0

我一直在浏览 TURN rfc 5766 并没有找到问题的解释。rfc 只讨论了一个支持 TURN 的设备(客户端),而另一个设备不支持 TURN。当两者都支持 TURN 时,我有一定的疑问。我使用的是 SIP 协议。假设两个设备都在错误的 NAT 后面(即地址和端口限制的 NAT)。

如果两个设备,比如设备 A 和设备 B 都支持 TURN,

1.Device A将其应用数据发送到哪个传输地址?a.到其分配的中继地址。b.到远程方的中继地址。

1.Device A将从哪个传输地址接收应用数据?a.从其分配的中继地址。b.来自远程方的中继地址。

谢谢并恭祝安康

4

2 回答 2

4

Let's assume there are two TURN servers. One used by client 1 with IP 1.2.3.4. The other used by client 2 at IP 5.6.7.8. Both TURN servers are listening on the standard listening port of 3478.

Let's saying during an ICE or ICE-like negotiation session, Client 1 allocated port 8888 on its TURN server. Client 2 allocated port 9999 on it's TURN server.

After ICE negation, assuming the clients couldn't connect direct, the flow of data between both clients will be ONE of the following

  • Client 1 sends data packets (encapsulated inside a TURN message) from it's local port to it's TURN server's listening port (1.2.3.4:3478). The TURN server will unwrap this packet and forward the message from its relay port (8888) to the address of client 2. Data sent from client 2 will be sent as-is to the relay port on the TURN server allocated by client 1. (1.2.3.4:8888). When the TURN server receives datagrams from client 2 on the relay port, it will encapsulate the packet into a TURN message and forward it from port 3478 to the address of client 1.

OR

  • Client 2 sends data packets (encapsulated inside a TURN message) from it's local port to it's TURN server's listening port (5.6.7.8:3478). The TURN server will unwrap this packet and forward the message from its relay port (9999) to the address of client 1. Data sent from client 1 will be sent as-is to the relay port on the TURN server allocated by client 2. (5.6.7.8:9999). When the TURN server receives datagrams from client 1 on the relay port, it will encapsulate the packet into a TURN message and forward it from port 3478 to the address of client 2.

In other words, if a TURN server was selected, one side will always send/receive data on the TURN port 3478 using the TURN protocol as encapsulate messages. The other side will always send/receive packets (not encapsulated) to the relay port allocated by the other client. How does it decide which TURN server to pick? It's not always deterministic in ICE.

In some rare cases, it can go "TURN to TURN". Both client's send/receive data from their respective TURN server's port 3478. The TURN servers forward the data to the other client's allocated relay address. This is uncommon, but can happen if all other candidate checks fail during ICE negotiation.

于 2014-01-24T17:55:36.097 回答
1

RFC 讨论了 NAT 之外的 TURN 服务器和 NAT 后面的客户端,它需要与也在 NAT 后面的另一个客户端进行通信。这个想法是,每个客户端都连接到一个 TURN 服务器(不必相同),从服务器获取一个公共地址,并将该地址在 SIP 消息(例如 SDP 正文)中发送给另一个客户端,例如

  1. client#1 将连接到 turn#1 并获取 public addr#1
  2. client#2 将连接到 turn#2 并获取 public addr#2
  3. client#1 将 addr#1 发送到 client#2
  4. client#2 将 addr#2 发送到 client#1

如果客户端#1 可以直接到达 addr#2(通常是这种情况,除非您有限制性防火墙而不是简单的 NAT),它将向 addr#2 发送一个数据包,从而将隧道挖掘到它自己的 NAT 中。因此,不仅从客户端#1 到 addr#2 的数据包是可能的,而且从 addr#2 到客户端#1 的数据包也是可能的。结果是以下通信场景:

client#1 <---NAT#1---> turn#2 (addr#2) <---NAT#2---> client#2

仅当客户端#1 和 addr#2(或客户端#2 到 addr#1)之间的直接通信是不可能的(不常见,仅当两者都位于限制性防火墙之后)时,您才需要使用两个 TURN 服务器:

client#1 <--FW#1---> turn#1 (addr#1) <---> turn#2 (addr#2) <---FW#2---> client#2

感谢 selbie@ 指出通常单个 TURN 服务器就足够了。

于 2014-01-24T14:56:04.437 回答