That's what is happening. Something's getting hosed up. My guess at this point is the implementation is passing ip addresses to the other server rather than a FQDN.
A PTR record is a DNS record that maps an ip address to a FQDN. -matt On Thu, Sep 26, 2002 at 10:49:59AM -0500, Justin Georgeson wrote: > I'm not sure what a PTR is. The name that your server call itself (the > <host> or -h value) should resolve to the ip address of your server. In > your case, the external IP of the NAT box. Since you have the forwarding > in place, the traffic would go to your jabber server, which should then > validate the key. > > matthew c. mead wrote: > > Yeah, I found that one out by trying. I still don't see what's > > going wrong. > > > > Does dialback require that the ip address specified by the A > > record for the server name have a PTR which points back to the > > server name? > > > > > > > > -matt > > > > On Thu, Sep 26, 2002 at 09:21:41AM -0500, Justin Georgeson wrote: > > > >>I don't have time to look at the trace right now, but will try to today. > >> Dialback/s2s does not use ssl, so turning it off will have zero effect > >>on this. > >> > >>matthew c. mead wrote: > >> > >>>Thanks for the explanation. > >>> > >>>Is this key the ssl certificate that I built? If so, would it > >>>being self-signed be a problem? Should I go back to no ssl? > >>> > >>>Following is the debug output from a send from [EMAIL PROTECTED] to > >>>[EMAIL PROTECTED] > >>> > >>>Does it make any sense to you? > >>> > >>>Thanks for your help! > >>> > >>> > >>> > >>>-matt > >>> > >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 1:jabber.org <message >to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> > >>><body>test</body></message> > >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'dnsrv' > >>>Wed Sep 25 19:31:45 2002 dnsrv.c:264 dnsrv: Creating lookup request queue for >jabber.org > >>>Wed Sep 25 19:31:45 2002 dnsrv.c:273 dnsrv: Transmitting lookup request: ><host>jabber.org</host> > >>>Wed Sep 25 19:31:45 2002 dnsrv.c:159 DNSRV CHILD: Read from buffer: ><host>jabber.org</host>Wed Sep 25 19:31:45 2002 mtq 817E900 leaving to pth > >>> > >>>Wed Sep 25 19:31:45 2002 dnsrv.c:112 dnsrv: Recv'd lookup request for jabber.org > >>>Wed Sep 25 19:31:45 2002 mio.c:607 mio while loop topWed Sep 25 19:31:45 2002 >srv_resolv.c:112 srv: SRV resolution of _jabber._tcp.jabber.org > >>> > >>>Wed Sep 25 19:31:45 2002 srv_resolv.c:99 srv: Standard resolution of jabber.org > >>>Wed Sep 25 19:31:45 2002 dnsrv.c:123 Resolved jabber.org((null)): >208.245.212.108 resend to:s2s > >>>Wed Sep 25 19:31:45 2002 dnsrv.c:338 incoming resolution: <host >ip='208.245.212.108' to='s2s'>jabber.org</host> > >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 4:s2s <route to='s2s' >ip='208.245.212.108'><message to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> > >>><body>test</body></message></route> > >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 's2s' > >>>Wed Sep 25 19:31:45 2002 dialback_out.c:192 dbout packet[208.245.212.108]: ><message to='[EMAIL PROTECTED]' from='[EMAIL PROTECTED]/Psi'> > >>><body>test</body></message> > >>>Wed Sep 25 19:31:45 2002 dialback_out.c:212 outgoing packet with key >jabber.org/goof.com and located existing 0 > >>>Wed Sep 25 19:31:45 2002 dialback_out.c:99 Attempting to connect to >jabber.org/goof.com at 208.245.212.108 > >>>Wed Sep 25 19:31:45 2002 mio.c:527 calling the connect handler for mio object >81F5280 > >>>Wed Sep 25 19:31:45 2002 dialback_out.c:329 dbout read: fd 21 flag 4 key >jabber.org/goof.com > >>>Wed Sep 25 19:31:45 2002 log.c:116 <log type='notice' from='jabber.org'>failed >to establish connection</log> > >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 3:jabber.org <log type='notice' >from='jabber.org'>failed to establish connection</log> > >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'elogger' > >>>20020925T23:31:45: [notice] (jabber.org): failed to establish connection > >>>Wed Sep 25 19:31:45 2002 deliver.c:606 delivery failed (Server Connect Failed) > >>>Wed Sep 25 19:31:45 2002 log.c:116 <log type='notice' from='jabber.org'>bouncing >a packet to [EMAIL PROTECTED] from [EMAIL PROTECTED]/Psi: Server Connect Failed</log> > >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 3:jabber.org <log type='notice' >from='jabber.org'>bouncing a packet to [EMAIL PROTECTED] from [EMAIL PROTECTED]/Psi: >Server Connect Failed</log> > >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'elogger' > >>>20020925T23:31:45: [notice] (jabber.org): bouncing a packet to [EMAIL PROTECTED] >from [EMAIL PROTECTED]/Psi: Server Connect Failed > >>>Wed Sep 25 19:31:45 2002 deliver.c:474 DELIVER 1:goof.com <message >to='[EMAIL PROTECTED]/Psi' from='[EMAIL PROTECTED]' type='error'> > >>><body>test</body><error code='502'>Server Connect Failed</error></message> > >>>Wed Sep 25 19:31:45 2002 deliver.c:678 delivering to instance 'sessions' > >>>Wed Sep 25 19:31:45 2002 deliver.c:94 (8128300)incoming packet <message >to='[EMAIL PROTECTED]/Psi' from='[EMAIL PROTECTED]' type='error'> > >>><body>test</body><error code='502'>Server Connect Failed</error></message> > >>> > >>> > >>>On Wed, Sep 25, 2002 at 05:59:27PM -0500, Justin Georgeson wrote: > >>> > >>> > >>>>Dialback works by the sending server giving the receiving server a key. > >>>>The receiving server does a DNS lookup and contacts the returned IP > >>>>address. Then the key is verified. If the verification if succsessful, > >>>>the receiving server tells the sending server it's ok to proceed. While > >>>>trying to figure out the internals I noticed that the process seems to > >>>>start again in the middle when the receiving server contacts the looked > >>>>up IP to verify the key. This contact marks the beginning of a dialback > >>>>connection where the sending server becomes a receiving server. It all > >>>>got very confusing trying to look at all the packets in the log file and > >>>>trace it by hand. > >>>> > >>>>From the error message, I would say it is definitely a dialback issue, > >>>>and it is probably the server on the other end not being able to verify > >>>>the server behind the NAT. Run the server in debug mode and capture the > >>>>output ( jabberd .... -D > debug.log 2>&1). Then look for entries in > >>>>dialback*.c > >>>> > >>>>matthew c. mead wrote: > >>>> > >>>> > >>>>>Anybody? > >>>>> > >>>>>Anyone familiar with how dial back works? I have to assume > >>>>>that's what's failing... > >>>>> > >>>>> > >>>>>-matt > >>>>> > >>>>>On Wed, Sep 25, 2002 at 09:41:03AM -0400, matthew c. mead wrote: > >>>>> > >>>>> > >>>>> > >>>>>>I've asked on JADMIN but haven't gotten any response. I'm hoping > >>>>>>someone here has more knowledge of the issues involved: > >>>>>> > >>>>>>I just recently installed a jabber server at goof.com. > >>>>>>Unfortunately, I cannot get it to interoperate with other jabber > >>>>>>servers using s2s. > >>>>>> > >>>>>>I do not have control over the PTR record for the external ip > >>>>>>addresses my server answers. > >>>>>> > >>>>>>Is there some way to get s2s working despite this? Sending from > >>>>>>goof.com to external servers yields a connect failure. Sending > >>>>> > >>>>>>from external servers to goof.com yields that the remote server > >>>>> > >>>>> > >>>>>>does not have permission to respond with the specified ip > >>>>>>address. > >>>>>> > >>>>>>My NAT box allows all outbound connections. It has forwarding > >>>>>>rules to forward inbound packets it receives for TCP ports 5222, > >>>>>>5223, 5269, and 7000 to the machine running the jabber server. > >>>>>> > >>>>>>Any ideas? > >>>>>> > >>>>>>Thanks! > >>>>>> > >>>>>> > >>>>>> > >>>>>>-matt > >>>>>> > >>>>>>-- > >>>>>>matthew c. mead > >>>>>> > >>>>>>http://www.goof.com/~mmead/ > >>>>>>_______________________________________________ > >>>>>>jdev mailing list > >>>>>>[EMAIL PROTECTED] > >>>>>>http://mailman.jabber.org/listinfo/jdev > >>>>>> > >>>>> > >>>>> > >>>>-- > >>>>Justin Georgeson > >>>>UnBound Technologies, Inc. > >>>>http://www.unboundtech.com > >>>>Main 713.329.9330 > >>>>Fax 713.460.4051 > >>>>Mobile 512.789.1962 > >>>> > >>>>5295 Hollister Road > >>>>Houston, TX 77040 > >>>>Real Applications using Real Wireless Intelligence(tm) > >>>> > >>>>_______________________________________________ > >>>>jdev mailing list > >>>>[EMAIL PROTECTED] > >>>>http://mailman.jabber.org/listinfo/jdev > >>>> > >>> > >>> > >>-- > >>Justin Georgeson > >>UnBound Technologies, Inc. > >>http://www.unboundtech.com > >>Main 713.329.9330 > >>Fax 713.460.4051 > >>Mobile 512.789.1962 > >> > >>5295 Hollister Road > >>Houston, TX 77040 > >>Real Applications using Real Wireless Intelligence(tm) > >> > >>_______________________________________________ > >>jdev mailing list > >>[EMAIL PROTECTED] > >>http://mailman.jabber.org/listinfo/jdev > >> > > > > > > -- > Justin Georgeson > UnBound Technologies, Inc. > http://www.unboundtech.com > Main 713.329.9330 > Fax 713.460.4051 > Mobile 512.789.1962 > > 5295 Hollister Road > Houston, TX 77040 > Real Applications using Real Wireless Intelligence(tm) > > _______________________________________________ > jdev mailing list > [EMAIL PROTECTED] > http://mailman.jabber.org/listinfo/jdev > -- matthew c. mead http://www.goof.com/~mmead/ _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
