S2s support for connection manager?

is there currently support (or planned for a future release) for a connection manager to handle s2s traffic? i took a quick look at the code and it didn’t look like s2s is currently supported (only acceptors for client ports).

in our current test setup:

  1. openfire running on private network

  2. connection manager running in DMZ

i was hoping that the CM could route all packets for c2s and s2s.

any ideas on accomplishing the above?

Hey Roelof,

That is an interesting usage of Connection Managers. We never pushed for CMs being used for s2s since traffic on the s2s port is not that high compared to c2s. However, the reason for you to use them is related to security and that is a good idea. Anyway, for the near or mid term we are not planning to make this happen. If you are willing to make the extension we are willing to assist you in the process.

Thanks,

– Gato

hi,

thank you for the quick answer. i’ll take it up with my employer and the client. we might be able to work out something…

regards

roelof.

could you maybe provide a quick break down of the work involved?

i was thinking of doing the following:

  • open server port (read from config, defaulting to 5269)

  • create or even re-use the current thread/worker setup (re-use would be better as 2s2 traffic should be a lot less than c2s)

  • modify openfire to forward s2s routes to a CM (round-robin over multiple CM connections)

  • modify CM to keep track of server sessions (similar to current client sessions)

i guess one would have to extend the openfire — CM protocol to include “route-server” type messages.

for a start i will only try to get dialback to work. this will then be extended with TLS when the basics are working.

are there any hints/tips?

Hi

Did you create version with s2s support? I need this option