Message Forwarding

Ward_Harold2 · November 4, 2005, 8:15pm

I’‘ve successfully set up a couple of JM’‘s and s2s “just worked” between them - great job guys. Now I’‘ve been given a more difficult problem to solve. We have three isolated networks A, B, and C each of which contains a JM instance. We would like for nodes in those networks, call them l@A, m@B, and n@C, to be able to send messages to one another. The obvious solution is to allow s2s connections between the JM instances in each network. Alas, our local network “security policy” may prevent us from implementing the obvious solution. So I’‘m wondering if XMPP in general, and JM in particular, supports message forwarding such that we could install a fourth JM instance, call it T for trusted, that’'s responsible for routing messages between the isolated networks.

So, for example, if l@A wants to send a message to n@C the JM instance in A would forward the message to T which would then forward it to n@C.

Also, just to make the problem more difficult the firewalls in A, B, and C may require that the connection to T be established by A, B, or C.

Seems like a pretty tall order but I thought I’‘d ask. I’‘m also open to other alternatives as well. I’‘m hoping we’'re not the first group to have had to clear this sort of network security hurdles.

Thanks … WkH

Gaston_Dombiak · November 4, 2005, 10:08pm

Hey WkH,

Servers A, B and C should be able to do s2s with T. url=http://www.jabber.org/jeps/jep-0033.htmlJEP-0033: Extended Stanza Addressing[/url] is what you would need to send messages to a service running at server T that will forward messages to servers A, B and/or C. We do not currently support JEP-33 but it is in our middle term roadmap. If you can wait a couple of months to have JEP-33 available then you are good to go or you may want to implement a service in server T that provides a similar function.

Regards,

– Gato

Ward_Harold2 · November 5, 2005, 12:25am

Thanks for the response. I had a glance at JEP-0033, I think it would meet our needs.

After I went back to our security people, however, I discovered that they would also be OK with s2s over SSL. I see that there’‘s an entry for that in Jira - to which I’‘ve added my vote - is it still targeted for 2.3? I’'d be willing to lend a hand if it would help.

Thanks again … WkH

Gaston_Dombiak · November 5, 2005, 12:29am

Hey WkH,

Yep, it is planned for JM 2.3.0. There are a couple of things that are pending to be tested or implemented. Send me an email if you are willing to help us with any of the pending tasks.

Regards,

– Gato