I don't have time to look at the trace right now, but will try to today. Dialback/s2s does not use ssl, so turning it off will have zero effect on this.
matthew c. mead wrote: > Thanks for the explanation. > > Is this key the ssl certificate that I built? If so, would it > being self-signed be a problem? Should I go back to no ssl? > > Following is the debug output from a send from [EMAIL PROTECTED] to > [EMAIL PROTECTED] > > Does it make any sense to you? > > Thanks for your help! > > > > -matt > > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 1:jabber.org <message >to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> > <body>test</body></message> > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'dnsrv' > Wed Sep 25 19:31:45 2002 dnsrv.c:264 dnsrv: Creating lookup request queue for >jabber.org > Wed Sep 25 19:31:45 2002 dnsrv.c:273 dnsrv: Transmitting lookup request: ><host>jabber.org</host> > Wed Sep 25 19:31:45 2002 dnsrv.c:159 DNSRV CHILD: Read from buffer: ><host>jabber.org</host>Wed Sep 25 19:31:45 2002 mtq 817E900 leaving to pth > > Wed Sep 25 19:31:45 2002 dnsrv.c:112 dnsrv: Recv'd lookup request for jabber.org > Wed Sep 25 19:31:45 2002 mio.c:607 mio while loop topWed Sep 25 19:31:45 2002 >srv_resolv.c:112 srv: SRV resolution of _jabber._tcp.jabber.org > > Wed Sep 25 19:31:45 2002 srv_resolv.c:99 srv: Standard resolution of jabber.org > Wed Sep 25 19:31:45 2002 dnsrv.c:123 Resolved jabber.org((null)): 208.245.212.108 > resend to:s2s > Wed Sep 25 19:31:45 2002 dnsrv.c:338 incoming resolution: <host >ip='208.245.212.108' to='s2s'>jabber.org</host> > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 4:s2s <route to='s2s' >ip='208.245.212.108'><message to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> > <body>test</body></message></route> > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 's2s' > Wed Sep 25 19:31:45 2002 dialback_out.c:192 dbout packet[208.245.212.108]: <message >to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> > <body>test</body></message> > Wed Sep 25 19:31:45 2002 dialback_out.c:212 outgoing packet with key >jabber.org/goof.com and located existing 0 > Wed Sep 25 19:31:45 2002 dialback_out.c:99 Attempting to connect to >jabber.org/goof.com at 208.245.212.108 > Wed Sep 25 19:31:45 2002 mio.c:527 calling the connect handler for mio object >81F5280 > Wed Sep 25 19:31:45 2002 dialback_out.c:329 dbout read: fd 21 flag 4 key >jabber.org/goof.com > Wed Sep 25 19:31:45 2002 log.c:116 <log type='notice' from='jabber.org'>failed to >establish connection</log> > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 3:jabber.org <log type='notice' >from='jabber.org'>failed to establish connection</log> > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'elogger' > 20020925T23:31:45: [notice] (jabber.org): failed to establish connection > Wed Sep 25 19:31:45 2002 deliver.c:606 delivery failed (Server Connect Failed) > Wed Sep 25 19:31:45 2002 log.c:116 <log type='notice' from='jabber.org'>bouncing a >packet to [EMAIL PROTECTED] from [EMAIL PROTECTED]/Psi: Server Connect Failed</log> > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 3:jabber.org <log type='notice' >from='jabber.org'>bouncing a packet to [EMAIL PROTECTED] from [EMAIL PROTECTED]/Psi: >Server Connect Failed</log> > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'elogger' > 20020925T23:31:45: [notice] (jabber.org): bouncing a packet to [EMAIL PROTECTED] from >[EMAIL PROTECTED]/Psi: Server Connect Failed > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 1:goof.com <message >to='[EMAIL PROTECTED]/Psi' from='[EMAIL PROTECTED]' type='error'> > <body>test</body><error code='502'>Server Connect Failed</error></message> > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'sessions' > Wed Sep 25 19:31:45 2002 deliver.c:94 (8128300)incoming packet <message >to='[EMAIL PROTECTED]/Psi' from='[EMAIL PROTECTED]' type='error'> > <body>test</body><error code='502'>Server Connect Failed</error></message> > > > On Wed, Sep 25, 2002 at 05:59:27PM -0500, Justin Georgeson wrote: > >>Dialback works by the sending server giving the receiving server a key. >>The receiving server does a DNS lookup and contacts the returned IP >>address. Then the key is verified. If the verification if succsessful, >>the receiving server tells the sending server it's ok to proceed. While >>trying to figure out the internals I noticed that the process seems to >>start again in the middle when the receiving server contacts the looked >>up IP to verify the key. This contact marks the beginning of a dialback >>connection where the sending server becomes a receiving server. It all >>got very confusing trying to look at all the packets in the log file and >>trace it by hand. >> >> From the error message, I would say it is definitely a dialback issue, >>and it is probably the server on the other end not being able to verify >>the server behind the NAT. Run the server in debug mode and capture the >>output ( jabberd .... -D > debug.log 2>&1). Then look for entries in >>dialback*.c >> >>matthew c. mead wrote: >> >>>Anybody? >>> >>>Anyone familiar with how dial back works? I have to assume >>>that's what's failing... >>> >>> >>>-matt >>> >>>On Wed, Sep 25, 2002 at 09:41:03AM -0400, matthew c. mead wrote: >>> >>> >>>>I've asked on JADMIN but haven't gotten any response. I'm hoping >>>>someone here has more knowledge of the issues involved: >>>> >>>>I just recently installed a jabber server at goof.com. >>>>Unfortunately, I cannot get it to interoperate with other jabber >>>>servers using s2s. >>>> >>>>I do not have control over the PTR record for the external ip >>>>addresses my server answers. >>>> >>>>Is there some way to get s2s working despite this? Sending from >>>>goof.com to external servers yields a connect failure. Sending >>> >>>>from external servers to goof.com yields that the remote server >>> >>>>does not have permission to respond with the specified ip >>>>address. >>>> >>>>My NAT box allows all outbound connections. It has forwarding >>>>rules to forward inbound packets it receives for TCP ports 5222, >>>>5223, 5269, and 7000 to the machine running the jabber server. >>>> >>>>Any ideas? >>>> >>>>Thanks! >>>> >>>> >>>> >>>>-matt >>>> >>>>-- >>>>matthew c. mead >>>> >>>>http://www.goof.com/~mmead/ >>>>_______________________________________________ >>>>jdev mailing list >>>>[EMAIL PROTECTED] >>>>http://mailman.jabber.org/listinfo/jdev >>>> >>> >>> >>-- >>Justin Georgeson >>UnBound Technologies, Inc. >>http://www.unboundtech.com >>Main 713.329.9330 >>Fax 713.460.4051 >>Mobile 512.789.1962 >> >>5295 Hollister Road >>Houston, TX 77040 >>Real Applications using Real Wireless Intelligence(tm) >> >>_______________________________________________ >>jdev mailing list >>[EMAIL PROTECTED] >>http://mailman.jabber.org/listinfo/jdev >> > > -- Justin Georgeson UnBound Technologies, Inc. http://www.unboundtech.com Main 713.329.9330 Fax 713.460.4051 Mobile 512.789.1962 5295 Hollister Road Houston, TX 77040 Real Applications using Real Wireless Intelligence(tm) _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
