[Standards] RFC 3920, 10.2/10.3: subdomain routing rules

Mridul Mridul.Muralidharan at Sun.COM
Wed Mar 28 14:29:07 UTC 2007


Hi,

  We do not support multiple domain stanza's on same stream : the server
will accept only stanza's from the domain it accepted the stream from
and accepted for. Every stream for s2s is a tuple of [from_domain,
to_domain] and if this is violated in anyway in the stanza's
(from_jid.domain != from_domain || to_jid.domain != to_domain) , we send
a stream error : even if the same server is hosting multiple domains
(hence, which would resolve to the same host/port).

One of the reasons why we did this was from point of view of remote
server : it has validated the identity of the server (to) for a
particular domain, not for the sub/super domain.
Since we could not trust this for initiator case, we do not support it
for the recipient case too (though I guess we could just consider the
remote sender to be lax and accept packets for hosted domains ....)

Regards,
Mridul


PS : Not sure if I mentioned this before, mail problems.

Peter Saint-Andre wrote:
> Tony Finch wrote:
>> On Fri, 23 Mar 2007, Pedro Melo wrote:
>>> My domain is example.com, but I want to run a special server at
>>> presence.example.com for a special task. Right now, from my reading
>>> (please correct me if I'm wrong), the server example.com cannot use s2s
>>> to send stanzas to presence.example.com,
>>
>> This is a known erratum: see
>> http://mail.jabber.org/pipermail/xmppwg/2005-November/002345.html
> 
> Please refer to rfc3920bis, which contains all the errata and
> corrections and clarifications we have discussed so far:
> 
> http://www.xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-01.html
> 
> In particular, Section 11.2 says:
> 
> "If the hostname of the domain identifier portion of the JID contained
> in the 'to' attribute does not match one of the configured hostnames of
> the server itself or a configured subdomain thereof, the server SHOULD
> route the stanza to the foreign domain (subject to local service
> provisioning and security policies regarding inter-domain communication,
> since such communication is OPTIONAL)."
> 
> And Section 11.3 says:
> 
> "If the hostname of the domain identifier portion of the JID contained
> in the 'to' attribute matches a subdomain of one of the configured
> hostnames of the server itself, the server MUST either process the
> stanza itself or route the stanza to a specialized service that is
> responsible for that subdomain (if the subdomain is configured), or
> return an error to the sender (if the subdomain is not configured)."
> 
> If those need to be corrected, do let me know. :)
> 
> Peter
> 



More information about the Standards mailing list