Original copyright: CopyRight (c) The Internet Society (2003).? All Rights Reserved.
Original copyright:
Copyright (c) The Internet Society (2003).? All Rights Reserved.
Original address: http://midcom-p2p.sourceforge.net/draft-ford-midcom-p2p-01.txt
The translation copyright has declaration: Please refer to the author or website of this article indicate: http://blog.9cbs.net/hxhbluestar to respect the translator's labor results!
4. Application Design Guidelines
4. Program Design Guide
4.1. What works with p2p middleboxes
4.1. Status of P2P Agent
For P2P directly connected to both ends, the current best solution is still UDP hole technology, and this technology in various NAT systems has also been a wide range of applications. When the program needs to communicate with the P2P direct communication, it is recommended to use UDP hole technology. Of course, when it is not possible, it is necessary to do a good job in the process of forwarding.
Since UDP hole punching is the most efficient existing method of establishing direct peer-to-peer communication between two nodes that are both behind NATs, and it works with a wide variety of existing NATs, it is recommended that applications use this technique if efficient peer -to-peer communication is required, but be prepared to fall back on Simple Relaying When Direct Communication Cannot Be Establish.
4.2. Peers Behind The Same Nat
4.2. Located on the same NAT and end communication guide
In the actual situation, there is a considerable part of the user more than two IP addresses (multiple network card situations), but three or more, in this case, if it is difficult to determine which address is used to register to the server, To apply all the addresses to the server.
In practice there may be a fairly large number of users who have not two IP addresses, but three or more. In these cases, it is hard or impossible to tell which addresses to send to the registration server. The applications should send all its addresses , in Such a.
4.3. Peer Discovery
4.3. Host discovery
The application sends a lot of addresses to several addresses to the network, which is used to find which address is best for the specified host. This is one of the sources of "space waste", just like being grounded on the network; the end will choose an incorrect routing address; just like in the internal network (for example::
11.0.1.1, allocated to DOD [DOD is still not determined, find out the relevant literature is an agreement associated with the US Department of Defense]); Therefore, the application should be carefully practiced when the application is sending a Hello package. (This translation is not very good, request to correct) Applications send packets to several addresses to discover Which one is best to use for a given peer may Become a signing the net, as the peer may have Chosen to Use Routable Addresses Improperly As an Internal Lan (EG
11.0.1.1, which is assigned to the dod). Thus Applications Should Exercise Cault When Sending The Speculative Hello Packets.
4.4. TCP P2P Applications
4.4. P2P application based on TCP
Socket API is used extensively by application developers, but it is actually designed for applications for C / S mode. Due to this reason, there have been some restrictions: a socket can only bind a TCP or UDP port; the application does not allow multiple sockets to bind the same port (TCP or UDP) for simultaneous with multiple The external node establishes a session; it is not allowed to use a socket to listen to this port while the other socket is sent outwardly through this port.
The sockets API, used widely by application developers, is designed with client-server applications in mind. In its native form, only a single socket can bind to a TCP or UDP port. An application is not allowed to have multiple sockets binding to the Same Port (TCP Or UDP) To Initiate Simultaneous Sessions with Multiple External Nodes (OR) Use ONE Socket To Listen On The Port and The Other Sockets To Initiate Outgoing Sessions.
The "single socket corresponding single port" binding constraint is not an obstacle for UDP because UDP is a datagical protocol. The UDP P2P application designer can use the RECVFROM () and sendto () functions to allow a socket not only sent but also accepted data packets from multiple hosts.
The above single-socket-to-port bind restriction is not a problem however with UDP, because UDP is a datagram based protocol. UDP P2P application designers could use a single socket to send as well as receive datagrams from multiple peers using recvfrom () And sendto () Calls.
But TCP is different. In TCP, each entry and outgoing connection is associated with a separate socket. This issue is marked using the SO_REUSEADDR option in the Linux socket API. On FreeBSD and NetBSD, this option generally does not work properly, but it can be changed to using BSD-Specific SetREUseAddress Call (there is no such command in Linux, and there is no existence in pure UNIX standard). . The Win32 API provides an equivalent setREUseAddress command. Using the options mentioned above, the application can use multiple sockets to reuse TCP ports. That is to say, open two TCP socket flow bindings use the same port, just use Listen () on the other side and use connect () on the other end. This is not the case with TCP. With TCP, each incoming and outgoing connection is to be associated with a separate socket. Linux sockets API addresses this problem with the aid of SO_REUSEADDR option. On FreeBSD and NetBSD, this option does not seem to work ; but, changing it to use the BSD-specific setReuseAddress call (which Linux does not have and is not in the Single Unix Standard) seems to work Win32 API offers an equivalent setReuseAddress call Using any of the above mentioned options,.. An Application Could Use Multiple Sockets To Reuse A TCP Port.
4.5. Uses of Midcom Protocol
4.5. Use the MIDCOM protocol
If the application knows that they need to cross a proxy and these proxy implementing the MIDCOM protocol, the application can use the MIDCOM protocol to cross the agent.
IF The Applications Know The Middleboxes The Middle Would Be Traversing and these Middle Mobile The Midcom Protocol, Applications Could Use The Midcom Protocol To Ease Their Way THROUGH The MiddleBoxes.
For example, the P2P application requires a NAT agent to keep the terminal port binding state. If the agent can support the MIDCOM, the P2P application can control the parameters of the modification of the binding port (or binding address), such as the time, maximum idle time, so the application can not only connect the external host, but also accept the connection from the external host. This does not need to keep the port binding state. You can also use the MIDCOM protocol to unbind the binding when the application is no longer needed.
For example, P2P applications require that NAT middleboxes preserve end-point port bindings. If midcom is supported on the middleboxes, P2P applications can exercise control over port binding (or address binding) parameters such as lifetime, maxidletime, and directionality so the applications can both connect to external peers as well as receive connections from external peers; and do not need to send periodic keep-alives to keep the port binding alive When the application no longer needs the binding, the application could simply dismantle the binding, also using. The Midcom Protocol. Reference: MIDCOM Solution
The MIDCOM (MiddleBox Communications) scheme is to communicate between third-party entities and FW / NATs, making the FW / NAT device becomes a new concept. As shown, MIDCOM includes MIDCOM Agent and Middlebox, Agent notifies MIDdleBox to establish a corresponding NAT mapping entry by the MIDCOM protocol.
In general, MiddleBox integrates in the NAT or FW device, and the Agent can be implemented on a softswitch, proxy server, or terminal.
Since the application service identification is moved from MIDDLEBOX to the external MIDCOM Agent, according to the MIDCOM architecture, more new services can be supported by upgrading the MIDCOM Agent without changing the basic characteristics of MIDETLEBOX. This is a great advantage than the NAT / ALG mode.
From security, the MIDCOM mode supports the encryption of packets and media streams, so security is relatively high.
