[Standards] LAST CALL: XEP-0368 (SRV records for XMPP over TLS)

Evgeny Khramtsov xramtsov at gmail.com
Wed Feb 15 08:39:33 UTC 2017


Wed, 15 Feb 2017 08:48:38 +0100
"Ruslan N. Marchenko" <me at ruff.mobi> wrote:

> I don't say load-balancing is corner case, merely suggest that 
> load-balancing from non-suitable components is a corner case. 
> Loadbalancing xmpp (or smpt, or SIP) with http-proxy - *is* a corner
> case. Ideally I'd like loadbalancer to offload both tls and stream 
> negotiation, to filter out stream-flood (similar to syn-flood) - eg. 
> pass/relay connection to the pool only once initial handshake is 
> complete (stream/to + tls/SAN).

But we don't have these tools. XMPP is a "niche" protocol,
load-balancers authors don't even consider it. What should we do? Sit
and wait for someone to write them in the future and transition them to
a mature state like nginx or haproxy?
Currently the XEP allows us to reuse high-quality existing tools, which
is awesome.

> Precisely

From what I read, your position is:

- Let's keep redundant cycles, because they are not very redundant.
- Let's wait for better load balancers.
- We should not try to bypass restrictive proxies.

All these arguments, are, frankly, not very convincing.


More information about the Standards mailing list