Method for session initiation protocol (SIP) terminal to pass through firewall

A firewall and terminal technology, applied in the direction of electrical components, transmission systems, etc., can solve problems such as incompatibility, not fully suitable for the current situation, unsuitable, etc.

Inactive Publication Date: 2013-06-26
1 Cites 2 Cited by

AI-Extracted Technical Summary

Problems solved by technology

[0003] However, none of the above methods is suitable for all situations that need to be traversed, and any one of ...
View more


The invention relates to a method for a session initiation protocol (SIP) terminal to pass through a firewall. The method comprises the steps of collecting local transport addresses at a first terminal; starting user datagram protocol (UDP) simple passing of network address translation (NAT); determining priorities of the transport addresses, enabling a priority reflection terminal to receive priority level of media streams on the addresses; establishing initiate messages which are composed of a series of media streams, and enabling a transport address for achieving maximum connection possibility between random equipotent devices of every media stream to be an address provided by a public network forwarding server; performing response processing at a second terminal, wherein the response processing comprises connectivity check and the address collecting process; sending accept messages if the second terminal accepts; and performing accept message processing at the first terminal, sending commands and forwarding the commands to a responder through an SIP server.

Application Domain


Technology Topic

Local Area TransportUser Datagram Protocol +4


  • Method for session initiation protocol (SIP) terminal to pass through firewall
  • Method for session initiation protocol (SIP) terminal to pass through firewall


  • Experimental program(1)

Example Embodiment

[0014] figure 1 An exemplary implementation environment for embodiments of the invention is shown. refer to figure 1 As shown, the environment includes a SIP server 120 and a plurality of SIP (Session Initiation Protocol) terminals 101-103. These SIP terminals 101 - 103 are connected to the server 120 . Here, a plurality of NAT gateways 111-113 exist between the connection network of each SIP terminal 101-103 and the SIP server 120. Therefore, the communication from the outside of each NAT gateway 111-113 to each SIP terminal 101-103 needs to pass through the NAT gateway and the firewall configured therein. Each NAT gateway 111-113 may have multiple SIP terminals, and only one of them is shown here as an example. In one embodiment, the SIP terminal may be an IP phone.
[0015] figure 2 A flow chart of a traversal method according to an embodiment of the present invention is shown. refer to figure 2 As shown, the method includes the following steps:
[0016] Step 201, collect local transport addresses. The session parties, such as each SIP terminal 101-103, obtain from the SIP server 120 a local transport address bound to a port on a physical (or virtual) interface on the host.
[0017] Step 202, start UDP simple traversal of NAT (STUN). STUN is a traditional process and will not be expanded here. It is worth mentioning that, unlike the traditional STUN process, the user name and password in this embodiment can be exchanged through a signaling protocol.
[0018] Step 203, determining the priority of the transmission address. The priority reflects the priority level of the terminal to receive media streams at this address. In an embodiment, the value of the priority ranges from 0 to 1, and is determined according to the media traffic to be transmitted.
[0019] Step 204, construct initialization message (Initiate Message). The initialization message consists of a series of media streams, and the transmission address of each media stream to achieve the maximum connectivity between any peer device is the address provided by the public network forwarding server (such as TURN).
[0020] Step 205, response processing, where the connectivity is checked and the address collection process described in this flow is executed.
[0021] In step 206, an acceptance message (Accept Message) is generated. If accepted, an acceptance message is sent, and its construction process is similar to the initialization information.
[0022] Step 207, accepting information processing. The acceptance process requires the initiator to use the Send command, which is forwarded to the responder by the SIP server.
[0023] Step 208, as a non-essential step, after the initialization or acceptance message exchange process ends, the two parties may still continue to collect the transmission address.
[0024] In order to implement the method of the present invention on each SIP terminal, a full (Full) version or a simplified (Lite) version of the program can be configured in the SIP terminal. The features of the full version of the program include: no specific requirements for the network topology; as the initiator (Caller), it will play the role of controlling (Controlling); initiate a connectivity check and respond to the other party's connectivity check; support Triggered connectivity check . The features of the streamlined version of the program include: directly connecting to the Internet; not collecting candidates itself, only host-type candidates; not actively initiating connectivity checks; responding to the other party's connectivity checks.
[0025] During software configuration, a full version of the program can be configured in some SIP terminals, and a simplified version of the program can be configured in other SIP terminals. When the terminal configured with the shortened version of the program is connected to the terminal configured with the full version of the program, the latter acts as the controlling role, and the former acts as the controlled role.
[0026] It can be understood that before implementing the SIP call flow, it is necessary to initialize the relevant class library, allocate the corresponding memory pool, and initialize the session (Session) structure.
[0027] As a caller, the flow is as follows:
[0028] A. Issue an INVITE:
[0029] 1 Create Tranport-related structures;
[0030] 2 generation of candidates;
[0031] 3 In the issued INVITE, additional relevant information is included in the SDP;
[0032] B. After receiving 200OK from the other party:
[0033] 1 Analyze the information contained in the SDP in 200OK;
[0034] 2 Generate a check list based on the information;
[0035] 3 Check the connectivity of the check list;
[0036] 4 Cancel the Transport related structure;
[0037] 5. According to the result of the connectivity check, recreate the RTP/RTCP socket and close the original socket.
[0038] In addition, as a callee, its internal process is as follows:
[0039] A. After receiving the other party's INVITE
[0040] 1 Analyze the information contained in the SDP in the INVITE;
[0041] B. Issue 200OK:
[0042] 1 Create Tranport-related structures;
[0043] 2 generation of candidates;
[0044] 4 Generate a check list and perform a connectivity check;
[0045] 5 Respond to the other party's Trigger check;
[0046] 6 Re-create the RTP/RTCP socket according to the result of the connectivity check, and close the original socket.
[0047] Although the present invention has been disclosed above with preferred embodiments, it is not intended to limit the present invention. Any person skilled in the art may make some modifications and improvements without departing from the spirit and scope of the present invention. Therefore, the present invention The scope of protection should be defined by the claims.


no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products