On this page you'll find a general overview of our XMPP server, M-Link. On other pages you'll find information on M-Link's use of Directory for tasks including configuration and authentication, security features, support for wide and local area clustering (running a single domain on multiple servers), boundary controls using M-Link Edge, management tools and standards conformance.
M-Link is Isode's Instant Messaging and Presence server based on the XMPP (eXtensible Messaging and Presence Protocol) standard.
XMPP is the Open Standard for Instant Messaging and Presence, formalized by the IETF in 2002-2004, and continuously extended through the standards process of the XMPP Standards Foundation.
Scalability & Performance
M-Link is used in both specialised deployments where security, reliability and special functionality are vital and in large public deployments where responsiveness, performance and scalability are paramount. The world's first public XMPP deployment (jabber.org) runs M-Link. Jabber.org is still one of the largest XMPP services with over 300,000 users.
M-Link includes a range of capabilities to optimize operation as a tactical chat server over networks with low bandwidth, high delay and poor reliability.
M-Link supports both XML stream compression (XEP 0138) and Roster Versioning (XEP 0237) so that when a client reconnects, the roster is only downloaded if it has changed.
M-Link can remove presence updates to reduce traffic over very slow links
Optimized Server to Server Protocol
In addition to Link Compression and Roster Versioning, Isode's Optimized Server to Server (S2S) protocol allows for:
- The use of a single TCP connection (rather than two).
- Reduction of the amount of data needed to establish a connection.
- Removal of all protocol handshakes to establish a connection ('zero handshake').
Optimized S2S can also be operated over STANAG 5066 to support HF Radio communication.
HF Operator Chat Gateway
M-Link can act as a gateway between XMPP and STANAG 5066 HF Operator Chat, to support HF Radio systems without XMPP capability.
More information on meeting the challenges faced by those looking to operate instant messaging and presence services over low-bandwidth links, as a tactical chat server, are discussed in the following Isode whitepapers:
- [Operating XMPP over Radio and Satellite Networks] looks at the problems of deploying XMPP over low-bandwidth networks.
- [M-Link Support for XMPP over Constrained Networks] looks at how M-Link is optimized for operation over constrained networks, including Satcom, HF Radio, and other Radio links.
- [M-Link & XMPP Performance Measurements over Satcom and Constrained IP Networks] compares measurements of standard XMPP S2S and Isode's optimized S2S protocol.
- [M-Link & XMPP Performance Measurements over HF Radio using STANAG 5066 and IP] describes and analyses measurements made operating XMPP over HF Radio, using HF modems and a simulated radio link.
IRC (Internet Relay Chat) Gateway
A number of existing XMPP/IRC gateways allow XMPP users to address IRC users and channels. The gateway will connect to the IRC service (as a client) and will appear as an IRC client (with a username derived from the XMPP username (jid)). Gateways of this nature allow XMPP clients to connect into IRC channels.
The M-Link IRC gateway takes a different approach, acting as a gateway between XMPP Multi-User Chat rooms and IRC channels. The M-Link server uses the IRC client to server protocol to connect to IRC, in order to maximise interoperability with different IRC servers. Advantages include:
- The involvement of IRC is totally transparent to the XMPP user. The user will see a normal MUC room, which just happens to be connected to an IRC channel.
- The XMPP administrator has control of MUC room naming, which does not have to match IRC channel naming.
- Full MUC functionality is available locally, for example MUC access control and affiliation management.
- There is no downgrade of security for XMPP users with XMPP traffic. XMPP users are still authenticated and connections are protected with TLS.
- M-Link security label support is available, including translation to IRC users as FLOT labels in the IRC messages.
For more information see the following Isode whitepapers:
- [Interconnecting XMPP and IRC] looks at how IRC and XMPP text chat services can be interconnected and compares the capabilities of the M-Link IRC Gateway with other gateway approaches.
- [Deploying IRC, Federated MUC and XMPP Guards] looks at distributed deployment of XMPP and IRC services and in particular how resilient deployments and Cross Domain operation can be achieved.
The above screenshots show the M-Link IRC gateway. The first screenshot is the of the Swift XMPP client connecting to a MUC room. The second screenshot is the mIRC IRC client connecting to the IRC channel that is linked with the MUC room. It can be seen that IRC and XMPP users get a very similar view of communications.
Multi-User Chat (MUC)
M-Link provides Multi-User Chat as part of the M-Link server. M-Link supports almost all of the capabilities set out in XEP 0045 (Multi-User Chat). This includes:
- Temporary and Permanent MUC Groups.
- Specification of Group Members
- Option for Member Only groups
- Invitation only groups
- Administrator and Moderator roles
- Ban Lists
- Password control (secured rooms)
- Moderation of Floor
- Kicking out Participants
- Membership access control which can be specified with AD or LDAP Groups
- Control of who can create MUC rooms (operator only, all, or specific list of domains and users)
- Clear History
- Ability to share NickNames in a MUC, so that users can connect with multiple clients using the same NickName.
- Record last activity, which enables removal of idle MUC rooms.
M-Link also supports Security Label based controls of MUC, described in the Isode white paper [Using Security Labels to Control Message Flow in XMPP Services]. Creation of temporary MUC rooms may be restricted to local users.
Federated MUC (FMUC)
Multi-User Chat rooms reside on a single server. When operating in a distributed environment with poor links between servers, this leads to poor performance. “Federated MUC for Constrained Networks” (XEP-0289) allows MUC provision to be federated across multiple servers, which addresses this performance problem and also allows for disconnected operation. Further information is given in our whitepaper [Federated Multi-User Chat: Efficient and Resilient Operation over Slow and Unreliable Networks].
XMPP includes a Publish/Subscribe capability (XEP 0060) to enable flexible sharing of data. Personal Eventing is a subset of this, which allows a user to publish and share data, and in particular "extended presence" information. Personal Eventing is expected to be the basis of important XMPP developments, and support is starting to appear in XMPP clients and applications. M-Link supports Publish/Subscribe and PEP is supported using Publish/Subscribe. Further information on Publish/Subscribe can be found in the whitepaper [XMPP PubSub].
For many services it is important to record all traffic, and M-Link achieves this by use of a XML Audit Stream which archives messages to files, organized by user and MUC room. Files are closed either when there is a gap in message flow or when the file reaches a configured size.
The archive files themselves are the XML representation of the messages exchanged. These can be processed in any way desired. M-Link Console provides a GUI to browse and render archived messages in the audit files. Archiving can be configured independently for 1:1 messages and MUC (multi-user chat) messages. M-Link also provides flexible event logging, including things such as chat room creation and user authentication.
M-Link enables easy migration from other servers by use of XEP-0227 (Portable Import/Export Format for XMPP-IM Servers). An import tool enables use of XEP-0227 files to set up user configuration, and in particular roster import. XEP-0227 export is also supported.
Ad Hoc commands
M-Link supports Ad Hoc commands as a mechanism to provide a number of services. M-Link uses ad hoc commands to give user access to configuration options, as shown below in this screenshot of the Swift XMPP client.
M-Link also uses ad hoc commands to perform various management tasks. These are available to clients configured as server managers (by membership of the manager group). This includes some commands standardized in XEP-0133, and additional commands specific to M-Link. XEP-0133 commands supported are: add, delete, end user session, disable, enable, change password, get user stats, number of online users, list active users, send announcement. Isode commands include: rename user, list s2s sessions, s2s stats, cluster info (membership), dump router table, user config. M-Link Console uses ad hoc commands for M-Link management.
Integration with non-XMPP IM Services
M-Link support XEP-0114 (Jabber Component Protocol) that allows integrated access to a local and remote services. A common use is to provide connections to non-XMPP instant messaging services (such as AIM, ICQ, Windows Live/MSN and Yahoo Instant Messenger) by use of a compatible XMPP Gateway, such as the JBuddy XMPP Gateway from Zion Software, or one of a number of open source gateways such as Spectrum.im. M-Link provides flexible access control to manage XEP-0114 access.
M-Link also directly provides gatewaying to IRC (Internet Relay Chat), described in the Isode whitepaper [Interconnecting XMPP and IRC].
M-Link provides a number of peering controls, controlling what is sent to and received from other XMPP peer servers. Key controls are:
- Security Label Checks and Transformations.
- Filtering of Traffic types.
- 'Folding' of messages and presence data to remove selected information.
The following controls can be applied either as peering controls, or as core server controls.
- Blocking in-band file transfer and requests for out of band file transfer.
- Restrict to 1:1 chat only or to MUC only.
- Block encrypted traffic
- Message size limits
- Control of who can send to who, based on JID
- Requirements on peer authentication, including ability to require TLS and Strong Authentication
M-Link supports client user search (XEP-0055) that enables an XMPP client to look find other users. M-Link does this user search by a back-end LDAP directory, such as M-Vault, so that searches may be across a user base larger than just those users on the local server.
BOSH (Bidirectional-streams Over Synchronous HTTP – XEP 0124) is a mechanism to operate XMPP over HTTP. This facilitates development of Web XMPP clients running in a browser. M-Link supports BOSH in the core server.
Other capabilities provided by M-Link include:
- The ability for users to block messages from selected users. Client support can be by either XEP-0191 or ad hoc command.
- Support for anonymous users. This is often important for BOSH (Web) applications.
- Configurable "Message of The Day".
- XEP-0288: BIDI. Optimized server to server communication, to just use a single TCP connection.
- An HTTP API, which gives a mechanism to provide presence information on local users for integration to web applications. For example, this can allow a directory web application to show user presence status.
- User warnings, including last login time, and last failures, delivered via XMPP on authentication.
Details of M-Link’s conformance to open standards is given on the page on M-Link Standards Conformance