该模块依据TR-111实现STUN Server功能,基站设备(CPE)作为STUN Client,向STUN Server发送BINDING-REQUEST,CPE通过BINDING-RESPONSE响应消息获取设备是否在NAT之后,以及NAT类型。
如果设备在NAT之后,CPE上报Inform(4 VALUE CHANGE)消息通知ACS(HeMS)基站设备在NAT之后,并在SOAP报文中携带CPE在公网的IP&Port。ACS获取到CPE公网IP&Port后,在ACS主动连接CPE场景时通过发送UDP Connection Request(多包)叫起CPE,CPE收到UDP Connection Request后,延续TR-069协议的原有流程,发送Inform(6 CONNECTION REQUEST)消息与ACS建立连接。
TR-111相关的主要流程包括绑定发现&保持、绑定超时发现、绑定变更通知、ACS发起TR-069会话。
1.Binding discovery / maintenance from the primary source port
上图是CPE周期进行Binding discovery和Binding maintenance,从primary source port发送Binging Reques的消息流图。
2. Binding Request from secondary source port for binding timeout discovery
3. Binding changenotificationnot authenticated by the ACS
4. ACS initiate a TR-069 session(UDP Connection Request)
上图是ACS通过发送UDP Connection Request发起TR-069 session 。
ACS必须从与STUN Server相同的源IP地址和端口发送UDP Connection Request消息。一个UDP Connection Request消息必须是单独的一个UDP包。ACS应该发送多次UDP Connection Request消息,以减少消息丢失的可能性,由于UDP消息不可靠性, ACS发送给同一CPE的多个UDP Connection Request消息的内容(包括消息ID,时间戳和cnonce等)必须完全相同。
5. TR-111扩展的STUN数据模型
| Name | Type | Write | Description | Default |
| ManagementServer. | object | - | This object contains parameters relating to the CPE’s association with an ACS. | |
| UDPConnectionRequestAddress | string(256 | - | Address and port to which an ACS MAY send aUDP Connection Request to the CPE. This parameter is represented in the form of anAuthority element as defined in [2-7]. The value MUST be in one of the following two forms:host:porthostWhen STUNEnable is true, the “host” and “port”portions of this parameter MUST represent the public address and port corresponding to the NAT binding through which the ACS can send UDPConnection Request messages (once this information is learned by the CPE through the useof STUN). When STUNEnable is false, the “host” and “port”portions of the URL MUST represent the local IPaddress and port on which the CPE is listening forUDP Connection Request messages. The second form of this parameter MAY be usedonly if the port value is equal to “80”. | |
| UDPConnectionRequestAddressNotification- Limit | unsignedInt | W | The minimum time, in seconds, between ActiveNotifications resulting from changes to the UDPConnectionRequestAddress (if Active Notificationis enabled). | |
| STUNEnable | boolean | W | Enables or disables the use of STUN by the CPE. This applies only to the use of STUN inassociation with the ACS to allow UDPConnection Requests. | |
| STUNServerAddress | string | W | Host name or IP address of the STUN server forthe CPE to send Binding Requests if STUN isenabled via STUNEnable. If empty and STUNEnable is true, the CPE MUSTuse the address of the ACS extracted from thehost portion of the ACS URL. | |
| STUNServerPort | unsignedInt [0:65535] | W | Port number of the STUN server for the CPE tosend Binding Requests if STUN is enabled via STUNEnable. By default, this SHOULD be the equal to thedefault STUN port, 3478. | |
| STUNUsername | string(256) | W | If non-empty, the value of the STUN USERNAMEattribute to be used in Binding Requests (only ifmessage integrity has been requested by the STUN server). If empty, the CPE MUST NOT send STUNBinding Requests with message integrity. | |
| STUNPassword | string(256) | W | The value of the STUN Password to be used incomputing the MESSAGE-INTEGRITY attribute tobe used in Binding Requests (only if messageintegrity has been requested by the STUN server). When read, this parameter returns an emptystring, regardless of the actual value. | |
| STUNMaximumKeepAlivePeriod | int[-1:] | W | If STUN Is enabled, the maximum period, inseconds, that STUN Binding Requests MUST besent by the CPE for the purpose of maintainingthe binding in the Gateway. This appliesspecifically to Binding Requests sent from theUDP Connection Request address and port. A value of -1 indicates that no maximum period isspecified. | |
| STUNMinimumKeepAlivePeriod | unsignedInt | W | If STUN Is enabled, the minimum period, inseconds, that STUN Binding Requests may besent by the CPE for the purpose of maintainingthe binding in the Gateway. This limit applies onlyto Binding Requests sent from the UDP Connection Request address and port, and onlythose that do not contain the BINDING-CHANGEattribute. This limit does not apply toretransmissions following the procedures definedin [2-5]. | |
| NATDetected | boolean | - | When STUN is enabled, this parameter indicateswhether or not the CPE has detected addressand/or port mapping in use. A true value indicates that the received MAPPEDADDRESS in the most recent Binding Responsediffers from the CPE’s source address and port. When STUNEnable is false, this value MUST befalse. |
