Yeah, I found that one out by trying. I still don't see what's going wrong.
Does dialback require that the ip address specified by the A record for the server name have a PTR which points back to the server name? -matt On Thu, Sep 26, 2002 at 09:21:41AM -0500, Justin Georgeson wrote: > I don't have time to look at the trace right now, but will try to today. > Dialback/s2s does not use ssl, so turning it off will have zero effect > on this. > > matthew c. mead wrote: > > Thanks for the explanation. > > > > Is this key the ssl certificate that I built? If so, would it > > being self-signed be a problem? Should I go back to no ssl? > > > > Following is the debug output from a send from [EMAIL PROTECTED] to > > [EMAIL PROTECTED] > > > > Does it make any sense to you? > > > > Thanks for your help! > > > > > > > > -matt > > > > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 1:jabber.org <message >to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> > > <body>test</body></message> > > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'dnsrv' > > Wed Sep 25 19:31:45 2002 dnsrv.c:264 dnsrv: Creating lookup request queue for >jabber.org > > Wed Sep 25 19:31:45 2002 dnsrv.c:273 dnsrv: Transmitting lookup request: ><host>jabber.org</host> > > Wed Sep 25 19:31:45 2002 dnsrv.c:159 DNSRV CHILD: Read from buffer: ><host>jabber.org</host>Wed Sep 25 19:31:45 2002 mtq 817E900 leaving to pth > > > > Wed Sep 25 19:31:45 2002 dnsrv.c:112 dnsrv: Recv'd lookup request for jabber.org > > Wed Sep 25 19:31:45 2002 mio.c:607 mio while loop topWed Sep 25 19:31:45 2002 >srv_resolv.c:112 srv: SRV resolution of _jabber._tcp.jabber.org > > > > Wed Sep 25 19:31:45 2002 srv_resolv.c:99 srv: Standard resolution of jabber.org > > Wed Sep 25 19:31:45 2002 dnsrv.c:123 Resolved jabber.org((null)): 208.245.212.108 > resend to:s2s > > Wed Sep 25 19:31:45 2002 dnsrv.c:338 incoming resolution: <host >ip='208.245.212.108' to='s2s'>jabber.org</host> > > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 4:s2s <route to='s2s' >ip='208.245.212.108'><message to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> > > <body>test</body></message></route> > > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 's2s' > > Wed Sep 25 19:31:45 2002 dialback_out.c:192 dbout packet[208.245.212.108]: ><message to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> > > <body>test</body></message> > > Wed Sep 25 19:31:45 2002 dialback_out.c:212 outgoing packet with key >jabber.org/goof.com and located existing 0 > > Wed Sep 25 19:31:45 2002 dialback_out.c:99 Attempting to connect to >jabber.org/goof.com at 208.245.212.108 > > Wed Sep 25 19:31:45 2002 mio.c:527 calling the connect handler for mio object >81F5280 > > Wed Sep 25 19:31:45 2002 dialback_out.c:329 dbout read: fd 21 flag 4 key >jabber.org/goof.com > > Wed Sep 25 19:31:45 2002 log.c:116 <log type='notice' from='jabber.org'>failed to >establish connection</log> > > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 3:jabber.org <log type='notice' >from='jabber.org'>failed to establish connection</log> > > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'elogger' > > 20020925T23:31:45: [notice] (jabber.org): failed to establish connection > > Wed Sep 25 19:31:45 2002 deliver.c:606 delivery failed (Server Connect Failed) > > Wed Sep 25 19:31:45 2002 log.c:116 <log type='notice' from='jabber.org'>bouncing >a packet to [EMAIL PROTECTED] from [EMAIL PROTECTED]/Psi: Server Connect Failed</log> > > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 3:jabber.org <log type='notice' >from='jabber.org'>bouncing a packet to [EMAIL PROTECTED] from [EMAIL PROTECTED]/Psi: >Server Connect Failed</log> > > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'elogger' > > 20020925T23:31:45: [notice] (jabber.org): bouncing a packet to [EMAIL PROTECTED] >from [EMAIL PROTECTED]/Psi: Server Connect Failed > > Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 1:goof.com <message >to='[EMAIL PROTECTED]/Psi' from='[EMAIL PROTECTED]' type='error'> > > <body>test</body><error code='502'>Server Connect Failed</error></message> > > Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'sessions' > > Wed Sep 25 19:31:45 2002 deliver.c:94 (8128300)incoming packet <message >to='[EMAIL PROTECTED]/Psi' from='[EMAIL PROTECTED]' type='error'> > > <body>test</body><error code='502'>Server Connect Failed</error></message> > > > > > > On Wed, Sep 25, 2002 at 05:59:27PM -0500, Justin Georgeson wrote: > > > >>Dialback works by the sending server giving the receiving server a key. > >>The receiving server does a DNS lookup and contacts the returned IP > >>address. Then the key is verified. If the verification if succsessful, > >>the receiving server tells the sending server it's ok to proceed. While > >>trying to figure out the internals I noticed that the process seems to > >>start again in the middle when the receiving server contacts the looked > >>up IP to verify the key. This contact marks the beginning of a dialback > >>connection where the sending server becomes a receiving server. It all > >>got very confusing trying to look at all the packets in the log file and > >>trace it by hand. > >> > >> From the error message, I would say it is definitely a dialback issue, > >>and it is probably the server on the other end not being able to verify > >>the server behind the NAT. Run the server in debug mode and capture the > >>output ( jabberd .... -D > debug.log 2>&1). Then look for entries in > >>dialback*.c > >> > >>matthew c. mead wrote: > >> > >>>Anybody? > >>> > >>>Anyone familiar with how dial back works? I have to assume > >>>that's what's failing... > >>> > >>> > >>>-matt > >>> > >>>On Wed, Sep 25, 2002 at 09:41:03AM -0400, matthew c. mead wrote: > >>> > >>> > >>>>I've asked on JADMIN but haven't gotten any response. I'm hoping > >>>>someone here has more knowledge of the issues involved: > >>>> > >>>>I just recently installed a jabber server at goof.com. > >>>>Unfortunately, I cannot get it to interoperate with other jabber > >>>>servers using s2s. > >>>> > >>>>I do not have control over the PTR record for the external ip > >>>>addresses my server answers. > >>>> > >>>>Is there some way to get s2s working despite this? Sending from > >>>>goof.com to external servers yields a connect failure. Sending > >>> > >>>>from external servers to goof.com yields that the remote server > >>> > >>>>does not have permission to respond with the specified ip > >>>>address. > >>>> > >>>>My NAT box allows all outbound connections. It has forwarding > >>>>rules to forward inbound packets it receives for TCP ports 5222, > >>>>5223, 5269, and 7000 to the machine running the jabber server. > >>>> > >>>>Any ideas? > >>>> > >>>>Thanks! > >>>> > >>>> > >>>> > >>>>-matt > >>>> > >>>>-- > >>>>matthew c. mead > >>>> > >>>>http://www.goof.com/~mmead/ > >>>>_______________________________________________ > >>>>jdev mailing list > >>>>[EMAIL PROTECTED] > >>>>http://mailman.jabber.org/listinfo/jdev > >>>> > >>> > >>> > >>-- > >>Justin Georgeson > >>UnBound Technologies, Inc. > >>http://www.unboundtech.com > >>Main 713.329.9330 > >>Fax 713.460.4051 > >>Mobile 512.789.1962 > >> > >>5295 Hollister Road > >>Houston, TX 77040 > >>Real Applications using Real Wireless Intelligence(tm) > >> > >>_______________________________________________ > >>jdev mailing list > >>[EMAIL PROTECTED] > >>http://mailman.jabber.org/listinfo/jdev > >> > > > > > > -- > Justin Georgeson > UnBound Technologies, Inc. > http://www.unboundtech.com > Main 713.329.9330 > Fax 713.460.4051 > Mobile 512.789.1962 > > 5295 Hollister Road > Houston, TX 77040 > Real Applications using Real Wireless Intelligence(tm) > > _______________________________________________ > jdev mailing list > [EMAIL PROTECTED] > http://mailman.jabber.org/listinfo/jdev > -- matthew c. mead http://www.goof.com/~mmead/ _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
