back, the method further includes:
If the detection failure times of the current network address exceeds the preset threshold, prohibiting the follow-up initiation of the binding request to the current network address.
Specifically, a timeout timer may be set in the calling party, which is started by the calling party when the binding request is sent. Before the timer expires, it is detected whether a response from the called terminal is received. If the timer times out and no response is received, it is determined that the binding request is not fed back. And when the binding request is not fed back, increasing the detection failure count of the current network address. And comparing the detection failure times with a preset threshold value. If the detection failure times exceed the preset threshold, the network address is marked as unreachable, and the subsequent sending of the binding request to the address is forbidden. By setting the overtime threshold and the failure frequency threshold, repeated invalid attempts when the network address is not reachable are effectively avoided, and the communication efficiency and the system performance are improved. By recording the number of failures and prohibiting subsequent requests, unnecessary network resource consumption is reduced while ensuring the stability and reliability of communication.
In the technical scheme provided by the embodiment, the success rate and the reliability of communication are improved by switching to the public network address and initiating the secondary binding request when the primary binding request is not fed back. The method effectively solves the problem of communication failure caused by unreachable private network addresses, adapts to complex network environments, and ensures the communication stability under various NAT types and firewall configurations.
Example III
Based on the same inventive concept, the present application also provides a third embodiment, referring to fig. 4, and fig. 4 is a schematic flow chart of a third embodiment of the relay agent-based channel negotiation method of the present application. In this embodiment, the channel negotiation method based on the relay agent includes steps S70 to S90:
step S70, after the bidirectional network address channel is established, the digital certificate is exchanged with the called terminal based on a preset protocol and an encryption key is negotiated.
And step S80, carrying out end-to-end encryption on the media stream through the encryption key, and transmitting the encrypted media stream to the called end based on the bidirectional network address channel.
Step S90, if the NAT type of the called terminal is detected to be the complete cone, skipping the relay server, and directly transmitting RTP messages to the called terminal through the public network address.
In this embodiment, the preset protocol is a protocol for exchanging digital certificates and negotiating encryption keys, such as DTLS (Datagram Transport Layer Security). The digital certificate is used to verify the digital certificates of the identity of the two parties of the communication. The encryption key is a key for encrypting and decrypting communication data. The end-to-end encryption can ensure that the media stream is encrypted at the sending end and decrypted at the receiving end, and the intermediate node cannot read the content. The media stream is a data stream of audio, video, etc. transmitted in real time. Full cone NAT is a type of NAT that allows direct communication between internal and external addresses. RTP packets are real-time transport protocol (RTP) packets that are used to transport real-time data, such as audio and video.
Specifically, the calling end and the called end exchange respective digital certificates through a preset protocol (such as DTLS). Then, the two parties verify the digital certificate of the other party, ensure the legitimacy of the identities of the two parties of communication, and negotiate a shared encryption key through a key negotiation algorithm (such as ECDH) based on the digital certificate. The calling end encrypts the media stream using the negotiated encryption key. And sending the encrypted media stream to a called terminal through a bidirectional network address channel, and decrypting the media stream by the called terminal by using the same encryption key. If the NAT type of the called terminal is detected to be the complete cone, the relay server is skipped to directly transmit the RTP message, namely the calling terminal directly transmits the RTP message through the public network address of the called terminal.
In the technical scheme provided by the embodiment, the security and privacy of communication are ensured by carrying out digital certificate exchange and encryption key negotiation after the bidirectional network address channel is established. Confidentiality and integrity of the media stream is protected by end-to-end encryption. In addition, by detecting the NAT type of the called end, the communication path is optimized, the relay server is skipped under the complete cone NAT environment, the delay is reduced, and the communication efficiency is improved.
The application provides a channel negotiation device based on a relay agent, which comprises at least one processor and a memory in communication connection with the at least one processor, wherein the memory stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor so that the at least one processor can execute the channel negotiation method based on the relay agent in the first embodiment.
Referring now to fig. 5, a schematic diagram of a relay agent based tunnel negotiation apparatus suitable for use in implementing embodiments of the present application is shown. The relay agent-based channel negotiation apparatus in the embodiment of the present application may include, but is not limited to, mobile terminals such as mobile phones, notebook computers, digital broadcast receivers, personal digital assistants (PDA, personal DIGITAL ASSISTANT), tablet computers (PAD, portable Application Description), portable multimedia players (PMP, portable MEDIA PLAYER), vehicle-mounted terminals (e.g., vehicle-mounted navigation terminals), and the like, and fixed terminals such as digital TVs, desktop computers, and the like. The relay agent-based channel negotiation apparatus illustrated in fig. 5 is merely an example, and should not impose any limitation on the functions and scope of use of the embodiments of the present application.
As shown in fig. 5, the relay agent-based channel negotiation apparatus may include a processing device 1001 (e.g., a core processor, a graphics processor, etc.) that may perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 1002 or a program loaded from a storage device 1003 into a random access Memory (RAM, random Access Memory) 1004. In the random access memory 1004, various programs and data required for the operation of the relay agent-based channel negotiation apparatus are also stored. The processing device 1001, the read only memory 1002, and the random access memory 1004 are connected to each other by a bus 1005. An input/output (I/O) interface 1006 is also connected to the bus. In general, a system including an input device 1007 such as a touch screen, a touch pad, a keyboard, a mouse, an image sensor, a microphone, an accelerometer, a gyroscope, etc., an output device 1008 including a Liquid Crystal Display (LCD) CRYSTAL DISPLAY, a speaker, a vibrator, etc., a storage device 1003 including a magnetic tape, a hard disk, etc., and a communication device 1009 may be connected to the I/O interface 1006. The communication means 1009 may allow the relay agent based channel negotiation device to communicate wirelessly or wiredly with other devices to exchange data. While a relay agent based tunnel negotiation apparatus is shown with various systems, it should be understood that not all of the illustrated systems are required to be implemented or provided. More or fewer systems may alternatively be implemented or provided.
In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via a communication device, or installed from the storage device 1003, or installed from the read only memory 1002. The above-described functions defined in the method of the disclosed embodiment of the application are performed when the computer program is executed by the processing device 1001.
The channel negotiation equipment based on the relay agent provided by the application adopts the channel negotiation method based on the relay agent in the embodiment, and can solve the technical problem of lower flexibility of the traditional scheme in realizing media stream transmission. Compared with the prior art, the channel negotiation equipment based on the relay agent has the same beneficial effects as the channel negotiation method based on the relay agent provided by the embodiment, and other technical features in the channel negotiation equipment based on the relay agent are the same as the features disclosed in the method of the previous embodiment, and are not repeated herein.
It is to be understood that portions of the present disclosure may be implemented in hardware, software, firmware, or a combination thereof. In the description of the above embodiments, particular features, structures, materials, or characteristics may be combined in any suitable manner in any one or more embodiments or examples.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
The present application provides a computer readable storage medium having computer readable program instructions (i.e., a computer program) stored thereon for performing the relay agent based channel negotiation method in the above-described embodiments.
The computer readable storage medium provided by the present application may be, for example, a U disk, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, or device, or a combination of any of the foregoing. More specific examples of a computer-readable storage medium may include, but are not limited to, an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access Memory (RAM, random Access Memory), a Read-Only Memory (ROM), an erasable programmable Read-Only Memory (EPROM, erasable Programmable Read Only Memory, or flash Memory), an optical fiber, a portable compact disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In this embodiment, a computer-readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, or device. Program code embodied on a computer readable storage medium may be transmitted using any appropriate medium, including but not limited to electrical wiring, fiber optic cable, radio Frequency (RF), the like, or any suitable combination of the foregoing.
The above-mentioned computer-readable storage medium may be included in the relay agent-based channel negotiation apparatus or may exist alone without being assembled into the relay agent-based channel negotiation apparatus.
The computer readable storage medium is loaded with one or more programs, when the one or more programs are executed by the channel negotiation equipment based on the relay agent, the channel negotiation equipment based on the relay agent requests to acquire a relay agent address from a relay server, encapsulates the relay agent address into a candidate address of a session description protocol and sends the candidate address to a called end through the relay server, analyzes network address information in response information fed back by the called end, initiates a binding request to a private network address of the called end, wherein the network address information comprises the private network address and a public network address of the called end, sends a penetration request to a designated port of the relay server if the binding request is not connected with the called end, the penetration request comprises the public network address of the called end, so that the relay server forwards the penetration request to the called end based on the public network address, and sends the binding request to the proxy address of the called end through the relay server, and the network channel is established in a bidirectional way.
Computer program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a local area network (LAN, local Area Network) or a wide area network (WAN, wide Area Network), or may be connected to an external computer (e.g., through the internet using an internet service provider).
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules involved in the embodiments of the present application may be implemented in software or in hardware. Wherein the name of the module does not constitute a limitation of the unit itself in some cases.
The readable storage medium provided by the application is a computer readable storage medium, and the computer readable storage medium stores computer readable program instructions (namely computer program) for executing the channel negotiation method based on the relay agent, so that the technical problem that the flexibility of the traditional scheme is low when the transmission of the media stream is realized can be solved. Compared with the prior art, the beneficial effects of the computer readable storage medium provided by the application are the same as those of the channel negotiation method based on the relay agent provided by the above embodiment, and are not described in detail herein.
Embodiments of the present application provide a computer program product comprising a computer program which, when executed by a processor, implements the steps of a relay agent based channel negotiation method as described above.
The computer program product provided by the application can solve the technical problem that the flexibility of the traditional scheme is low when the transmission of the media stream is realized. Compared with the prior art, the beneficial effects of the computer program product provided by the embodiment of the present application are the same as the beneficial effects of the channel negotiation method based on the relay agent provided by the above embodiment, and are not described in detail herein.
The foregoing description is only of the preferred embodiments of the present application, and is not intended to limit the scope of the application, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein, or any application, directly or indirectly, within the scope of the application.

Claims (10)

1. The channel negotiation method based on the relay agent is characterized by being applied to a calling end, and comprises the following steps of:
Requesting a relay server to acquire a relay proxy address, encapsulating the relay proxy address into a candidate address of a session description protocol, and transmitting the relay proxy address to a called terminal through the relay server;
Resolving a private network address in response information fed back by the called terminal, and initiating a binding request to the private network address of the called terminal;
if the binding request does not establish connection with the called end, sending a penetration request to a designated port of the relay server, wherein the penetration request comprises a public network address of the called end, so that the relay server forwards the penetration request to the called end based on the public network address;
and establishing a bidirectional network address channel with the called terminal through the penetration request forwarded by the relay server and the binding request initiated by the called terminal to the relay proxy address.
2. The method of claim 1, wherein the step of requesting the relay server to acquire the relay proxy address, encapsulating the relay proxy address into a candidate address of a session description protocol, and transmitting the candidate address to the called terminal through the relay server, comprises:
sending an address query request to a STUN server, wherein the relay server comprises the STUN server and a TURN server;
applying for a relay agent port and the relay agent address from the TURN server;
and encapsulating the relay agent port and the relay agent address into a candidate address list of the session description protocol, and transmitting the candidate address list to the called terminal based on the relay agent port.
3. The method of claim 1, wherein the steps of resolving a private network address in response information fed back by the called terminal and initiating a binding request to the private network address of the called terminal include:
Analyzing the response information fed back by the called terminal, and extracting a public network address and a private network address of the called terminal;
According to a preset strategy, preferentially sending the binding request to the private network address of the called terminal;
And if no response is received within a preset timeout threshold, sending the binding request to the public network address of the called terminal.
4. The method of claim 1, wherein after the steps of resolving the private network address in the response information fed back by the called terminal and initiating a binding request to the private network address of the called terminal, further comprises:
when the binding request is not fed back, switching the private network address to the public network address of the called terminal;
and initiating a secondary binding request to the called terminal based on the public network address.
5. The method of claim 4, wherein the step of switching the private network address to the public network address of the called side further comprises, when the binding request is not fed back:
if the called end response is not received within the preset timeout threshold, judging that the binding request is not fed back;
recording the detection failure times of the current network address, and prohibiting the follow-up initiation of the binding request to the current network address if the failure times exceed a preset threshold value.
6. The method of claim 1, wherein the step of establishing a bidirectional network address channel with the called party after the step of forwarding the pass-through request with the binding request initiated by the called party to the relay proxy address by the relay server further comprises:
After the bidirectional network address channel is established, exchanging a digital certificate with the called terminal based on a preset protocol and negotiating an encryption key;
End-to-end encryption is carried out on the media stream through the encryption key, and the encrypted media stream is transmitted to the called end based on the bidirectional network address channel;
If the NAT type of the called terminal is detected to be the complete cone, skipping the relay server, and directly transmitting the RTP message to the called terminal through the public network address.
7. The method of claim 1, wherein the step of requesting the relay server to obtain the relay proxy address and encapsulating the relay proxy address into a candidate address of a session description protocol and transmitting the candidate address to the called side further comprises:
Sending a port allocation request to the relay server so that the relay server allocates corresponding port information according to the port request;
receiving an allocated mapping port returned by the relay server;
And establishing a connection channel with the relay server according to the mapping port so as to request the relay server to acquire the relay proxy address based on the connection channel.
8. The method of claim 1, wherein if the binding request does not establish a connection with the called end, before the step of sending a pass-through request to the designated port of the relay server, further comprising:
Detecting a local network firewall policy, and if the firewall limits the outbound port, initiating port detection to a preset port range of the relay server;
And selecting an available target port according to a port detection result to send the penetration request.
9. A relay agent based tunnel negotiation apparatus comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the computer program being configured to implement the steps of the relay agent based tunnel negotiation method according to any of claims 1 to 8.
10. A storage medium, characterized in that the storage medium is a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the relay agent based channel negotiation method according to any of claims 1 to 8.
CN202510543326.7A 2025-04-28 2025-04-28 Channel negotiation method, device and storage medium based on relay agent Active CN120091002B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202510543326.7A CN120091002B (en) 2025-04-28 2025-04-28 Channel negotiation method, device and storage medium based on relay agent

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202510543326.7A CN120091002B (en) 2025-04-28 2025-04-28 Channel negotiation method, device and storage medium based on relay agent

Publications (2)

Publication Number Publication Date
CN120091002A CN120091002A (en) 2025-06-03
CN120091002B true CN120091002B (en) 2025-07-25

Family

ID=95849194

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202510543326.7A Active CN120091002B (en) 2025-04-28 2025-04-28 Channel negotiation method, device and storage medium based on relay agent

Country Status (1)

Country Link
CN (1) CN120091002B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN121078114B (en) * 2025-11-10 2026-02-10 深圳鼎信通达股份有限公司 Cross-network communication proxy method, apparatus, device, storage medium, and computer program product
CN121567683A (en) * 2026-01-21 2026-02-24 上海鹰角网络科技有限公司 Communication method and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101977178A (en) * 2010-08-09 2011-02-16 中兴通讯股份有限公司 Relay-based media channel establishing method and system
CN111064814A (en) * 2018-10-16 2020-04-24 中国电信股份有限公司 VxLAN NAT traversal method, system and gateway based on PCP

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117527973B (en) * 2024-01-04 2024-04-09 深圳鼎信通达股份有限公司 XDP-based high-speed data forwarding method and device, voice gateway and medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101977178A (en) * 2010-08-09 2011-02-16 中兴通讯股份有限公司 Relay-based media channel establishing method and system
CN111064814A (en) * 2018-10-16 2020-04-24 中国电信股份有限公司 VxLAN NAT traversal method, system and gateway based on PCP

Also Published As

Publication number Publication date
CN120091002A (en) 2025-06-03

Similar Documents

Publication Publication Date Title
US11108570B2 (en) Method and apparatus for multimedia communication, and storage medium
CN120091002B (en) Channel negotiation method, device and storage medium based on relay agent
TWI441495B (en) Systems and methods for establishing connections between devices communicating over a network
US9515995B2 (en) Method and apparatus for network address translation and firewall traversal
RU2660620C1 (en) Communication device and method of bypassing gateway firewall of application layer in setting rts communication connection between rts-client and rts-server
US9319439B2 (en) Secured wireless session initiate framework
CN111740990B (en) Method and system for intercepting and decrypting fingerprint protected media traffic
US9497168B2 (en) Method and apparatus for supporting communications between a computing device within a network and an external computing device
US9172559B2 (en) Method, apparatus, and network system for terminal to traverse private network to communicate with server in IMS core network
US9369491B2 (en) Inspection of data channels and recording of media streams
US11297115B2 (en) Relaying media content via a relay server system without decryption
US9781258B2 (en) System and method for peer-to-peer media routing using a third party instant messaging system for signaling
JP6345816B2 (en) Network communication system and method
US20060212933A1 (en) Surveillance implementation in a voice over packet network
CN105516062A (en) L2TP over IPsec access realizing method
US20060230445A1 (en) Mobile VPN proxy method based on session initiation protocol
US10182037B2 (en) Method for the transmission of a message by a server of an IMS multimedia IP core network, and server
US20060288423A1 (en) Method, system and network elements for establishing media protection over networks
CN105635076A (en) Media transmission method and device
Orrblad Alternatives to MIKEY/SRTP to secure VoIP
CN106921624B (en) Session boundary controller and data transmission method
EP1708449A1 (en) Mobile VPN proxy method based on session initiation protocol
CN121078114B (en) Cross-network communication proxy method, apparatus, device, storage medium, and computer program product
CN117221292A (en) Audio playing method and device, electronic equipment and storage medium
Egger et al. Safe Call

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant