I'm not sure what a PTR is. The name that your server call itself (the <host> or -h value) should resolve to the ip address of your server. In your case, the external IP of the NAT box. Since you have the forwarding in place, the traffic would go to your jabber server, which should then validate the key.
matthew c. mead wrote: > Yeah, I found that one out by trying. I still don't see what's > going wrong. > > Does dialback require that the ip address specified by the A > record for the server name have a PTR which points back to the > server name? > > > > -matt > > On Thu, Sep 26, 2002 at 09:21:41AM -0500, Justin Georgeson wrote: > >>I don't have time to look at the trace right now, but will try to today. >> Dialback/s2s does not use ssl, so turning it off will have zero effect >>on this. >> >>matthew c. mead wrote: >> >>>Thanks for the explanation. >>> >>>Is this key the ssl certificate that I built? If so, would it >>>being self-signed be a problem? Should I go back to no ssl? >>> >>>Following is the debug output from a send from [EMAIL PROTECTED] to >>>[EMAIL PROTECTED] >>> >>>Does it make any sense to you? >>> >>>Thanks for your help! >>> >>> >>> >>>-matt >>> >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 1:jabber.org <message >to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> >>><body>test</body></message> >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'dnsrv' >>>Wed Sep 25 19:31:45 2002 dnsrv.c:264 dnsrv: Creating lookup request queue for >jabber.org >>>Wed Sep 25 19:31:45 2002 dnsrv.c:273 dnsrv: Transmitting lookup request: ><host>jabber.org</host> >>>Wed Sep 25 19:31:45 2002 dnsrv.c:159 DNSRV CHILD: Read from buffer: ><host>jabber.org</host>Wed Sep 25 19:31:45 2002 mtq 817E900 leaving to pth >>> >>>Wed Sep 25 19:31:45 2002 dnsrv.c:112 dnsrv: Recv'd lookup request for jabber.org >>>Wed Sep 25 19:31:45 2002 mio.c:607 mio while loop topWed Sep 25 19:31:45 2002 >srv_resolv.c:112 srv: SRV resolution of _jabber._tcp.jabber.org >>> >>>Wed Sep 25 19:31:45 2002 srv_resolv.c:99 srv: Standard resolution of jabber.org >>>Wed Sep 25 19:31:45 2002 dnsrv.c:123 Resolved jabber.org((null)): 208.245.212.108 > resend to:s2s >>>Wed Sep 25 19:31:45 2002 dnsrv.c:338 incoming resolution: <host >ip='208.245.212.108' to='s2s'>jabber.org</host> >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 4:s2s <route to='s2s' >ip='208.245.212.108'><message to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> >>><body>test</body></message></route> >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 's2s' >>>Wed Sep 25 19:31:45 2002 dialback_out.c:192 dbout packet[208.245.212.108]: ><message to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> >>><body>test</body></message> >>>Wed Sep 25 19:31:45 2002 dialback_out.c:212 outgoing packet with key >jabber.org/goof.com and located existing 0 >>>Wed Sep 25 19:31:45 2002 dialback_out.c:99 Attempting to connect to >jabber.org/goof.com at 208.245.212.108 >>>Wed Sep 25 19:31:45 2002 mio.c:527 calling the connect handler for mio object >81F5280 >>>Wed Sep 25 19:31:45 2002 dialback_out.c:329 dbout read: fd 21 flag 4 key >jabber.org/goof.com >>>Wed Sep 25 19:31:45 2002 log.c:116 <log type='notice' from='jabber.org'>failed to >establish connection</log> >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 3:jabber.org <log type='notice' >from='jabber.org'>failed to establish connection</log> >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'elogger' >>>20020925T23:31:45: [notice] (jabber.org): failed to establish connection >>>Wed Sep 25 19:31:45 2002 deliver.c:606 delivery failed (Server Connect Failed) >>>Wed Sep 25 19:31:45 2002 log.c:116 <log type='notice' from='jabber.org'>bouncing a >packet to [EMAIL PROTECTED] from [EMAIL PROTECTED]/Psi: Server Connect Failed</log> >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 3:jabber.org <log type='notice' >from='jabber.org'>bouncing a packet to [EMAIL PROTECTED] from [EMAIL PROTECTED]/Psi: >Server Connect Failed</log> >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'elogger' >>>20020925T23:31:45: [notice] (jabber.org): bouncing a packet to [EMAIL PROTECTED] >from [EMAIL PROTECTED]/Psi: Server Connect Failed >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 1:goof.com <message >to='[EMAIL PROTECTED]/Psi' from='[EMAIL PROTECTED]' type='error'> >>><body>test</body><error code='502'>Server Connect Failed</error></message> >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'sessions' >>>Wed Sep 25 19:31:45 2002 deliver.c:94 (8128300)incoming packet <message >to='[EMAIL PROTECTED]/Psi' from='[EMAIL PROTECTED]' type='error'> >>><body>test</body><error code='502'>Server Connect Failed</error></message> >>> >>> >>>On Wed, Sep 25, 2002 at 05:59:27PM -0500, Justin Georgeson wrote: >>> >>> >>>>Dialback works by the sending server giving the receiving server a key. >>>>The receiving server does a DNS lookup and contacts the returned IP >>>>address. Then the key is verified. If the verification if succsessful, >>>>the receiving server tells the sending server it's ok to proceed. While >>>>trying to figure out the internals I noticed that the process seems to >>>>start again in the middle when the receiving server contacts the looked >>>>up IP to verify the key. This contact marks the beginning of a dialback >>>>connection where the sending server becomes a receiving server. It all >>>>got very confusing trying to look at all the packets in the log file and >>>>trace it by hand. >>>> >>>>From the error message, I would say it is definitely a dialback issue, >>>>and it is probably the server on the other end not being able to verify >>>>the server behind the NAT. Run the server in debug mode and capture the >>>>output ( jabberd .... -D > debug.log 2>&1). Then look for entries in >>>>dialback*.c >>>> >>>>matthew c. mead wrote: >>>> >>>> >>>>>Anybody? >>>>> >>>>>Anyone familiar with how dial back works? I have to assume >>>>>that's what's failing... >>>>> >>>>> >>>>>-matt >>>>> >>>>>On Wed, Sep 25, 2002 at 09:41:03AM -0400, matthew c. mead wrote: >>>>> >>>>> >>>>> >>>>>>I've asked on JADMIN but haven't gotten any response. I'm hoping >>>>>>someone here has more knowledge of the issues involved: >>>>>> >>>>>>I just recently installed a jabber server at goof.com. >>>>>>Unfortunately, I cannot get it to interoperate with other jabber >>>>>>servers using s2s. >>>>>> >>>>>>I do not have control over the PTR record for the external ip >>>>>>addresses my server answers. >>>>>> >>>>>>Is there some way to get s2s working despite this? Sending from >>>>>>goof.com to external servers yields a connect failure. Sending >>>>> >>>>>>from external servers to goof.com yields that the remote server >>>>> >>>>> >>>>>>does not have permission to respond with the specified ip >>>>>>address. >>>>>> >>>>>>My NAT box allows all outbound connections. It has forwarding >>>>>>rules to forward inbound packets it receives for TCP ports 5222, >>>>>>5223, 5269, and 7000 to the machine running the jabber server. >>>>>> >>>>>>Any ideas? >>>>>> >>>>>>Thanks! >>>>>> >>>>>> >>>>>> >>>>>>-matt >>>>>> >>>>>>-- >>>>>>matthew c. mead >>>>>> >>>>>>http://www.goof.com/~mmead/ >>>>>>_______________________________________________ >>>>>>jdev mailing list >>>>>>[EMAIL PROTECTED] >>>>>>http://mailman.jabber.org/listinfo/jdev >>>>>> >>>>> >>>>> >>>>-- >>>>Justin Georgeson >>>>UnBound Technologies, Inc. >>>>http://www.unboundtech.com >>>>Main 713.329.9330 >>>>Fax 713.460.4051 >>>>Mobile 512.789.1962 >>>> >>>>5295 Hollister Road >>>>Houston, TX 77040 >>>>Real Applications using Real Wireless Intelligence(tm) >>>> >>>>_______________________________________________ >>>>jdev mailing list >>>>[EMAIL PROTECTED] >>>>http://mailman.jabber.org/listinfo/jdev >>>> >>> >>> >>-- >>Justin Georgeson >>UnBound Technologies, Inc. >>http://www.unboundtech.com >>Main 713.329.9330 >>Fax 713.460.4051 >>Mobile 512.789.1962 >> >>5295 Hollister Road >>Houston, TX 77040 >>Real Applications using Real Wireless Intelligence(tm) >> >>_______________________________________________ >>jdev mailing list >>[EMAIL PROTECTED] >>http://mailman.jabber.org/listinfo/jdev >> > > -- Justin Georgeson UnBound Technologies, Inc. http://www.unboundtech.com Main 713.329.9330 Fax 713.460.4051 Mobile 512.789.1962 5295 Hollister Road Houston, TX 77040 Real Applications using Real Wireless Intelligence(tm) _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
