powered by Jive Software

Can Openfire Act as XMPP relay for S-to-S traffic?

Situation:

Our private network is connected to internet via a DMZ.

In our private network runs Openfire xmpp servers. Let say:

  • branceoffice x has a server named xmpp.x.org
  • branceoffice y has a server named xmpp.y.org
    Server to Server xmpp connections enables x users and y users to chat with each other.

Nowwant to get connected to the outside world via the DMZ.

Q1: What device or software should I run in the DMZ to relay Server-to-Server xmpp traffic from the two xmpp servers to the internet (and vice versa)?

Q2: Can I use Openfire in the DMZ, and let it relay Server-to-Server xmpp traffic between the two xmpp servers and the internet?

I am pretty new here, and I hope someone can give some practicle answers.

This really can only be done reliably if your servers are named with real world domain names (chatserver.domain.com). You can always connect to other servers via S2S if the ports are not blocked regardless of your server’s name but they cannot find you if they do not have a real world DNS entry.

Thanks for the response. I try to explain the setup in more detail:

OK suppose the xmpp.x.org and xmpp.y.org are real world registred DNS names and pointing at an one single public IP address on my NAT Firewall.

Physically these internal xmpp servers are running behind that Firewall in my private network with 10.x.x.x (private) ip addresses.

Just behind that firewall I want to put a third box, the xmpp relay, that kan relay incoming xmpp traffic to xmpp.x.org server or xmpp.y.org server based on destination Domain name. (in fact, exactly similar on how a SMTP relay works).

Outgoing traffic is send from the internal xmpp server to the xmpp relay, then the xmpp relay will send it to the correct xmpp server on the internet.

I want to do this because I have only one listening public IP address and I want it to be easy to add more internal xmpp servers later on (xmpp.a.org, xmpp.b.org…xmpp.q.org)

The questions remains:

Can Open Fire act as XMPP relay for S-to-S trafic based on the destination domain name?

If no, any suggestions what I can use for this?

Thanks in advance,

Sam