I’m excited to announce the availability of the Microsoft Live Labs Relay Service. Go to http://relay.labs.live.com to read more about it and download the SDK, which includes assemblies and samples that show you how to get started. Also check out http://sts.labs.live.com for information about the Microsoft Live Labs Security Token Service which we’re also announcing today.


Note that this is an early technology preview that is still under active development. Because of that we may need to take down the service periodically to make changes. Check back here and at http://relay.labs.live.com for updates and please send us your feedback and questions using the labs-rly@microsoft.com alias.


If you’ve written a connected application before, especially a peer-to-peer application, you’ve probably run into the problem of how to expose your service to the internet from behind a NAT or firewall. These types of network devices typically make it possible to initiate outbound connections but restrict inbound connections.


In order to enable access to a service that is behind one of these network devices, developers often end up writing complex logic to establish connectivity regardless of the network topology. The Relay Service is designed to help with this problem. It acts as an endpoint in the sky that can receive messages and forward then down an existing connection to your service.


Once you install the Relay SDK you’ll find that you have a folder with a set of samples that show how to use the Relay Service. If you’ve written an application that uses the Windows Communication Foundation before these samples should look pretty straightforward. Make sure you go to http://sts.labs.live.com and register an InfoCard before you try any of the samples.


The Relay SDK includes a new RelayBinding which functions much like the WSHttpBinding that is included with the Windows Communication Foundation. Simply update your service to include an endpoint that uses the RelayBinding and give it a unique address at the Relay Service (the samples illustrate how to do this). You’ll also need to update your client application to use the RelayBinding. When you open your service the RelayBinding establishes an outbound connection to the Relay Service at the address you defined. From that point on any messages sent to that address are forwarded down the existing connection to your service.


The great thing about this model is that the RelayBinding essentially acts like any other channel-type in the Windows Communication Foundation and it can be enabled with nothing but a change in your application config. The RelayBinding also allows you to turn on support for end-to-end WS-ReliableMessaging and WS-Security. There are samples in the SDK that illustrate how to do this.


David Wortendyke

Relay Development


The other members of the Relay Service team are Dennis Pilarinos and Mike Vernal. The members of the Security Token Service team are Hervey Wilson and Vijay Gajjala. Other folks who worked on both services include David Rothenberg, Ami Vora and John Shewchuk.