More details on Groove servers (mostly Relay)

  • Article

In reference to Patrick Gan's "So you want to host your own Groove Servers", one reader had a few questions about the functions of the Groove servers. Hi Bryan! Thank you for your comments. If you missed my post Groove without your own servers in July, you may want to look at that, but I'm going to revisit the topic based on your questions, because this confuses a lot of people.

There are two types of Groove servers that Groove customers commonly use, Relay and Manager. Because of rebranding and packaging for different customer segments, you may see each of these referred to by a number of product names. Full feature sets vary, but the core functionality is the same for each of these lists.

Relay server products:

  • Microsoft Office Groove Server Relay
  • Microsoft Office Groove Enterprise Relay Services
  • (Groove Networks) Hosted Relay Services
  • (Groove Networks) Enterprise Relay Server (ERS)

Manager server products:

  • Microsoft Office Groove Server Manager
  • Microsoft Office Groove Enterprise Manager Services
  • (Groove Networks) Hosted Management Services
  • (Groove Networks) Enterprise Management Server (EMS)

A Manager server, as the name implies, is used to manage Groove domains. It enables a domain administrator to do things like set security policies (password length, for example), schedule account backups, and other tasks of that sort. It's typically used by large organizations that require that extra level of control and have the IT resources to support it.

Access to a Relay server, on the other hand,  is necessary to support core functions of Groove. If you use Groove to communicate with anyone not on your LAN broadcast segment, you use a Groove relay for awareness, at least. If you are part of a managed Groove domain, that domain provisions your account to a Relay server when you configure your account. If you are not part of a managed Groove domain, Microsoft provisions your Groove account to a public-facing Groove Relay server that we host.

Assume a workspace with one other member, who uses Groove on only one computer. When you make a change to the workspace (by adding, deleting, or modifying contents), Groove generates data that details the change to the workspace, encrypts that data, and queues it to send to the other workspace member. Groove will send the data directly to the other Groove account if it can. If it cannot, it will send it to the other account's Groove relay. This happens in two situations:

  • If the network path to the recipient will not allow a direct (peer to peer) SSTP connection from your computer to the remote computer at TCP port 2492.
  • If the recipient is offline

In both case, the relay acts as a store-and-forward agent, much as your mail server might. It receives the encrypted data from the sender and stores it temporarily. If the relay has a direct connection to the recipient, it sends the data immediately. If it does not, it waits for the account to request new data. If the connection is restricted, the account will periodically request new data from the relay, usually over an HTTP (TCP 80) connection. If the account is offline, it will request data from the relay when it comes online.

Remember, the data is just your workspace changes, not your workspace. It can still consume a lot of space on the relay. However, we consider this service a core feature of Groove. At one time, I was in a workspace which had members in two locations -- Shanghai and Beverly, Massachusetts. Without relay service for offline Groove accounts, we wouldn't have been able to use Groove at all. Still, the data can't stay on the relay indefinitely, so relays delete unfetched workspace data once it has been on the relay for a certain number of days. I believe this is set to 30 days on the public-facing relays. This value can be changed with Groove Manager if you administer your own relay. The transmitted workspace data also remains on the sending computer until acknowledged by the receiving account or purged by a manager in the workspace. In most cases, this allows Groove to recover automatically if workspace changes are lost by the network or the relay. (Messages are not retained in this way, and can be lost in a relay failure.)

For more information on how queued data is purged from the relay and the client, see Information about synchronization alerts in Groove.

Data is encrypted on the relay, just like it is on the network, so even if you are using a Microsoft-hosted relay, Microsoft cannot read your data. See How Groove maintains the security of a workspace and helps protect data that is sent over a non-secure network for details.