[JDEV] jabberd behind NAT fails s2s interoperation
matthew c. mead
mmead at goof.com
Wed Oct 2 14:15:00 CDT 2002
I've still not been able to get this going.
Is anyone else out there running a jabber server behind a nat
firewall and getting s2s to work with success?
Thanks.
-matt
On Thu, Sep 26, 2002 at 01:55:20PM -0400, matthew c. mead wrote:
> I do not use the -h switch. I do have the following in
> jabber.xml as an element in the <service id="sessions"> element:
>
> <host>goof.com</host>
>
>
>
> -matt
>
> On Thu, Sep 26, 2002 at 12:07:28PM -0500, Justin Georgeson wrote:
> > No, the receiving server does a dns lookup of the hostname given to find
> > the ip address to contact for verification. When you start jabber, do
> > you give it a -h flag? If so that value needs to resolve, via DNS to the
> > ip of your nat. If not, use the value of the <host> tag right after the
> > start of the <service id="sessions"> tag in jabber.xml. From what you
> > have said so far, you should be using goof.com as the <host>/-h value.
> >
> > matthew c. mead wrote:
> > > On Thu, Sep 26, 2002 at 04:58:51PM +0100, Richard Dobson wrote:
> > >
> > >>>Yeah, I found that one out by trying. I still don't see what's
> > >>>going wrong.
> > >>>
> > >>>Does dialback require that the ip address specified by the A
> > >>>record for the server name have a PTR which points back to the
> > >>>server name?
> > >>
> > >
> > >>No you do not need a PTR but the domain your server is claiming to be needs
> > >>to point to the machine you are trying to use.
> > >
> > >
> > > I have an A record for goof.com that points to a NAT box. That
> > > box forwards packets on the jabber ports to a box on my internal
> > > network that runs the jabber server.
> > >
> > > I do not have a PTR record for the ip address that points to the
> > > canonical name "goof.com."
> > >
> > > Given this, I can't figure out what's wrong. Does the dialback
> > > code pass the IP address of the interface to which it is bound to
> > > the remote server? If so, this could be the problem - in my
> > > case, it would be passing the internal ip address, rather than
> > > the external.
> > >
> > > Thanks for helping me eliminate the worry of needing a PTR
> > > record. My guess is what I've described above is happening.
> > >
> > >
> > >
> > > -matt
> > >
> >
> > --
> > Justin Georgeson
> > UnBound Technologies, Inc.
> > http://www.unboundtech.com
> > Main 713.329.9330
> > Fax 713.460.4051
> > Mobile 512.789.1962
> >
> > 5295 Hollister Road
> > Houston, TX 77040
> > Real Applications using Real Wireless Intelligence(tm)
> >
> > _______________________________________________
> > jdev mailing list
> > jdev at jabber.org
> > http://mailman.jabber.org/listinfo/jdev
> >
>
> --
> matthew c. mead
>
> http://www.goof.com/~mmead/
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
>
--
matthew c. mead
http://www.goof.com/~mmead/
More information about the JDev
mailing list