[JDEV] jabberd behind NAT fails s2s interoperation

matthew c. mead mmead at goof.com
Thu Oct 3 17:06:37 CDT 2002 

So sitting behind a NAT box doesn't sound like it should affect
things.

Just to be sure I hadn't done something wrong I extracted to
another directory, rebuilt, and started from the stock
configuration file.  All I changed in it were the admin addresses
and the <host> and <update> contents so they matched my FQDN.
I'm still getting this at startup:

20021003T22:03:22: [notice] (-internal): initializing server
20021003T22:03:22: [notice] (update.jabber.org): failed to establish connection
20021003T22:03:22: [notice] (update.jabber.org): bouncing a packet to jsm at update.jabber.org/1.4.2 from goof.com: Server Connect Failed


-matt


On Wed, Oct 02, 2002 at 09:40:21PM +0100, Richard Dobson wrote:
> Yep I am running it and it works fine. The only exception seems to be the
> jabber.com JCP which after its running for a while seems to stop working,
> but connections of jabberd servers are fine.
> 
> Richard
> 
> ----- Original Message -----
> From: "matthew c. mead" <mmead at goof.com>
> To: <jdev at jabber.org>
> Sent: Wednesday, October 02, 2002 8:15 PM
> Subject: Re: [JDEV] jabberd behind NAT fails s2s interoperation
> 
> 
> > I've still not been able to get this going.
> >
> > Is anyone else out there running a jabber server behind a nat
> > firewall and getting s2s to work with success?
> >
> > Thanks.
> >
> >
> >
> > -matt
> >
> > On Thu, Sep 26, 2002 at 01:55:20PM -0400, matthew c. mead wrote:
> > > I do not use the -h switch.  I do have the following in
> > > jabber.xml as an element in the <service id="sessions"> element:
> > >
> > > <host>goof.com</host>
> > >
> > >
> > >
> > > -matt
> > >
> > > On Thu, Sep 26, 2002 at 12:07:28PM -0500, Justin Georgeson wrote:
> > > > No, the receiving server does a dns lookup of the hostname given to
> find
> > > > the ip address to contact for verification. When you start jabber, do
> > > > you give it a -h flag? If so that value needs to resolve, via DNS to
> the
> > > > ip of your nat. If not, use the value of the <host> tag right after
> the
> > > > start of the <service id="sessions"> tag in jabber.xml. From what you
> > > > have said so far, you should be using goof.com as the <host>/-h value.
> > > >
> > > > matthew c. mead wrote:
> > > > > On Thu, Sep 26, 2002 at 04:58:51PM +0100, Richard Dobson wrote:
> > > > >
> > > > >>>Yeah, I found that one out by trying.  I still don't see what's
> > > > >>>going wrong.
> > > > >>>
> > > > >>>Does dialback require that the ip address specified by the A
> > > > >>>record for the server name have a PTR which points back to the
> > > > >>>server name?
> > > > >>
> > > > >
> > > > >>No you do not need a PTR but the domain your server is claiming to
> be needs
> > > > >>to point to the machine you are trying to use.
> > > > >
> > > > >
> > > > > I have an A record for goof.com that points to a NAT box.  That
> > > > > box forwards packets on the jabber ports to a box on my internal
> > > > > network that runs the jabber server.
> > > > >
> > > > > I do not have a PTR record for the ip address that points to the
> > > > > canonical name "goof.com."
> > > > >
> > > > > Given this, I can't figure out what's wrong.  Does the dialback
> > > > > code pass the IP address of the interface to which it is bound to
> > > > > the remote server?  If so, this could be the problem - in my
> > > > > case, it would be passing the internal ip address, rather than
> > > > > the external.
> > > > >
> > > > > Thanks for helping me eliminate the worry of needing a PTR
> > > > > record.  My guess is what I've described above is happening.
> > > > >
> > > > >
> > > > >
> > > > > -matt
> > > > >
> > > >
> > > > --
> > > > Justin Georgeson
> > > > UnBound Technologies, Inc.
> > > > http://www.unboundtech.com
> > > > Main   713.329.9330
> > > > Fax    713.460.4051
> > > > Mobile 512.789.1962
> > > >
> > > > 5295 Hollister Road
> > > > Houston, TX 77040
> > > > Real Applications using Real Wireless Intelligence(tm)
> > > >
> > > > _______________________________________________
> > > > jdev mailing list
> > > > jdev at jabber.org
> > > > http://mailman.jabber.org/listinfo/jdev
> > > >
> > >
> > > --
> > > matthew c. mead
> > >
> > > http://www.goof.com/~mmead/
> > > _______________________________________________
> > > jdev mailing list
> > > jdev at jabber.org
> > > http://mailman.jabber.org/listinfo/jdev
> > >
> >
> > --
> > matthew c. mead
> >
> > http://www.goof.com/~mmead/
> > _______________________________________________
> > jdev mailing list
> > jdev at jabber.org
> > http://mailman.jabber.org/listinfo/jdev
> >
> 
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
> 

-- 
matthew c. mead

http://www.goof.com/~mmead/

More information about the JDev mailing list