[jdev] OLPC, Federation, and NAT

Benjamin M. Schwartz bmschwar at fas.harvard.edu
Tue Apr 8 19:15:35 CDT 2008

Hash: SHA1

Dear Jabber Developers,

I am a volunteer for the One Laptop Per Child foundation.  OLPC uses XMPP
for much of its communications infrastructure.  All "Collaborative
Activities" use XMPP to share information between laptops.  In schools
where there is reliable power and more than a few students, we hope to
provide a "school server" running a jabber daemon (otherwise the laptops
will use link-local XMPP over the wireless mesh).  Some of these schools
will have some internet access, and we would like to enable global
collaboration, so that students in Mongolia may collaborate interactively
with students in Uruguay.

In the US and Europe most ISPs provide users with dynamically assigned
globally routable IPv4 addresses.  This is not true in the rest of the
world, where a shortage of IPv4 addresses has led to extensive use of NAT
by ISPs.  The  schools are generally given local IPv4 addresses by their
ISPs, behind a NAT over which the school has no control.  The natural way
to enable global collaboration over XMPP is through server federation.
Unfortunately, it seems that current s2s protocols will not work with
servers behind NAT.

Additionally, there is a potential core problem related to XMPP server
names.  If ISPs provided schools with the ability to request permanent
control of certain ports, then it might be possible to make federation
work, provided each school server took as its name the global IPv4 address
used by the ISP. (Note that ISPs do not actually provide this ability, as
far as I am aware.)  Unfortunately, it is possible that multiple school
servers will be using different ports on the same global IPv4 address.
The result would be multiple servers with the same IP address.  I imagine
that this breaks s2s, since the XMPP standard seems to demand that
servers' names be unique, and either IP addresses or DNS names.

What would be necessary to make Federation work between servers that are
behind NAT?
Are there tools for this?
Who has attempted this already?
How would you solve this problem?

Thank you,
Ben Schwartz

Version: GnuPG v2.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the JDev mailing list