Groove Server Relay Functionality
Updated: April 1, 2008
Applies To: Groove Server 2007
Topic Last Modified: 2007-09-12
Whenever possible, Groove transmits data directly from peer to peer, sending out individual packets of data from one Microsoft Office Groove user to another. However, when firewalls and proxy devices block this direct communication, Groove Relay servers provide a way for peer transmissions to navigate these obstacles and reach their destinations. When data is addressed to a peer that cannot be reached directly (because the user is offline, for example), the relay’s store and forward service enables otherwise inaccessible peers to receive timely data. When conditions call for a relatively large amount of data to be sent to multiple Groove users, Groove Relay fans out data transmission, reducing the amount of data an individual user sends across the network.
Any of the data types transmitted by Groove clients can be transported or stored by Groove Relay, including:
Workspace and contact information, addressed to a specific device, identity, and workspace (device-targeted messages).
Instant messages and workspace invitations, addressed to a specific identity (identity-targeted messages).
Groove Relay only accepts Groove client and Groove Manager server transmissions; it does not initiate them. Groove clients and Groove Manager servers connect to Groove Relay servers to deposit and receive messages and data.
The Office Groove Server 2007 Relay application runs as a Windows service on a Windows server machine. Administrators manage Groove Relay servers via the Groove Relay configuration control panel applet, the administrative Web interface, and Groove Manager with which Groove Relay cooperates.
Microsoft hosts relay servers for Groove users around the world. For managed enterprise installations of Groove, organizations can install their own Groove servers to run Manager and Relay operations in-house. Or they can engage Groove Enterprise Services which provide an interface with the Groove management and relay infrastructure without the overhead of maintaining Groove servers.
The following topics present key aspects of relay functionality.
In this article:
Relay servers operate between Groove clients, enabling peer communications even when security devices, network conditions, and system down time impede successful information exchange. Relay servers enable message transmission under these conditions in three stages, accepting messages from Groove clients, storing messages temporarily, then dispatching messages when their target clients contact the Groove Relay for updates. Messages are dispatched to recipients over the same client port used for the initial relay contact, and the relay enlists whatever protocols are necessary to allow messages through the ports that are open on the recipient’s network.
Each Groove user has an assigned Groove Relay server or sequence of Groove Relay servers, which is noted in the user’s identity (contact or vCard) information. Groove Relay registration occurs when users log in to Microsoft Office Groove for the first time, or, in the case of managed users, when they become members of a domain defined in Groove Manager to point to specific Groove Relay servers.
When a Groove user sends a message across the Internet to a Groove contact that cannot be accessed directly, the Groove client software seeks the Groove Relay specified in the intended recipient’s contact information. It then contacts the target relay and deposits the message in a queue associated with the recipient. When the intended recipient next contacts the assigned Groove Relay server for updates, it retrieves the message from the queue.
The following process occurs every time a Groove user (UserA) sends a message or workspace update to a peer (UserB) via the Groove Relay:
Groove UserA sends an instant message or a workspace update to a Groove Relay server associated with UserB.
The Groove Relay queues the message for UserB.
UserB contacts the Groove Relay to collect any messages.
The Groove Relay authenticates UserB and returns User A’s instant message or workspace update to UserB.
If the message is an instant message or workspace invitation, it is deposited on the first device found that UserB is logged into. If the message is a workspace update, it is deposited on the device specified in the relay queue entry.
Figure 1 presents a basic Groove Relay setup for an enterprise with Groove users located at two sites.
Figure 1. Basic Groove Relay Server Configuration
Ideally, Groove communicates via its preferred and most efficient protocol - Simple Symmetric Transfer Protocol (SSTP) over port 2492. To support the transmission of Groove messages across firewalls that block port 2492 but allow HTTP traffic over port 80, Groove Relay encapsulates SSTP commands and messages within an HTTP data stream. Encapsulating SSTP involves wrapping each SSTP transmission, along with additional header information, in the body of an HTTP message. The additional header information allows compliance with SSTP delivery semantics. In this way, SSTP messages reach the target client over port 80. Similarly, if firewalls block these ports but allow traffic over port 443, Groove Relay can transmit SSTP messages using the HTTP Connect method to enable communications over port 443.
Figure 2 shows how the Groove Relay enables LAN endpoints behind firewalls to communicate over the Internet. Normally, the LAN IP addresses and protected locations of these endpoints would prevent them from recognizing each other. Groove Relay overcomes this condition by acting as an intermediary.
Figure 2. Device Discovery
Groove Relay provides store-and-forward services to collect and forward messages for Groove clients regardless of their connection state. Messages are held in queues until the relay is contacted by the Groove clients to whom the messages are targeted. This asynchronous communication enables continued operations among Groove collaborators even when some peers are offline.
Groove Relay uses WAN Device Presence Protocol (DPP) to determine a device’s online status and the list of active Internet Protocol (IP) addresses for that device. This device presence (or ‘awareness’) service uses a publish-and-subscribe approach to making other Groove users aware of the online/offline presence of other users.
Groove expedites communications when transmitting large amounts of data, or when transmitting over a slow network link, by employing the relay’s fanout capability. Fanout is a process for conveying a stream of data from a Groove client to Groove Relay for replication and distribution to recipients, applicable when a Groove user adds a file to a workspace, sends a workspace invitation, or updates a workspace with multiple members.
The fanout process spans Groove clients and Groove Relay servers. The Groove client begins the process by grouping messages according to the target relay of the various recipients. It then determines if fanout should be applied, based on a complex algorithm that involves the fanout capability of the sender’s device, the number of recipients, the amount of data being sent, and the sender’s line speed, among other factors. If fanout is merited, the client sends a single copy to each of the identified Groove Relay servers. Groove Relay servers function like multi-cast routers, distributing copies of the message to each of the recipients. This process helps maximize the efficiency of communications links and minimizes bandwidth usage. This basic functionality, known as multi-drop fanout, is shown in Figure 3 below.
Single-hop fanout extends the multi-drop functionality to encompass multiple Groove Relay servers. In this scenario, when Groove resolves the fanout algorithm in favor of fanout, Groove sends a single copy of a message to the local home Groove Relay server which then groups copies of the message by recipient relay and distributes message copies to target users’ Groove Relay servers. This process, known as single-hop fanout, is shown in Figure 4 below. Note that single-hop fanout messages are not queued on the sender’s home Groove Relay server; they are sent to and stored on the target Groove Relay, or if the target Groove Relay is down, fanout messages are stored on the sending client device.
When fanout is not in effect, Groove sends a single message addressed to multiple recipients just as it would send multiple messages to multiple recipients, issuing separate transmissions for each copy of the message, whether a Groove Relay server is called for or not, as shown in Figure 5 below.
Figure 3. Multi-Drop Fanout
Figure 4. Single-Hop Fanout
Figure 5. Groove Relay Transmission without Fanout
Groove Manager, installed on a separate server device at your site, provides an administrative interface for provisioning Groove users to specific Groove Relay servers. From Groove Manager server, the following administrative actions can be performed on Groove Relay servers:
Registering a Groove Relay server, or series of Groove Relay servers, with Groove Manager.
Assigning Groove clients to a Groove Relay server or a series of Groove Relay servers via their domain membership.
Setting relay message retention time.
Purging individual user message queues.
Groove Manager communicates with Groove Relay via the Simple Object Access Protocol (SOAP). Groove Manager always initiates communication with the Groove Relay (Groove Relay does not initiate communication with Groove Manager).
For information about managing your onsite (managed) Groove Relay via Groove Manager, see the online Help that accompanies the Groove Manager component of the Groove Server.
Groove clients must have access to a Groove Relay server in order to fully utilize Groove. By default, unmanaged users are automatically assigned to a publicly hosted relay server when they install Groove and create an identity. Managed users, defined by an onsite Groove Manager, gain their Groove Relay assignments from their management domain.
When a client device contacts the assigned Groove Relay server for the first time, a key exchange occurs between the client device and the Groove Relay server, providing initial user authentication. The client has then registered with that Groove Relay server. Client keys are stored in a database located on the Groove Relay. Groove clients are always assigned to specific relays; they are never directed to Groove Relay servers at random. A key exchange is always involved. In an enterprise environment, administrators assign users to Groove Relay servers using the Groove Manager running on a separate server machine from the relays.
Multi-relay installations enable more scalable relay support for a large client base and provide redundancy in case of equipment failure. Using the Groove Manager Web interface, administrators can assign multiple Groove Relay servers to a domain and prioritize them for use by domain members. When a Groove client sends data to a domain member that has access to multiple relay servers, the client attempts delivery to the first relay in the series, and if the server is down, it attempts delivery to the next Groove Relay server in the series, and so on.