Because of the complex connection establishment, the success ratio of TCP traversal through NATs is various on many cases,so most of the P2P applications use theUDP to do that and require the firewall to allow UDP packets which conflicts with the most network security. It analyzes the principles of TCP traversai through NATs nnd improves the TCP connection success ratio by automatically distinguishing the TCP direct connections come from the same network and outside network, using the auxiliary server and packets spoof,and then analyse the realization code of the server and client on how to traverse through NATs of TCP based on ACE fiamework which could be referenced by others when building the P2P applications on TCP.%在P2P应用中,由于建立TCP连接需要经过复杂的三次握手,受各种因素影响,TCP穿透NAT的成功率常难保证,使得目前大部份P2P应用均采用UDP协议进行数据传输,这要求网络防火墙必须允许UDP数据包通过,与目前大部份网络安全配置相冲突.文中分析了TCP穿透NAT的技术原理,以此为基础,通过使用辅助服务器与欺骗报文相结合、自动区分网内与网外连接等方法,进一步提高实际P2P应用中TCP穿透NAT、建立连接的成功率,同时结合ACE框架,实现了采用该技术的服务器和客户端代码,为大批量数据传输的P2P应用如何使用TCP协议提供参考.
展开▼
