综合STUN与HTTP代理的SIP穿越NAT设计与实现

发布时间：2018-01-31 06:40

  本文关键词： SIP NAT穿越 UDP打洞 STUN HTTP隧道　出处：《南京航空航天大学》2014年硕士论文　论文类型：学位论文

【摘要】：SIP协议作为下一代网络最重要协议之一,已被广泛应用于VoIP系统中。为了解决公网IP地址匮乏以及网络安全等问题,企业网一般都使用了NAT和防火墙技术。虽然NAT技术可以很好的解决IP地址匮乏问题,但SIP协议本身并不具有穿越NAT的能力,因此NAT对VoIP通信造成了不利影响。目前,现有的SIP穿越NAT的解决方案都存在一定的局限性,各有优缺点。本文提出一种综合STUN和HTTP代理的NAT穿越新方案,该方案通过STUN技术自动判断网络环境类型,针对不同的网络环境分别设计了具体的穿越流程。对于锥形NAT,该方案结合UDP打洞技术对其穿越;对于其它限制严格的NAT,该方案利用STUN技术和HTTP代理实现穿越。本方案可以穿越包括UDP受阻型等限制严格的NAT/防火墙,且不需要更换现有的NAT设备。为了更合理的分配系统资源,本文提出了SIP服务端系统资源优化方案,由统计数据得知客户终端发起通话请求的规律,计算出系统在现有设置下的各项性能指标。设定系统性能的期望指标,计算出系统各时段满足期望的资源数量,结果表明各时段需要的资源数量远小于原系统设置的数量,优化了系统对资源的分配。为了解决系统服务高峰期产生的服务质量下降问题,本文进一步的对系统资源做了动态优化,降低了用户等待服务时间,提高了系统的性能。为了验证本方案的功能,在各类NAT网络环境中进行了试验,并做了抓包分析。利用SIPp测试软件对其进行性能分析,结果表明本方案具有较好的性能和稳定性。通过与其它方案对比,表明本方案可以穿越更多类型NAT/防火墙,能够更合理的分配系统资源,具有很好的应用价值。
[Abstract]:As one of the most important protocols in next generation network, SIP protocol has been widely used in VoIP system. In order to solve the problem of lack of IP address in public network and network security and so on. Enterprise networks generally use NAT and firewall technology. Although NAT technology can solve the problem of IP address scarcity, SIP protocol itself does not have the ability to traverse NAT. Therefore, NAT has a negative impact on VoIP communication. At present, the existing solutions of SIP traversing NAT have some limitations. This paper presents a new NAT traversal scheme combining STUN and HTTP agents, which automatically determines the type of network environment through STUN technology. Specific traversing flow is designed for different network environments. For conical NATA, this scheme combines UDP drilling technique to traverse it. For other restricted NATs, the scheme uses STUN technology and HTTP proxy to implement traversing. This scheme can traverse the Nat / firewall which includes the UDP blocked type and so on. And do not need to replace the existing NAT equipment. In order to allocate system resources more reasonably, this paper proposes a SIP server system resource optimization scheme, from the statistical data to know the customer terminal call request rule. The performance indexes of the system under the existing settings are calculated. The expected index of the system performance is set, and the number of resources that meet the expectations in each time period of the system is calculated. The results show that the amount of resources needed in each period is much smaller than that of the original system, and the allocation of resources is optimized. In order to solve the problem of service quality decline caused by the peak period of system service. This paper further optimizes the system resources, reduces the waiting time of users, and improves the performance of the system. In order to verify the function of this scheme, experiments are carried out in various NAT network environments. The results show that this scheme has good performance and stability. It shows that this scheme can traverse more types of NATT / firewall, and can allocate system resources more reasonably, so it has good application value.
【学位授予单位】：南京航空航天大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.04
，

本文编号：1478488