[JDEV] Jabber in the real world.

Thomas Muldowney temas at box5.net
Tue Jan 23 18:19:44 CST 2001 

Spread some replies in throughout your points:

--temas

On Tue, Jan 23, 2001 at 11:38:41AM +0000, Michael Wilson wrote:
> We're just about to deploy the beta of a Jabber-based IM system
> (initially for customer support) and I thought I might as well
> share some of the server issues that came up. My apologies if
> there are fixes for these that I'm not aware of; if this is the
> case please do let me know!
> 
> * Server instability; the Jabber (1.2) server is fairly good as
>   long as well behaved clients are logging on, but it's fairly
>   trivial to crash by sending arbitary XML. Solution; filter all
>   connections through a proxy that removes all dangerous syntax
>   (discovered by some source peeking and a lot of trial-and-error).

What is the XML you are sending it?  Have you tried CVS which will be 1.4 soon?

> * Broken character entities and non-ASCII character handling.
>   Fixed by escaping everything in the proxy then fixing the broken
>   characters that come back from Jabber.

Could you be more specific?  I believe all our handling is per XML standards
regarding CDATA and PCDATA sections.

> * No concept of access control or virtual severs. Fixed these by
>   implementing fine-gained (ACL) access control and messaging
>   domains in the proxy (including presence information and
>   per-domain connection quotas).

ACL is scheduled to be in 1.4, I'm not sure how far along it is.  Virtual
Servers are already in and work fine.

> * Lack of broadcast/multicast message support (other than
>   groupchat, which is overkill). Fixed by implementing in proxy
>   (also put in a management console that allows most of the same
>   operations as IRC network operator privilidges).

Could you be more specific for what you are looking for?

> * Lack of session statistics reporting and conversation content
>   capture. Implemented in proxy (user-specific logging levels)
>   with optional per-domain connection quotas; the data goes into
>   MySQL (which also holds applet config details for each domain)
>   and is viewed by a HTML/PHP reporting and management interface. 

There are some better statistics given by the 1.4 server, but more is always
better in some environments =)

> * Lack of any kind of clustering/high availability. Solution; run
>   two Jabber servers and mirror the spool directories with a
>   replication script. Run three proxy servers with cluster
>   synchronisation and use high-availability code to load-balance
>   connections across the two Jabber servers (and stop using one
>   that goes down).

Have you played with jpolld at all?  This is a front end that handles TCP/IP
multiplexing into jabber.  I wrote it and can answer questions you have
surrounding it.  We used a jpolld setup to push a server to 100k users all 
active.

> 
> On the client side we're using a skinnable applet with a
> definable level of functionality which defaults to sending
> Jabber XML over port 80 (port-translated by the switches to the
> proxies, filtered then forwarded to Jabber). Since some of our
> users are sitting behind firewalls that don't allow anything
> through except email and valid HTTP, there's also a secondary
> mode that encapsulates all upbound messages in a fake HTTP post
> request; this allows the applet to work from anywhere that can
> can see the world wide web. This was somewhat complicated by the
> fact that the proxies are behind load balancing switches; since
> the main HTTP download connection and the HTTP message posts may
> be routed to different servers they have to be identified and
> sent over the peer connections (if neccessary) before being
> amalgamated and sent to Jabber.
> 
> -- 
> | Michael Wilson               "Smart Applications - Tools for life"
> | Java Developer                           available @              
> | Insight ASP LTD                   http://www.myopenapps.com       
> +----------------------Open Source Innovation-----------------------
> 
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <https://www.jabber.org/jdev/attachments/20010123/0f632967/attachment-0002.pgp>

More information about the JDev mailing list