CN102694711A - Wide area network bandwidth saving method and device in IP monitoring system - Google Patents
Wide area network bandwidth saving method and device in IP monitoring system Download PDFInfo
- Publication number
- CN102694711A CN102694711A CN2012101360575A CN201210136057A CN102694711A CN 102694711 A CN102694711 A CN 102694711A CN 2012101360575 A CN2012101360575 A CN 2012101360575A CN 201210136057 A CN201210136057 A CN 201210136057A CN 102694711 A CN102694711 A CN 102694711A
- Authority
- CN
- China
- Prior art keywords
- tunnel
- intranet
- address
- message
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a wide area network bandwidth saving method in an IP monitoring system. The monitoring system comprises EC, VC and LNS, wherein at least one EC and VC establish an L2TP tunnel connection with LNS. The method comprises the steps of receiving a registration message sent by EC and VC, saving EC and VC address information in the registration message, establishing a monitoring video stream transmission channel between EC and VC and through L2TP tunnel, sending an instruction to attempt to carry out intranet communication with an opposite end to EC and VC; receiving an intranet communication attempt report sent by VC, determining whether EC and VC can carry out communication with the intranet according to the address information of the report message and the self-saved address information, and if EC and VC can carry out communication with the intranet, sending a communication mode switching instruction to instruct EC to switch from an L2TP tunnel communication mode toan intranet communication mode. The method and the device provided by the invention effectively solve the problem of wide area network bandwidth consumption inthe tunnel mode.
Description
Technical field
The present invention relates to field of video monitoring, relate in particular to intranet and extranet method for communicating and device in the IP supervisory control system.
Background technology
The video monitoring of IP based network has developed into the main flow scheme of security protection industry gradually, is successfully applied to mega projects such as safety engineering, highway, public security net, garden.The standard of IP also makes the integration of each network islands become easily with open, makes the expansion of network size become light.Consider the nervous and existing overlapped reality of each Local Area Network address field of IPv4 address resource, and the diverse network security needs, xegregating units such as NAT, fire compartment wall, safe isolation gap by number of applications in catenet.This just makes the signaling of IP-based video monitoring system and operation flow become very complicated, even causes some business in some specific networking, can't carry out.Below simple when setting forth xegregating units such as having NAT, fire compartment wall, safe isolation gap down at video surveillance network, the become cause of difficult and complicated of video surveillance network communication.
With most typical NAT is example; In network, exist in the NAT device; Because the IP message passes after the NAT device its source IP address or purpose IP address can change; And a monitoring business signaling message inside also carries source IP address and purpose IP address usually, causes the address disunity of message inside and outside (header) thus, and this many times can cause puzzlement to the video monitoring service flow process.In addition; If the NAT outer net exists equipment will at first initiate to lead to the TCP/UDP connection of Intranet; Static address/the port mapping that just must be first on NAT device, disposes internal server for those equipment of Intranet respectively obviously like this can be wasted a large amount of public network addresses, many times also is unallowed.Certainly, Control Server can judge two mutual equipment who be in the NAT Intranet who when being in outer net, can notify the equipment of Intranet initiatively to initiate to connect to outer net equipment.But this require each session connection all realize two kinds or even two or more handling processes, can become very complicated for a this combination of operation flow that has comprised a plurality of session behaviors.Moreover some benchmark service does not allow mutual both sides to put upside down the role of C/S yet.
Say for another example, when having fire compartment wall, need the open a considerable amount of UDP/TCP ports of fire compartment wall so that the server in the fire compartment wall like video monitoring client terminal, can initiatively be visited, like video management server (VM) in the outer terminal of fire compartment wall.So just brought potential safety hazard to corporate intranet.
When having safe isolation gap; The gateway of realizing with the IP agent way in a large number (promptly sends to an Agent IP of gateway earlier from the flow of outside; Gateway is transmitted toward Intranet after revising purpose IP again); Usually can require gateway to assist the internal information of traffic signaling is made corresponding modification, because wherein possibly include the IP address information.So new features of the every exploitation of supervisory control system producer possibly all can require gateway company to cooperate and make corresponding feature development.
In addition, some special users also have special video surveillance network demand.Such as the higher network of security requirements such as public security network needs: all session connections all require to be initiated by Intranet, otherwise external flow has just got into not Intranet.In a typical centralized control framework; The terminal, like encoding device, at first must be to server; Like video management server; Initiate register command, demand (telecommunication) service also is that the program request main frame is initiated application to server earlier, when terminal and main frame be in outer net and server when being in Intranet business will meet with predicament.
Summary of the invention
The monitoring video flow problem of wide area network that possibly detour when the object of the invention is to solve the IP supervisory control system and adopts tunnel mode to pass through xegregating unit.Technical scheme of the present invention is achieved in that
The present invention provides the method for practicing thrift the wide area network bandwidth in a kind of IP supervisory control system, and this method is applied on the video management server (VM) of supervisory control system, and wherein said supervisory control system also comprises EC, VC and LNS; Wherein at least one EC and VC establish L2TP Tunnel with LNS and are connected, and this method comprises:
Receive the logon message that EC and VC send, the address information of EC and VC in the preservation logon message;
Indicating correspondingly according to the order request of VC, EC sends monitoring video flow;
Setting up after the monitoring video flow transmission channel via L2TP Tunnel between EC and VC sent with the opposite end to EC and VC and to be carried out the instruction that Intranet is communicated by letter and attempted;
Receive the Intranet communication trial report that VC sends; Judge between EC and the VC whether can communicate according to the address information of report message and the address information of self preserving through Intranet; If then send the communication pattern switching command, indication EC switches to the Intranet communication pattern from the L2TP Tunnel communication pattern.
Practice thrift the method for wide area network bandwidth in also a kind of IP supervisory control system of the present invention, this method is applied on the EC of supervisory control system, also comprises VC, VM and LNS in the wherein said supervisory control system; Wherein at least one EC and at least one VC all establish L2TP Tunnel with LNS and are connected, and this method comprises:
Initiate the tunnel connection request to LNS, set up L2TP Tunnel with LNS and be connected;
EC is carried at self address information and sends to VM in the logon message;
Send after according to the indication of VM the monitor video stream encryption;
After setting up the monitoring video flow transmission channel through L2TP Tunnel, receive the Intranet communication trial instruction that VM sends with VC;
According to the signaling message that carries Intranet communication trial instruction that VM sends, attempt carrying out Intranet and communicate by letter with VC;
Under the situation of Intranet communication trial and success,, the communication pattern between self and the VC is switched to the Intranet communication pattern from the L2TP Tunnel communication pattern according to the signaling message that carries the communication pattern switching command that sends of VM.
Practice thrift the method for wide area network bandwidth in also a kind of IP supervisory control system of the present invention, this method is applied on the VC of supervisory control system, also comprises EC, VM and LNS in the wherein said supervisory control system; This method comprises:
Initiate the tunnel connection request to LNS, set up L2TP Tunnel with LNS and be connected;
VC is carried at self address information and sends to VM in the logon message;
Send the request that program request EC goes up monitoring video flow to VM;
After setting up the monitoring video flow transmission channel through L2TP Tunnel, receive the Intranet communication trial instruction that VM sends with EC;
When receiving the message that said EC sends through Intranet, send report to VM;
Under the situation of Intranet communication trial and success, the communication pattern between self and the EC is switched to the Intranet communication pattern from the L2TP Tunnel communication pattern.
The present invention can be through having solved the problem of Wide Area Network bandwidth consumption under the tunnel mode dexterously when using tunneling technique to pass through xegregating unit, the solution scientific and precise has taken into full account the IP address and the problem that objective law possibly cause such as repeated.
Description of drawings
Fig. 1 is a kind of IP supervisory control system networking diagram that passes through xegregating unit through L2TP Tunnel;
Fig. 2 is the another kind of IP supervisory control system networking diagram that passes through xegregating unit through L2TP Tunnel;
Fig. 3 is a kind of monitor node common hardware of the present invention Organization Chart;
Fig. 4 is a kind of monitor node generic logic of the present invention structure chart.
Embodiment
Below in conjunction with accompanying drawing and specific embodiment the present invention is remake further detailed explanation.
Fig. 1 has shown a single domain IP supervisory control system.Single domain IP supervisory control system refers to have only in the system monitoring management territory; Such system has a lot of branching networks, but has only a branch to bear management role, more typically; The supervisory control system that only has a video management server (VM) to control; This branch that is in charge of is commonly referred to central site network, except VM, can also comprise data management server DM, MS and these monitoring servers of data centralization memory device IPSAN.
The supervisory control system of Fig. 1 has comprised xegregating unit, EC, VC, VM, DM, MS and LNS service end.In supervisory control system of the present invention, EC, VC and various server are called as monitor node.In Fig. 1, branching networks EC and VC are positioned at the inboard of self network egress xegregating unit, are promptly isolated a protected in other words side, are also referred to as the Intranet side.And monitoring server is the outside that is positioned at xegregating unit naturally with respect to above-mentioned xegregating unit, is also referred to as the outer net side.
The existence of xegregating unit causes Intranet can initiatively visit outer net, is the problem that can't visit Intranet but outer net does not have under the prerequisite of particular arrangement at xegregating unit.Therefore in one embodiment of the present invention; At first initiate tunnel connection request as L2TP client (LAC) to L2TP service end (LNS) by the monitor node of Intranet, the tunnel connects foundation back Intranet monitor terminal will obtain the internal layer IP address, tunnel by the distribution of L2TP service end.(as shown in Figure 2) in one embodiment, the IP address of this tunnel internal layer belongs to outer net.That is to say that the monitor node of Intranet has had the IP address of outer net, so it can communicate with outer net in the IP aspect.In another embodiment; Intranet monitor node and outer net monitor node all obtain internal layer IP address, tunnel from the absolute address pond of LNS service end; This address pool is independent of Intranet and outer net, and this IP address planning that can not upset outer net greatly reduces client's network management puzzlement.The present invention describes with L2TP as an example, and those of ordinary skills can use PPTP, GRE and MPLS VPN realize that tunneling technique replaces enforcement to L2TP Tunnel with reference to the relevant relevant RFC of the Internet engineering duty group (IETF) issue.Correspondingly the LNS service end can be deformed into corresponding tunnel opposite equip. according to above-mentioned standard.
Please refer to Fig. 2 and Fig. 3, below introduce the flow process that monitor node communicates through the tunnel, the present invention is referred to as the tunnel communication pattern.
Shown in Fig. 2 is that the internal layer IP address, tunnel that Intranet monitor node (is example as the LAC client with VC) is assigned to is the situation of outer net IP address.The IP address of VC in Intranet is 10.10.10.10/24, and it is initiated dial-up connection startup L2TP Tunnel as LAC to the L2TP of outer net service end and obtains internal layer IP address, tunnel.Being positioned at the LNS of outer net and the IP address of Intranet connecting interface is 12.12.10.10/24, and this address is a public network address from the angle of Intranet, that is to say it is that Intranet can directly be visited; If this address can not directly be had access to, corresponding public network address that can configuring static mapping on the xegregating unit of present networks outlet.In the tunnel communication pattern, it is outer IP address, tunnel.The interface IP address that other equipment of LNS and outer net are connected is 12.12.12.9/24.Need to prove that public network address and private net address are comparatively speaking, it depends on the planning of network, can have been planned also that such as the public network IP address on the Internet being used as private net address reuses.
LNS gives from address pool 12.12.11.0/24 and initiates the LAC distributing IP address that L2TP Tunnel connects, as IP address 12.12.11.10 having been distributed to LAC as its internal layer IP address, tunnel.The IP address 12.12.11.10/24 that the VC employing newly is assigned to communicates through the VM of tunnel and outer net.The employed channel message of tunnel communication pattern please refer to the message packaging model shown in the table 1.
| Outer DIP | Outer SIP | Internal layer DIP | Internal layer SIP | Monitoring signaling data or business datum |
Table 1
Last table ectomesoderm DIP representes the outer IP destination address (like 12.12.10.10/24) in tunnel; Outer SIP representes the outer source address (like 10.10.10.10/24) in tunnel; Internal layer DIP representes internal layer purpose IP address, tunnel (like 12.12.12.9/24), and internal layer SIP representes tunnel internal layer source IP address (like 12.12.11.10/24).
Shown in Figure 3ly be a kind of general underlying hardware framework of the various monitor nodes of the present invention, the present invention can realize through computer program on the basis of this hardware structure.In the execution mode that computer program is realized; The structure chart of logic device of the present invention can reduce structure shown in Figure 4; It comprises Service Processing Unit, Signaling Processing Unit, tunnel processing unit and NIU, and the logical construction of various monitor nodes and function are slightly variant.
NIU is responsible for through IP network transmitting-receiving message.Service Processing Unit mainly is responsible for handling the monitoring business data; The last Business Processing of EC comprises encodes the monitoring video flow or the voice flow of camera, submits to such as the data after will encoding to send through NIU after internal layer IP heading and outer IP heading are gone up in tunnel processing unit encapsulation.And VC goes up Business Processing and mainly comprises the monitoring video flow that receives is carried out decoding processing, through display terminal picture and voice is offered the user then.The Signaling Processing Unit of EC and VC, it is professional mainly to be responsible for processing signaling, just usually said control is professional, such as and VM between Signalling exchange.If obviously monitor node is the such management server of VM or DM, then do not comprise Service Processing Unit usually.If VM do not have with LNS between establish the tunnel and be connected, the tunnel processing unit neither be necessary so.
The tunnel processing unit is mainly used in to LNS and initiates the tunnel connection request, sets up L2TP Tunnel with LNS and is connected, and on the tunnel, sends and receive channel message then.In the tunnel communication pattern; On receive direction; LAC can receive channel message from the LNS direction; The tunnel processing unit carries out the tunnel decapsulation with the channel message of receiving to be handled, and on sending direction, the tunnel processing unit then is responsible for sending behind internal layer IP heading in tunnel on the data encapsulation and the outer IP heading.LNS receives after this channel message; Obtain tunnel internal layer message through decapsulation; According to the purpose IP address of tunnel internal layer message, tunnel internal layer message is transmitted to corresponding monitor node then, this is the communication process (situation shown in Figure 2) that arrives outer net from Intranet.If between the monitor node of outer net and the LNS is that the tunnel is connected (situation as shown in Figure 1); LNS is before transmitting; Also need to connect IP message that encapsulation obtains as tunnel internal layer message, send to the monitor node of Intranet in the encapsulation behind the tunnel skin heading again through the tunnel.
Please refer to Fig. 1; In the tunnel communication pattern; If the view data on the VC2 program request EC perhaps needs request and EC side carry out speech talkback; Corresponding program request or intercommunication request meeting are delivered to EC through L2TP Tunnel, and EC is encapsulated in monitor video flow data or voice flow data (being business datum) in the message and sends to VC2 through the tunnel again.The existence in tunnel can let VC2 pass through xegregating unit like a cork, realizes the visit from the outer net to the Intranet.Because the program request of VC or the control that the intercommunication request all need be passed through VM; If VC1 is the monitoring video flow on the program request EC also; This moment, VC1 used the internal layer IP address, tunnel that is assigned to through the tunnel program request or intercommunication request to be sent on the VM of outer net earlier; The words that VM accepts this program request or intercommunication request can generate corresponding monitoring business signaling message, are encapsulated in through LNS and send to EC in the tunnel.After EC receives this signaling message, through the tunnel business datum is sent (can be direct transmission, also can be to transmit through MS) to program request person or intercommunication requestor equally.Yet EC and VC1 were in same branching networks originally, and in fact EC need not send the monitor video flow data through the tunnel.Yet when adopting the tunnel communication pattern in order to accomplish the whole network for passing through of xegregating unit, the last monitor video flow data process of passing through tunnel of the EC central site network that detours is got back to VC1.Often need pass through wide area network through central site network, the bandwidth of wide area network is normally limited, and the bandwidth that monitoring video flow or voice flow data need take is very high, and this causes very large pressure can for the WAN outlet of supervisory control system.The present invention avoids the generation of said circumstances through handling cleverly, thereby reaches the purpose of practicing thrift the wide area network bandwidth.Need to prove; What more than introduce is the basic realization of tunnel communication pattern; The present invention does not pay close attention to the realization of tunnel communication, but improves the problem of the wide area network bandwidth consumption that possibly cause under the tunnel communication pattern, and this is a common problem under the tunnel communication pattern.
Please refer to Fig. 3 and Fig. 4, below introduce the present invention and how to realize the wide area network bandwidth conservation.Below the processing of control aspect is handled by the Signaling Processing Unit of each monitor node, relate to that channel message sends then by the tunnel processing unit processes, relate to then handling that monitoring video flow handles by Service Processing Unit; Yet then do not need the process of passing through tunnel processing unit through Intranet communication.
Step 101, VC and EC register on VM through L2TP Tunnel, and VC and EC carry in the load of logon message the source IP address of local device with notice VM except register the internal layer IP address, tunnel of using LNS to distribute again;
Like the source IP address of EC in Intranet is 10.1.1.2 (option), and the L2TP Tunnel internal layer IP address of application is 192.168.1.2; The source IP address of VC in Intranet is 10.1.1.3 (option), and the L2TP Tunnel internal layer IP address of application is 192.168.1.3.
After step 102:VM receives registration message from the tunnel, under the address information recording that equipment is carried in logon message;
Step 103:VC carries out speech talkback through monitoring video flow or the request of tunnel program request EC with EC: this moment, VC still sent order request or speech talkback request according to aforementioned tunnel communication pattern to VM;
The corresponding transmission monitoring video flow of step 104:VM notice EC or notify correspondingly EC and this VC mutually to opposite end transmission voice flow;
Step 105: after between EC and VC, setting up service transmission channels through the tunnel, VM initiatively sends Intranet to EC and VC equipment and communicates by letter and attempt instructing, and this instruction is carried in the keep-alive message of monitor terminal node and VM.
Need to prove that under the tunnel communication pattern, set up service transmission channels earlier and can guarantee professional fluency, EC and VC can set up service transmission channels certainly according to the tunnel communication pattern during beginning, help to guarantee the experience of VC end subscriber.
Step 106:EC receives the Intranet communication of VM and attempts at first initiating Intranet communication to the other side after the instruction; VC and EC that the present invention will just attempt in Intranet communication are called T-VC and T-EC respectively; Same reason VC receives the Intranet communication of VM and attempts also can initiating Intranet communication trial to the other side immediately after the instruction.
T-EC and T-VC can send message through proprietary protocol to carry out Intranet and communicates by letter; Begin to attempt using the Intranet IP address of T-VC to send specific message to T-VC such as T-EC as destination address; Can certainly initiate earlier by the VC side.
Step 106: if VC is if receive the message that EC sends, the result that then will receive reports to VM; VC can adopt sip message report; Same reason is if EC is if receive the message that VC sends, and the result that then will receive reports to VM, and wherein EC or VC attempt report in the communication of transmission Intranet and carry the NAT label information.
Step 107: report is attempted in the Intranet communication that carries that receives VC or EC transmission; If current business is demand (telecommunication) service then changes step 108; If current business is the speech talkback business then changes step 110.
Step 108; Judge between EC and the VC whether can communicate according to the address information of report message and the address information of self preserving, switch to the Intranet communication pattern with indication EC from the L2TP Tunnel communication pattern if then send the communication pattern switching command to EC through Intranet.
Step 109, after EC received that VM switches to the instruction of Intranet communication pattern, to Intranet IP communication pattern, and the Intranet IP address that will send the purpose IP address modification VC of Business Stream (being monitoring video flow) sent from the tunnel communication mode switch.
Step 110; Judge between EC and the VC whether can communicate according to the address information of report message and the address information of self preserving through Intranet; If then send the communication pattern switching command to EC that does not send report message or VC, switch to the Intranet communication pattern from the L2TP Tunnel communication pattern to indicate this EC or VC according to the NAT label information in the report;
No matter be program request or speech talkback business, VM need carry out the examination work of address.Receive that with VM VC's is reported as example (report of receiving EC is handled identical); After VM receives the report (can carry through sip message) of VC transmission; Judge according to the report of VC whether T-EC and T-VC can carry out Intranet and communicate by letter; If notice EC and VC are from the tunnel communication mode switch to the Intranet communication pattern (private network communication pattern in other words is with the purpose IP address switchover of the Business Stream Intranet IP address to VC); Do not process otherwise return, T-EC and T-VC continue to keep the tunnel communication pattern.VM judges that the foundation that can both sides carry out Intranet communication can comprise two kinds of foundations according to actual conditions in the step 107 of the present invention, and these two foundations can make up enforcement and also can implement separately.
According to 1: the internal layer IP address, tunnel of sending the VC of report must be identical with T-VC.
Whether the T-VC's of the internal layer IP address, VC tunnel that report is sent in VM inspection and self preservation is identical, can Intranet communication if then be judged to be, and can't Intranet communication otherwise be judged to be.Consider that the IP address possibly be repeated to use in different Intranets, VM receives that report that VC sends can only explain that the communication message that EC sends through Intranet received by the VC of same address.Suppose that T-EC is being that the T-VC of 10.1.1.3 carries out service communication through the tunnel with the address, if T-VC is in identical Intranet with EC really, T-VC can receive that the Intranet communication information of such EC reports VM then.But supposing that T-VC and EC are in different Intranets, also is 10.1.1.3 and in the Intranet of T-EC place the address of a VC2 is just arranged, and VC2 also can receive the information of EC, and it also can report to VM, if this moment, VM did not judge, then possibly cause makeing mistakes.Whether the internal layer IP address, tunnel of the VC of VM inspection transmission this report is identical with the internal layer IP address, tunnel of the T-VC that self preserves; If then the explanation report is that T-VC sends really; Otherwise explain that the VC that sends report is the VC in other networks, just both sides' Intranet IP address is identical by chance.When confirming that two known nodes in IP address can carry out IP communication, the use Ping of the most frequently used mechanism etc. check technology.But the present invention considers the situation introducing VM that the IP address possibly duplicate and judges the mistake of having avoided the IP address to repeat to cause in different Intranets.This just why the present invention be not that simple the employing comparatively common checks such as technology such as Ping whether EC can carry out the basic reason that Intranet is communicated by letter with VC.
Internal layer IP address, tunnel according to the EC in the report of 2:VC is identical with T-EC.
If VC is T-VC really, can avoid erroneous judgement to a great extent.Yet for the purpose of more rigorous, VM can also check whether the EC in the VC report is to carry out the T-EC of service communication with T-VC, can Intranet communication if be judged to be, can't carry out Intranet communication otherwise be judged to be.Consider to have in the section at one time that the combination of T-EC1/T-VC1 and T-EC2/T-VC2 is current is all carrying out the instruction that Intranet communication is attempted; In order further to improve preciseness; When VC is confirmed as T-VC1, VM is the address of the EC in the report of inspection T-VC1 further, if the internal layer IP address, tunnel of the EC that carries in the report is the same with the internal layer IP address, tunnel of T-EC2; Explain that then T-VC1 receives the Intranet communication information from T-EC1; T-VC1 and T-EC1 and in same Intranet can't carry out Intranet communication, and T-EC1/T-VC1 continues to keep the tunnel communication pattern.If the internal layer IP address, tunnel of the EC that carries in the same report is the same with the internal layer IP address, tunnel of T-EC2, then VM notice T-EC1 and T-VC1 switch to the Intranet communication pattern.
Need to prove, the Intranet side of xegregating unit even EC and VC coexist, but also possibly have NAT between it; Intranet is a relative notion; If also there is NAT in xegregating unit Intranet side, from this Intranet NAT angle, EC and VC possibly lay respectively at both sides or the homonymy of NAT so.When having NAT between same Intranet (relative and xegregating unit) EC and the VC; If one is positioned at this NAT Intranet side among EC and the VC; When another is positioned at the outer net side; Obviously Intranet communication (for xegregating unit) must initiate from a side who is positioned at the Intranet side earlier, this is the decision of NAT natural characteristic.
For demand (telecommunication) service; Judge that according to the address information of report message and the address information of self preserving can carry out the Intranet back needs indication EC that communicates by letter between EC and the VC switches and get final product; Because for program request; Its video flowing transmission direction is certain, must be to send to VC from EC.As long as EC can send to VC with message through Intranet, that is to say that VM receives that the report message of VC gets final product.Need to prove in this execution mode, receive that report message means that VC has received the message that EC sends through Intranet, can't receive if do not receive then show; Because do not receive that sending report message has little significance, the present invention does not get rid of the situation of yet reporting under the situation about not receiving certainly, only is a kind of the most simple and effective execution mode here.So; For demand (telecommunication) service, can VM need not pay close attention to VC and received by EC at the message of interior online transmission, because this point is nonsensical for program request; Correspondingly for demand (telecommunication) service, VM need not pay close attention to whether there is NAT between EC and the VC.
Yet the speech talkback business is then different, also can be in order to guarantee the speech talkback business from the tunnel communication mode switch to the Intranet communication pattern, and EC or VC need carry the NAT label information in sending Intranet communication trial report.The purpose of carrying the NAT label information is to let VM recognize between EC that attempts Intranet communication and VC whether have NAT.The mode of carrying of NAT label information is rich and varied, can directly be judged by the EC or the VC of report, reports the result through specific flag bit.Such as EC carries original IP/ purpose IP address, source in the load with the IP message of communicating by letter in sending trial be 192.168.1.2/1.1.1.2.VC finds that header shows that source/purpose IP is respectively 1.1.1.1/1.1.1.2 after receiving this IP message, knows promptly that through comparison change has taken place in this message source address, thus think EC in the Intranet of NAT, certainly in the NAT outer net.If VC initiates communication, EC adopts in the same way and judges.Equally; If in the IP header of the Intranet communication that VC or EC find to send the opposite end " the original IP/ purpose IP address, source in source/destination address and the load is consistent; then thinking does not have NAT device between self and the opposite end; thereby need the NAT label information not reported VM yet, and perhaps use different label informations to distinguish.As previously mentioned, so-called Intranet is a relative notion, and for example: suppose to have NAT1 between EC1 and the VC1, in NAT1 Intranet side, VC1 is in NAT1 outer net side such as EC1; If but EC1 and VC1 are positioned at the Intranet of NAT2, VC2 is positioned at the outer net of NAT2, be to observe reference this moment with NAT2, and EC1 and VC1 are again same Intranets.
The Signaling Processing Unit of VM can be received the Intranet communication trial report of EC or VC, and when carrying the NAT label information in the report, VM can confirm that a side who sends report is in the NAT outside, and the opposing party is in NAT inside.This is because a side who is in NAT Intranet side can't receive the special packet that a side of NAT outer net side initiatively passes through the Intranet transmission, can only report communication failure the overtime in other words special packet that does not receive the opposite end at most.In order to let both sides carry out two-way communication through Intranet, the side that the Signaling Processing Unit indication is in NAT Intranet side at first sends the speech business message to the opposite end.Obviously, a side who is in NAT Intranet side initiates communication earlier and can trigger NAT at self generation NAT stream table, and the reverse speech business message of NAT outer net equipment can pass through NAT smoothly because of the existence of stream table.If a side of NAT outer net at first sends the speech business message, because NAT has no the related streams table at this moment, message can be dropped at the NAT place.The present invention utilizes the VM controlling mechanism, adds cooperating of EC and VC, has effectively avoided not having a side who is in the NAT outer net under the situation of VM control at first to initiate to set up the problem of two-way communication.In addition; Though speech talkback service implementation mode of the present invention and demand (telecommunication) service execution mode are different in concrete the realization; But for VM, can in Signaling Processing Unit, increase a determining step; Judge that promptly signaling is order request or speech talkback request, Signaling Processing Unit will correspondingly be carried out the handling process that above two different tunnel communications switch to Intranet communication then.Like this, VM can not do effective differentiation effectively with two kinds of integrated services together, guarantee two kinds of business can both be under the situation that condition satisfies from the tunnel communication mode switch to the Intranet communication pattern.
Please combine Fig. 3, from the tunnel communication mode switch to Intranet IP communication pattern, also Signaling Processing Unit be exactly the control Service Processing Unit processing unit switches out from the tunnel with the flow direction of Business Stream, make Business Stream no longer process of passing through tunnel handle.Business Stream switches to Intranet from the tunnel, can practice thrift the valuable bandwidth of wide area network to a great extent, has utilized the existing Intranet communication resource rationally and effectively, and its meaning of especially large-scale monitor network is more great.
The above is merely preferred embodiment of the present invention, and is in order to restriction the present invention, not all within spirit of the present invention and principle, any modification of being made, is equal to replacement, improvement etc., all should be included within the scope that the present invention protects.
Claims (10)
1. practice thrift the method for wide area network bandwidth in the IP supervisory control system, this method is applied on the video management server (VM) of supervisory control system, and wherein said supervisory control system also comprises EC, VC and tunnel opposite equip.; Wherein at least one EC and VC establish the tunnel with the tunnel opposite equip. and are connected, and this method comprises:
The logon message that A, reception EC and VC send, the address information of EC and VC in the preservation logon message;
B, indicate corresponding EC and VC to carry out the voice flow transmitting-receiving according to the program request of VC or speech talkback request;
C, setting up after the transmission channel of voice flow via the tunnel between EC and VC are sent with the opposite end to EC and VC and to be carried out the instruction that Intranet is communicated by letter and attempted;
Report is attempted in the Intranet communication that D, reception EC or VC send,
E, judge between EC and the VC whether can communicate through Intranet according to the address information of report message and the address information of self preserving; If then send the communication pattern switching command, indication EC or VC from the tunnel communication mode switch to the Intranet communication pattern; Wherein characterize when having the NAT label information of NAT between EC and the VC when carrying in the report message, EC or VC that indication is in this NAT Intranet side send voice flow to the opposite end earlier.
2. the method for claim 1, wherein said address information comprises internal layer IP address, tunnel; Wherein VM judges that EC and VC can carry out the foundation that Intranet communicates by letter and comprise:
The internal layer IP address, tunnel of sending the VC of report is identical with its internal layer IP address, tunnel letter that VM preserves; And/or
The internal layer IP address, tunnel of EC in the report that VC sends is identical with its internal layer IP address, tunnel letter that VM preserves.
3. the method for claim 1, wherein said tunnel is a L2TP Tunnel, this method also comprises: initiate the tunnel connection request to LNS, set up L2TP Tunnel with LNS and is connected, on the tunnel, send then and the reception channel message.
4. method as claimed in claim 2, wherein said Intranet communication are attempted instruction and are carried between monitor terminal node and the VM in the keep-alive message, and said Intranet communication is attempted report and is carried in the sip message.
5. the method for claim 1 also comprises:
F, judge between EC and the VC whether can communicate,, indicate EC to switch to the Intranet communication pattern from the L2TP Tunnel communication pattern if then send the communication pattern switching command through Intranet according to the address information of report message and the address information of self preserving; Wherein
Said step B also comprises:
Indicate corresponding EC to send monitoring video flow according to the order request of VC;
Said step D also comprises:
Judge that current business is demand (telecommunication) service or speech talkback business, if the speech talkback business is then changeed step e, if demand (telecommunication) service then changes step F.
6. a video management server (VM) that is applied in the IP supervisory control system also comprises EC, VC and tunnel opposite equip. in the wherein said supervisory control system; Wherein at least one EC and at least one VC all set up the tunnel with the tunnel opposite equip. and are connected, and this server comprises:
NIU is used for through IP network transmitting-receiving message;
Signaling Processing Unit is used for preserving the EC of EC and VC logon message and the address information of VC, and indicates corresponding EC and VC to send voice flow to the opposite end mutually according to the speech talkback request of VC; The tunnel that passes through that this Signaling Processing Unit is further used between EC and VC is set up after the voice flow transmission channel to send with the opposite end to EC and VC and is carried out the instruction that Intranet is communicated by letter and attempted; And attempt the address information of report message and the address information of self preserving judges between EC and the VC whether can communicate through Intranet according to the Intranet communication that EC or VC send; If then send the communication pattern switching command, indication EC or VC from the tunnel communication mode switch to the Intranet communication pattern;
Wherein characterize when having the NAT label information of NAT between EC and the VC when carrying in the report message, EC or VC that this Signaling Processing Unit indication is in this NAT Intranet side send voice flow to the opposite end earlier.
7. server as claimed in claim 6, wherein said address information comprise internal layer IP address, tunnel with; Wherein Signaling Processing Unit judges that EC and VC can carry out the foundation that Intranet communicates by letter and comprise: internal layer IP address, tunnel and its internal layer IP address, tunnel letter of VM preservation of sending the VC of report are identical; And/or
The internal layer IP address, tunnel of EC in the report that VC sends is identical with its internal layer IP address, tunnel letter that VM preserves.
8. server as claimed in claim 6 also comprises: the tunnel processing unit, initiate the tunnel connection request to LNS, and set up L2TP Tunnel with LNS and be connected, on the tunnel, send and receive channel message then
9. server as claimed in claim 7, wherein said Intranet communication are attempted instruction and are carried between monitor terminal node and the VM in the keep-alive message, and said Intranet communication is attempted report and is carried in the sip message.
10. server as claimed in claim 7; Wherein this Signaling Processing Unit is further used for indicating corresponding EC to send monitoring video flow according to the order request of VC; And judged further that before sending the communication pattern switching command current business is demand (telecommunication) service or speech talkback business; If current business is a demand (telecommunication) service; Then judge between EC and the VC whether can communicate through Intranet according to the address information of report message and the address information of self preserving, if then send the communication pattern switching command, indication EC switches to the Intranet communication pattern from the L2TP Tunnel communication pattern.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210136057.5A CN102694711B (en) | 2012-05-03 | 2012-05-03 | Wide area network bandwidth saving method and device in IP monitoring system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210136057.5A CN102694711B (en) | 2012-05-03 | 2012-05-03 | Wide area network bandwidth saving method and device in IP monitoring system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102694711A true CN102694711A (en) | 2012-09-26 |
| CN102694711B CN102694711B (en) | 2015-02-11 |
Family
ID=46860000
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210136057.5A Active CN102694711B (en) | 2012-05-03 | 2012-05-03 | Wide area network bandwidth saving method and device in IP monitoring system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102694711B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102916865A (en) * | 2012-11-08 | 2013-02-06 | 浙江宇视科技有限公司 | Monitoring service management method and device |
| CN112039916A (en) * | 2020-09-07 | 2020-12-04 | 北京天融信网络安全技术有限公司 | Communication method and device based on OPC protocol, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040047320A1 (en) * | 2002-09-09 | 2004-03-11 | Siemens Canada Limited | Wireless local area network with clients having extended freedom of movement |
| CN101335999A (en) * | 2008-07-22 | 2008-12-31 | 华为技术有限公司 | Method and apparatus implementing video call |
| CN102118396A (en) * | 2011-03-14 | 2011-07-06 | 杭州华三通信技术有限公司 | Live monitoring method and video management server |
| CN102340650A (en) * | 2010-07-19 | 2012-02-01 | 中国移动通信集团公司 | Method and system for video monitoring of terminal |
-
2012
- 2012-05-03 CN CN201210136057.5A patent/CN102694711B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040047320A1 (en) * | 2002-09-09 | 2004-03-11 | Siemens Canada Limited | Wireless local area network with clients having extended freedom of movement |
| CN101335999A (en) * | 2008-07-22 | 2008-12-31 | 华为技术有限公司 | Method and apparatus implementing video call |
| CN102340650A (en) * | 2010-07-19 | 2012-02-01 | 中国移动通信集团公司 | Method and system for video monitoring of terminal |
| CN102118396A (en) * | 2011-03-14 | 2011-07-06 | 杭州华三通信技术有限公司 | Live monitoring method and video management server |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102916865A (en) * | 2012-11-08 | 2013-02-06 | 浙江宇视科技有限公司 | Monitoring service management method and device |
| CN102916865B (en) * | 2012-11-08 | 2015-09-09 | 浙江宇视科技有限公司 | A kind of monitoring business management method and device |
| CN112039916A (en) * | 2020-09-07 | 2020-12-04 | 北京天融信网络安全技术有限公司 | Communication method and device based on OPC protocol, electronic equipment and storage medium |
| CN112039916B (en) * | 2020-09-07 | 2023-04-07 | 北京天融信网络安全技术有限公司 | Communication method and device based on OPC protocol, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102694711B (en) | 2015-02-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102546350B (en) | Method and device for saving WAN (wide area network) bandwidth in IP (internet protocol) monitoring system | |
| CN105376154B (en) | Gradual MAC address learning | |
| CN101764752B (en) | Method and system for managing remote concentrated image | |
| DE60025080T2 (en) | Gateway and Identity Trademark Network Mediates | |
| CN102546657B (en) | Methods for passing through and assisting in passing through network isolation equipment in Internet protocol (IP) monitoring system, and node | |
| KR101352693B1 (en) | Peer-to-peer network over a virtual private network | |
| CN102025591B (en) | Method and system for implementing virtual private network | |
| CN101257431B (en) | Converse exit passageway remote device management mode | |
| CN101431511B (en) | Method for penetrating fire wall and establishing on-line channel between network terminal apparatus | |
| CN102571524A (en) | Method for traversing and assisting to transverse network isolation equipment in IP (Internet Protocol) monitoring system and node | |
| CN102546349B (en) | A kind of message forwarding method and equipment | |
| CN107995083A (en) | Realize the method, system and equipment of L2VPN and VxLAN intercommunications | |
| US7822872B2 (en) | Multi-location distributed workplace network | |
| CN102710644B (en) | Method and device for saving bandwidth in internet protocol (IP) monitoring system | |
| CN102571814B (en) | Method and the agent equipment of xegregating unit is passed through in a kind of IP supervisory control system | |
| CN102891903A (en) | NAT (Network Address Translation) converting method and equipment | |
| CN106713519A (en) | Network communication method and system based on software-defined networking | |
| CN102932251B (en) | Realize the method and apparatus of local three layers of termination | |
| JP5303644B2 (en) | Transport control system and transport control server | |
| CN102694711B (en) | Wide area network bandwidth saving method and device in IP monitoring system | |
| CN108616450B (en) | Method for realizing constrained path forwarding of IP network based on SDN | |
| CN102868585B (en) | Method and the device of bandwidth is saved in a kind of IP supervisory control system | |
| CN106357443B (en) | A kind of method and apparatus of network configuration | |
| CN108965091B (en) | Network element management method and system based on VXLAN tunnel | |
| CN101160904B (en) | Method and apparatus for implementing signaling proxy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |