As a matter of basic security, they should have a firewall between the web server and the 'net. Any firewall can forward ports.
- Dave Dave Dykstra wrote: > > On Thu, Feb 21, 2002 at 08:34:54AM -0500, Dave wrote: > > I'm starting to feel like that Aflack duck that nobody listens to. > > You can simply forward ports 5222 and 5269 from company.com to > > jabber.sub.company.com and everything will work like a charm :-) > > I'm sure that won't be acceptable in my case; the people who run the web > server company.com won't want all that traffic going through their server. > I am asking the network administrators if they might be able to redirect > the traffic for specific ports before it gets the web server, and that's a > possibility but I think that too may be too restrictive. > > > On Wed, Feb 20, 2002 at 03:10:00PM +0000, Thomas Parslow (PatRat) wrote: > > > I would like to be able to set up jabber in my company so that people can > > > have a jabber ID of [EMAIL PROTECTED], rather than [EMAIL PROTECTED] > > > when we run a server on jabber.sub.company.com. Is there a way to do that, > > > or a plan to be able to do that at some point? It's conceivable that I'd > > > be able to run a small redirection server on the machine called company.com, > > > but it has to use very little resources because the primary purpose of that > > > machine is web service. In fact, I'm thinking I might want to set up > > > the redirection server to lookup up IDs in a database and redirect people > > > to different servers for load balancing. Any suggestions? > > > > > > Thanks, > > > > > > - Dave Dykstra > > > > Hi, > > > > How about using SRV record for the domain? The Jabber server should > > recognize the SRV record (it's supported it since 1.2 afaik) and > > connect to wherever it points to for S2S. You'd need to add something > > like this to the DNS zone for company.com: > > > > _jabber._tcp IN SRV 30 30 5269 jabber.sub.company.com > > > That sounds very promising. Yesterday I happened to be looking at an > ethereal trace of the messages between the Microsoft Exchange Instant > Messenger server that's been set up in my company and one of its clients, > and I saw the client doing a DNS SRV query and thought jabber needed > something like that. I had searched for something like that in the > gabber source code and in the jabberd directory in the jabber server > source code but didn't think to check other directories; I found it now > under dnsrv. > > I don't unerstand how it helps for servers to use this though. Wouldn't > the clients have to do it? I don't see anywhere in the gabber source where > it attemps to do anything like this. > > > > The problem with this is getting the clients to connect to the correct > > server, if you just set them to connect to "jabber.sub.company.com" then > > they will send "jabber.sub.company.com" as the to attribute of the > > opening <stream:stream> tag which makes the server look for > > "jabber.sub.company.com" in the spool directory. > > > > The only solution I can see to this is for clients to support > > connecting to an address which is different from the server name. In > > the client I am developing I allow the user to specify the name of the > > server in the username field by entering it in the form: > > [EMAIL PROTECTED] > > I think I know what you mean. We experimented with changing the name that > the server calls itself to company.com while still saying the server was > jabber.sub.company.com when logging in, hoping that at least jabber ids > could then be thought of as [EMAIL PROTECTED], but gabber couldn't handle it. > > > > Does anyone have any other ideas on how to do this? > > > > Thomas Parslow (PatRat) ICQ #:26359483 > > Rat Software > > http://www.rat-software.com/ > > Please leave quoted text in place when replying > > > - Dave Dykstra > _______________________________________________ > jdev mailing list > [EMAIL PROTECTED] > http://mailman.jabber.org/listinfo/jdev > _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
